https://github.com/nithe14/oidc-agent-rs

Unix only oidc-agent library for Rust
https://github.com/nithe14/oidc-agent-rs

crates-io oidc-agent rust rust-lang

Last synced: about 1 year ago
JSON representation

Unix only oidc-agent library for Rust

• Host: GitHub
• URL: https://github.com/nithe14/oidc-agent-rs
• Owner: Nithe14
• License: apache-2.0
• Created: 2024-06-19T14:11:12.000Z (almost 2 years ago)
• Default Branch: master
• Last Pushed: 2024-10-24T10:20:08.000Z (over 1 year ago)
• Last Synced: 2024-10-25T03:42:35.262Z (over 1 year ago)
• Topics: crates-io, oidc-agent, rust, rust-lang
• Language: Rust
• Homepage:
• Size: 73.2 KB
• Stars: 1
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE-APACHE

Awesome Lists containing this project

README

          
 Unix only [`oidc-agent`]( https://indigo-dc.gitbook.io/oidc-agent ) library for Rust

 # Description

 This crate is an interface to `oidc-agent` IPC-API.

 The `oidc-agent` must be running under the user system and OIDC_SOCK must be exported properly.

 # Obtaining access_token

 ## Basic usage

 To obtain access_token by account shortname run the following code in `main.rs`:

 ```rust

 use oidc_agent_rs::{Agent, Error};

 fn main() -> Result<(), Error> {

    let agent = Agent::new()?;

    let access_token = agent.get_access_token("profile_shortname")?;

    println!("{}", access_token.secret());

    Ok(())

 }

 ```

 The `secret()` method is required to obtain token as a `&str` value. Otherwise the `Token` pseudostruct

 would be returned.

 ## Asynchronous Usage

 For asynchronous programming, you need to enable the `async` feature and use the `crate::async_impl::Agent`.

 Here’s a basic example of obtaining an access_token asynchronously:

 ```rust

 use oidc_agent_rs::async_impl::Agent;

 use oidc_agent_rs::Error;

#[tokio::main]

async fn main() -> Result<(), Box> {

    let agent = Agent::new().await?;

    let at = agent.get_access_token("profile_shortname").await?;

    println!("{}", at.secret());

    Ok(())

}

```

 Cargo.toml

```toml

 [dependencies]

 oidc_agent_rs = { version = "0.2.0", features=["async"]}

 tokio = { version = "1.39.2", features = ["net", "io-util", "macros", "rt-multi-thread"] }

 ```

 ## Advanced requests

 To obtain access_token with more advanced options you have to use request builder.

 `AccessTokenRequest` has a method to easy build a new request. Then you have to send the request

 directly to the agent and parse the response.

 Example:

 ```rust

 use oidc_agent_rs::{requests::AccessTokenRequest, Agent, Error};

 fn main() -> Result<(), Error> {

     let agent = Agent::new()?;

     

     //obtaining access_token by issuer only (no shortname needed)

     let at_request = AccessTokenRequest::builder()

         .issuer("https://issuer.url")?

         .min_valid_period(60)

         .build()?;

     let at_response = agent.send_request(at_request)?;

     println!("{}", at_response.access_token().secret());

     println!("{}", at_response.issuer());

     println!("{}", at_response.expires_at());

     Ok(())

 }

 ```

 # Obtaining mytoken

 ## Basic usage

 Obtaining mytoken using only account shortname is very similar to obtaining access_token.

 Example:

 ```rust

 use oidc_agent_rs::{Agent, Error};

 fn main() -> Result<(), Error> {

     let agent = Agent::new()?;

     let mytoken = agent.get_mytoken("mytoken")?;

     println!("{}", mytoken.secret());

     Ok(())

 }

 ```

 Once more the secret() method is used to obtain token as a &str value.

 ## Advanced requests

 If you want to obtain new mytoken using specific Mytoken profile, you have to create new

 `Profile` element. All profile objects documented in the Mytoken documentation are

 supported. You can add multiple `Capability` and `Restriction` elements

 and single `Rotation` element to the `Profile`. Then add the

 `Profile` element to the `MyTokenRequest` element.

 Example:

```rust

 use oidc_agent_rs::mytoken::{Capability, Profile, Restriction, Rotation, TokenInfoPerms};

 use oidc_agent_rs::requests::MyTokenRequest;

 use oidc_agent_rs::{Agent, Error};

 fn main() -> Result<(), Error> {

     let agent = Agent::new()?;

     let mut profile = Profile::new();

     //basic capabilites

     let caps = vec![Capability::AT, Capability::TokenInfo(TokenInfoPerms::All)];

     //new restriction

     let restriction = Restriction::builder()

         .usages_AT(5) //number of mytoken max usages

         .add_geoip_allow(vec!["pl", "de"]) //geoip allowed regions

         .build();

     //basic rotation

     let rotation = Rotation::builder().set_on_AT().set_lifetime(1000).build()?;

     profile.add_capabilities(&caps);

     profile.add_restrictions(&vec![restriction]);

     profile.set_rotation(&rotation);

     let mt_request = MyTokenRequest::builder("mytoken")

         .mytoken_profile(&profile)

         .build()?;

     let mt_response = agent.send_request(mt_request)?;

     println!("{}", mt_response.mytoken().secret());

     Ok(())

 }

```