securitydept_oauth_resource_server/config/
introspection.rs

1use securitydept_utils::secret::{SecretString, deserialize_optional_secret_string};
2use serde::Deserialize;
3use serde_with::serde_as;
4
5#[cfg_attr(feature = "config-schema", derive(schemars::JsonSchema))]
6#[derive(Debug, Clone, Deserialize, Default)]
7#[serde_as]
8pub struct OAuthResourceServerIntrospectionConfig {
9    /// Optional override for the RFC 7662 introspection endpoint.
10    ///
11    /// When omitted, the endpoint is read from discovery if available.
12    #[serde(default)]
13    #[serde_as(as = "serde_with::NoneAsEmptyString")]
14    #[cfg_attr(feature = "config-schema", schemars(with = "Option<String>"))]
15    pub introspection_url: Option<String>,
16    /// OAuth client_id used when calling the introspection endpoint.
17    #[serde(default)]
18    #[serde_as(as = "serde_with::NoneAsEmptyString")]
19    #[cfg_attr(feature = "config-schema", schemars(with = "Option<String>"))]
20    pub client_id: Option<String>,
21    /// OAuth client_secret used when calling the introspection endpoint.
22    #[serde(default, deserialize_with = "deserialize_optional_secret_string")]
23    pub client_secret: Option<SecretString>,
24    /// Optional token type hint sent to the introspection endpoint.
25    ///
26    /// Typical values are `access_token` or `refresh_token`.
27    #[serde(default)]
28    #[serde_as(as = "serde_with::NoneAsEmptyString")]
29    #[cfg_attr(feature = "config-schema", schemars(with = "Option<String>"))]
30    pub token_type_hint: Option<String>,
31}

securitydept_oauth_resource_server/config/introspection.rs

securitydept_oauth_resource_server/config/
introspection.rs