tower_oauth2_resource_server::builder

Struct OAuth2ResourceServerBuilder

Source 
pub struct OAuth2ResourceServerBuilder<Claims>
where
    Claims: Clone + DeserializeOwned + Send + Sync + 'static,
{ /* private fields */ }

Implementations§

Source§

impl<Claims> OAuth2ResourceServerBuilder<Claims>
where Claims: Clone + DeserializeOwned + Send + Sync + 'static,

Source

pub fn issuer_url(self, issuer_url: impl Into<String>) -> Self

Set the issuer_url (what authorization server to use).

On startup, the OIDC Provider Configuration endpoint of the authorization server will be queried in order to self-configure the middleware.

If issuer_url is set to https://authorization-server.com/issuer, at least one of the following endpoints need to available.

  • https://authorization-server.com/issuer/.well-known/openid-configuration
  • https://authorization-server.com/.well-known/openid-configuration/issuer
  • https://authorization-server.com/.well-known/oauth-authorization-server/issuer

A consequence of the self-configuration is that the authorization server must be available when the middleware is started. In cases where the middleware must be able to start independently from the authorization server, the jwks_url property can be set. This will prevent the self-configuration on start up.

Note that it’s still required to provide issuer_url because it’s used to validate iss claim of JWTs.

Source

pub fn jwks_url(self, jwks_url: impl Into<String>) -> Self

Set the jwks_url (what url to query valid public keys from).

This url is normally fetched by calling the OIDC Provider Configuration endpoint of the authorization server. Only provide this property if the middleware must be able to start independently from the authorization server.

Source

pub fn audiences(self, audiences: &[impl ToString]) -> Self

Set the expected audiences.

Used to validate aud claim of JWTs.

Source

pub fn jwks_refresh_interval(self, jwk_set_refresh_interval: Duration) -> Self

Set the interval for rotating jwks.

The jwks_url is periodically queried in order to update public keys that JWT signatures will be validated against.

Default value is Duration::from_secs(60).

Source

pub fn claims_validation(self, claims_validation: ClaimsValidationSpec) -> Self

Set what claims of JWTs to validate.

By default, iss, exp, aud and possibly nbf will be validated.

Source

pub async fn build(self) -> Result<OAuth2ResourceServer<Claims>, StartupError>

Construct an OAuth2ResourceServer.

During construction the OIDC Provider Configuration endpoint of the authorization server might be queried. Thus, the operation can fail and therefore returns a Result.

Trait Implementations§

Source§

impl<Claims> Debug for OAuth2ResourceServerBuilder<Claims>
where Claims: Clone + DeserializeOwned + Send + Sync + 'static + Debug,

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl<Claims> Default for OAuth2ResourceServerBuilder<Claims>
where Claims: Clone + DeserializeOwned + Send + Sync + 'static,

Source§

fn default() -> Self

Returns the “default value” for a type. Read more

Auto Trait Implementations§

§

impl<Claims> Freeze for OAuth2ResourceServerBuilder<Claims>

§

impl<Claims> RefUnwindSafe for OAuth2ResourceServerBuilder<Claims>
where Claims: RefUnwindSafe,

§

impl<Claims> Send for OAuth2ResourceServerBuilder<Claims>

§

impl<Claims> Sync for OAuth2ResourceServerBuilder<Claims>

§

impl<Claims> Unpin for OAuth2ResourceServerBuilder<Claims>
where Claims: Unpin,

§

impl<Claims> UnwindSafe for OAuth2ResourceServerBuilder<Claims>
where Claims: UnwindSafe,

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

impl<T> ErasedDestructor for T
where T: 'static,

Source§

impl<T> MaybeSendSync for T