2 unstable releases
| 0.2.0 | Mar 23, 2022 |
|---|---|
| 0.1.0 | Mar 21, 2022 |
#980 in Authentication
24 downloads per month
16KB
228 lines
Actix-web extractor which validates OAuth2 tokens through an RFC 7662 token introspection endpoint.
To protect a resource, you add the RequireAuthorization extractor.
This extractor must be configured with a token introspection url
before it can be used.
The extractor takes an implementation of the
AuthorizationRequirements trait, which is used to analyze the
introspection response to determine if the request is authorized.
Example
#[get("/protected/api")]
async fn handle_read(_auth: RequireAuthorization<AnyScope>) -> impl Responder {
HttpResponse::Ok().body("Success!\n")
}
fn setup_server() -> std::io::Result<impl Future> {
let oauth_config = RequireAuthorizationConfig::<StandardToken>::new(
"client_id".to_string(),
Some("client_secret".to_string()),
"https://example.com/oauth/authorize".parse().expect("invalid url"),
"https://example.com/oauth/introspect".parse().expect("invalid url"),
);
Ok(HttpServer::new(move || {
actix_web::App::new()
.app_data(oauth_config.clone())
.service(handle_read)
})
.bind("127.0.0.1:8182".to_string())?
.run())
}
Dependencies
~16–30MB
~540K SLoC