src/oauth/types.rs at 61e33ca7dae83495128e4f850515e54bf64ac1a1 · lewis.moe/bspds-sandbox

lewis.moe / bspds-sandbox
this repo has no description
bspds-sandbox / src / oauth / types.rs
at 61e33ca7dae83495128e4f850515e54bf64ac1a1 6.9 kB view raw
  1use chrono::{DateTime, Utc};
  2use serde::{Deserialize, Serialize};
  3use serde_json::Value as JsonValue;
  4
  5#[derive(Debug, Clone, Serialize, Deserialize)]
  6pub struct RequestId(pub String);
  7
  8#[derive(Debug, Clone, Serialize, Deserialize)]
  9pub struct TokenId(pub String);
 10
 11#[derive(Debug, Clone, Serialize, Deserialize)]
 12pub struct DeviceId(pub String);
 13
 14#[derive(Debug, Clone, Serialize, Deserialize)]
 15pub struct SessionId(pub String);
 16
 17#[derive(Debug, Clone, Serialize, Deserialize)]
 18pub struct Code(pub String);
 19
 20#[derive(Debug, Clone, Serialize, Deserialize)]
 21pub struct RefreshToken(pub String);
 22
 23impl RequestId {
 24    pub fn generate() -> Self {
 25        Self(format!("urn:ietf:params:oauth:request_uri:{}", uuid::Uuid::new_v4()))
 26    }
 27}
 28
 29impl TokenId {
 30    pub fn generate() -> Self {
 31        Self(uuid::Uuid::new_v4().to_string())
 32    }
 33}
 34
 35impl DeviceId {
 36    pub fn generate() -> Self {
 37        Self(uuid::Uuid::new_v4().to_string())
 38    }
 39}
 40
 41impl SessionId {
 42    pub fn generate() -> Self {
 43        Self(uuid::Uuid::new_v4().to_string())
 44    }
 45}
 46
 47impl Code {
 48    pub fn generate() -> Self {
 49        use rand::Rng;
 50        let bytes: [u8; 32] = rand::thread_rng().r#gen();
 51        Self(base64::Engine::encode(
 52            &base64::engine::general_purpose::URL_SAFE_NO_PAD,
 53            bytes,
 54        ))
 55    }
 56}
 57
 58impl RefreshToken {
 59    pub fn generate() -> Self {
 60        use rand::Rng;
 61        let bytes: [u8; 32] = rand::thread_rng().r#gen();
 62        Self(base64::Engine::encode(
 63            &base64::engine::general_purpose::URL_SAFE_NO_PAD,
 64            bytes,
 65        ))
 66    }
 67}
 68
 69#[derive(Debug, Clone, Serialize, Deserialize)]
 70#[serde(tag = "method")]
 71pub enum ClientAuth {
 72    #[serde(rename = "none")]
 73    None,
 74    #[serde(rename = "client_secret_basic")]
 75    SecretBasic { client_secret: String },
 76    #[serde(rename = "client_secret_post")]
 77    SecretPost { client_secret: String },
 78    #[serde(rename = "private_key_jwt")]
 79    PrivateKeyJwt { client_assertion: String },
 80}
 81
 82#[derive(Debug, Clone, Serialize, Deserialize)]
 83pub struct AuthorizationRequestParameters {
 84    pub response_type: String,
 85    pub client_id: String,
 86    pub redirect_uri: String,
 87    pub scope: Option<String>,
 88    pub state: Option<String>,
 89    pub code_challenge: String,
 90    pub code_challenge_method: String,
 91    pub login_hint: Option<String>,
 92    pub dpop_jkt: Option<String>,
 93    #[serde(flatten)]
 94    pub extra: Option<JsonValue>,
 95}
 96
 97#[derive(Debug, Clone)]
 98pub struct RequestData {
 99    pub client_id: String,
100    pub client_auth: Option<ClientAuth>,
101    pub parameters: AuthorizationRequestParameters,
102    pub expires_at: DateTime<Utc>,
103    pub did: Option<String>,
104    pub device_id: Option<String>,
105    pub code: Option<String>,
106}
107
108#[derive(Debug, Clone)]
109pub struct DeviceData {
110    pub session_id: String,
111    pub user_agent: Option<String>,
112    pub ip_address: String,
113    pub last_seen_at: DateTime<Utc>,
114}
115
116#[derive(Debug, Clone)]
117pub struct TokenData {
118    pub did: String,
119    pub token_id: String,
120    pub created_at: DateTime<Utc>,
121    pub updated_at: DateTime<Utc>,
122    pub expires_at: DateTime<Utc>,
123    pub client_id: String,
124    pub client_auth: ClientAuth,
125    pub device_id: Option<String>,
126    pub parameters: AuthorizationRequestParameters,
127    pub details: Option<JsonValue>,
128    pub code: Option<String>,
129    pub current_refresh_token: Option<String>,
130    pub scope: Option<String>,
131}
132
133#[derive(Debug, Clone, Serialize, Deserialize)]
134pub struct AuthorizedClientData {
135    pub scope: Option<String>,
136    pub remember: bool,
137}
138
139#[derive(Debug, Clone, Serialize, Deserialize)]
140pub struct OAuthClientMetadata {
141    pub client_id: String,
142    pub client_name: Option<String>,
143    pub client_uri: Option<String>,
144    pub logo_uri: Option<String>,
145    pub redirect_uris: Vec<String>,
146    pub grant_types: Option<Vec<String>>,
147    pub response_types: Option<Vec<String>>,
148    pub scope: Option<String>,
149    pub token_endpoint_auth_method: Option<String>,
150    pub dpop_bound_access_tokens: Option<bool>,
151    pub jwks: Option<JsonValue>,
152    pub jwks_uri: Option<String>,
153    pub application_type: Option<String>,
154}
155
156#[derive(Debug, Clone, Serialize, Deserialize)]
157pub struct ProtectedResourceMetadata {
158    pub resource: String,
159    pub authorization_servers: Vec<String>,
160    pub bearer_methods_supported: Vec<String>,
161    pub scopes_supported: Vec<String>,
162    pub resource_documentation: Option<String>,
163}
164
165#[derive(Debug, Clone, Serialize, Deserialize)]
166pub struct AuthorizationServerMetadata {
167    pub issuer: String,
168    pub authorization_endpoint: String,
169    pub token_endpoint: String,
170    pub jwks_uri: String,
171    pub registration_endpoint: Option<String>,
172    pub scopes_supported: Option<Vec<String>>,
173    pub response_types_supported: Vec<String>,
174    pub response_modes_supported: Option<Vec<String>>,
175    pub grant_types_supported: Option<Vec<String>>,
176    pub token_endpoint_auth_methods_supported: Option<Vec<String>>,
177    pub code_challenge_methods_supported: Option<Vec<String>>,
178    pub pushed_authorization_request_endpoint: Option<String>,
179    pub require_pushed_authorization_requests: Option<bool>,
180    pub dpop_signing_alg_values_supported: Option<Vec<String>>,
181    pub authorization_response_iss_parameter_supported: Option<bool>,
182}
183
184#[derive(Debug, Clone, Serialize, Deserialize)]
185pub struct ParResponse {
186    pub request_uri: String,
187    pub expires_in: u64,
188}
189
190#[derive(Debug, Clone, Serialize, Deserialize)]
191pub struct TokenResponse {
192    pub access_token: String,
193    pub token_type: String,
194    pub expires_in: u64,
195    #[serde(skip_serializing_if = "Option::is_none")]
196    pub refresh_token: Option<String>,
197    #[serde(skip_serializing_if = "Option::is_none")]
198    pub scope: Option<String>,
199    #[serde(skip_serializing_if = "Option::is_none")]
200    pub sub: Option<String>,
201}
202
203#[derive(Debug, Clone, Serialize, Deserialize)]
204pub struct TokenRequest {
205    pub grant_type: String,
206    pub code: Option<String>,
207    pub redirect_uri: Option<String>,
208    pub code_verifier: Option<String>,
209    pub refresh_token: Option<String>,
210    pub client_id: Option<String>,
211    pub client_secret: Option<String>,
212}
213
214#[derive(Debug, Clone, Serialize, Deserialize)]
215pub struct DPoPClaims {
216    pub jti: String,
217    pub htm: String,
218    pub htu: String,
219    pub iat: i64,
220    #[serde(skip_serializing_if = "Option::is_none")]
221    pub ath: Option<String>,
222    #[serde(skip_serializing_if = "Option::is_none")]
223    pub nonce: Option<String>,
224}
225
226#[derive(Debug, Clone, Serialize, Deserialize)]
227pub struct JwkPublicKey {
228    pub kty: String,
229    pub crv: Option<String>,
230    pub x: Option<String>,
231    pub y: Option<String>,
232    #[serde(rename = "use")]
233    pub key_use: Option<String>,
234    pub kid: Option<String>,
235    pub alg: Option<String>,
236}
237
238#[derive(Debug, Clone, Serialize, Deserialize)]
239pub struct Jwks {
240    pub keys: Vec<JwkPublicKey>,
241}