oauth2_broker/provider/descriptor.rs
1//! Provider descriptor data structures and helpers shared by all flows.
2//!
3//! The module exposes validated metadata, supporting builder utilities, and
4//! grant-specific helpers so providers can describe their capabilities in a
5//! transport-agnostic way.
6
7/// Builder API for assembling provider descriptors.
8pub mod builder;
9/// Grant helpers wired into provider descriptors.
10pub mod grant;
11/// Provider-specific quirk toggles.
12pub mod quirks;
13
14pub use builder::*;
15pub use grant::*;
16pub use quirks::*;
17
18// self
19use crate::{_prelude::*, auth::ProviderId};
20
21/// Preferred client authentication modes for token endpoint calls.
22#[derive(Clone, Copy, Debug, Default, PartialEq, Eq, Serialize, Deserialize)]
23#[serde(rename_all = "snake_case")]
24pub enum ClientAuthMethod {
25 #[default]
26 /// HTTP Basic with `client_id`/`client_secret`.
27 ClientSecretBasic,
28 /// Form POST body parameters for `client_id`/`client_secret`.
29 ClientSecretPost,
30 /// Public clients that prove possession via PKCE.
31 NoneWithPkce,
32}
33
34/// Endpoint set declared by a provider descriptor.
35#[derive(Clone, Debug, PartialEq, Eq, Serialize, Deserialize)]
36pub struct ProviderEndpoints {
37 /// Authorization endpoint used by the Authorization Code flow.
38 pub authorization: Url,
39 /// Token endpoint used for exchanges and refreshes.
40 pub token: Url,
41 /// Optional revocation endpoint.
42 pub revocation: Option<Url>,
43}
44
45/// Immutable provider descriptor consumed by flows.
46#[derive(Clone, Debug, PartialEq, Eq, Serialize, Deserialize)]
47pub struct ProviderDescriptor {
48 /// Descriptor identifier.
49 pub id: ProviderId,
50 /// Endpoint definitions exposed by the provider.
51 pub endpoints: ProviderEndpoints,
52 /// Supported grant flags.
53 pub supported_grants: SupportedGrants,
54 /// Preferred client authentication mechanism.
55 pub preferred_client_auth_method: ClientAuthMethod,
56 /// Provider-specific quirks.
57 pub quirks: ProviderQuirks,
58}
59impl ProviderDescriptor {
60 /// Creates a new builder for the provided identifier.
61 pub fn builder(id: ProviderId) -> ProviderDescriptorBuilder {
62 ProviderDescriptorBuilder::new(id)
63 }
64
65 /// Checks whether the descriptor supports a given grant.
66 pub fn supports(&self, grant: GrantType) -> bool {
67 self.supported_grants.supports(grant)
68 }
69}