Struct OAuthStateStore 

pub struct OAuthStateStore { /* private fields */ }

Stores OAuth state parameters to prevent CSRF attacks on the callback.

State tokens are short-lived (10 minutes) and single-use. Backed by an OAuthStateBackend; defaults to in-memory but the runtime persists them to SQLite (or Postgres when DATABASE_URL is set) so they survive a restart that happens mid-OAuth-handshake.

Implementations

impl OAuthStateStore

pub fn new() -> Self

pub fn with_backend(backend: Box<dyn OAuthStateBackend>) -> Self

pub fn create( &self, provider: &str, callback_url: &str, error_callback_url: &str, ) -> String

Generate and store a new state record. Returns the random state token (the value the OAuth provider echoes back as ?state=… on the callback).

Caller is responsible for validating callback_url and error_callback_url against the trusted-origins allowlist BEFORE calling this — the store trusts what it’s given.

pub fn validate( &self, state: &str, expected_provider: &str, ) -> Option<OAuthState>

Validate and consume a state token. Returns the stored record iff the token existed, has not expired, AND matches expected_provider. The token is removed either way to make replay impossible.

Trait Implementations

impl Default for OAuthStateStore

fn default() -> Self

Returns the “default value” for a type.