Struct AuthProvider 

pub struct AuthProvider {
    pub id: String,
    pub issuer: String,
    pub jwks_uri: String,
    pub audiences: String,
    pub authorization_url: String,
    pub jwt_locations: Vec<JwtLocation>,
}

Configuration for an authentication provider, including support for JSON Web Token (JWT).

Fields

id: String

The unique identifier of the auth provider. It will be referred to by AuthRequirement.provider_id.

Example: “bookstore_auth”.

issuer: String

Identifies the principal that issued the JWT. See https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32#section-4.1.1 Usually a URL or an email address.

Example: https://securetoken.google.com Example: 1234567-compute@developer.gserviceaccount.com

jwks_uri: String

URL of the provider’s public key set to validate signature of the JWT. See OpenID Discovery. Optional if the key set document:

• can be retrieved from OpenID Discovery of the issuer.
• can be inferred from the email domain of the issuer (e.g. a Google service account).

Example: https://www.googleapis.com/oauth2/v1/certs

audiences: String

The list of JWT audiences. that are allowed to access. A JWT containing any of these audiences will be accepted. When this setting is absent, JWTs with audiences:

• “https://\[service.name\]/\[google.protobuf.Api.name\]"
• “https://\[service.name\]/" will be accepted. For example, if no audiences are in the setting, LibraryService API will accept JWTs with the following audiences:

https://library-example.googleapis.com/google.example.library.v1.LibraryService

• https://library-example.googleapis.com/

Example:

audiences: bookstore_android.apps.googleusercontent.com,
            bookstore_web.apps.googleusercontent.com

authorization_url: String

Redirect URL if JWT token is required but not present or is expired. Implement authorizationUrl of securityDefinitions in OpenAPI spec.

jwt_locations: Vec<JwtLocation>

Defines the locations to extract the JWT. For now it is only used by the Cloud Endpoints to store the OpenAPI extension [x-google-jwt-locations] (https://cloud.google.com/endpoints/docs/openapi/openapi-extensions#x-google-jwt-locations)

JWT locations can be one of HTTP headers, URL query parameters or cookies. The rule is that the first match wins.

If not specified, default to use following 3 locations:

1. Authorization: Bearer
2. x-goog-iap-jwt-assertion
3. access_token query parameter

Default locations can be specified as followings: jwt_locations:

• header: Authorization value_prefix: “Bearer “
• header: x-goog-iap-jwt-assertion
• query: access_token

Trait Implementations

impl Clone for AuthProvider

fn clone(&self) -> AuthProvider

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for AuthProvider

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Default for AuthProvider

fn default() -> Self

Returns the “default value” for a type.

impl Message for AuthProvider

fn encoded_len(&self) -> usize

Returns the encoded length of the message without a length delimiter.

fn clear(&mut self)

Clears the message, resetting all fields to their default.

fn encode(&self, buf: &mut impl BufMut) -> Result<(), EncodeError>

where Self: Sized,

Encodes the message to a buffer.

fn encode_to_vec(&self) -> Vec<u8>

where Self: Sized,

Encodes the message to a newly allocated buffer.

fn encode_length_delimited( &self, buf: &mut impl BufMut, ) -> Result<(), EncodeError>

where Self: Sized,

Encodes the message with a length-delimiter to a buffer.

fn encode_length_delimited_to_vec(&self) -> Vec<u8>

where Self: Sized,

Encodes the message with a length-delimiter to a newly allocated buffer.

fn decode(buf: impl Buf) -> Result<Self, DecodeError>

where Self: Default,

Decodes an instance of the message from a buffer.

fn decode_length_delimited(buf: impl Buf) -> Result<Self, DecodeError>

where Self: Default,

Decodes a length-delimited instance of the message from the buffer.

fn merge(&mut self, buf: impl Buf) -> Result<(), DecodeError>

where Self: Sized,

Decodes an instance of the message from a buffer, and merges it into self.

fn merge_length_delimited(&mut self, buf: impl Buf) -> Result<(), DecodeError>

where Self: Sized,

Decodes a length-delimited instance of the message from buffer, and merges it into self.

impl PartialEq for AuthProvider

fn eq(&self, other: &AuthProvider) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl StructuralPartialEq for AuthProvider