Skip to content
/ rust-goauth Public

Crate for authenticating Server to Server Apps for Google Cloud Engine.

License

MIT license
25 stars 18 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

durch/rust-goauth

3 Branches2 Tags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

durchdurch
Remove tokio and reqwesrt
Jun 17, 2024
25fa9f7 · Jun 17, 2024

History

79 Commits
.github
.github
Jul 20, 2020
src
src
Jun 17, 2024
.gitignore
.gitignore
Sep 14, 2020
CODE_OF_CONDUCT.md
CODE_OF_CONDUCT.md
Jul 20, 2020
CONTRIBUTING.md
CONTRIBUTING.md
Jul 20, 2020
Cargo.toml
Cargo.toml
Jun 17, 2024
Dockerfile
Dockerfile
Dec 25, 2016
LICENSE
LICENSE
Dec 25, 2016
README.md
README.md
Jun 17, 2024
dummy_credentials_file_for_tests.json
dummy_credentials_file_for_tests.json
Feb 13, 2017
random_rsa_for_testing
random_rsa_for_testing
Dec 25, 2016

Repository files navigation

build MIT licensed

rust-goauth [docs]

Crate for using OAuth 2.0 with Server to Server Applications for Google Cloud Engine, with tentative support for all supported Scopes. Supports sync or async requests via Futures.

Provides a serialisable Token struct for use in other applications that require authenticated interactions with Google Cloud.

Usage

#[macro_use]
extern crate log;

use goauth::auth::JwtClaims;
use goauth::scopes::Scope;
use goauth::{get_token, get_token_blocking, GoErr};
use goauth::credentials::Credentials;
use goauth::fetcher::TokenFetcher;
use smpl_jwt::{RSAKey, Jwt};
use time::Duration;

fn main() -> Result<(), GoErr>{
  let token_url = "https://www.googleapis.com/oauth2/v4/token";
  let iss = "<some-iss>"; // https://developers.google.com/identity/protocols/OAuth2ServiceAccount

  let credentials = Credentials::from_file("dummy_credentials_file_for_tests.json").unwrap();
  let claims = JwtClaims::new(String::from(iss),
                             &[Scope::DevStorageReadWrite],
                             String::from(token_url),
                             None, None);
  let jwt = Jwt::new(claims, credentials.rsa_key().unwrap(), None);

  // Use async
  let token = async {
    match get_token(&jwt, &credentials).await {
      Ok(token) => token,
      Err(e) => panic!(e)
    }
  };

  // Or sync
  let token = get_token_blocking(&jwt, &credentials)?;

  // Token provides `access_token` method that outputs a value that should be placed in the Authorization header

  // Or use the TokenFetcher abstraction which will automatically refresh tokens
  let fetcher = TokenFetcher::new(jwt, credentials, Duration::new(1, 0));

  let token = async {
    match fetcher.fetch_token().await {
      Ok(token) => token,
      Err(e) => panic!(e)
    }
  };

  // Now a couple seconds later we want the token again - the initial token is cached so it will re-use
  // the same token, saving a network trip to fetch another token
  let new_token = async {
    match fetcher.fetch_token().await {
      Ok(token) => token,
      Err(e) => panic!(e)
    }
  };

  assert_eq!(token, new_token);

  // Now say the token has expired or is close to expiring ("close" defined by the configurable
  // `refresh_buffer` parameter) at this point "later in the program." The next call to
  // `fetch_token` will notice this and automatically fetch a new token, cache it, and return it.
  let new_token = async {
    match fetcher.fetch_token().await {
      Ok(token) => token,
      Err(e) => panic!(e)
    }
  };

  assert_ne!(token, new_token);

  Ok(())
}

About

Crate for authenticating Server to Server Apps for Google Cloud Engine.

Topics

jwt google authentication google-cloud jwt-authentication

Resources

Readme

License

MIT license

Code of conduct

Code of conduct
Activity

Stars

25 stars

Watchers

2 watching

Forks

18 forks
Report repository

Releases 2

TokenFetcher Latest
Sep 14, 2020
+ 1 release

Packages

No packages published

Contributors 13

Languages