Skip to main content

TokenManager

wme_client::auth

Struct TokenManager 

Source 
pub struct TokenManager { /* private fields */ }
Expand description

Thread-safe token manager with lazy refresh.

Implementations§

Source§

impl TokenManager

Source

pub fn new(transport: Arc<dyn HttpTransport>, config: AuthConfig) -> Self

Create a new token manager.

Source

pub async fn get_access_token(&self) -> Result<String>

Get a valid access token, refreshing if necessary.

Source

pub fn id_token(&self) -> Option<String>

Get the ID token (contains user claims).

Source

pub fn get_tokens(&self) -> Option<Tokens>

Get all tokens if available.

Returns the tokens including access_token, refresh_token, and expiration. This is useful for CLI applications that need to store tokens after login.

Source

pub fn set_tokens(&self, tokens: Tokens)

Set tokens from external source (e.g., config file).

This allows the CLI to restore tokens from a previous session. The tokens will be used for authentication and refreshed automatically when needed.

Source

pub async fn authenticate(&self) -> Result<()>

Authenticate and obtain tokens.

This method performs authentication if needed:

  • If tokens exist and are valid, does nothing
  • If tokens are expired, attempts to refresh
  • If no tokens exist, performs fresh login

After calling this, you can use TokenManager::get_tokens to retrieve the tokens for storage.

Source

pub async fn refresh(&self) -> Result<()>

Refresh the access token using the refresh token endpoint.

This method attempts to refresh the access token using the stored refresh token. If successful, the new access token and ID token are stored, while the refresh token remains unchanged.

§Errors

Returns an error if:

  • No refresh token is available
  • The refresh request fails
  • The response cannot be parsed
§Example
token_manager.refresh().await?;
Source

pub async fn revoke_token(&self) -> Result<()>

Revoke the current token using /v1/token-revoke endpoint.

This invalidates the refresh token on the server, preventing any future token refreshes. The local token state is cleared regardless of whether the server request succeeds.

§Errors

Returns an error if no tokens are available to revoke or if the HTTP request fails.

§Example
token_manager.revoke_token().await?;
Source

pub fn clear_state(&self)

Clear internal state (force refresh on next use).

Source

pub async fn forgot_password(&self, username: &str) -> Result<()>

Trigger forgot password email.

Sends a password reset email to the user with a confirmation code. The code can be used with TokenManager::forgot_password_confirm to set a new password.

§Arguments
  • username - The username to send the reset email to
§Errors

Returns an error if the request fails or the user is not found.

§Example
token_manager.forgot_password("user@example.com").await?;
Source

pub async fn forgot_password_confirm( &self, username: &str, password: &str, code: &str, ) -> Result<()>

Confirm forgot password with code.

Completes the password reset flow by providing the confirmation code received via email and the new password.

§Arguments
  • username - The username being reset
  • password - The new password to set
  • code - The confirmation code from the email
§Errors

Returns an error if the code is invalid, expired, or the request fails.

§Example
token_manager.forgot_password_confirm("user@example.com", "new_password", "123456").await?;
Source

pub async fn change_password( &self, previous_password: &str, proposed_password: &str, ) -> Result<()>

Change password (requires authentication).

Changes the password for the authenticated user. The user must provide their current password for verification.

§Arguments
  • previous_password - The current password
  • proposed_password - The new password to set
§Errors

Returns an error if the current password is incorrect or the request fails.

§Example
token_manager.change_password("old_password", "new_password").await?;
Source

pub async fn set_new_password( &self, username: &str, session: &str, new_password: &str, ) -> Result<()>

Set new password for NEW_PASSWORD_REQUIRED challenge.

Completes the authentication flow when a user is required to set a new password on first login or after a password reset.

§Arguments
  • username - The username
  • session - The session identifier from the authentication challenge
  • new_password - The new password to set
§Errors

Returns an error if the session is invalid, password doesn’t meet requirements, or the request fails.

§Example
token_manager.set_new_password("user@example.com", "session_id", "new_secure_password").await?;

Trait Implementations§

Source§

impl Clone for TokenManager

Source§

fn clone(&self) -> TokenManager

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> PolicyExt for T
where T: ?Sized,

Source§

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow only if self and other return Action::Follow. Read more
Source§

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow if either self or other returns Action::Follow. Read more
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more