Skip to content

Latest commit

 

History

History
49 lines (38 loc) · 2.59 KB

README.md

File metadata and controls

49 lines (38 loc) · 2.59 KB

axum-oauth

Rust codecov License

This is a demo application I created to help me understand authentication in rust using OAuth 2.0. Specifically, it shows how to protect your backend APIs using server-side OAuth. It uses the oxide-auth, oxide-auth-async, and oxide-auth-axum crates. The oxide-auth documentation is a bit sparse and it isn't immediately obvious how to go about implementing an authentication server with it so I created this demo. As a starting point I used the only example I could find of an app using Oxide-auth with the Axum web server: tf-viewer by @danielalvsaaker.

Current state

This crate compiles and basically works. However, I haven't done any re-factoring. It is currently in the "just make it work" stage 😁.

Example App

This example app shows a basic OAuth 2.0 authentication life-cycle for API access:

Note: I haven't yet implemented a front-end app to show this functionality fully in a browser. See tests for full life-cycle example. This project now has a frontend built in SvelteKit

  • User registration
  • Sign-in
  • Client registration (public and private)
  • Authorization (public and private)
  • Protected resource access
  • Sign-out

Usage

  1. Clone this repo and cd into its root

  2. Run cargo run

  3. Change directory into the front-end: cd svelte-frontend

  4. Run npm install

  5. Run npm run dev

  6. Open your browse to http://localhost:5137

  7. Click the button that says "Sign-in with OAuth"

  8. Use the default username/password pair to sign-in to the backend: bob/secret

    • By default the front-end only asks for account:read permission

Internals

HashMap - in-memory implementation of a user database. Also used to create a separate client registration database called ClientMap.

async-session - for session management (TO BE REMOVED. Session management doesn't belong in the backend).