Skip to main content

simple_oauth/
types.rs

1use std::fmt::Debug;
2
3use serde::Deserialize;
4
5const REDACTED: &str = "[redacted]";
6
7/// OAuth2 authorization redirect URL, along with the state and PKCE verifier
8#[derive(Clone)]
9pub struct AuthorizeUrl {
10    pub url: oauth2::url::Url,
11    pub state: String,
12    pub pkce_verifier: String,
13}
14impl Debug for AuthorizeUrl {
15    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
16        f.debug_struct("AuthorizeUrl")
17            .field("url", &REDACTED)
18            .field("state", &self.state)
19            .field("pkce_verifier", &REDACTED)
20            .finish()
21    }
22}
23
24/// User info returned by the OAuth provider
25#[derive(Debug, Default, Clone)]
26pub struct UserInfo {
27    /// The ID of the user at the OAuth provider
28    pub id: String,
29    /// The user's display name
30    pub name: Option<String>,
31    /// The user's username
32    pub username: Option<String>,
33    /// The user's email. Will likely not be included unless you add the proper email scope for the provider.
34    ///
35    /// ⚠️ Do not rely on this for identifying the user. Use the `id` and the name of the provider.
36    pub email: Option<String>,
37    /// Whether the user's email is verified. Not all providers return this in the user info.
38    pub email_verified: Option<bool>,
39    /// The URL of the user's picture/avatar
40    pub avatar_url: Option<String>,
41    /// The groups the user is a part of. Only included for certain OIDC providers.
42    pub groups: Option<Vec<String>>,
43}
44
45/// Standard OAuth2 token response
46#[derive(Clone)]
47pub struct StandardTokenResponse {
48    pub access_token: String,
49    pub refresh_token: Option<String>,
50    pub expires_in: Option<std::time::Duration>,
51}
52impl Debug for StandardTokenResponse {
53    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
54        f.debug_struct("StandardTokenResponse")
55            .field("access_token", &REDACTED)
56            .field("refresh_token", &REDACTED)
57            .field("expires_in", &self.expires_in)
58            .finish()
59    }
60}
61
62/// OAuth2 client ID and secret
63#[derive(Clone)]
64pub struct OAuthCredentials {
65    pub client_id: String,
66    pub client_secret: String,
67}
68impl OAuthCredentials {
69    pub fn new(client_id: impl Into<String>, client_secret: impl Into<String>) -> Self {
70        Self {
71            client_id: client_id.into(),
72            client_secret: client_secret.into(),
73        }
74    }
75}
76impl Debug for OAuthCredentials {
77    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
78        f.debug_struct("OAuthCredentials")
79            .field("client_id", &self.client_id)
80            .field("client_secret", &REDACTED)
81            .finish()
82    }
83}
84
85/// OIDC discovery document
86#[derive(Debug, Clone, Default, Deserialize)]
87pub struct OidcDiscovery {
88    pub issuer: String,
89    pub authorization_endpoint: String,
90    pub token_endpoint: String,
91    pub userinfo_endpoint: String,
92}
93
94/// Standard OIDC user info shape
95#[derive(Debug, Deserialize)]
96pub struct OidcUserInfo {
97    pub sub: String,
98    pub name: Option<String>,
99    pub preferred_username: Option<String>,
100    pub email: Option<String>,
101    pub email_verified: Option<bool>,
102    pub picture: Option<String>,
103    pub groups: Option<Vec<String>>,
104}