rullst-connect

et

cargo add rullst-connect

[dependencies]
rullst-connect = "10.0.1"
tokio = { version = "1.52", features = ["full"] }

use rullst_connect::prelude::*;

let github = GithubProvider::new(
    "YOUR_CLIENT_ID".to_string(),
    "YOUR_CLIENT_SECRET".to_string(),
    "http://localhost:3000/auth/github/callback".to_string(),
);

let url = github.redirect_url();
// Example in Axum: return Redirect::temporary(&url);

let params = rullst_connect::provider::ExchangeParams {
    auth_code: code,
    ..Default::default()
};
match github.get_user(params).await {
    Ok(user) => {
        println!("Welcome, {}!", user.name);
        println!("Email: {:?}", user.email);
        println!("Avatar: {:?}", user.avatar_url);
    }
    Err(_) => return (StatusCode::INTERNAL_SERVER_ERROR, "Failed to get user".to_string()),
}

// 1. Generate a random state string and save it in the session
let state = "random_secure_string";

// 2. Get the authorization URL with the state parameter using the builder
let url = github.with_state(state).redirect_url();
// return Redirect::temporary(&url);

// 3. In the callback route, verify if the query param `state` matches your session!
// If you are using the optional `axum` or `actix` features, you can use `verify_state`:
// params.verify_state(&state_from_session)?;

let refreshed_user = github.refresh_token("existing_refresh_token_string").await?;
// Tokens are wrapped in `secrecy::SecretString` to prevent accidental log leakage ([REDACTED]).
// When you need to send it to an API, expose it explicitly:
use secrecy::ExposeSecret;
let raw_token = refreshed_user.access_token.expose_secret();
println!("Successfully refreshed token securely!");

use rullst_connect::pkce::generate_pkce;

// 1. Generate challenge and verifier
let (code_verifier, code_challenge) = generate_pkce();

// 2. Save `code_verifier` in the user's session or a secure HttpOnly cookie!

// 3. Get the URL with PKCE natively using the builder pattern
let auth_url = provider.with_pkce(&code_challenge).redirect_url();

// 4. In the callback route, fetch the user using the saved verifier:
let params = rullst_connect::provider::ExchangeParams {
    auth_code: &code,
    code_verifier: Some(&code_verifier),
    ..Default::default()
};
let user = provider.get_user(params).await.unwrap();

cargo run --example axum_server

# install it first if you haven't: cargo install cargo-release
cargo release patch --execute  # for v1.0.x patches
cargo release minor --execute  # for v1.x.0 features
cargo release major --execute  # for vX.0.0 breaking changes

CI & Coverage	Security & Analysis	Formal & Advanced Testing
<br><br>	<br><br><br>	<br><br>
		<br>

rullst-connect

Notions de base

Général

Rullst Connect 🦀

🛡️ Quality & Security Audits

✨ Features

📦 Supported Providers

🛠️ Installation

🚀 Quick Start

1. Initialize the Provider

2. Redirect the User

3. Handle the Callback & Get User

🛡️ CSRF Protection (State Parameter)

🔄 Refreshing Tokens

🔒 PKCE Support (v9.0.0+)

🧑‍💻 Full Example with Axum

📦 Releasing a New Version

🤝 Contributing

📄 License

Contrôles 0/21 ●

Contrôles