Struct wasm_service_oauth::OAuthConfig [−][src]
Configuration for OAuthHandler plugin
Fields
auth_failed_response: fn(_: &Request, ctx: &mut Context, return_url: &str)
Function to generate auth failed response - what appears when user lands on /login-failed.
either as a redirect (status 302 + Location header), or html (status 200 + error notice)
When used in conjunction with auth_error_redirect
, auth_error_redirect
returns a 302/303
status and a Location header, and this function generates the actual error page.
auth_checker: Box<dyn AuthCheck>
Handler for authorization checking based on current user and request
auth_error_redirect: fn(ctx: &mut Context, url: Option<&str>) -> HandlerReturn
Generate auth error, for any cause including failed login, invalid session, and attempts to hack protocol. To avoid disclosing too much about our internal checks to a hacker, the error message is not very descriptive. Logs contain more detailed info. The function should do one of the following:
- use ctx to set a Location header and redirect (status 302 or 303)
- return text of an error page, either in ctx.response().text() or in HandlerReturn::text. To guard against XSS attacks, any parameters used in the url that appear on the error page must be sanitized.
app_url: String
Default url for app. This url is used after authentication if "redirect_url" is not specified or could not be parsed.
logged_out_app_url: String
Default url to send users who failed authN.authZ Should not be the same as app_url if app_url requires auth
Url prefix of this app to begin authorization flow. Default: "/authorize" If the app determines that authentication/authorization is required, it may redirect the user to this url appended with "?redirect_url=...", and the user will be redirected to that app url after authentication has completed.
code_url_path: String
url prefix for code url redirect from oauth provider. This must match the redirect url in configuration for the OAuth app (at github.com)
login_failed_url_path: String
Where to send user after failed authentication
logout_url_path: String
URL to force logout: clear cookies and redirect to app main page
user_agent: String
User-Agent header string to be sent to oauth provider. Default: "wasm-oauth vx,y,z", where x,y.z is the build version of the wasm-oauth crate
cors_origins: Vec<String>
Allowed origins. default: vec!["*"]
.
cors_allow_methods: String
Comma-separated list of allowed methods. Default: "GET,POST,OPTIONS"
cors_allow_age_sec: u64
Length of time, in seconds, browser may cache CORS results. Default: 1 day (24 * 3600)
cors_allow_headers: String
CORS allowed headers: comma-separated list of allowed headers. Default: "Content-Type,Origin,Accept,Accept-Language,X-Requested-With"
Oauth provider url for authorize. Default: "https://github.com/login/oauth/authorize"
provider_token_url: String
Oauth provider url for retrieving token. Default: "https://github.com/login/oauth/access_token"
oauth_scopes: String
Oauth scopes: space-separated list of scopes. At minimum, must include "read:user". If user email address is required, add "user:email"
client_id: String
Client id assigned by oauth provider. REQUIRED
client_secret: String
Client secret assigned by oauth provider. REQUIRED
state_secret: Vec<u8>
Key used for encrypting state data. Must be 32 bytes. REQUIRED
state_timeout_sec: u64
Timeout for state encryption during login flow. default 5 minutes
session_secret: Vec<u8>
Secret key used for encrypting session data. Must be 32 bytes. REQUIRED
session_timeout_sec: u64
Max age of session cookie, in seconds. Default 3 days (3 * 24 * 60 * 60). Upon expiration of session, user may need to re-verify github account and is re-checked against list of authorized users.
Url path prefix for urls that will receive session cookie. Default: "/"
Trait Implementations
impl Default for OAuthConfig
[src]
Auto Trait Implementations
impl !RefUnwindSafe for OAuthConfig
[src]
impl !Send for OAuthConfig
[src]
impl !Sync for OAuthConfig
[src]
impl Unpin for OAuthConfig
[src]
impl !UnwindSafe for OAuthConfig
[src]
Blanket Implementations
impl<T> Any for T where
T: 'static + ?Sized,
[src]
T: 'static + ?Sized,
impl<T> Borrow<T> for T where
T: ?Sized,
[src]
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
[src]
T: ?Sized,
pub fn borrow_mut(&mut self) -> &mut T
[src]
impl<T> From<T> for T
[src]
impl<T> Instrument for T
[src]
pub fn instrument(self, span: Span) -> Instrumented<Self>
[src]
pub fn in_current_span(self) -> Instrumented<Self>
[src]
impl<T> Instrument for T
[src]
pub fn instrument(self, span: Span) -> Instrumented<Self>
[src]
pub fn in_current_span(self) -> Instrumented<Self>
[src]
impl<T, U> Into<U> for T where
U: From<T>,
[src]
U: From<T>,
impl<T> Same<T> for T
type Output = T
Should always be Self
impl<T, U> TryFrom<U> for T where
U: Into<T>,
[src]
U: Into<T>,
type Error = Infallible
The type returned in the event of a conversion error.
pub fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>
[src]
impl<T, U> TryInto<U> for T where
U: TryFrom<T>,
[src]
U: TryFrom<T>,
type Error = <U as TryFrom<T>>::Error
The type returned in the event of a conversion error.
pub fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>
[src]
impl<V, T> VZip<V> for T where
V: MultiLane<T>,
V: MultiLane<T>,