pub struct OAuthClient { /* private fields */ }Expand description
Synchronous Anthropic OAuth client for authentication
This client handles the OAuth 2.0 flow with PKCE for Anthropic/Claude authentication using blocking I/O. No async runtime required.
§Example
use anthropic_auth::{OAuthClient, OAuthConfig, OAuthMode};
fn main() -> Result<(), Box<dyn std::error::Error>> {
let client = OAuthClient::new(OAuthConfig::default())?;
let flow = client.start_flow(OAuthMode::Max)?;
println!("Visit: {}", flow.authorization_url);
// User authorizes and you get the code and state...
let tokens = client.exchange_code("code_value", "state_value", &flow.verifier)?;
println!("Got tokens!");
Ok(())
}Implementations§
Source§impl OAuthClient
impl OAuthClient
Sourcepub fn new(config: OAuthConfig) -> Result<Self>
pub fn new(config: OAuthConfig) -> Result<Self>
Sourcepub fn start_flow(&self, mode: OAuthMode) -> Result<OAuthFlow>
pub fn start_flow(&self, mode: OAuthMode) -> Result<OAuthFlow>
Start the OAuth authorization flow
This generates a PKCE challenge and state token, then creates the authorization URL that the user should visit to authorize the application.
§Arguments
mode- The OAuth mode (Max for subscription, Console for API key creation)
§Returns
An OAuthFlow containing the authorization URL, PKCE verifier, state token, and mode
§Example
let client = OAuthClient::new(OAuthConfig::default())?;
let flow = client.start_flow(OAuthMode::Max)?;
println!("Visit: {}", flow.authorization_url);Sourcepub fn exchange_code(
&self,
code_with_state: &str,
expected_state: &str,
verifier: &str,
) -> Result<TokenSet>
pub fn exchange_code( &self, code_with_state: &str, expected_state: &str, verifier: &str, ) -> Result<TokenSet>
Exchange an authorization code for access and refresh tokens (blocking)
After the user authorizes the application, Anthropic returns a combined string
in the format code#state. This method parses that format, validates the state
for CSRF protection, and exchanges the code for tokens.
§Arguments
code_with_state- The combined authorization response (format: “code#state”) or just the code if already separatedexpected_state- The state token from the original flow (for CSRF validation)verifier- The PKCE verifier from the original flow
§Returns
A TokenSet containing access token, refresh token, and expiration time
§Errors
Returns an error if:
- The code, state, or verifier is invalid or empty
- The state doesn’t match the expected state (CSRF protection)
- The token exchange fails (invalid code, network error, etc.)
- The response contains invalid token data
§Example
// User pastes the combined response from Anthropic
let response = "code123#state456";
let tokens = client.exchange_code(response, &flow.state, &flow.verifier)?;
println!("Access token expires in: {:?}", tokens.expires_in());Sourcepub fn refresh_token(&self, refresh_token: &str) -> Result<TokenSet>
pub fn refresh_token(&self, refresh_token: &str) -> Result<TokenSet>
Refresh an expired access token (blocking)
When an access token expires, use the refresh token to obtain a new access token without requiring the user to re-authorize.
§Arguments
refresh_token- The refresh token from a previous token exchange
§Returns
A new TokenSet with fresh access token
§Errors
Returns an error if the refresh fails (invalid refresh token, network error, etc.)
§Example
let new_tokens = client.refresh_token(&old_tokens.refresh_token)?;Sourcepub fn create_api_key(&self, access_token: &str) -> Result<String>
pub fn create_api_key(&self, access_token: &str) -> Result<String>
Create an API key using a Console OAuth access token (blocking)
This method is only available when using Console mode OAuth. It creates a new API key that can be used with Anthropic’s API.
§Arguments
access_token- The access token from Console mode OAuth
§Returns
The API key as a string
§Errors
Returns an error if API key creation fails
§Example
let api_key = client.create_api_key(&tokens.access_token)?;
println!("API Key: {}", api_key);