bevy_stdb_auth 0.1.0

A Bevy-native integration for the SpacetimeAuth issuer.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68

//! OIDC authorization-code support for SpacetimeAuth.
mod common;
#[cfg(all(feature = "persistence", not(target_arch = "wasm32")))]
pub(crate) mod persistence;

#[cfg(all(feature = "browser", target_arch = "wasm32"))]
pub(crate) mod browser;
#[cfg(not(target_arch = "wasm32"))]
mod native;

use crate::error::StdbAuthError;
use crate::session::StdbAuthSessionParts;

/// Controls the OIDC `prompt` authorization parameter.
#[derive(Clone, Debug, Default)]
pub enum StdbOidcPrompt {
    /// Allows the provider to decide whether user interaction is required.
    #[default]
    None,
    /// Requests that the provider force user authentication.
    Login,
    /// Requests that the provider prompt for account selection.
    SelectAccount,
}

impl StdbOidcPrompt {
    /// Returns the OIDC `prompt` parameter value.
    fn as_param(&self) -> Option<&'static str> {
        match self {
            Self::None => None,
            Self::Login => Some("login"),
            Self::SelectAccount => Some("select_account"),
        }
    }
}

/// Options for the SpacetimeAuth OIDC authorization-code flow.
///
/// Using OIDC authentication requires a client to be configured in SpacetimeAuth, with details such as the "Scope",
/// "Redirect URIs", and optionally the "Post-Logout Redirect URIs".
/// See the [SpacetimeAuth documentation](https://spacetimedb.com/docs/core-concepts/authentication/spacetimeauth/) for more information.
#[derive(Clone, Debug)]
pub struct StdbOidcAuthOptions {
    /// The OAuth client identifier.
    pub client_id: String,
    /// The redirect URI used by the client.
    pub redirect_uri: String,
    /// The URI returned to after provider logout.
    pub post_logout_redirect_uri: Option<String>,
    /// The requested OAuth scopes.
    pub scopes: Vec<String>,
    /// The prompt behavior for interactive authorization.
    pub prompt: StdbOidcPrompt,
}

#[cfg(all(feature = "browser", target_arch = "wasm32"))]
pub(crate) async fn acquire_session(
    options: StdbOidcAuthOptions,
) -> Result<StdbAuthSessionParts, StdbAuthError> {
    browser::acquire_session(options).await
}

#[cfg(not(target_arch = "wasm32"))]
pub(crate) async fn acquire_session(
    options: StdbOidcAuthOptions,
) -> Result<StdbAuthSessionParts, StdbAuthError> {
    native::acquire_session(options).await
}