oxide-auth 0.4.5

A OAuth2 server library, for actix, rocket, iron or other libraries, featuring a set of configurable and pluggable backends.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76

extern crate actix_web;

#[path="generic.rs"]
mod generic;

pub use self::generic::{Client, ClientConfig, ClientError, open_in_browser, consent_page_html};

use self::actix_web::*;
use self::actix_web::App;

pub fn dummy_client() -> App<Client> {
    let config = ClientConfig {
        client_id: "LocalClient".into(),
        protected_url: "http://localhost:8020/".into(),
        token_url: "http://localhost:8020/token".into(),
        refresh_url: "http://localhost:8020/refresh".into(),
        redirect_uri: "http://localhost:8021/endpoint".into(),
    };

    App::with_state(Client::new(config))
        .route("/endpoint", http::Method::GET, endpoint_impl)
        .route("/refresh", http::Method::POST, refresh)
        .route("/", http::Method::GET, get_with_token)
}

fn endpoint_impl(request: HttpRequest<Client>) -> HttpResponse {
    if let Some(cause) = request.query().get("error") {
        return HttpResponse::BadRequest()
            .body(format!("Error during owner authorization: {:?}", cause))
    }

    let code = match request.query().get("code") {
        None => return HttpResponse::BadRequest()
            .body("Missing code"),
        Some(code) => code.clone(),
    };

    match request.state().authorize(&code) {
        Ok(()) => HttpResponse::Found().header("Location", "/").finish(),
        Err(err) => HttpResponse::InternalServerError().body(format!("{}", err)),
    }
}

fn refresh(request: HttpRequest<Client>) -> HttpResponse {
    match request.state().refresh() {
        Ok(()) => HttpResponse::Found().header("Location", "/").finish(),
        Err(err) => HttpResponse::InternalServerError().body(format!("{}", err)),
    }
}

fn get_with_token(request: HttpRequest<Client>) -> HttpResponse {
    let state = request.state();
    let protected_page = match state.retrieve_protected_page() {
        Ok(page) => page,
        Err(err) => return HttpResponse::InternalServerError().body(format!("{}", err)),
    };

    let display_page = format!(
        "<html><style>
            aside{{overflow: auto; word-break: keep-all; white-space: nowrap}}
            main{{text-align: center}}
            main>aside,main>article{{margin: auto; text-align: left; border: 1px solid black; width: 50%}}
        </style>
        <main>
        Used token <aside style>{}</aside> to access
        <a href=\"http://localhost:8020/\">http://localhost:8020/</a>.
        Its contents are:
        <article>{}</article>
        <form action=\"refresh\" method=\"post\"><button>Refresh token</button></form>
        </main></html>", state.as_html(), protected_page);

    HttpResponse::Ok()
        .content_type("text/html")
        .body(display_page)
}