corevpn-auth

Authentication and authorization for CoreVPN - OAuth2, OIDC, and SAML support.

Features

OAuth2/OIDC: Integration with identity providers
SAML 2.0: Enterprise SSO support
Certificate Auth: X.509 client certificate authentication
Token Management: Secure token storage and refresh
Provider Support: Google, Microsoft, Okta, and generic OIDC

Supported Providers

Provider	Type	Features
Google	OIDC	Domain restriction, group claims
Microsoft	OIDC	Azure AD, tenant restriction
Okta	OIDC	Group-based access control
Generic	OIDC	Any OIDC-compliant IdP
SAML	SAML 2.0	Enterprise IdP integration

Usage

use corevpn_auth::{OAuthProvider, OAuthConfig};

// Configure Google OAuth
let config = OAuthConfig::google(
    "client_id",
    "client_secret",
    vec!["example.com".to_string()], // allowed domains
);

// Create provider
let provider = OAuthProvider::new(config).await?;

// Get authorization URL
let (auth_url, state) = provider.authorization_url()?;

// Exchange code for tokens
let tokens = provider.exchange_code(code, state).await?;

License

Licensed under either of:

Apache License, Version 2.0 (LICENSE-APACHE)
MIT license (LICENSE-MIT)

at your option.

corevpn-auth 0.1.0

corevpn-auth

Features

Supported Providers

Usage

License