Struct openidconnect::AuthorizationRequest

pub struct AuthorizationRequest<'a, AD, P, RT> where
    AD: AuthDisplay,
    P: AuthPrompt,
    RT: ResponseType,  { /* fields omitted */ }

A request to the authorization endpoint.

Methods

impl<'a, AD, P, RT> AuthorizationRequest<'a, AD, P, RT> where
    AD: AuthDisplay,
    P: AuthPrompt,
    RT: ResponseType, 

pub fn add_scope(self, scope: Scope) -> Self

Appends a new scope to the authorization URL.

pub fn add_extra_param<N, V>(self, name: N, value: V) -> Self where
    N: Into<Cow<'a, str>>,
    V: Into<Cow<'a, str>>, 

Appends an extra param to the authorization URL.

This method allows extensions to be used without direct support from this crate. If name conflicts with a parameter managed by this crate, the behavior is undefined. In particular, do not set parameters defined by RFC 6749 or RFC 7636.

Security Warning

Callers should follow the security recommendations for any OAuth2 extensions used with this function, which are beyond the scope of RFC 6749.

pub fn set_pkce_challenge(self, pkce_code_challenge: PkceCodeChallenge) -> Self

Enables the use of Proof Key for Code Exchange (PKCE).

PKCE is highly recommended for all public clients (i.e., those for which there is no client secret or for which the client secret is distributed with the client, such as in a native, mobile app, or browser app).

pub fn add_auth_context_value(
    self,
    acr_value: AuthenticationContextClass
) -> Self

Requests Authentication Context Class Reference values.

ACR values should be added in order of preference. The Authentication Context Class satisfied by the authentication performed is accessible from the ID token via the IdTokenClaims::auth_context_ref method.

pub fn add_claims_locale(self, claims_locale: LanguageTag) -> Self

Requests the preferred languages for claims returned by the OpenID Connect Provider.

Languages should be added in order of preference.

pub fn set_display(self, display: AD) -> Self

Specifies how the OpenID Connect Provider displays the authentication and consent user interfaces to the end user.

pub fn set_id_token_hint<AC, GC, JE, JS, JT>(
    self,
    id_token_hint: &'a IdToken<AC, GC, JE, JS, JT>
) -> Self where
    AC: AdditionalClaims,
    GC: GenderClaim,
    JE: JweContentEncryptionAlgorithm<JT>,
    JS: JwsSigningAlgorithm<JT>,
    JT: JsonWebKeyType, 

Provides an ID token previously issued by this OpenID Connect Provider as a hint about the user's identity.

This field should be set whenever core::CoreAuthPrompt::None is used (see AuthorizationRequest::add_prompt), it but may be provided for any authorization request.

pub fn set_login_hint(self, login_hint: LoginHint) -> Self

Provides the OpenID Connect Provider with a hint about the user's identity.

The nature of this hint is specific to each provider.

pub fn set_max_age(self, max_age: Duration) -> Self

Sets a maximum amount of time since the user has last authenticated with the OpenID Connect Provider.

If more time has elapsed, the provider forces the user to re-authenticate.

pub fn add_prompt(self, prompt: P) -> Self

Specifies what level of authentication and consent prompts the OpenID Connect Provider should present to the user.

pub fn add_ui_locale(self, ui_locale: LanguageTag) -> Self

Requests the preferred languages for the user interface presented by the OpenID Connect Provider.

Languages should be added in order of preference.

pub fn url(self) -> (Url, CsrfToken, Nonce)

Returns the full authorization URL and CSRF state for this authorization request.