Trait oxide_auth::primitives::registrar::Registrar
source · pub trait Registrar {
// Required methods
fn bound_redirect<'a>(
&self,
bound: ClientUrl<'a>
) -> Result<BoundClient<'a>, RegistrarError>;
fn negotiate(
&self,
client: BoundClient<'_>,
scope: Option<Scope>
) -> Result<PreGrant, RegistrarError>;
fn check(
&self,
client_id: &str,
passphrase: Option<&[u8]>
) -> Result<(), RegistrarError>;
}
Expand description
Registrars provie a way to interact with clients.
Most importantly, they determine defaulted parameters for a request as well as the validity of provided parameters. In general, implementations of this trait will probably offer an interface for registering new clients. This interface is not covered by this library.
Required Methods§
sourcefn bound_redirect<'a>(
&self,
bound: ClientUrl<'a>
) -> Result<BoundClient<'a>, RegistrarError>
fn bound_redirect<'a>( &self, bound: ClientUrl<'a> ) -> Result<BoundClient<'a>, RegistrarError>
Determine the allowed scope and redirection url for the client. The registrar may override the scope entirely or simply substitute a default scope in case none is given. Redirection urls should be matched verbatim, not partially.
sourcefn negotiate(
&self,
client: BoundClient<'_>,
scope: Option<Scope>
) -> Result<PreGrant, RegistrarError>
fn negotiate( &self, client: BoundClient<'_>, scope: Option<Scope> ) -> Result<PreGrant, RegistrarError>
Finish the negotiations with the registrar.
The registrar is responsible for choosing the appropriate scope for the client. In the most simple case, it will always choose some default scope for the client, regardless of its wish. The standard permits this but requires the client to be notified of the resulting scope of the token in such a case, when it retrieves its token via the access token request.
Another common strategy is to set a default scope or return the intersection with another scope.