1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
//! OpenID Connect (OIDC) authentication.
//!
//! This module provides [`OidcContext`], which handles the full OIDC login flow:
//! redirecting to the identity provider, exchanging the authorization code,
//! verifying the ID token (signature, nonce, audience, expiration), and calling
//! your [`OidcHandler`] with the parsed claims and tokens.
//!
//! PKCE is always enabled. Nonce-based ID token replay protection is built in.
//!
//! Use [`OidcExt::with_oidc`] on a [`Router`](axum::Router) to register the
//! login, callback, and (optionally) logout routes.
//!
//! Built-in provider shortcuts: [`OidcContext::google`], [`OidcContext::microsoft`],
//! [`OidcContext::apple`], [`OidcContext::keycloak`].
//!
//! Two builder paths are available:
//! - [`OidcContext::discover`] — auto-discovery from an issuer URL
//! - [`OidcContext::builder`] — manual endpoint configuration
pub use OidcBuilderError;
pub use ;
pub use OidcHandler;
pub use OidcExt;
/// Re-exported from [`axum_security_oidc`]: the standard ID-token claim set and
/// the ID-token verification error ([`OidcContext::warm_jwks`] returns it).
pub use ;
pub use crateAfterLoginCookies;
/// Tokens and claims received after a successful OIDC login.