lineapi-rs

LINE API library supporting both LINE Messaging API and LINE Login API.

Documentation

Changes

CHANGELOG.md

Supported APIs

LINE Messaging API

• get_v2_bot_info
• get_v2_bot_insight_message_event_aggregation
• get_v2_bot_message_aggregation_info
• get_v2_bot_message_aggregation_list
• get_v2_bot_message_quote
• get_v2_bot_message_quote_consumption
• get_v2_bot_profile
• post_v2_bot_message_push
• post_v2_bot_message_validate_push

LINE Login API (v0.6.0+)

• get_friendship_v1_status
• get_oauth2_v2_1_userinfo
• get_oauth2_v2_1_verify
• get_v2_profile
• post_oauth2_v2_1_revoke
• post_oauth2_v2_1_token
• post_oauth2_v2_1_verify
• post_user_v1_deauthorize
• oauth_url helper function (v0.6.1) - Generate OAuth authorization URL with PKCE support

Features

• Retry mechanism with exponential backoff
• Configurable timeout duration
• Configurable retry duration
• Mock support for testing
• Stream support for large data
• PKCE (Proof Key for Code Exchange) support for OAuth
• Request/response logging via on_request / on_response callbacks (v0.9.0), with built-in secret redaction (headers_redacted / body_redacted, and a redacting Debug)

Logging (v0.9.0)

Attach on_request / on_response callbacks to LineOptions to observe every HTTP request and response. The callbacks receive un-redacted logs (the Authorization header and OAuth body secrets such as client_secret / access_token are present in the clear), so always mask before logging — use the *_redacted() helpers, or the Debug impl which redacts automatically.

use lineapi::LineOptions;

let options = LineOptions::default()
    .with_on_request(|log| {
        // `log.body()` / `log.headers()` are UN-redacted — mask before logging.
        println!("[LINE request] {}", log.body_redacted());
    })
    .with_on_response(|_req, res| {
        println!("[LINE response] status={} body={}", res.status_code(), res.body_redacted());
    });

Notes:

• Callbacks fire once per retry attempt (up to try_count); for streaming endpoints (make_stream / execute_stream) they additionally fire once per page.
• body_redacted() masks an allowlist of known secret keys only (see REDACTED_BODY_KEYS); unknown keys are not masked.
• A panic inside a callback is caught and logged via tracing::error!; the API call keeps running.

Examples

OAuth Web Application (examples/oauth/)

A complete web application demonstrating LINE Login integration with PKCE (Proof Key for Code Exchange).

Features:

• OAuth authorization URL generation with PKCE
• State parameter validation for security
• Authorization code exchange for access token
• User profile retrieval using access token
• Secure cookie-based session management
• Redacted request/response logging via on_request / on_response callbacks

Usage:

cd examples/oauth
LINE_CLIENT_ID=your_client_id \
LINE_CLIENT_SECRET=your_client_secret \
LINE_REDIRECT_URI=http://localhost:5173/oauth-line \
cargo run

Flow:

1. Visit http://localhost:5173/ to start OAuth flow
2. Click the OAuth link to authorize with LINE
3. Get redirected back with user profile information

Dependencies:

• axum - Web framework
• tower-cookies - Cookie management
• uuid - Generate secure PKCE verifier and state