Skip to content

hirasawayuki/oauth2_provider_rs

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

67 Commits

db/initdb.d

db/initdb.d

 
 

migrations

migrations

 
 

nginx

nginx

 
 

src

src

 
 

templates

templates

 
 

.dockerignore

.dockerignore

 
 

.env

.env

 
 

.gitattributes

.gitattributes

 
 

.gitignore

.gitignore

 
 

Cargo.toml

Cargo.toml

 
 

Dockerfile

Dockerfile

 
 

README.md

README.md

 
 

docker-compose.yml

docker-compose.yml

 
 

Repository files navigation

README.md

OAuth2.0 authorization server in Rust.

Road map

  • User signup (/signup)
  • User login (/login)
  • Delete User Account
  • Authorize endpoint (/oauth/authorize)
  • OAuthClient registration (/oauth_client/new)
  • Delete OAuthClient
  • Token generate (/oauth/token)
  • Token refresh (/oauth/token)
  • Resource endpoint (/api/resources)
  • PKCE
  • Add Log create

Build development

$ docker-compose build
$ docker-compose up -d

DB migration

$ sqlx migrate run --database-url {DB_URL}/oauth2_development

Usage

Preparation

  1. Access http://localhost/signup and create user
  2. After login, access http://oauth_client/new and create OAuthClient
  3. Logout

Authorization

GET /oauth/authorize

Params Required example
client_id 0b32d324-5284-46a7-b71f-1b4c228415d7
redirect_uri http://localhost:8080/callback
response_type code
scope all
state IuEInQ6TzROoFlZf4gbA0WaE19OyDl5TmJ9sddX9PRqykrP1Fb9F0oHBxTVHcMa

Response
HTTP status 302
Location: http://localhost:8080/callback?code={authorization_code}&state={state}

Get AccessToken

POST /oauth/token

Params Required example
code IuEInQ6TzROoFlZf4gbA0WaE19OyDl5TmJ9sddX9PRqykrP1Fb9F0oHBxTVHcMa
grant_type authorization_code

Response
HTTP status 200
Body

{
  "access_token": "{access_token}",
  "refresh_token": "{refresh_token}",
  "expires_at": "{access_token expires_at}"
}

Refresh token

POST /oauth/token

Params Required example
refresh_token IuEInQ6TzROoFlZf4gbA0WaE19OyDl5TmJ9sddX9PRqykrP1Fb9F0oHBxTVHcMa
grant_type refresh_token

Response
HTTP status 200
Body

{
  "access_token": "{access_token}",
  "refresh_token": "{refresh_token}",
  "expires_at": "{access_token expires_at}"
}

Get Protected Resource

POST /api/resources Header: Authorization: Bearer {Access token}

Response
HTTP status 200
Body

{ "message": "Verify access token successful" }

Library

Backend

Type Name URL
HTTP Server actix-web https://github.com/actix/actix-web
DB sqlx https://github.com/launchbadge/sqlx
Error Handling anyhow https://github.com/dtolnay/anyhow

Database

users

column type
*id int
name varchar(63)
email varchar(255)
password varchar(100)

oauth_clients

column type
*client_id varchar(63)
name varchar(63)
client_secret varchar(63)
scope varchar(63)
redirect_uri varchar(255)

access_tokens

column type
*token varchar(63)
user_id int
client_id int
scope varchar(63)
expires_at datetime

refresh_tokens

column type
*refresh_token varchar(63)
access_token varchar(63)
expires_at datetime

authorization_codes

column type
*code varchar(63)
user_id int
client_id varchar(63)
expires_at datetime

About

OAuth2.0 provider is built on Rust.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages