oauth2_github/
authorization_code_grant.rs1use oauth2_client::{
2 re_exports::{ClientId, ClientSecret, RedirectUri, Url, UrlParseError},
3 Provider, ProviderExtAuthorizationCodeGrant,
4};
5
6use crate::{GithubScope, AUTHORIZATION_URL, TOKEN_URL};
7
8#[derive(Debug, Clone)]
9pub struct GithubProviderWithWebApplication {
10 client_id: ClientId,
11 client_secret: ClientSecret,
12 redirect_uri: RedirectUri,
13 token_endpoint_url: Url,
15 authorization_endpoint_url: Url,
16}
17impl GithubProviderWithWebApplication {
18 pub fn new(
19 client_id: ClientId,
20 client_secret: ClientSecret,
21 redirect_uri: RedirectUri,
22 ) -> Result<Self, UrlParseError> {
23 Ok(Self {
24 client_id,
25 client_secret,
26 redirect_uri,
27 token_endpoint_url: TOKEN_URL.parse()?,
28 authorization_endpoint_url: AUTHORIZATION_URL.parse()?,
29 })
30 }
31}
32impl Provider for GithubProviderWithWebApplication {
33 type Scope = GithubScope;
34
35 fn client_id(&self) -> Option<&ClientId> {
36 Some(&self.client_id)
37 }
38
39 fn client_secret(&self) -> Option<&ClientSecret> {
40 Some(&self.client_secret)
41 }
42
43 fn token_endpoint_url(&self) -> &Url {
44 &self.token_endpoint_url
45 }
46}
47impl ProviderExtAuthorizationCodeGrant for GithubProviderWithWebApplication {
48 fn redirect_uri(&self) -> Option<&RedirectUri> {
49 Some(&self.redirect_uri)
50 }
51
52 fn scopes_default(&self) -> Option<Vec<<Self as Provider>::Scope>> {
53 Some(vec![GithubScope::ReadUser, GithubScope::UserEmail])
54 }
55
56 fn authorization_endpoint_url(&self) -> &Url {
57 &self.authorization_endpoint_url
58 }
59}
60
61#[cfg(test)]
62mod tests {
63 use super::*;
64
65 use oauth2_client::{
66 authorization_code_grant::{AccessTokenEndpoint, AuthorizationEndpoint},
67 re_exports::{Endpoint as _, Response},
68 };
69
70 #[test]
71 fn authorization_request() -> Result<(), Box<dyn std::error::Error>> {
72 let provider = GithubProviderWithWebApplication::new(
73 "CLIENT_ID".to_owned(),
74 "CLIENT_SECRET".to_owned(),
75 RedirectUri::new("https://client.example.com/cb")?,
76 )?;
77
78 let request = AuthorizationEndpoint::new(&provider, vec![GithubScope::UserEmail])
79 .configure(|x| x.state = Some("STATE".to_owned()))
80 .render_request()?;
81
82 assert_eq!(request.uri(), "https://github.com/login/oauth/authorize?response_type=code&client_id=CLIENT_ID&redirect_uri=https%3A%2F%2Fclient.example.com%2Fcb&scope=user%3Aemail&state=STATE");
83
84 Ok(())
85 }
86
87 #[test]
88 fn access_token_request() -> Result<(), Box<dyn std::error::Error>> {
89 let provider = GithubProviderWithWebApplication::new(
90 "CLIENT_ID".to_owned(),
91 "CLIENT_SECRET".to_owned(),
92 RedirectUri::new("https://client.example.com/cb")?,
93 )?;
94
95 let request = AccessTokenEndpoint::new(&provider, "CODE".to_owned()).render_request()?;
96
97 assert_eq!(request.body(), b"grant_type=authorization_code&code=CODE&redirect_uri=https%3A%2F%2Fclient.example.com%2Fcb&client_id=CLIENT_ID&client_secret=CLIENT_SECRET");
98
99 Ok(())
100 }
101
102 #[test]
103 fn access_token_response() -> Result<(), Box<dyn std::error::Error>> {
104 let provider = GithubProviderWithWebApplication::new(
105 "CLIENT_ID".to_owned(),
106 "CLIENT_SECRET".to_owned(),
107 RedirectUri::new("https://client.example.com/cb")?,
108 )?;
109
110 let response_body = include_str!(
111 "../tests/response_body_json_files/access_token_with_authorization_code_grant.json"
112 );
113 let body_ret = AccessTokenEndpoint::new(&provider, "CODE".to_owned())
114 .parse_response(Response::builder().body(response_body.as_bytes().to_vec())?)?;
115
116 match body_ret {
117 Ok(_body) => {}
118 Err(body) => panic!("{body:?}"),
119 }
120
121 Ok(())
122 }
123}