passage-auth 0.1.0

Authentication API for Passage by 1Password
Documentation

Overview

passage-auth is an unofficial Rust library for Passage by 1Password.

  • It's strictly following the Passage Authentication API.

  • Current features:

    • Apps
    • Authenticate
    • Currentuser
    • JWKS
    • Login
    • MagicLink
    • OpenId
    • OTP
    • Register
    • Tokens
    • Users
    • [] OAuth2
    • [] Passkey Readiness

Models were automatically generated thanks to OpenAPI Generator. The rest of the auth API was built by your friends at Kindness. With some prior art for the validation function from our friend Rob Yoder.

[!WARNING]
This crate is brand new and not all features have been tested or documented. Expect breaking changes.

Usage

The library reads your Passage APP ID from the environment variable PASSAGE_APP_ID and optionally a API key from PASSAGE_API_KEY. But you can also pass a Config object or use the Config builder to create the Passage client.

Verify a JWT

// Create a new passage instance
let passage = Passage::with_config(Config::default().with_app_id(APP_ID.to_string()));
// Get the JWKS for your app containing the use the JWK's public key to verify a user's JWT.
let response: JwkResponse = passage.jwks().get_jwks().await?;
// Verify a user's JWT

Get information about or modify

Only you have verified the user, your app can do it's thing, but this library is almost feature complete with the Passage auth API, so you can do a lot more, for example:

let passage = Passage::with_config(
 Config::default()
  .with_app_id(APP_ID.to_string())
  .with_user_bearer_token(JWT.to_string()),
);
let response: CurrentUserResponse = passage.current_user().get_current_user().await?;

CurrentUserResponse { user: CurrentUser { created_at: "2024-05-25T12:14:42.420571Z", email: "ted@tedlasso.org", email_verified: true, id: "AabRBkquedeVBxv9kFyfeXHI", last_login_at: "2024-05-25T14:27:53.825045Z", login_count: 3, phone: "", phone_verified: false, social_connections: UserSocialConnections { apple: None, github: None, google: None }, status: Active, updated_at: "2024-05-25T14:27:53.975632Z", user_metadata: None, webauthn: false, webauthn_devices: [], webauthn_types: [] } }

Refresh or revoke refresh tokens

// APP ID loaded via environment vairable
let passage = Passage::new();

// Refresh tokens
let response = passage.tokens().refresh_auth_token(RefreshAuthTokenRequest{refresh_token}).await

// Revoke refresh token
let response = passage.tokens().revoke_refresh_token(refresh_token)

License

This project is licensed under MIT license.