server::auth::azure_ad

Struct AzureAdProvider

Source 
pub struct AzureAdProvider { /* private fields */ }
Expand description

Authentication provider for Azure Active Directory authentication flows.

Supports both Device Code Flow (for interactive scenarios) and Client Credentials Flow (for service-to-service authentication). This provider handles the complete OAuth 2.0 authentication process with Azure AD.

§Supported Flows

  • Device Code Flow - Interactive authentication where users enter a code on a separate device
  • Client Credentials Flow - Service principal authentication using client ID and secret

§Examples

use quetty_server::auth::{AzureAdProvider, AzureAdAuthConfig};

let config = AzureAdAuthConfig {
    auth_method: "device_code".to_string(),
    tenant_id: Some("your-tenant-id".to_string()),
    client_id: Some("your-client-id".to_string()),
    ..Default::default()
};

let client = reqwest::Client::new();
let provider = AzureAdProvider::new(config, client)?;
let token = provider.authenticate().await?;

Implementations§

Source§

impl AzureAdProvider

Source

pub fn new( config: AzureAdAuthConfig, http_client: Client, ) -> Result<Self, ServiceBusError>

Creates a new AzureAdProvider with the specified configuration and HTTP client.

§Arguments
  • config - Azure AD authentication configuration
  • http_client - HTTP client for making authentication requests
§Returns

A configured AzureAdProvider ready for authentication

§Examples
use quetty_server::auth::{AzureAdProvider, AzureAdAuthConfig};

let config = AzureAdAuthConfig::default();
let client = reqwest::Client::new();
let provider = AzureAdProvider::new(config, client)?;
Source

pub fn flow_type(&self) -> &str

Gets the configured authentication flow type.

§Returns

The authentication method string (“device_code” or “client_secret”)

Source

pub async fn start_device_code_flow( &self, ) -> Result<DeviceCodeFlowInfo, ServiceBusError>

Initiates a Device Code Flow authentication process.

This method starts the device code flow by requesting a device code from Azure AD. The returned information should be displayed to the user so they can complete authentication on a separate device or browser.

§Returns

DeviceCodeFlowInfo containing the user code, verification URL, and other details

§Errors

Returns ServiceBusError::AuthenticationError if:

  • The device code request fails
  • Invalid client configuration
  • Network connectivity issues
§Examples
use quetty_server::auth::AzureAdProvider;

let provider = AzureAdProvider::new(config, client)?;
let device_info = provider.start_device_code_flow().await?;

println!("Go to: {}", device_info.verification_uri);
println!("Enter code: {}", device_info.user_code);
Source

pub async fn poll_device_code_token( &self, device_info: &DeviceCodeFlowInfo, ) -> Result<AuthToken, ServiceBusError>

Polls Azure AD for completion of device code authentication.

This method continuously polls Azure AD to check if the user has completed the device code authentication process. It handles all the standard OAuth 2.0 device flow polling logic including backoff and error handling.

§Arguments
  • device_info - Device code information from [start_device_code_flow]
§Returns

An AuthToken when authentication is successfully completed

§Errors

Returns ServiceBusError::AuthenticationError if:

  • Authentication times out or expires
  • User denies access
  • Network errors during polling
§Examples
use quetty_server::auth::AzureAdProvider;

let provider = AzureAdProvider::new(config, client)?;
let device_info = provider.start_device_code_flow().await?;

// Display info to user...

let token = provider.poll_device_code_token(&device_info).await?;

Trait Implementations§

Source§

impl AuthProvider for AzureAdProvider

Source§

fn authenticate<'life0, 'async_trait>( &'life0 self, ) -> Pin<Box<dyn Future<Output = Result<AuthToken, ServiceBusError>> + Send + 'async_trait>>
where Self: 'async_trait, 'life0: 'async_trait,

Authenticates using the configured Azure AD authentication flow.

Automatically selects the appropriate authentication method based on the configuration (device_code or client_secret) and handles the complete OAuth 2.0 flow including error handling and token retrieval.

§Returns

An AuthToken containing the Azure AD access token and metadata

§Errors

Returns ServiceBusError if:

  • Authentication method is not supported
  • Authentication flow fails
  • Network connectivity issues
  • Invalid credentials or configuration
Source§

fn auth_type(&self) -> AuthType

Returns the authentication type for this provider.

§Returns

AuthType::AzureAd indicating Azure Active Directory authentication

Source§

fn refresh<'life0, 'async_trait>( &'life0 self, ) -> Pin<Box<dyn Future<Output = Result<AuthToken, ServiceBusError>> + Send + 'async_trait>>
where Self: 'async_trait, 'life0: 'async_trait,

Refreshes the authentication token. Read more
Source§

fn requires_refresh(&self) -> bool

Indicates whether this provider’s tokens require periodic refresh. Read more
Source§

impl Clone for AzureAdProvider

Source§

fn clone(&self) -> AzureAdProvider

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> DynClone for T
where T: Clone,

Source§

fn __clone_box(&self, _: Private) -> *mut ()

Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> PolicyExt for T
where T: ?Sized,

Source§

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow only if self and other return Action::Follow. Read more
Source§

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow if either self or other returns Action::Follow. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

impl<T> ErasedDestructor for T
where T: 'static,

Source§

impl<T> SendBound for T
where T: Send,