gcloud_identity_token/lib.rs
1//! # gcloud-identity-token
2//!
3//! A Rust library for obtaining and caching Google OAuth2 tokens for use with
4//! Google Cloud APIs.
5//!
6//! This crate handles the entire OAuth 2.0 Authorization Code flow:
7//! - Launching a browser to log in
8//! - Receiving and exchanging authorization codes
9//! - Saving access, refresh, and ID tokens
10//! - Securely caching them using the system keyring or a local file
11//!
12//! ## Features
13//! - Secure keyring-backed token storage (per Google user)
14//! - File-based cache via `GCLOUD_IDENTITY_TOKEN_PATH` override
15//! - Fully async support with `reqwest` + `tokio`
16//! - Intelligent refresh with expiry tracking
17//!
18//! ## Example
19//!
20//! ```rust,no_run
21//! use anyhow::Result;
22//! use gcloud_identity_token::{auth::get_token, config::load_creds};
23//!
24//! #[tokio::main]
25//! async fn main() -> Result<()> {
26//! let creds = load_creds()?;
27//! let token = get_token(&creds).await?;
28//! println!("Access Token: {}", token.access_token);
29//! println!("ID Token: {}", token.id_token);
30//! Ok(())
31//! }
32//! ```
33//!
34//! ## Environment Variables
35//! - `GCLOUD_IDENTITY_TOKEN_PATH` — path to file-based token cache
36//! - `DISPLAY` / `WAYLAND_DISPLAY` — if unset, triggers headless login flow
37//!
38//! ## Modules
39
40/// Authorization flow and token refresh logic.
41pub mod auth;
42
43/// Browser launching and redirect capture logic.
44pub mod browser;
45
46/// Token cache handling (keyring and file-based).
47pub mod cache;
48
49/// Configuration structures and token types.
50pub mod config;
51
52/// Shared utilities like port picking.
53pub mod shared;