Skip to main content

huskarl_resource_server/
lib.rs

1#![warn(missing_docs)]
2//! # `OAuth2` library for resource servers.
3//!
4//! This library handles concerns of interest to `OAuth2` resource servers. The primary need
5//! in this case is validating provided access tokens, and checking whether the authorization
6//! matches the necessary level.
7//!
8//! Currently this crate helps to handle the first of these; validating access tokens. It
9//! then provides the context from those access tokens which let the server implement the
10//! rest of the authorization checking.
11//!
12//! ## Example with RFC 9068 token validation:
13//!
14//! ```
15//! use std::sync::Arc;
16//! use huskarl_resource_server::core::jwk::JwksSource;
17//! use huskarl_resource_server::core::http::HttpClient;
18//! use huskarl_resource_server::validator::rfc9068::Rfc9068Validator;
19//!
20//! # fn setup_resource_server(http_client: impl HttpClient + Clone + 'static) {
21//! let validator = Rfc9068Validator::builder()
22//!   .issuer("https://issuer")
23//!   .audience("audience")
24//!   .jws_verifier_factory(Arc::new(JwksSource::builder().http_client(http_client).build()))
25//!   .build();
26//! # }
27//! ```
28
29pub mod error;
30pub mod introspection;
31pub mod validator;
32
33use std::sync::Arc;
34
35use validator::extract::TokenType;
36use validator::{AccessTokenValidator, ValidatedRequest};
37
38#[doc(inline)]
39pub use huskarl_core as core;
40
41/// The platform default [`core::crypto::verifier::JwsVerifierPlatform`] implementation.
42///
43/// On native platforms this wraps `huskarl-crypto-native`; on WebAssembly it wraps
44/// `huskarl-crypto-webcrypto`. Enabled by the `default-jws-verifier-platform` feature.
45#[derive(Debug, Clone)]
46pub struct DefaultJwsVerifierPlatform(Arc<dyn core::crypto::verifier::JwsVerifierPlatform>);
47
48impl From<DefaultJwsVerifierPlatform> for Arc<dyn core::crypto::verifier::JwsVerifierPlatform> {
49    fn from(value: DefaultJwsVerifierPlatform) -> Self {
50        value.0
51    }
52}
53
54/// The platform default JWS verifier factory for native platforms.
55#[cfg(all(
56    feature = "default-jws-verifier-platform",
57    not(all(target_arch = "wasm32", any(target_os = "unknown", target_os = "none")))
58))]
59impl Default for DefaultJwsVerifierPlatform {
60    fn default() -> Self {
61        Self(Arc::new(huskarl_crypto_native::NativeVerifierPlatform))
62    }
63}
64
65/// The platform default JWS verifier factory for WebAssembly/WebCrypto platforms.
66#[cfg(all(
67    feature = "default-jws-verifier-platform",
68    all(target_arch = "wasm32", any(target_os = "unknown", target_os = "none"))
69))]
70impl Default for DefaultJwsVerifierPlatform {
71    fn default() -> Self {
72        Self(Arc::new(
73            huskarl_crypto_webcrypto::WebCryptoVerifierPlatform::default(),
74        ))
75    }
76}