Struct OpenIdAuthorizationUrlParameterBuilder

Source

pub struct OpenIdAuthorizationUrlParameterBuilder { /* private fields */ }

Implementations§

Source §

pub fn with_tenant<T: AsRef<str>>(&mut self, tenant: T) -> &mut Self

Convenience method. Same as calling [with_authority(Authority::TenantId(“tenant_id”))]

Source

pub fn with_authority<T: Into<Authority>>(&mut self, authority: T) -> &mut Self

Source

pub fn with_response_type<I: IntoIterator<Item = ResponseType>>( &mut self, response_type: I, ) -> &mut Self

Default is code. Must include code for the open id connect flow. Can also include id_token or token if using the hybrid flow.

Supported response types are:

code
id_token
code id_token
id_token token

Source

pub fn with_response_mode(&mut self, response_mode: ResponseMode) -> &mut Self

Specifies how the identity platform should return the requested token to your app.

Supported values:

fragment: Default when requesting an ID token by using the implicit flow. Also supported if requesting only a code.
form_post: Executes a POST containing the code to your redirect URI. Supported when requesting a code.

Source

pub fn with_nonce<T: AsRef<str>>(&mut self, nonce: T) -> &mut Self

A value included in the request, generated by the app, that is included in the resulting id_token as a claim. The app can then verify this value to mitigate token replay attacks. The value is typically a randomized, unique string that can be used to identify the origin of the request.

Because openid requires a nonce as part of the openid flow a secure random nonce is already generated for OpenIdCredential. Providing a nonce here will override this generated nonce.

Source

pub fn with_state<T: AsRef<str>>(&mut self, state: T) -> &mut Self

Source

pub fn with_scope<T: ToString, I: IntoIterator<Item = T>>( &mut self, scope: I, ) -> &mut Self

Takes an iterator of scopes to use in the request. Replaces current scopes if any were added previously.

Source

pub fn with_prompt<I: IntoIterator<Item = Prompt>>( &mut self, prompt: I, ) -> &mut Self

Indicates the type of user interaction that is required. Valid values are login, none, consent, and select_account.

prompt=login forces the user to enter their credentials on that request, negating single-sign on.
prompt=none is the opposite. It ensures that the user isn’t presented with any interactive prompt. If the request can’t be completed silently by using single-sign on, the Microsoft identity platform returns an interaction_required error.
prompt=consent triggers the OAuth consent dialog after the user signs in, asking the user to grant permissions to the app.
prompt=select_account interrupts single sign-on providing account selection experience listing all the accounts either in session or any remembered account or an option to choose to use a different account altogether.

Source

pub fn with_domain_hint<T: AsRef<str>>(&mut self, domain_hint: T) -> &mut Self

Optional The realm of the user in a federated directory. This skips the email-based discovery process that the user goes through on the sign-in page, for a slightly more streamlined user experience. For tenants that are federated through an on-premises directory like AD FS, this often results in a seamless sign-in because of the existing login session.

Source

pub fn with_login_hint<T: AsRef<str>>(&mut self, login_hint: T) -> &mut Self

Optional You can use this parameter to pre-fill the username and email address field of the sign-in page for the user, if you know the username ahead of time. Often, apps use this parameter during reauthentication, after already extracting the login_hint optional claim from an earlier sign-in.

Source