busbar_sf_auth/lib.rs
1//! # sf-auth
2//!
3//! Salesforce authentication library supporting secure OAuth 2.0 flows.
4//!
5//! ## Security
6//!
7//! This library is designed with security in mind:
8//! - Sensitive data (tokens, secrets) are redacted in Debug output
9//! - Tracing/logging skips credential parameters
10//! - Error messages sanitize any credential data
11//! - Device Code Flow excluded (deprecated for security reasons)
12//!
13//! ## Supported Authentication Methods
14//!
15//! - **OAuth 2.0 Web Server Flow** - For web applications with user interaction
16//! - **OAuth 2.0 JWT Bearer Flow** - For server-to-server integration
17//! - **OAuth 2.0 Refresh Token** - For refreshing expired access tokens
18//!
19//! ## Example
20//!
21//! ```rust,ignore
22//! use sf_auth::{Credentials, SalesforceCredentials, JwtAuth};
23//!
24//! #[tokio::main]
25//! async fn main() -> Result<(), sf_auth::Error> {
26//! // From environment variables
27//! let creds = SalesforceCredentials::from_env()?;
28//!
29//! // From SFDX CLI
30//! let creds = SalesforceCredentials::from_sfdx_alias("myorg").await?;
31//!
32//! // JWT Bearer Flow (server-to-server)
33//! let private_key = std::fs::read("path/to/key.pem")?;
34//! let jwt_auth = JwtAuth::new("consumer_key", "username", private_key);
35//! let token = jwt_auth.authenticate("https://login.salesforce.com").await?;
36//!
37//! Ok(())
38//! }
39//! ```
40
41mod credentials;
42mod error;
43mod jwt;
44mod oauth;
45mod storage;
46
47pub use credentials::{Credentials, SalesforceCredentials};
48pub use error::{Error, ErrorKind, Result};
49pub use jwt::JwtAuth;
50pub use oauth::{OAuthClient, OAuthConfig, TokenInfo, TokenResponse, WebFlowAuth};
51pub use storage::{FileTokenStorage, TokenStorage};
52
53/// Default Salesforce login URL for production.
54pub const PRODUCTION_LOGIN_URL: &str = "https://login.salesforce.com";
55
56/// Default Salesforce login URL for sandbox.
57pub const SANDBOX_LOGIN_URL: &str = "https://test.salesforce.com";