Mercurial > core / rust/lib/net/src/engine/http/oauth.rs
changeset 698: |
96958d3eb5b0 |
parent: |
3d78bed56188
|
author: |
Richard Westhaver <ellis@rwest.io> |
date: |
Fri, 04 Oct 2024 22:04:59 -0400 |
permissions: |
-rw-r--r-- |
description: |
fixes |
3 basic::{BasicClient, BasicTokenType}, 4 AuthUrl, ClientId, ClientSecret, EmptyExtraTokenFields, RedirectUrl, 7 pub use obj::Oauth2Config; 10 reqwest::async_http_client, AuthorizationCode, CsrfToken, PkceCodeChallenge, 11 Scope, StandardTokenResponse, TokenResponse, 15 pub fn client(cfg: Oauth2Config) -> BasicClient { 16 // Environment variables (* = required): 17 // *"CLIENT_ID" "123456789123456789"; 18 // *"CLIENT_SECRET" "rAn60Mch4ra-CTErsSf-r04utHcLienT"; 19 // "REDIRECT_URL" "http://127.0.0.1:3000/authorized"; 20 // "AUTH_URL" "https://rwest.io/api/oauth2/authorize?response_type=code"; 21 // "TOKEN_URL" "https://rwest.io/api/oauth2/token"; 23 let client_id = env::var("CLIENT_ID").unwrap_or(cfg.client_id); 24 let client_secret = env::var("CLIENT_SECRET").unwrap_or(cfg.client_secret); 25 let redirect_url = env::var("REDIRECT_URL") 26 .unwrap_or(cfg.redirect_uris.first().unwrap().to_string()); 27 let auth_url = env::var("AUTH_URL").unwrap_or(cfg.auth_uri); 28 let token_url = env::var("TOKEN_URL").unwrap_or(cfg.token_uri); 31 ClientId::new(client_id), 32 Some(ClientSecret::new(client_secret)), 33 AuthUrl::new(auth_url).unwrap(), 34 Some(TokenUrl::new(token_url).unwrap()), 36 .set_redirect_uri(RedirectUrl::new(redirect_url).unwrap()) 41 ) -> Result<StandardTokenResponse<EmptyExtraTokenFields, BasicTokenType>> { 42 let client = client(cfg); 43 let (pkce_challenge, pkce_verifier) = PkceCodeChallenge::new_random_sha256(); //generate challenge 44 // Generate the full authorization URL. 45 let (auth_url, _csrf_token) = client 46 .authorize_url(CsrfToken::new_random) 47 // Set the desired scopes. 48 .add_scope(Scope::new("read".to_string())) 49 .add_scope(Scope::new("write".to_string())) 50 // Set the PKCE code challenge. 51 .set_pkce_challenge(pkce_challenge) 54 println!("point browser to: {}", auth_url); 57 .exchange_code(AuthorizationCode::new( 58 "some authorization code".to_string(), 60 // Set the PKCE code verifier. 61 .set_pkce_verifier(pkce_verifier) 62 .request_async(async_http_client)