OAuth client implementing the OAuth 2.0 and OpenID Connect protocols for Microsoft identity platform
Purpose built as OAuth client for Microsoft Graph and the graph-rs-sdk project.
This project can however be used outside graph-rs-sdk as an OAuth client
for Microsoft Identity Platform or by using graph-rs-sdk.
For async:
graph-oauth = "1.0.2"
tokio = { version = "1.25.0", features = ["full"] }
For blocking:
graph-oauth = "1.0.2"
Feature Flags
native-tls
: Use the native-tls
TLS backend (OpenSSL on *nix, SChannel on Windows, Secure Transport on macOS).
rustls-tls
: Use the rustls-tls
TLS backend (cross-platform backend, only supports TLS 1.2 and 1.3).
Default features: default=["native-tls"]
These features enable the native-tls and rustls-tls features in the reqwest crate.
For more info see the reqwest crate.
Supported Authorization Flows
Microsoft OneDrive and SharePoint
Microsoft Identity Platform
For more extensive examples and explanations see the
OAuth Examples in the examples/oauth
directory on GitHub.
use graph_oauth::oauth::{AccessToken, OAuth};
fn main() {
let mut oauth = OAuth::new();
oauth
.client_id("<YOUR_CLIENT_ID>")
.client_secret("<YOUR_CLIENT_SECRET>")
.add_scope("files.read")
.add_scope("files.readwrite")
.add_scope("files.read.all")
.add_scope("files.readwrite.all")
.add_scope("offline_access")
.redirect_uri("http://localhost:8000/redirect")
.authorize_url("https://login.microsoftonline.com/common/oauth2/v2.0/authorize")
.access_token_url("https://login.microsoftonline.com/common/oauth2/v2.0/token")
.refresh_token_url("https://login.microsoftonline.com/common/oauth2/v2.0/token")
.response_type("code")
.logout_url("https://login.microsoftonline.com/common/oauth2/v2.0/logout")
.post_logout_redirect_uri("http://localhost:8000/redirect");
let mut request = oauth.build().authorization_code_grant();
let _ = request.browser_authorization().open();
oauth.access_code("<ACCESS CODE>");
let response = request.access_token().send().await?;
println!("{response:#?}");
if response.status().is_success() {
let mut access_token: AccessToken = response.json().await?;
let jwt = access_token.jwt();
println!("{jwt:#?}");
oauth.access_token(access_token);
println!("{:#?}", &oauth);
} else {
let result: reqwest::Result<serde_json::Value> = response.json().await;
match result {
Ok(body) => println!("{body:#?}"),
Err(err) => println!("Error on deserialization:\n{err:#?}"),
}
}
}