Expand description
ONES OpenID Connect client for Rust
This library provides authentication with ONES using OpenID Connect (OIDC) and Client Initiated Backchannel Authentication (CIBA).
§Quick Start
use ones_oidc::{OpenIdconnectClient, OnesOidcConfig, load_device_config, read_private_key};
use openidconnect::{core::CoreProviderMetadata, reqwest::async_http_client};
// Load device configuration
let device_config = load_device_config("device_config.yml")?;
let private_key = read_private_key("private_key.pem")?;
// Get issuer URL and discover metadata
let issuer_url = device_config.get_issuer_url()?;
let provider_metadata = CoreProviderMetadata::discover_async(
issuer_url.clone(),
async_http_client,
).await?;
// Create client with configuration
let config = OnesOidcConfig::default()
.timeout(std::time::Duration::from_secs(10));
let client = OpenIdconnectClient::with_config(
device_config.client_id,
issuer_url,
provider_metadata,
private_key,
config,
);Modules§
Structs§
- Access
Token - Re-exported types from the
openidconnectcrate for convenience - Applications
Well Known - Authenticated
Entity - Authentication
Result - Ciba
Login Request Frontend - Ciba
Login Request Frontend Without Resource - Ciba
Status Request Frontend - Client
Id - Re-exported types from the
openidconnectcrate for convenience - Device
Config - Device configuration loading utilities
- Empty
Extra Token Fields - Re-exported types from the
openidconnectcrate for convenience - Issuer
Url - Re-exported types from the
openidconnectcrate for convenience - Login
Hint - NewIdentifier
- Ones
Oidc Config - Configuration for the OIDC client Configuration for the ONES OIDC client
- Open
Idconnect Client - Main OIDC client for authentication operations
- QrStatus
Request - QrStatus
Request Frontend - Refresh
Token Request Frontend - Standard
Token Response - Re-exported types from the
openidconnectcrate for convenience
Enums§
- Application
Type - Auth
Request Resource - Authenticated
Entity Kind - Authentication
Method - UserJWT: Best caseUserDevice: only client_id (user mobile), exp, iat, iss, token_typeUserIdp: exp, iat, iss, token_type, scope, sub
- Core
Token Type - Re-exported types from the
openidconnectcrate for convenience - Device
Error - Discovery
Error - Identifier
Type - Oidc
Error - Utils
Error - Well
Known Applications Error
Constants§
- DEFAULT_
DEVICE_ CONFIG_ PATH - Default path for device configuration file
- DEFAULT_
PRIVATE_ KEY_ PATH - Default path for device private key file
Functions§
- discover_
provider_ metadata - OIDC discovery with retry support Discover OIDC provider metadata with retry and exponential backoff.
- discover_
provider_ metadata_ from_ str - OIDC discovery with retry support Discover OIDC provider metadata from an issuer URL string with retry and exponential backoff.
- get_
applications_ well_ known - Get the applications well-known
- get_
well_ known_ application_ by_ client_ identifier - Get the application well-known by client identifier
- load_
device_ config - Device configuration loading utilities
- read_
private_ key - Private key utilities Reads and parses a private key file at the given path
Type Aliases§
- Core
Provider Metadata - Re-exported types from the
openidconnectcrate for convenience