diff options
| author | Vika <vika@fireburn.ru> | 2022-09-21 10:42:26 +0300 | 
|---|---|---|
| committer | Vika <vika@fireburn.ru> | 2022-09-28 00:59:43 +0300 | 
| commit | e5281c6da75f115d01aa5bef2f460ebd5b30a656 (patch) | |
| tree | 369b764ac3f346aa9068a27bc631c8edc42fc271 /kittybox-rs/indieauth/src | |
| parent | e468d8cd5aac240a05a149737e0117a57a926683 (diff) | |
| download | kittybox-e5281c6da75f115d01aa5bef2f460ebd5b30a656.tar.zst | |
indieauth: add "token_type" and "scope" to token grant response
It looks like some badly-behaved apps require "scope" even though it is optional according to OAuth2. Additionally, both of these fields are not present in the IndieAuth spec (this is an error in the spec, tracked here: https://github.com/indieweb/indieauth/issues/116
Diffstat (limited to 'kittybox-rs/indieauth/src')
| -rw-r--r-- | kittybox-rs/indieauth/src/lib.rs | 21 | 
1 files changed, 21 insertions, 0 deletions
| diff --git a/kittybox-rs/indieauth/src/lib.rs b/kittybox-rs/indieauth/src/lib.rs index 752d9e9..22dcdbd 100644 --- a/kittybox-rs/indieauth/src/lib.rs +++ b/kittybox-rs/indieauth/src/lib.rs @@ -395,6 +395,20 @@ pub enum GrantRequest { } } +/// Token type, as described in [RFC6749][]. +/// +/// [RFC6749]: https://www.rfc-editor.org/rfc/rfc6749#section-7.1 +#[derive(Debug, Clone, Copy, Serialize, Deserialize)] +#[serde(rename_all = "snake_case")] +pub enum TokenType { + /// A Bearer token described in [RFC6750][]. As far as the author + /// of this library is concerned, this is the only type that + /// IndieAuth uses. + /// + /// [RFC6750]: https://www.rfc-editor.org/rfc/rfc6750 + Bearer +} + /// The response to a successful [`GrantRequest`]. #[derive(Debug, Clone, Serialize, Deserialize)] #[serde(untagged)] @@ -405,6 +419,13 @@ pub enum GrantResponse { AccessToken { /// The URL for the user this token corresponds to. me: Url, + /// Token type. Required by OAuth2, not mentioned in + /// IndieAuth. Confirmed as erroneous. + token_type: TokenType, + /// Scopes. REQUIRED if different from what was + /// requested. Absence from IndieAuth spec confirmed as + /// erroneous. + scope: Option<Scopes>, /// The user's profile information, if it was requested. #[serde(skip_serializing_if = "Option::is_none")] profile: Option<Profile>, | 
