pub trait OAuth2Provider:
Send
+ Sync
+ 'static {
// Required methods
fn name(&self) -> &'static str;
fn authorize_url(&self) -> (String, String, String);
fn exchange_code<'a>(
&'a self,
code: &'a str,
pkce_verifier: &'a str,
) -> BoxFuture<'a, Result<String, String>>;
fn fetch_user_info<'a>(
&'a self,
access_token: &'a str,
) -> BoxFuture<'a, Result<OAuth2UserInfo, String>>;
}Expand description
Implement this to add an OAuth2 provider to the application.
Each implementation is responsible for:
- Generating the authorization URL with a fresh PKCE challenge.
- Exchanging the authorization code for an access token (via HTTP POST).
- Fetching the user’s profile from the provider’s user-info endpoint.
Required Methods§
Generate an authorization URL for the OAuth2 flow.
Returns (authorize_url, pkce_verifier, csrf_state).
The caller stores oauth_state::{csrf_state} → {pkce_verifier}::{provider}
in Redis (or another short-lived store) before redirecting the user.
Sourcefn exchange_code<'a>(
&'a self,
code: &'a str,
pkce_verifier: &'a str,
) -> BoxFuture<'a, Result<String, String>>
fn exchange_code<'a>( &'a self, code: &'a str, pkce_verifier: &'a str, ) -> BoxFuture<'a, Result<String, String>>
Exchange an authorization code for a provider access token.
pkce_verifier is the plain verifier string stored in Redis after
authorize_url() was called.
Sourcefn fetch_user_info<'a>(
&'a self,
access_token: &'a str,
) -> BoxFuture<'a, Result<OAuth2UserInfo, String>>
fn fetch_user_info<'a>( &'a self, access_token: &'a str, ) -> BoxFuture<'a, Result<OAuth2UserInfo, String>>
Fetch the user’s profile using the access token from exchange_code.
Dyn Compatibility§
This trait is dyn compatible.
In older versions of Rust, dyn compatibility was called "object safety".