Lib.rs

网页编程
#google-cloud #cloud #google #oauth #jwt #engine #server

goauth

用于在 Google Cloud Engine 中认证服务器到服务器应用程序的 crate

作者:Drazen Urch

35 个版本 (16 个重大变化)

0.17.0-alpha.12024 年 6 月 17 日
0.15.0 2024 年 6 月 17 日
0.14.0 2023 年 10 月 17 日
0.13.1 2022 年 7 月 20 日
0.1.2 2016 年 12 月 29 日

#54 in 网页编程

Download history 38864/week @ 2024-05-03 45643/week @ 2024-05-10 56437/week @ 2024-05-17 48149/week @ 2024-05-24 44143/week @ 2024-05-31 60616/week @ 2024-06-07 47187/week @ 2024-06-14 44344/week @ 2024-06-21 47414/week @ 2024-06-28 42859/week @ 2024-07-05 38751/week @ 2024-07-12 42408/week @ 2024-07-19 41075/week @ 2024-07-26 44612/week @ 2024-08-02 55305/week @ 2024-08-09 46847/week @ 2024-08-16

196,848 每月下载量
用于 94 个 crate (12 个直接使用)

MIT 许可证

59KB
1K SLoC

build MIT licensed

rust-goauth [文档]

用于使用 OAuth 2.0 与 Google Cloud Engine 的服务器到服务器应用程序的 crate,暂支持所有受支持的 作用域。支持同步或异步请求通过 Futures。

提供了一个可序列化的 Token 结构体,用于其他需要与 Google Cloud 进行认证交互的应用程序。

使用方法

#[macro_use]
extern crate log;

use goauth::auth::JwtClaims;
use goauth::scopes::Scope;
use goauth::{get_token, get_token_blocking, GoErr};
use goauth::credentials::Credentials;
use goauth::fetcher::TokenFetcher;
use smpl_jwt::{RSAKey, Jwt};
use time::Duration;

fn main() -> Result<(), GoErr>{
  let token_url = "https://www.googleapis.com/oauth2/v4/token";
  let iss = "<some-iss>"; // https://developers.google.com/identity/protocols/OAuth2ServiceAccount

  let credentials = Credentials::from_file("dummy_credentials_file_for_tests.json").unwrap();
  let claims = JwtClaims::new(String::from(iss),
                             &[Scope::DevStorageReadWrite],
                             String::from(token_url),
                             None, None);
  let jwt = Jwt::new(claims, credentials.rsa_key().unwrap(), None);

  // Use async
  let token = async {
    match get_token(&jwt, &credentials).await {
      Ok(token) => token,
      Err(e) => panic!(e)
    }
  };

  // Or sync
  let token = get_token_blocking(&jwt, &credentials)?;

  // Token provides `access_token` method that outputs a value that should be placed in the Authorization header

  // Or use the TokenFetcher abstraction which will automatically refresh tokens
  let fetcher = TokenFetcher::new(jwt, credentials, Duration::new(1, 0));

  let token = async {
    match fetcher.fetch_token().await {
      Ok(token) => token,
      Err(e) => panic!(e)
    }
  };

  // Now a couple seconds later we want the token again - the initial token is cached so it will re-use
  // the same token, saving a network trip to fetch another token
  let new_token = async {
    match fetcher.fetch_token().await {
      Ok(token) => token,
      Err(e) => panic!(e)
    }
  };

  assert_eq!(token, new_token);

  // Now say the token has expired or is close to expiring ("close" defined by the configurable
  // `refresh_buffer` parameter) at this point "later in the program." The next call to
  // `fetch_token` will notice this and automatically fetch a new token, cache it, and return it.
  let new_token = async {
    match fetcher.fetch_token().await {
      Ok(token) => token,
      Err(e) => panic!(e)
    }
  };

  assert_ne!(token, new_token);

  Ok(())
}

依赖关系

~5–7.5MB
~171K SLoC