Expand description
OAuth 2.0 + PKCE framework for proxy providers.
No high-level crate — just reqwest + sha2 + base64 + rand. The flow:
begin(provider)generates code_verifier/challenge, binds a loopback listener on 127.0.0.1:, returns the authorization URL. - User opens the URL, completes login, provider redirects back to the
loopback URL with
?code=...&state=.... - The loopback task exchanges the code for tokens and stores them via
token_store::save.
Designed to be driven from the proxy admin API and/or the CLI.
Modules§
Structs§
- Provider
Config - Static configuration for a single OAuth provider.
- Started
Flow - A flow-in-progress: the caller opens
auth_url, we wait for the callback, exchange the code, and store the resulting token.
Functions§
- begin
- Kick off an OAuth flow. Returns a StartedFlow with the auth URL to open.
- load_
fresh - Load a token, transparently refreshing if it’s expired.
- refresh
- Refresh an existing stored token in place. Returns the refreshed token.