rullst-connect 8.0.0

OAuth2 Social Login for Rust web frameworks.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90

use crate::client::HttpClientExt;
use crate::error::ConnectError;
use crate::provider::Provider;
use crate::user::ConnectUser;
use async_trait::async_trait;
use serde_json::Value;

crate::define_provider!(XProvider, "users.read", "tweet.read");

#[async_trait]
impl Provider for XProvider {
    crate::impl_standard_redirect_url!("https://twitter.com/i/oauth2/authorize");

    async fn get_user(&self, _auth_code: &str) -> Result<ConnectUser, ConnectError> {
        let _ = &self.client_secret;
        Err(crate::error::ConnectError::Provider(
            "X (Twitter) requires PKCE. Use get_user_with_pkce instead.".to_string(),
        ))
    }

    async fn get_user_with_pkce(
        &self,
        auth_code: &str,
        code_verifier: &str,
    ) -> Result<ConnectUser, ConnectError> {
        let token_res = self
            .http_client
            .post(self.token_url())
            .form([
                ("grant_type", "authorization_code"),
                ("client_id", self.client_id.as_str()),
                ("code", auth_code),
                ("redirect_uri", self.redirect_url.as_str()),
                ("code_verifier", code_verifier),
            ])
            .send()
            .await?
            .error_for_status()?
            .json::<Value>()
            .await?;

        let access_token = token_res["access_token"]
            .as_str()
            .ok_or_else(|| ConnectError::Token("Failed to get access_token".to_string()))?;

        let mut user = self.get_user_from_token(access_token).await?;
        user.refresh_token = token_res["refresh_token"].as_str().map(String::from);
        user.expires_in = token_res["expires_in"]
            .as_u64()
            .or_else(|| token_res["expires_in"].as_i64().map(|v| v as u64));
        Ok(user)
    }

    async fn get_user_from_token(&self, access_token: &str) -> Result<ConnectUser, ConnectError> {
        let user_res = self
            .http_client
            .get("https://api.twitter.com/2/users/me?user.fields=profile_image_url")
            .bearer_auth(access_token)
            .send()
            .await?
            .error_for_status()?
            .json::<Value>()
            .await?;

        let data = &user_res["data"];

        Ok(ConnectUser {
            id: data["id"]
                .as_str()
                .map(String::from)
                .ok_or_else(|| crate::error::ConnectError::Provider("Missing id".to_string()))?,
            name: data["name"].as_str().map(String::from).unwrap_or_default(),
            email: None, // X v2 does not return email via this endpoint by default
            avatar_url: data["profile_image_url"]
                .as_str()
                .map(|s: &str| s.replace("_normal.", ".")),
            email_verified: None,
            raw_data: user_res,
            access_token: access_token.to_string(),
            refresh_token: None,
            expires_in: None,
        })
    }

    fn token_url(&self) -> String {
        "https://api.twitter.com/2/oauth2/token".to_string()
    }

    crate::impl_standard_refresh_token!();
}