Crate wasm_service_oauth[][src]

wasm-oauth plugin for wasm-service

Structs

AlwaysAllow

Implementation of authorization check that permits all operations

AlwaysDeny

Implementation of authorization check that denies all operations

OAuthConfig

Configuration for OAuthHandler plugin

OAuthHandler

Instance data for OAuthHandler

Session

Session data contains the user login name (0) (github user) and access token (1)

UserAllowList

Implementation of AuthCheck that allows users if they are in approved users list

UserData

Github user data (response from GET /user api)

Enums

Error

Errors used in this crate These aren't generally reported to http client, but are used internally for more descriptive logging

Traits

AuthCheck

Functions

is_valid_return_url

Perform some checks on validity of return_url. The primary purpose of this check is to avoid XSS attacks or other attacks where url is either too long or contains invalid characters. We do not verify whether the domain and path of the url are part of this app (that check would require additional configuration parameters, which could be error-prone, and might not be that useful). Since this is only used in the oauth flow, the performance overhead of url parsing should be negligible.

is_valid_username_token

Test for valid syntax for github username (does not check whether the account actually exists). This check is to prevent XSS attacks on error page. Valid github username contains alphanumeric (US English) characters or single hyphens, and cannot begin or end with a hyphen, and is no more than 39 characters in length.