ez-token 0.1.0

CLI tool for generating OAuth2 access tokens via PKCE and Client Credentials for Microsoft Entra ID and Auth0
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46

use crate::cli::args::AuthArgs;
use crate::cli::auth_params::AuthParams;
use crate::cli::output::print_header;
use crate::config::cli_config::Profile;
use crate::services::authentication::authenticator::execute_flow;
use crate::services::authentication::pkce::AuthorizationCodeFlow;
use miette::Result;

/// Runs the Authorization Code flow with PKCE (interactive browser login).
///
/// Resolves authentication parameters from CLI arguments, the active profile,
/// or interactive prompts. Opens the system browser to complete the login,
/// then waits for the OAuth2 callback on the specified local port.
///
/// On success, the access token is copied to the clipboard automatically.
///
/// # Arguments
///
/// * `profile` — The active configuration profile loaded from disk
/// * `args` — Parsed CLI arguments for provider, client, and scopes
/// * `port` — Local port to listen on for the OAuth2 redirect callback.
///   Must match the redirect URI registered with your identity provider
///   (e.g. `http://localhost:3000/callback`)
///
/// # Errors
///
/// Returns an error if:
/// - Any required parameter cannot be resolved
/// - The local callback server fails to bind to the given port
/// - The system browser cannot be opened
/// - The token exchange with the identity provider fails
pub async fn run(profile: Profile, args: AuthArgs, port: u16) -> Result<()> {
    print_header("OAuth2 Token Generator (PKCE)");

    let auth = AuthParams::new(&profile, args, "openid profile email")?;

    let flow = AuthorizationCodeFlow {
        provider: auth.provider,
        client_id: auth.client_id,
        scopes: auth.scopes,
        port,
    };

    execute_flow(&flow).await?;
    Ok(())
}