Crate graph_oauth
source ·Expand description
OAuth client implementing the OAuth 2.0 and OpenID Connect protocols on Microsoft identity platform
Purpose built as OAuth client for Microsoft Graph and the graph-rs-sdk project. This project can however be used outside graph-rs-sdk as an OAuth client for Microsoft Identity Platform.
Supported Authorization Flows
Microsoft OneDrive and SharePoint
Microsoft Identity Platform
- Authorization Code Grant
- Authorization Code Grant PKCE
- Open ID Connect
- Implicit Grant
- Device Code Flow
- Client Credentials
- Resource Owner Password Credentials
Example
use graph_oauth::oauth::OAuth;
let mut oauth = OAuth::new();
oauth
.client_id("<YOUR_CLIENT_ID>")
.client_secret("<YOUR_CLIENT_SECRET>")
.add_scope("files.read")
.add_scope("files.readwrite")
.add_scope("files.read.all")
.add_scope("files.readwrite.all")
.add_scope("offline_access")
.redirect_uri("http://localhost:8000/redirect")
.authorize_url("https://login.microsoftonline.com/common/oauth2/v2.0/authorize")
.access_token_url("https://login.microsoftonline.com/common/oauth2/v2.0/token")
.refresh_token_url("https://login.microsoftonline.com/common/oauth2/v2.0/token")
.response_type("code")
.logout_url("https://login.microsoftonline.com/common/oauth2/v2.0/logout")
.post_logout_redirect_uri("http://localhost:8000/redirect");
Get the access code for the authorization code grant by sending the user to log in using their browser.
ⓘ
let mut request = oauth.build().authorization_code_grant();
let _ = request.browser_authorization().open();
The access code will be appended to the url on redirect. Pass this code to the OAuth instance:
oauth.access_code("<ACCESS CODE>");
Perform an authorization code grant request for an access token:
ⓘ
let mut request = oauth.build().authorization_code_grant();
let response = request.access_token().send()?;
println!("{:#?}", access_token);
if response.status().is_success() {
let mut access_token: AccessToken = response.json()?;
let jwt = access_token.jwt();
println!("{jwt:#?}");
// Store in OAuth to make requests for refresh tokens.
oauth.access_token(access_token);
} else {
// See if Microsoft Graph returned an error in the Response body
let result: reqwest::Result<serde_json::Value> = response.json()?;
println!("{:#?}", result);
}