Expand description
Tiny library for Google’s OpenID Connect.
This library provides essential tools for handling Google’s OpenID Connect flow, including
generating authentication URLs, verifying tokens, and managing access/refresh tokens.
Implementation in server flow.
google document
§Feature
- Generate a CSRF Token
- Generate an authentication request URL (code) for Google
- Verify CSRF token and retrieve id_token
- Exchange code for id_token (using reqwest)
- Decode id_token (Base64URLDecode) to get user information
- Refresh access token using refresh token (using reqwest)
- Revoke access/refresh token (using reqwest)
§Caution
- This library is designed for direct communication with Google over HTTPS.
- It does not validate the id_tokenwhen converting it to a JWT. As a result, theid_tokenshould not be passed to other components of your application.
- For more details, refer to the
Google OpenID Connect documentation.
§Examples
For example usage, see the examples directory.
Re-exports§
- pub use easy::create_id_token_request;
- pub use easy::generate_auth_redirect;
Modules§
- code
- This module handles the process of requesting and verifying an authorization code in the OpenID Connect authentication flow.
- config
- Defines structures and builders related to authentication configuration.
- csrf_token 
- Provides structures for handling CSRF tokens in the OpenID Connect authentication flow.
- easy
- A module to simplify implementing the OIDC authentication flow.
- error
- id_token 
- Provides the process of requesting and decode IDToken.
- nonce
- Represents a cryptographic nonce for OpenID Connect authentication.
- refresh_token 
- provides functionality for handling refresh tokens.
- revoke_token 
- provides functionality for revoking OAuth 2.0 tokens. In OAuth 2.0, tokens can be explicitly revoked by the client to ensure they are no longer valid. This module includes: