Crate oxide_auth [−] [src]
oxide-auth
A OAuth2 server library, for use in combination with iron or other frontends, featuring a set of configurable and pluggable backends.
About
oxide-auth aims at providing a comprehensive and extensible interface to managing oauth2
tokens on a server. While the core package is agnostic of the used frontend, an optional iron
adaptor is provided with the default configuration. Through an interface designed with traits,
the frontend is as easily pluggable as the backend.
By default, the iron frontend is included in a module of the same name while testing is done
internally with an offline frontend. The interface those two methods use is exactly the same,
guaranteeing responses to be the same in both cases.
Custom Frontends
A key feature is the ability to add your own frontend without jeopardizing safety requirements.
This requires custom, related implementations of WebRequest and WebResponse.
WARNING: Custom frontends MUST ensure a secure communication layer with confidential clients.
This means using TLS for communication over http (although there are currently discussions to
consider communication to localhost as always occuring in a secure context).
For more information, see the documentation of frontend
Modules
| code_grant |
Adds frontend and backend for the authorization code flow. |
| iron |
Offers bindings for the code_grant module with iron servers. |
| primitives |
A collection of primites useful for more than one authorization method. |