Struct httpclient_oauth2::OAuth2Flow
source · pub struct OAuth2Flow {
pub client_id: String,
pub client_secret: String,
pub init_endpoint: String,
pub exchange_endpoint: String,
pub refresh_endpoint: String,
pub redirect_uri: String,
}
Expand description
The main entry point for taking the user through OAuth2 flow.
Fields§
§client_id: String
§client_secret: String
§init_endpoint: String
The endpoint to initialize the flow. (Step 1)
exchange_endpoint: String
The endpoint to exchange the code for an access token. (Step 2)
refresh_endpoint: String
The endpoint to refresh the access token.
redirect_uri: String
Implementations§
source§impl OAuth2Flow
impl OAuth2Flow
Step 1: Send the user to the authorization URL.
After performing the exchange, you will get an ExchangeResponse
. Depending on the PromptType
provided here, that response may not contain a refresh_token.
If the value is select_account, it will have a refresh_token only on the first exchange. Afterward, it will be missing.
If the value is consent, the response will always have a refresh_token. The reason to avoid consent except when necessary is because it will require the user to re-accept the permissions (i.e. longer user flow, causing drop-off).
sourcepub fn extract_code(&self, url: &str) -> Result<RedirectData>
pub fn extract_code(&self, url: &str) -> Result<RedirectData>
Step 2a: Extract the code from the redirect URL.
url
can either be the full url, or a path_and_query string, e.g. “/foo?code=abc&state=def”
The input will be url-decoded (percent-decoded).
pub fn create_exchange_data(&self, code: String) -> ExchangeData<'_>
sourcepub async fn exchange(&self, code: String) -> InMemoryResult<ExchangeResponse>
pub async fn exchange(&self, code: String) -> InMemoryResult<ExchangeResponse>
Step 2b: Using RedirectedParams.code, POST to the exchange_endpoint to get the access token.
sourcepub fn middleware_from_exchange(
&self,
exchange: ExchangeResponse
) -> Result<OAuth2, MissingRefreshToken>
pub fn middleware_from_exchange( &self, exchange: ExchangeResponse ) -> Result<OAuth2, MissingRefreshToken>
Step 3: Use the exchange response to create a middleware. You can also use bearer_middleware
.
This method can fail if the ExchangeResponse is missing the refresh token. This will happen in “re-auth”
situations when prompt=“consent” was not used. See Self::create_authorization_url
docs for more.
As the middleware makes requests, the access_token will be refreshed automatically when it expires.
If you want to store the updated access_token (recommended), set the OAuth2
callback
field.