Lightweight OpenID primitives & client. This package can be used to turn an application into an OpenID relying party.
Warning ! This crate has not been audited, use at your own risks!
It is your responsibility to implement the routes (start & finish authentication) that interacts with the
OpenIDConfighelper structure.Moreover, only a very small subset of OpenID specifications are supported : *
codeauthorization flow * The scopesopenid profile emailare hard coded and cannot be changed * User info retrieval usinguserinfoendpoint
```rust let config = OpenIDConfig::loadfromurl(&AppConfig::get().configuration_url).await.unwrap();
// Start authentication let authurl = config.genauthorizationurl("clientid", "state", "redirecturi"); redirectuser(auth_url);
// Finish authentication let tokenresponse = config.requesttoken("clientid", "clientsecret", "code", "redirecturi").await.unwrap(); let userinfo = config.requestuserinfo(&tokenresponse).await.unwrap(); // userinfo now contains profile info of user ```
crypto-wrapperCryptoWrapper is a helper that can encrypt to base64-encoded string structures:
```rust
struct Message(String);
fun test() { let wrapper = CryptoWrapper::newrandom(); let msg = Message("Hello world".tostring()); let enc = wrapper.encrypt(&msg).unwrap(); let dec: Message = wrapper.decrypt( & enc).unwrap();
assert_eq!(dec, msg);
} ```
Note : In order to use
CryptoWrapperon your own, you must addbincode>=2.0as one of your own dependencies. This is not required if you decide useBasicStateManager.
BasicStateManager is a helper that uses CryptoWrapper to generate and validates states for OpenID authentication:
rust
let ip = IpAddr::V4(Ipv4Addr::new(192, 168, 1, 1));
let manager = BasicStateManager::new();
let state = manager.gen_state(ip).unwrap();
assert!(manager.validate_state(ip, &state).is_ok());
A complete example usage of this crate can be found here: https://gitea.communiquons.org/pierre/oidc-test-client