Trait oauth2::authz_server::AuthzServer
[−]
[src]
pub trait AuthzServer {
fn generate_new_client_id(&mut self) -> String;
fn register_new_client(&mut self, client_data: ClientData) -> bool;
fn fetch_client_data(&self, client_id: String) -> Option<ClientData>;
fn store_client_authorization(&mut self, code: String, client_id: String, redirect_url: Option<String>);
fn retrieve_client_authorization(&self, code: String) -> Option<(String, Option<String>)>;
fn issue_token_to_client(&mut self, client_id: String) -> TokenData;
fn handle_authz_request(&self, request: Request) -> Result<AuthzRequestData, OauthError> { ... }
fn finish_authz_request(&mut self, data: AuthzRequestData, response: Response) -> Result<(), OauthError> { ... }
fn handle_token_request(&mut self, request: Request, response: Response) { ... }
}
Required Methods
fn generate_new_client_id(&mut self) -> String
Generate a new, unique, ClientID
fn register_new_client(&mut self, client_data: ClientData) -> bool
Register a new client
fn fetch_client_data(&self, client_id: String) -> Option<ClientData>
Retrieve client data
fn store_client_authorization(&mut self, code: String, client_id: String, redirect_url: Option<String>)
Store an issued authentication code, along with the client it was issued to and the redirect_uri that it was issued under.
fn retrieve_client_authorization(&self, code: String) -> Option<(String, Option<String>)>
Retrieve the data associated with an issued authentication code (the first field is the client id).
fn issue_token_to_client(&mut self, client_id: String) -> TokenData
Issue token to client, recording the issuance internally.
Provided Methods
fn handle_authz_request(&self, request: Request) -> Result<AuthzRequestData, OauthError>
Handle an HTTP request at the authorization endpoint (From a user-agent, redirected by a client)
This function parses and validates the request. Then it forms the request data and returns it to the caller. The caller should then: 1) Check if the return value has error set. If so, call back into finish_authz_request() to pass that error on. 2) Authenticate the user (this may involve multiple HTTP round trips). If failed, set error to AccessDenied and pass on to finish_authz_request(). 3) Authorize the request (generally by asking the user if this is what they want) If denied, set error to AccessDenied and pass on to finish_authz_request(). 4) If all went well, set authorization_code and pass on to finish_authz_request().
Refer to rfc6749 section 3.1 as to the requirements of the URL endpoint that performs this task (TLS, no fragment, support of GET with POST optional)
fn finish_authz_request(&mut self, data: AuthzRequestData, response: Response) -> Result<(), OauthError>
This finishes an Authorization Request sequence. It should be called
after the user-agent end user has been authenticated and has approved
or denied the request. data should have authorization_code and
error set appropriately.
fn handle_token_request(&mut self, request: Request, response: Response)
Handle an HTTP request at the token endpoint (from a client directly, via POST only)
Refer to rfc6749 section 3.2 as to the requirements of the URL endpoint that performs this task (TLS, no fragment, must use POST)