oauth2/
basic.rs

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
use std::fmt::Error as FormatterError;
use std::fmt::{Debug, Display, Formatter};

use super::{
    Client, EmptyExtraTokenFields, ErrorResponseType, RequestTokenError, StandardErrorResponse,
    StandardTokenResponse, TokenType,
};
use crate::{
    revocation::{RevocationErrorResponseType, StandardRevocableToken},
    StandardTokenIntrospectionResponse,
};

///
/// Basic OAuth2 client specialization, suitable for most applications.
///
pub type BasicClient = Client<
    BasicErrorResponse,
    BasicTokenResponse,
    BasicTokenType,
    BasicTokenIntrospectionResponse,
    StandardRevocableToken,
    BasicRevocationErrorResponse,
>;

///
/// Basic OAuth2 authorization token types.
///
#[derive(Clone, Debug, PartialEq)]
pub enum BasicTokenType {
    ///
    /// Bearer token
    /// ([OAuth 2.0 Bearer Tokens - RFC 6750](https://tools.ietf.org/html/rfc6750)).
    ///
    Bearer,
    ///
    /// MAC ([OAuth 2.0 Message Authentication Code (MAC)
    /// Tokens](https://tools.ietf.org/html/draft-ietf-oauth-v2-http-mac-05)).
    ///
    Mac,
    ///
    /// An extension not defined by RFC 6749.
    ///
    Extension(String),
}
impl BasicTokenType {
    fn from_str(s: &str) -> Self {
        match s {
            "bearer" => BasicTokenType::Bearer,
            "mac" => BasicTokenType::Mac,
            ext => BasicTokenType::Extension(ext.to_string()),
        }
    }
}
impl AsRef<str> for BasicTokenType {
    fn as_ref(&self) -> &str {
        match *self {
            BasicTokenType::Bearer => "bearer",
            BasicTokenType::Mac => "mac",
            BasicTokenType::Extension(ref ext) => ext.as_str(),
        }
    }
}
impl<'de> serde::Deserialize<'de> for BasicTokenType {
    fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
    where
        D: serde::de::Deserializer<'de>,
    {
        let variant_str = String::deserialize(deserializer)?;
        Ok(Self::from_str(&variant_str))
    }
}
impl serde::ser::Serialize for BasicTokenType {
    fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
    where
        S: serde::ser::Serializer,
    {
        serializer.serialize_str(self.as_ref())
    }
}
impl TokenType for BasicTokenType {}

///
/// Basic OAuth2 token response.
///
pub type BasicTokenResponse = StandardTokenResponse<EmptyExtraTokenFields, BasicTokenType>;

///
/// Basic OAuth2 token introspection response.
///
pub type BasicTokenIntrospectionResponse =
    StandardTokenIntrospectionResponse<EmptyExtraTokenFields, BasicTokenType>;

///
/// Basic access token error types.
///
/// These error types are defined in
/// [Section 5.2 of RFC 6749](https://tools.ietf.org/html/rfc6749#section-5.2).
///
#[derive(Clone, PartialEq)]
pub enum BasicErrorResponseType {
    ///
    /// Client authentication failed (e.g., unknown client, no client authentication included,
    /// or unsupported authentication method).
    ///
    InvalidClient,
    ///
    /// The provided authorization grant (e.g., authorization code, resource owner credentials)
    /// or refresh token is invalid, expired, revoked, does not match the redirection URI used
    /// in the authorization request, or was issued to another client.
    ///
    InvalidGrant,
    ///
    /// The request is missing a required parameter, includes an unsupported parameter value
    /// (other than grant type), repeats a parameter, includes multiple credentials, utilizes
    /// more than one mechanism for authenticating the client, or is otherwise malformed.
    ///
    InvalidRequest,
    ///
    /// The requested scope is invalid, unknown, malformed, or exceeds the scope granted by the
    /// resource owner.
    ///
    InvalidScope,
    ///
    /// The authenticated client is not authorized to use this authorization grant type.
    ///
    UnauthorizedClient,
    ///
    /// The authorization grant type is not supported by the authorization server.
    ///
    UnsupportedGrantType,
    ///
    /// An extension not defined by RFC 6749.
    ///
    Extension(String),
}
impl BasicErrorResponseType {
    pub(crate) fn from_str(s: &str) -> Self {
        match s {
            "invalid_client" => BasicErrorResponseType::InvalidClient,
            "invalid_grant" => BasicErrorResponseType::InvalidGrant,
            "invalid_request" => BasicErrorResponseType::InvalidRequest,
            "invalid_scope" => BasicErrorResponseType::InvalidScope,
            "unauthorized_client" => BasicErrorResponseType::UnauthorizedClient,
            "unsupported_grant_type" => BasicErrorResponseType::UnsupportedGrantType,
            ext => BasicErrorResponseType::Extension(ext.to_string()),
        }
    }
}
impl AsRef<str> for BasicErrorResponseType {
    fn as_ref(&self) -> &str {
        match *self {
            BasicErrorResponseType::InvalidClient => "invalid_client",
            BasicErrorResponseType::InvalidGrant => "invalid_grant",
            BasicErrorResponseType::InvalidRequest => "invalid_request",
            BasicErrorResponseType::InvalidScope => "invalid_scope",
            BasicErrorResponseType::UnauthorizedClient => "unauthorized_client",
            BasicErrorResponseType::UnsupportedGrantType => "unsupported_grant_type",
            BasicErrorResponseType::Extension(ref ext) => ext.as_str(),
        }
    }
}
impl<'de> serde::Deserialize<'de> for BasicErrorResponseType {
    fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
    where
        D: serde::de::Deserializer<'de>,
    {
        let variant_str = String::deserialize(deserializer)?;
        Ok(Self::from_str(&variant_str))
    }
}
impl serde::ser::Serialize for BasicErrorResponseType {
    fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
    where
        S: serde::ser::Serializer,
    {
        serializer.serialize_str(self.as_ref())
    }
}
impl ErrorResponseType for BasicErrorResponseType {}
impl Debug for BasicErrorResponseType {
    fn fmt(&self, f: &mut Formatter) -> Result<(), FormatterError> {
        Display::fmt(self, f)
    }
}

impl Display for BasicErrorResponseType {
    fn fmt(&self, f: &mut Formatter) -> Result<(), FormatterError> {
        write!(f, "{}", self.as_ref())
    }
}

///
/// Error response specialization for basic OAuth2 implementation.
///
pub type BasicErrorResponse = StandardErrorResponse<BasicErrorResponseType>;

///
/// Token error specialization for basic OAuth2 implementation.
///
pub type BasicRequestTokenError<RE> = RequestTokenError<RE, BasicErrorResponse>;

///
/// Revocation error response specialization for basic OAuth2 implementation.
///
pub type BasicRevocationErrorResponse = StandardErrorResponse<RevocationErrorResponseType>;