gestalt/
authentication.rs

1// Code generated by sdkgen. DO NOT EDIT.
2
3//! Generated native types and clients for authentication.proto.
4
5use crate::codec::authentication::{
6    from_wire_auth_session_settings, from_wire_authenticated_user, from_wire_begin_login_response,
7    to_wire_begin_login_request, to_wire_complete_login_request,
8    to_wire_validate_external_token_request,
9};
10use crate::generated::v1;
11use crate::rpc_support::GestaltError;
12
13/// AuthSessionSettings configures how the host persists authenticated sessions.
14///
15/// Native message type for `gestalt.provider.v1.AuthSessionSettings`.
16#[derive(Clone, Debug, Default, PartialEq)]
17pub struct AuthSessionSettings {
18    /// The `session_ttl_seconds` field.
19    pub session_ttl_seconds: i64,
20}
21
22/// AuthenticatedUser is the normalized user identity returned by an authentication
23/// provider after a login or token-validation flow.
24///
25/// Native message type for `gestalt.provider.v1.AuthenticatedUser`.
26#[derive(Clone, Debug, Default, PartialEq)]
27pub struct AuthenticatedUser {
28    /// The `subject` field.
29    pub subject: String,
30    /// The `email` field.
31    pub email: String,
32    /// The `email_verified` field.
33    pub email_verified: bool,
34    /// The `display_name` field.
35    pub display_name: String,
36    /// The `avatar_url` field.
37    pub avatar_url: String,
38    /// The `claims` field.
39    pub claims: std::collections::BTreeMap<String, String>,
40}
41
42/// BeginLoginRequest starts an interactive login flow.
43///
44/// Native message type for `gestalt.provider.v1.BeginLoginRequest`.
45#[derive(Clone, Debug, Default, PartialEq)]
46pub struct BeginLoginRequest {
47    /// callback_url is the host-managed URL the provider should redirect back to.
48    ///
49    /// The `callback_url` field.
50    pub callback_url: String,
51    /// host_state is opaque state generated by the host and echoed back on
52    /// completion.
53    ///
54    /// The `host_state` field.
55    pub host_state: String,
56    /// scopes are the provider-specific scopes the host is requesting.
57    ///
58    /// The `scopes` field.
59    pub scopes: Vec<String>,
60    /// options carries provider-specific login parameters.
61    ///
62    /// The `options` field.
63    pub options: std::collections::BTreeMap<String, String>,
64}
65
66/// BeginLoginResponse returns the provider-managed authorization URL and opaque
67/// provider state that must be preserved until completion.
68///
69/// Native message type for `gestalt.provider.v1.BeginLoginResponse`.
70#[derive(Clone, Debug, Default, PartialEq)]
71pub struct BeginLoginResponse {
72    /// The `authorization_url` field.
73    pub authorization_url: String,
74    /// The `provider_state` field.
75    pub provider_state: Vec<u8>,
76}
77
78/// CompleteLoginRequest finishes an interactive login flow.
79///
80/// Native message type for `gestalt.provider.v1.CompleteLoginRequest`.
81#[derive(Clone, Debug, Default, PartialEq)]
82pub struct CompleteLoginRequest {
83    /// query contains the callback URL query parameters returned by the identity
84    /// provider.
85    ///
86    /// The `query` field.
87    pub query: std::collections::BTreeMap<String, String>,
88    /// provider_state is the opaque state returned from BeginLoginResponse.
89    ///
90    /// The `provider_state` field.
91    pub provider_state: Vec<u8>,
92    /// callback_url is the fully qualified callback URL used by the host.
93    ///
94    /// The `callback_url` field.
95    pub callback_url: String,
96}
97
98/// ValidateExternalTokenRequest asks the provider to validate a token minted
99/// outside the interactive login flow.
100///
101/// Native message type for `gestalt.provider.v1.ValidateExternalTokenRequest`.
102#[derive(Clone, Debug, Default, PartialEq)]
103pub struct ValidateExternalTokenRequest {
104    /// The `token` field.
105    pub token: String,
106}
107
108/// Authentication models the shared Gestalt authentication protocol.
109///
110/// Client for the `gestalt.provider.v1.Authentication` service.
111pub struct Authentication {
112    inner: v1::authentication_client::AuthenticationClient<tonic::transport::Channel>,
113    timeout: Option<std::time::Duration>,
114}
115
116impl Authentication {
117    /// Creates a client over an established channel.
118    pub fn new(channel: tonic::transport::Channel) -> Self {
119        Self {
120            inner: v1::authentication_client::AuthenticationClient::new(channel),
121            timeout: None,
122        }
123    }
124
125    /// Sets a deadline applied to every unary call; calls that run past it
126    /// fail with DEADLINE_EXCEEDED. Streaming calls are unaffected.
127    pub fn with_timeout(mut self, timeout: std::time::Duration) -> Self {
128        self.timeout = Some(timeout);
129        self
130    }
131
132    /// Calls `gestalt.provider.v1.Authentication.BeginLogin`.
133    pub async fn begin_login(
134        &mut self,
135        callback_url: String,
136        host_state: String,
137        scopes: Vec<String>,
138    ) -> Result<BeginLoginResponse, GestaltError> {
139        let request = BeginLoginRequest {
140            callback_url,
141            host_state,
142            scopes,
143            ..Default::default()
144        };
145        let mut tonic_request = tonic::Request::new(to_wire_begin_login_request(request));
146        if let Some(timeout) = self.timeout {
147            tonic_request.set_timeout(timeout);
148        }
149        let response = self.inner.begin_login(tonic_request).await?;
150        Ok(from_wire_begin_login_response(response.into_inner()))
151    }
152
153    /// Calls `gestalt.provider.v1.Authentication.BeginLogin` with the full request and response messages.
154    pub async fn begin_login_raw(
155        &mut self,
156        request: BeginLoginRequest,
157    ) -> Result<BeginLoginResponse, GestaltError> {
158        let mut tonic_request = tonic::Request::new(to_wire_begin_login_request(request));
159        if let Some(timeout) = self.timeout {
160            tonic_request.set_timeout(timeout);
161        }
162        let response = self.inner.begin_login(tonic_request).await?;
163        Ok(from_wire_begin_login_response(response.into_inner()))
164    }
165
166    /// Calls `gestalt.provider.v1.Authentication.CompleteLogin`.
167    pub async fn complete_login(
168        &mut self,
169        provider_state: Vec<u8>,
170        callback_url: String,
171        query: std::collections::BTreeMap<String, String>,
172    ) -> Result<AuthenticatedUser, GestaltError> {
173        let request = CompleteLoginRequest {
174            provider_state,
175            callback_url,
176            query,
177        };
178        let mut tonic_request = tonic::Request::new(to_wire_complete_login_request(request));
179        if let Some(timeout) = self.timeout {
180            tonic_request.set_timeout(timeout);
181        }
182        let response = self.inner.complete_login(tonic_request).await?;
183        Ok(from_wire_authenticated_user(response.into_inner()))
184    }
185
186    /// Calls `gestalt.provider.v1.Authentication.CompleteLogin` with the full request and response messages.
187    pub async fn complete_login_raw(
188        &mut self,
189        request: CompleteLoginRequest,
190    ) -> Result<AuthenticatedUser, GestaltError> {
191        let mut tonic_request = tonic::Request::new(to_wire_complete_login_request(request));
192        if let Some(timeout) = self.timeout {
193            tonic_request.set_timeout(timeout);
194        }
195        let response = self.inner.complete_login(tonic_request).await?;
196        Ok(from_wire_authenticated_user(response.into_inner()))
197    }
198
199    /// Calls `gestalt.provider.v1.Authentication.ValidateExternalToken`.
200    pub async fn validate_external_token(
201        &mut self,
202        token: String,
203    ) -> Result<AuthenticatedUser, GestaltError> {
204        let request = ValidateExternalTokenRequest { token };
205        let mut tonic_request =
206            tonic::Request::new(to_wire_validate_external_token_request(request));
207        if let Some(timeout) = self.timeout {
208            tonic_request.set_timeout(timeout);
209        }
210        let response = self.inner.validate_external_token(tonic_request).await?;
211        Ok(from_wire_authenticated_user(response.into_inner()))
212    }
213
214    /// Calls `gestalt.provider.v1.Authentication.ValidateExternalToken` with the full request and response messages.
215    pub async fn validate_external_token_raw(
216        &mut self,
217        request: ValidateExternalTokenRequest,
218    ) -> Result<AuthenticatedUser, GestaltError> {
219        let mut tonic_request =
220            tonic::Request::new(to_wire_validate_external_token_request(request));
221        if let Some(timeout) = self.timeout {
222            tonic_request.set_timeout(timeout);
223        }
224        let response = self.inner.validate_external_token(tonic_request).await?;
225        Ok(from_wire_authenticated_user(response.into_inner()))
226    }
227
228    /// Calls `gestalt.provider.v1.Authentication.GetSessionSettings`.
229    pub async fn get_session_settings(&mut self) -> Result<AuthSessionSettings, GestaltError> {
230        let mut tonic_request = tonic::Request::new(());
231        if let Some(timeout) = self.timeout {
232            tonic_request.set_timeout(timeout);
233        }
234        let response = self.inner.get_session_settings(tonic_request).await?;
235        Ok(from_wire_auth_session_settings(response.into_inner()))
236    }
237}
gestalt/authentication.rs

gestalt/
authentication.rs
