ones_oidc/
lib.rs

1//! ONES OpenID Connect client for Rust
2//! 
3//! This library provides authentication with ONES using OpenID Connect (OIDC) 
4//! and Client Initiated Backchannel Authentication (CIBA).
5//!
6//! # Quick Start
7//!
8//! ```rust,no_run
9//! use ones_oidc::{OpenIdconnectClient, OnesOidcConfig, load_device_config, read_private_key};
10//! use openidconnect::{core::CoreProviderMetadata, reqwest::async_http_client};
11//!
12//! # async fn example() -> Result<(), Box<dyn std::error::Error>> {
13//! // Load device configuration
14//! let device_config = load_device_config("device_config.yml")?;
15//! let private_key = read_private_key("private_key.pem")?;
16//! 
17//! // Get issuer URL and discover metadata
18//! let issuer_url = device_config.get_issuer_url()?;
19//! let provider_metadata = CoreProviderMetadata::discover_async(
20//!     issuer_url.clone(),
21//!     async_http_client,
22//! ).await?;
23//! 
24//! // Create client with configuration
25//! let config = OnesOidcConfig::default()
26//!     .timeout(std::time::Duration::from_secs(10));
27//!     
28//! let client = OpenIdconnectClient::with_config(
29//!     device_config.client_id,
30//!     issuer_url,
31//!     provider_metadata,
32//!     private_key,
33//!     config,
34//! );
35//! # Ok(())
36//! # }
37//! ```
38
39// Private implementation modules
40mod config;
41mod device;
42mod device_config;
43mod errors;
44mod http_client;
45mod identifier;
46mod oidc;
47mod oidc_backend;
48mod oidc_types;
49mod utils;
50mod well_known;
51
52// Optional public modules for advanced usage
53pub mod actions;
54
55// === Core API ===
56
57/// Main OIDC client for authentication operations
58pub use oidc::OpenIdconnectClient;
59
60/// Configuration for the OIDC client
61pub use config::OnesOidcConfig;
62
63/// Device configuration loading utilities
64pub use device_config::{load_device_config, DeviceConfig};
65
66/// Private key utilities
67pub use utils::read_private_key;
68
69// === Error Types ===
70
71pub use errors::{DeviceError, OidcError, UtilsError, WellKnownApplicationsError};
72
73// === Authentication Types ===
74
75pub use oidc_types::{
76    AuthenticatedEntityKind, 
77    AuthenticationMethod, 
78    LoginHint,
79};
80
81// === Well-Known Application Discovery ===
82
83pub use well_known::{
84    get_applications_well_known, 
85    get_well_known_application_by_client_identifier, 
86    ApplicationType,
87    ApplicationsWellKnown,
88};
89
90// === OIDC Backend Types (for advanced users) ===
91
92pub use oidc_backend::{
93    CibaLoginRequestFrontend,
94    CibaStatusRequestFrontend,
95    QrStatusRequestFrontend,
96    RefreshTokenRequestFrontend,
97};
98
99// === Default Configuration Paths ===
100
101/// Default path for device configuration file
102pub const DEFAULT_DEVICE_CONFIG_PATH: &str = "/etc/px-device-identity/device.yml";
103
104/// Default path for device private key file  
105pub const DEFAULT_PRIVATE_KEY_PATH: &str = "/root/.local/share/px-device-identity/private.pem";
106
107// === Re-exported OpenIDConnect Types ===
108
109/// Re-exported types from the `openidconnect` crate for convenience
110pub use openidconnect::{
111    core::{CoreProviderMetadata, CoreTokenType},
112    ClientId, 
113    EmptyExtraTokenFields, 
114    StandardTokenResponse, 
115    IssuerUrl,
116    AccessToken,
117};
ones_oidc/lib.rs

ones_oidc/
lib.rs
