88a8f74406
The current code uses standard blocking i/o operations (std::fs::*) this is problematic as it would block the entire futures executor waiting for i/o. This change is a major refactoring to make the token storage mechansim async i/o friendly. The first major decision was to abandon the GetToken trait. The trait is only implemented internally and there was no mechanism for users to provide their own, but async fn's are not currently supported in trait impls so keeping the trait would have required Boxing futures. This probably would have been fine, but seemed unnecessary. Instead of a trait the storage mechanism is just an enum with a choice between Memory and Disk storage. The DiskStorage works primarily as it did before, rewriting the entire contents of the file on every set() invocation. The only difference is that we now defer the actual writing to a separate task so that it does not block the return of the Token to the user. If disk i/o is too slow to keep up with the rate of incoming writes it will push back and will eventually block the return of tokens, this is to prevent a buildup of in-flight requests. One major drawback to this approach is that any errors that happen on write are simply logged and no delegate function is invoked on error because the delegate no longer has the ability to say to sleep, retry, etc.
yup-oauth2 is a utility library which implements several OAuth 2.0 flows. It's mainly used by google-apis-rs, to authenticate against Google services. (However, you're able to use it with raw HTTP requests as well; the flows are implemented as token sources yielding HTTP Bearer tokens).
The provider we have been testing the code against is also Google. However, the code itself is generic, and any OAuth provider behaving like Google will work as well. If you find one that doesn't, please let us know and/or contribute a fix!
Supported authorization types
- Device flow (user enters code on authorization page)
- Installed application flow (user visits URL, copies code to application, application uses code to obtain token). Used for services like GMail, Drive, ...
- Service account flow: Non-interactive authorization of server-to-server communication based on public key cryptography. Used for services like Cloud Pubsub, Cloud Storage, ...
Usage
Please have a look at the API landing page for all the examples you will ever need.
A simple commandline program which authenticates any scope and prints token information can be found in the examples directory.
The video below shows the auth example in action. It's meant to be used as utility to record all server communication and improve protocol compliance.
Versions
Version 1.x for Hyper versions bellow 12 Version 2.x for Hyper versions 12 and above
License
Licensed under either of
- Apache License, Version 2.0, (LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0)
- MIT license (LICENSE-MIT or http://opensource.org/licenses/MIT)
at your option.
Contribution
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.