Struct graph_oauth::Token

source · 
pub struct Token {
Show 17 fields
    pub access_token: String,
    pub token_type: String,
    pub expires_in: i64,
    pub ext_expires_in: Option<i64>,
    pub scope: Vec<String>,
    pub refresh_token: Option<String>,
    pub user_id: Option<String>,
    pub id_token: Option<IdToken>,
    pub state: Option<String>,
    pub session_state: Option<String>,
    pub nonce: Option<String>,
    pub correlation_id: Option<String>,
    pub client_info: Option<String>,
    pub timestamp: Option<OffsetDateTime>,
    pub expires_on: Option<OffsetDateTime>,
    pub additional_fields: HashMap<String, Value>,
    pub log_pii: bool,

}
Expand description

An access token is a security token issued by an authorization server as part of an OAuth 2.0 flow. It contains information about the user and the resource for which the token is intended. The information can be used to access web APIs and other protected resources. Resources validate access tokens to grant access to a client application. For more information, see Access tokens in the Microsoft Identity Platform

For more info from the specification see Successful Response

Create a new AccessToken.

§Example

let token_response = Token::new("Bearer", 3600, "ASODFIUJ34KJ;LADSK", vec!["User.Read"]);

The Token::decode method parses the id token into a JWT and returns it. Calling Token::decode when the Token’s id_token field is None returns an error result. For more info see: Microsoft identity platform access tokens

Fields§

§access_token: String

Access tokens are credentials used to access protected resources. An access token is a string representing an authorization issued to the client. The string is usually opaque to the client. Tokens represent specific scopes and durations of access, granted by the resource owner, and enforced by the resource server and authorization server.

See Access Token in the specification

§token_type: String§expires_in: i64§ext_expires_in: Option<i64>

Legacy version of expires_in

§scope: Vec<String>§refresh_token: Option<String>

Refresh tokens are credentials used to obtain access tokens. Refresh tokens are issued to the client by the authorization server and are used to obtain a new access token when the current access token becomes invalid or expires, or to obtain additional access tokens with identical or narrower scope (access tokens may have a shorter lifetime and fewer permissions than authorized by the resource owner). Issuing a refresh token is optional at the discretion of the authorization server. If the authorization server issues a refresh token, it is included when issuing an access token

See Refresh Token in the specification

Because access tokens are valid for only a short period of time, authorization servers sometimes issue a refresh token at the same time the access token is issued. The client application can then exchange this refresh token for a new access token when needed. For more information, see Refresh tokens in the Microsoft identity platform.

§user_id: Option<String>§id_token: Option<IdToken>§state: Option<String>§session_state: Option<String>§nonce: Option<String>§correlation_id: Option<String>§client_info: Option<String>§timestamp: Option<OffsetDateTime>§expires_on: Option<OffsetDateTime>§additional_fields: HashMap<String, Value>

Any extra returned fields for AccessToken.

§log_pii: bool

Implementations§

source§

impl Token

source

pub fn new<T: ToString, I: IntoIterator<Item = T>>( token_type: &str, expires_in: i64, access_token: &str, scope: I ) -> Token

source

pub fn with_token_type(&mut self, s: &str) -> &mut Self

Set the token type.

§Example

let mut access_token = Token::default();
access_token.with_token_type("Bearer");
source

pub fn with_expires_in(&mut self, expires_in: i64) -> &mut Self

Set the expies in time. This should usually be done in seconds.

§Example

let mut access_token = Token::default();
access_token.with_expires_in(3600);
source

pub fn with_scope<T: ToString, I: IntoIterator<Item = T>>( &mut self, scope: I ) -> &mut Self

Set the scope.

§Example

let mut access_token = Token::default();
access_token.with_scope(vec!["User.Read"]);
source

pub fn with_access_token(&mut self, s: &str) -> &mut Self

Set the access token.

§Example

let mut access_token = Token::default();
access_token.with_access_token("ASODFIUJ34KJ;LADSK");
source

pub fn with_refresh_token(&mut self, s: &str) -> &mut Self

Set the refresh token.

§Example

let mut access_token = Token::default();
access_token.with_refresh_token("#ASOD323U5342");
source

pub fn with_user_id(&mut self, s: &str) -> &mut Self

Set the user id.

§Example

let mut access_token = Token::default();
access_token.with_user_id("user_id");
source

pub fn set_id_token(&mut self, s: &str) -> &mut Self

Set the id token.

§Example

let mut access_token = Token::default();
access_token.set_id_token("id_token");
source

pub fn with_id_token(&mut self, id_token: IdToken)

Set the id token.

§Example

let mut access_token = Token::default();
access_token.with_id_token(IdToken::new("id_token", "code", "state", "session_state"));
source

pub fn with_state(&mut self, s: &str) -> &mut Self

Set the state.

§Example

let mut access_token = Token::default();
access_token.with_state("state");
source

pub fn enable_pii_logging(&mut self, log_pii: bool)

Enable or disable logging of personally identifiable information such as logging the id_token. This is disabled by default. When log_pii is enabled passing Token to logging or print functions will log both the bearer access token value, the refresh token value if any, and the id token value. By default these do not get logged.

source

pub fn gen_timestamp(&mut self)

Timestamp field is used to tell whether the access token is expired. This method is mainly used internally as soon as the access token is deserialized from the api response for an accurate reading on when the access token expires.

You most likely do not want to use this method unless you are deserializing the access token using custom deserialization or creating your own access tokens manually.

This method resets the access token timestamp based on the expires_in field which is the total seconds that the access token is valid for starting from when the token was first retrieved.

This will reset the the timestamp from Utc Now + expires_in. This means that if calling Token::gen_timestamp will only be reliable if done when the access token is first retrieved.

§Example

let mut access_token = Token::default();
access_token.expires_in = 86999;
access_token.gen_timestamp();
println!("{:#?}", access_token.timestamp);
source

pub fn is_expired(&self) -> bool

Check whether the access token is expired. Checks if expires_on timestamp is less than UTC now timestamp.

§Example

let mut access_token = Token::default();
println!("{:#?}", access_token.is_expired());
source

pub fn is_expired_sub(&self, duration: Duration) -> bool

Check whether the access token is expired sub duration. This is useful in scenarios where you want to eagerly refresh the access token before it expires to prevent a failed request.

§Example

let mut access_token = Token::default();
println!("{:#?}", access_token.is_expired_sub(time::Duration::minutes(5)));
source

pub fn elapsed(&self) -> Option<Duration>

Get the time left in seconds until the access token expires. See the HumanTime crate. If you just need to know if the access token is expired then use the is_expired() message which returns a boolean true for the token has expired and false otherwise.

§Example

let mut access_token = Token::default();
println!("{:#?}", access_token.elapsed());
source

pub fn decode_header(&self) -> Result<Header>

source

pub fn decode( &self, n: &str, e: &str, client_id: &str, issuer: &str ) -> Result<TokenData<Claims>>

Decode and validate the id token.

Trait Implementations§

source§

impl AsBearer for Token

source§

fn as_bearer(&self) -> String

source§

impl AsRef<str> for Token

source§

fn as_ref(&self) -> &str

Converts this type into a shared reference of the (usually inferred) input type.
source§

impl Clone for Token

source§

fn clone(&self) -> Token

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl Debug for Token

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl Default for Token

source§

fn default() -> Self

Returns the “default value” for a type. Read more
source§

impl<'de> Deserialize<'de> for Token

source§

fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
where D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more
source§

impl Display for Token

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl PartialEq for Token

source§

fn eq(&self, other: &Token) -> bool

This method tests for self and other values to be equal, and is used by ==.
1.0.0 · source§

fn ne(&self, other: &Rhs) -> bool

This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
source§

impl Serialize for Token

source§

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>
where __S: Serializer,

Serialize this value into the given Serde serializer. Read more
source§

impl TryFrom<&str> for Token

§

type Error = GraphFailure

The type returned in the event of a conversion error.
source§

fn try_from(value: &str) -> Result<Self, Self::Error>

Performs the conversion.
source§

impl TryFrom<AuthorizationResponse> for Token

§

type Error = AuthorizationFailure

The type returned in the event of a conversion error.
source§

fn try_from(value: AuthorizationResponse) -> Result<Self, Self::Error>

Performs the conversion.
source§

impl TryFrom<RequestBuilder> for Token

§

type Error = GraphFailure

The type returned in the event of a conversion error.
source§

fn try_from(value: RequestBuilder) -> Result<Self, Self::Error>

Performs the conversion.
source§

impl TryFrom<Response> for Token

§

type Error = GraphFailure

The type returned in the event of a conversion error.
source§

fn try_from(value: Response) -> Result<Self, Self::Error>

Performs the conversion.
source§

impl TryFrom<Result<Response, Error>> for Token

§

type Error = GraphFailure

The type returned in the event of a conversion error.
source§

fn try_from(value: Result<Response, Error>) -> Result<Self, Self::Error>

Performs the conversion.
source§

impl Eq for Token

source§

impl StructuralPartialEq for Token

Auto Trait Implementations§

§

impl Freeze for Token

§

impl RefUnwindSafe for Token

§

impl Send for Token

§

impl Sync for Token

§

impl Unpin for Token

§

impl UnwindSafe for Token

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> DynClone for T
where T: Clone,

source§

fn __clone_box(&self, _: Private) -> *mut ()

source§

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

source§

fn equivalent(&self, key: &K) -> bool

Checks if this value is equivalent to the given key. Read more
source§

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

source§

fn equivalent(&self, key: &K) -> bool

Compare self to key and return true if they are equal.
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T> Instrument for T

source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> ToOwned for T
where T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T> ToString for T
where T: Display + ?Sized,

source§

default fn to_string(&self) -> String

Converts the given value to a String. Read more
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
source§

impl<T> WithSubscriber for T

source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more
source§

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,