Struct graph_oauth::oauth::OAuth

source · []
pub struct OAuth { /* private fields */ }
Expand description

OAuth

OAuth client implementing the OAuth 2.0 and OpenID Connect protocols on Microsoft identity platform. This version is specifically meant for the Graph V1.0 and Beta API.

The client supports almost all OAuth 2.0 flows that Microsoft implements as well as the token and code flow specific to the OneDrive api.

The OAuth client is strict on what can be used for a specific OAuth flow. This is to ensure that the credentials used in requests include only information that is required or optional for that specific grant and not any other. Even if you accidently pass a value, such as a nonce, for a grant type that does not use it, any request that is made will not include the nonce regardless.

Disclaimer

Using this API for other resource owners besides Microsoft may work but functionality will more then likely be limited.

Example

use graph_oauth::oauth::OAuth;
let oauth = OAuth::new();

Implementations

Create a new OAuth instance.

Example
use graph_oauth::oauth::{OAuth, GrantType};

let mut oauth = OAuth::new();

Insert oauth credentials using the OAuthCredential enum. This method is used internally for each of the setter methods. Callers can optionally use this method to set credentials instead of the individual setter methods.

Example
oauth.insert(OAuthCredential::AuthorizeURL, "https://example.com");
assert!(oauth.contains(OAuthCredential::AuthorizeURL));
println!("{:#?}", oauth.get(OAuthCredential::AuthorizeURL));

Insert and OAuth credential using the entry trait and returning the credential. This internally calls entry.(OAuthCredential).or_insret_with(value).

Example
let entry = oauth.entry(OAuthCredential::AuthorizeURL, "https://example.com");
assert_eq!(entry, "https://example.com")

Get a previously set credential.

Example
let a = oauth.get(OAuthCredential::AuthorizeURL);

Check if an OAuth credential has already been set.

Example
println!("{:#?}", oauth.contains(OAuthCredential::Nonce));

Remove a field from OAuth.

Example
oauth.client_id("client_id");

assert_eq!(oauth.contains(OAuthCredential::ClientId), true);
oauth.remove(OAuthCredential::ClientId);

assert_eq!(oauth.contains(OAuthCredential::ClientId), false);

Set the client id for an OAuth request.

Example
oauth.client_id("client_id");

Set the state for an OAuth request.

Example
oauth.state("1234");

Set the client secret for an OAuth request.

Example
oauth.client_secret("client_secret");

Set the authorization URL.

Example
oauth.authorize_url("https://example.com/authorize");

Set the access token url of a request for OAuth

Example
oauth.access_token_url("https://example.com/token");

Set the refresh token url of a request for OAuth

Example
oauth.refresh_token_url("https://example.com/token");

Set the redirect url of a request

Example
oauth.redirect_uri("https://localhost:8888/redirect");

Set the access code.

Example
oauth.access_code("LDSF[POK43");

Set the response mode.

Example
oauth.response_mode("query");

Set the response type.

Example
oauth.response_type("token");

Set the nonce.

Example

oauth.nonce("1234");

Set the prompt for open id.

Example

oauth.prompt("login");

Set id token for open id.

Example
oauth.id_token(IdToken::new("1345", "code", "state", "session_state"));

Set the session state.

Example
oauth.session_state("session-state");

Set the grant_type.

Example
oauth.grant_type("token");

Set the resource.

Example
oauth.resource("resource");

Set the code verifier.

Example
oauth.code_verifier("code_verifier");

Set the domain hint.

Example
oauth.domain_hint("domain_hint");

Set the code challenge.

Example
oauth.code_challenge("code_challenge");

Set the code challenge method.

Example
oauth.code_challenge_method("code_challenge_method");

Generate a code challenge and code verifier for the authorization code grant flow using proof key for code exchange (PKCE) and SHA256.

This method automatically sets the code_verifier, code_challenge, and code_challenge_method fields.

For authorization, the code_challenge_method parameter in the request body is automatically set to ‘S256’.

Internally this method uses the Rust ring cyrpto library to generate a secure random 32-octet sequence that is base64 URL encoded (no padding). This sequence is hashed using SHA256 and base64 URL encoded (no padding) resulting in a 43-octet URL safe string.

For more info on PKCE and entropy see: https://tools.ietf.org/html/rfc7636#section-7.1

Example

let mut oauth = OAuth::new();
oauth.generate_sha256_challenge_and_verifier();

println!("Code Challenge: {:#?}", oauth.get(OAuthCredential::CodeChallenge));
println!("Code Verifier: {:#?}", oauth.get(OAuthCredential::CodeVerifier));
println!("Code Challenge Method: {:#?}", oauth.get(OAuthCredential::CodeChallengeMethod));

Set the login hint.

Example
oauth.login_hint("login_hint");

Set the client assertion.

Example
oauth.client_assertion("client_assertion");

Set the client assertion type.

Example
oauth.client_assertion_type("client_assertion_type");

Set the url to send a post request that will log out the user.

Example
oauth.logout_url("https://example.com/logout?");

Set the redirect uri that user will be redirected to after logging out.

Example
oauth.post_logout_redirect_uri("http://localhost:8080");

Set the redirect uri that user will be redirected to after logging out.

Example
oauth.username("user");
assert!(oauth.contains(OAuthCredential::Username))

Set the redirect uri that user will be redirected to after logging out.

Example
oauth.password("user");
assert!(oauth.contains(OAuthCredential::Password))

Add a scope’ for the OAuth URL.

Example

oauth.add_scope("Sites.Read")
    .add_scope("Sites.ReadWrite")
    .add_scope("Sites.ReadWrite.All");
assert_eq!(oauth.join_scopes(" "), "Sites.Read Sites.ReadWrite Sites.ReadWrite.All");

Get the scopes.

Example
let mut oauth = OAuth::new();
oauth.add_scope("Files.Read");
oauth.add_scope("Files.ReadWrite");

let scopes = oauth.get_scopes();
assert!(scopes.contains("Files.Read"));
assert!(scopes.contains("Files.ReadWrite"));

Join scopes.

Example

// the scopes take a separator just like Vec join.
 let s = oauth.join_scopes(" ");
println!("{:#?}", s);

Extend scopes.

Example

let scopes1 = vec!["Files.Read", "Files.ReadWrite"];
oauth.extend_scopes(&scopes1);

assert_eq!(oauth.join_scopes(" "), "Files.Read Files.ReadWrite");

Check if OAuth contains a specific scope.

Example

oauth.add_scope("Files.Read");
assert_eq!(oauth.contains_scope("Files.Read"), true);

// Or using static scopes
oauth.add_scope("File.ReadWrite");
assert!(oauth.contains_scope("File.ReadWrite"));

Remove a previously added scope.

Example

oauth.add_scope("scope");
oauth.remove_scope("scope");

Remove all scopes.

Example

oauth.add_scope("Files.Read").add_scope("Files.ReadWrite");
assert_eq!("Files.Read Files.ReadWrite", oauth.join_scopes(" "));

oauth.clear_scopes();
assert!(oauth.get_scopes().is_empty());

Set the access token.

Example
use graph_oauth::oauth::OAuth;
use graph_oauth::oauth::AccessToken;
let mut oauth = OAuth::new();
let access_token = AccessToken::default();
oauth.access_token(access_token);

Get the access token.

Example
let access_token = oauth.get_access_token().unwrap();
println!("{:#?}", access_token);

Get the refrsh token. This method returns the current refresh token stored in OAuth and does not make a request for a refresh token.

Example
let mut  access_token = AccessToken::default();
access_token.set_refresh_token("refresh_token");
oauth.access_token(access_token);

let refresh_token = oauth.get_refresh_token().unwrap();
println!("{:#?}", refresh_token);

Sign the user out using the OneDrive v1.0 endpoint.

Example
use graph_oauth::oauth::OAuth;
let mut oauth = OAuth::new();

oauth.v1_logout().unwrap();

Sign the user out using the OneDrive v2.0 endpoint.

Example
use graph_oauth::oauth::OAuth;
let mut oauth = OAuth::new();

oauth.v2_logout().unwrap();

Trait Implementations

Returns a copy of the value. Read more

Performs copy-assignment from source. Read more

Formats the value using the given formatter. Read more

Returns the “default value” for a type. Read more

Deserialize this value from the given Serde deserializer. Read more

Extend the OAuth credentials.

Example

let mut map: HashMap<OAuthCredential, &str> = HashMap::new();
map.insert(OAuthCredential::ClientId, "client_id");
map.insert(OAuthCredential::ClientSecret, "client_secret");

oauth.extend(map);

Extends a collection with the contents of an iterator. Read more

🔬 This is a nightly-only experimental API. (extend_one)

Extends a collection with exactly one element.

🔬 This is a nightly-only experimental API. (extend_one)

Reserves capacity in a collection for the given number of additional elements. Read more

This method tests for self and other values to be equal, and is used by ==. Read more

This method tests for !=.

Serialize this value into the given Serde serializer. Read more

Auto Trait Implementations

Blanket Implementations

Gets the TypeId of self. Read more

Immutably borrows from an owned value. Read more

Mutably borrows from an owned value. Read more

Compare self to key and return true if they are equal.

Performs the conversion.

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more

Instruments this type with the current Span, returning an Instrumented wrapper. Read more

Performs the conversion.

The resulting type after obtaining ownership.

Creates owned data from borrowed data, usually by cloning. Read more

🔬 This is a nightly-only experimental API. (toowned_clone_into)

Uses borrowed data to replace owned data, usually by cloning. Read more

The type returned in the event of a conversion error.

Performs the conversion.

The type returned in the event of a conversion error.

Performs the conversion.

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more