ones_oidc/
lib.rs

1//! ONES OpenID Connect client for Rust
2//! 
3//! This library provides authentication with ONES using OpenID Connect (OIDC) 
4//! and Client Initiated Backchannel Authentication (CIBA).
5//!
6//! # Quick Start
7//!
8//! ```rust,no_run
9//! use ones_oidc::{OpenIdconnectClient, OnesOidcConfig, load_device_config, read_private_key};
10//! use openidconnect::{core::CoreProviderMetadata, reqwest::async_http_client};
11//!
12//! # async fn example() -> Result<(), Box<dyn std::error::Error>> {
13//! // Load device configuration
14//! let device_config = load_device_config("device_config.yml")?;
15//! let private_key = read_private_key("private_key.pem")?;
16//! 
17//! // Get issuer URL and discover metadata
18//! let issuer_url = device_config.get_issuer_url()?;
19//! let provider_metadata = CoreProviderMetadata::discover_async(
20//!     issuer_url.clone(),
21//!     async_http_client,
22//! ).await?;
23//! 
24//! // Create client with configuration
25//! let config = OnesOidcConfig::default()
26//!     .timeout(std::time::Duration::from_secs(10));
27//!     
28//! let client = OpenIdconnectClient::with_config(
29//!     device_config.client_id,
30//!     issuer_url,
31//!     provider_metadata,
32//!     private_key,
33//!     config,
34//! );
35//! # Ok(())
36//! # }
37//! ```
38
39// Private implementation modules
40mod config;
41mod device;
42mod device_config;
43mod errors;
44mod http_client;
45mod identifier;
46mod oidc;
47mod oidc_backend;
48mod oidc_types;
49mod utils;
50mod well_known;
51
52// Optional public modules for advanced usage
53pub mod actions;
54
55// === Core API ===
56
57/// Main OIDC client for authentication operations
58pub use oidc::OpenIdconnectClient;
59
60/// Configuration for the OIDC client
61pub use config::OnesOidcConfig;
62
63/// Device configuration loading utilities
64pub use device_config::{load_device_config, DeviceConfig};
65
66/// Private key utilities
67pub use utils::read_private_key;
68
69// === Error Types ===
70
71pub use errors::{DeviceError, OidcError, UtilsError, WellKnownApplicationsError};
72
73// === Authentication Types ===
74
75pub use oidc_types::{
76    AuthenticatedEntity,
77    AuthenticatedEntityKind,
78    AuthenticationMethod,
79    AuthenticationResult,
80    LoginHint,
81};
82
83// === Identifier Types ===
84
85pub use identifier::{IdentifierType, NewIdentifier};
86
87// === Well-Known Application Discovery ===
88
89pub use well_known::{
90    get_applications_well_known, 
91    get_well_known_application_by_client_identifier, 
92    ApplicationType,
93    ApplicationsWellKnown,
94};
95
96// === OIDC Backend Types (for advanced users) ===
97
98pub use oidc_backend::{
99    AuthRequestResource,
100    CibaLoginRequestFrontend,
101    CibaLoginRequestFrontendWithoutResource,
102    CibaStatusRequestFrontend,
103    QrStatusRequest,
104    QrStatusRequestFrontend,
105    RefreshTokenRequestFrontend,
106};
107
108// === Default Configuration Paths ===
109
110/// Default path for device configuration file
111pub const DEFAULT_DEVICE_CONFIG_PATH: &str = "/etc/px-device-identity/device.yml";
112
113/// Default path for device private key file  
114pub const DEFAULT_PRIVATE_KEY_PATH: &str = "/root/.local/share/px-device-identity/private.pem";
115
116// === Re-exported OpenIDConnect Types ===
117
118/// Re-exported types from the `openidconnect` crate for convenience
119pub use openidconnect::{
120    core::{CoreProviderMetadata, CoreTokenType},
121    ClientId, 
122    EmptyExtraTokenFields, 
123    StandardTokenResponse, 
124    IssuerUrl,
125    AccessToken,
126};
ones_oidc/lib.rs

ones_oidc/
lib.rs
