Trait OidcProvider 

pub trait OidcProvider: Send + Sync {
    // Required method
    fn fetch(
        &self,
    ) -> impl Future<Output = Result<SecretToken, AuthError>> + Send;
}

Asynchronously supplies the current third-party OIDC JWT to federate.

OidcFederationStrategy re-invokes this on every refresh: /api/authorise issues no CTS refresh token, so renewing an expired CTS token means re-federating with a fresh provider JWT. Implementations typically wrap a provider SDK call (clerk.session.getToken(), supabase.auth.getSession()), an FFI callback, or a test double.

On native targets the trait carries Send + Sync bounds so the provider can be driven from tokio::spawn background work. On wasm32 the bounds are dropped — reqwest’s fetch-backed futures are not Send and edge runtimes are single-threaded anyway.

Required Methods

fn fetch(&self) -> impl Future<Output = Result<SecretToken, AuthError>> + Send

Fetch the current third-party OIDC JWT to federate.

Dyn Compatibility

This trait is not dyn compatible.

In older versions of Rust, dyn compatibility was called "object safety".

Implementors

impl<F, Fut> OidcProvider for OidcProviderFn<F>

where F: Fn() -> Fut + Send + Sync, Fut: Future<Output = Result<SecretToken, AuthError>> + Send,

Available on non-WebAssembly only.