Skip to content

Latest commit

 

History

History
146 lines (125 loc) · 2.96 KB

README.md

File metadata and controls

146 lines (125 loc) · 2.96 KB

README.md

OAuth2.0 authorization server in Rust.

Road map

  • User signup (/signup)
  • User login (/login)
  • Delete User Account
  • Authorize endpoint (/oauth/authorize)
  • OAuthClient registration (/oauth_client/new)
  • Delete OAuthClient
  • Token generate (/oauth/token)
  • Token refresh (/oauth/token)
  • Resource endpoint (/api/resources)
  • PKCE
  • Add Log create

Build development

$ docker-compose build
$ docker-compose up -d

DB migration

$ sqlx migrate run --database-url {DB_URL}/oauth2_development

Usage

Preparation

  1. Access http://localhost/signup and create user
  2. After login, access http://oauth_client/new and create OAuthClient
  3. Logout

Authorization

GET /oauth/authorize

Params Required example
client_id 0b32d324-5284-46a7-b71f-1b4c228415d7
redirect_uri http://localhost:8080/callback
response_type code
scope all
state IuEInQ6TzROoFlZf4gbA0WaE19OyDl5TmJ9sddX9PRqykrP1Fb9F0oHBxTVHcMa

Response
HTTP status 302
Location: http://localhost:8080/callback?code={authorization_code}&state={state}

Get AccessToken

POST /oauth/token

Params Required example
code IuEInQ6TzROoFlZf4gbA0WaE19OyDl5TmJ9sddX9PRqykrP1Fb9F0oHBxTVHcMa
grant_type authorization_code

Response
HTTP status 200
Body

{
  "access_token": "{access_token}",
  "refresh_token": "{refresh_token}",
  "expires_at": "{access_token expires_at}"
}

Refresh token

POST /oauth/token

Params Required example
refresh_token IuEInQ6TzROoFlZf4gbA0WaE19OyDl5TmJ9sddX9PRqykrP1Fb9F0oHBxTVHcMa
grant_type refresh_token

Response
HTTP status 200
Body

{
  "access_token": "{access_token}",
  "refresh_token": "{refresh_token}",
  "expires_at": "{access_token expires_at}"
}

Get Protected Resource

POST /api/resources Header: Authorization: Bearer {Access token}

Response
HTTP status 200
Body

{ "message": "Verify access token successful" }

Library

Backend

Type Name URL
HTTP Server actix-web https://github.com/actix/actix-web
DB sqlx https://github.com/launchbadge/sqlx
Error Handling anyhow https://github.com/dtolnay/anyhow

Database

users

column type
*id int
name varchar(63)
email varchar(255)
password varchar(100)

oauth_clients

column type
*client_id varchar(63)
name varchar(63)
client_secret varchar(63)
scope varchar(63)
redirect_uri varchar(255)

access_tokens

column type
*token varchar(63)
user_id int
client_id int
scope varchar(63)
expires_at datetime

refresh_tokens

column type
*refresh_token varchar(63)
access_token varchar(63)
expires_at datetime

authorization_codes

column type
*code varchar(63)
user_id int
client_id varchar(63)
expires_at datetime