diff options
-rw-r--r-- | kittybox-rs/indieauth/src/lib.rs | 21 | ||||
-rw-r--r-- | kittybox-rs/src/indieauth/mod.rs | 6 |
2 files changed, 26 insertions, 1 deletions
diff --git a/kittybox-rs/indieauth/src/lib.rs b/kittybox-rs/indieauth/src/lib.rs index 752d9e9..22dcdbd 100644 --- a/kittybox-rs/indieauth/src/lib.rs +++ b/kittybox-rs/indieauth/src/lib.rs @@ -395,6 +395,20 @@ pub enum GrantRequest { } } +/// Token type, as described in [RFC6749][]. +/// +/// [RFC6749]: https://www.rfc-editor.org/rfc/rfc6749#section-7.1 +#[derive(Debug, Clone, Copy, Serialize, Deserialize)] +#[serde(rename_all = "snake_case")] +pub enum TokenType { + /// A Bearer token described in [RFC6750][]. As far as the author + /// of this library is concerned, this is the only type that + /// IndieAuth uses. + /// + /// [RFC6750]: https://www.rfc-editor.org/rfc/rfc6750 + Bearer +} + /// The response to a successful [`GrantRequest`]. #[derive(Debug, Clone, Serialize, Deserialize)] #[serde(untagged)] @@ -405,6 +419,13 @@ pub enum GrantResponse { AccessToken { /// The URL for the user this token corresponds to. me: Url, + /// Token type. Required by OAuth2, not mentioned in + /// IndieAuth. Confirmed as erroneous. + token_type: TokenType, + /// Scopes. REQUIRED if different from what was + /// requested. Absence from IndieAuth spec confirmed as + /// erroneous. + scope: Option<Scopes>, /// The user's profile information, if it was requested. #[serde(skip_serializing_if = "Option::is_none")] profile: Option<Profile>, diff --git a/kittybox-rs/src/indieauth/mod.rs b/kittybox-rs/src/indieauth/mod.rs index 67f4a43..44cb368 100644 --- a/kittybox-rs/src/indieauth/mod.rs +++ b/kittybox-rs/src/indieauth/mod.rs @@ -442,6 +442,8 @@ async fn token_endpoint_post<A: AuthBackend, D: Storage + 'static>( me, profile, access_token, + token_type: kittybox_indieauth::TokenType::Bearer, + scope: Some(scope), expires_in: Some(ACCESS_TOKEN_VALIDITY), refresh_token: Some(refresh_token) }.into_response() @@ -517,7 +519,7 @@ async fn token_endpoint_post<A: AuthBackend, D: Storage + 'static>( let old_refresh_token = refresh_token; let refresh_token = match backend.create_refresh_token( - prepare_refresh_token(data.me.clone(), client_id, scope) + prepare_refresh_token(data.me.clone(), client_id, scope.clone()) ).await { Ok(token) => token, Err(err) => { @@ -534,6 +536,8 @@ async fn token_endpoint_post<A: AuthBackend, D: Storage + 'static>( me: data.me, profile, access_token, + token_type: kittybox_indieauth::TokenType::Bearer, + scope: Some(scope), expires_in: Some(ACCESS_TOKEN_VALIDITY), refresh_token: Some(refresh_token) }.into_response() |