Crate axum_oidc_layer

Source
Expand description

Axum OIDC Authentication Layer

This crate provides a configurable OIDC (OpenID Connect) authentication layer for Axum applications. It supports JWT token validation with caching for improved performance and includes pluggable cache backends.

§Features

  • Automatic Token Validation: Validates JWT tokens against OIDC provider’s JWKS
  • Multi-tier Caching: Caches OIDC configuration, individual JWK keys, and token validation results
  • Type-safe Cache Keys: Prevents mixing different cache key types
  • Pluggable Cache Backends: Implement custom cache strategies (Redis, database, etc.)
  • Configurable TTL: Control cache lifetimes for different data types
  • Proper Error Handling: Comprehensive error types with appropriate HTTP responses

§Quick Start

use axum_oidc_layer::{OidcAuthenticationLayer, AuthenticationConfigProvider, Claims};
use std::time::Duration;

#[derive(Clone)]
struct MyConfig;

impl AuthenticationConfigProvider for MyConfig {
    fn get_provider_url(&self) -> String {
        "https://your-oidc-provider.com".to_string()
    }
     
    fn get_openid_configuration_url(&self) -> Option<String> {
        None // Uses default /.well-known/openid-configuration
    }
}

let layer = OidcAuthenticationLayer::<MyConfig, Claims>::new(MyConfig);

Re-exports§

pub use cache::ConfigCacheKey;
pub use cache::InMemoryCache;
pub use cache::JwkCacheKey;
pub use cache::JwksCache;
pub use cache::TokenCacheKey;
pub use config::AuthenticationConfigProvider;
pub use config::OidcConfiguration;
pub use error::OidcError;
pub use layer::OidcAuthenticationLayer;
pub use layer::OidcAuthenticationService;

Modules§

cache
Caching functionality for OIDC authentication.
config
Configuration types and traits for OIDC authentication.
error
Error types for OIDC authentication.
jwks
JWKS (JSON Web Key Set) fetching and JWT validation operations.
layer
Axum layer and service implementation for OIDC authentication.
token
JWT token handling and parsing utilities.
validation
High-level token validation and OIDC configuration management.

Structs§

Claims
Default JWT claims structure.

Enums§

AuthenticationError
Legacy authentication error type for backward compatibility.