about summary refs log tree commit diff
path: root/kittybox-rs
diff options
context:
space:
mode:
Diffstat (limited to 'kittybox-rs')
-rw-r--r--kittybox-rs/indieauth/src/lib.rs21
-rw-r--r--kittybox-rs/src/indieauth/mod.rs6
2 files changed, 26 insertions, 1 deletions
diff --git a/kittybox-rs/indieauth/src/lib.rs b/kittybox-rs/indieauth/src/lib.rs
index 752d9e9..22dcdbd 100644
--- a/kittybox-rs/indieauth/src/lib.rs
+++ b/kittybox-rs/indieauth/src/lib.rs
@@ -395,6 +395,20 @@ pub enum GrantRequest {
     }
 }
 
+/// Token type, as described in [RFC6749][].
+///
+/// [RFC6749]: https://www.rfc-editor.org/rfc/rfc6749#section-7.1
+#[derive(Debug, Clone, Copy, Serialize, Deserialize)]
+#[serde(rename_all = "snake_case")]
+pub enum TokenType {
+    /// A Bearer token described in [RFC6750][]. As far as the author
+    /// of this library is concerned, this is the only type that
+    /// IndieAuth uses.
+    ///
+    /// [RFC6750]: https://www.rfc-editor.org/rfc/rfc6750
+    Bearer
+}
+
 /// The response to a successful [`GrantRequest`].
 #[derive(Debug, Clone, Serialize, Deserialize)]
 #[serde(untagged)]
@@ -405,6 +419,13 @@ pub enum GrantResponse {
     AccessToken {
         /// The URL for the user this token corresponds to.
         me: Url,
+        /// Token type. Required by OAuth2, not mentioned in
+        /// IndieAuth. Confirmed as erroneous.
+        token_type: TokenType,
+        /// Scopes. REQUIRED if different from what was
+        /// requested. Absence from IndieAuth spec confirmed as
+        /// erroneous.
+        scope: Option<Scopes>,
         /// The user's profile information, if it was requested.
         #[serde(skip_serializing_if = "Option::is_none")]
         profile: Option<Profile>,
diff --git a/kittybox-rs/src/indieauth/mod.rs b/kittybox-rs/src/indieauth/mod.rs
index 67f4a43..44cb368 100644
--- a/kittybox-rs/src/indieauth/mod.rs
+++ b/kittybox-rs/src/indieauth/mod.rs
@@ -442,6 +442,8 @@ async fn token_endpoint_post<A: AuthBackend, D: Storage + 'static>(
                 me,
                 profile,
                 access_token,
+                token_type: kittybox_indieauth::TokenType::Bearer,
+                scope: Some(scope),
                 expires_in: Some(ACCESS_TOKEN_VALIDITY),
                 refresh_token: Some(refresh_token)
             }.into_response()
@@ -517,7 +519,7 @@ async fn token_endpoint_post<A: AuthBackend, D: Storage + 'static>(
 
             let old_refresh_token = refresh_token;
             let refresh_token = match backend.create_refresh_token(
-                prepare_refresh_token(data.me.clone(), client_id, scope)
+                prepare_refresh_token(data.me.clone(), client_id, scope.clone())
             ).await {
                 Ok(token) => token,
                 Err(err) => {
@@ -534,6 +536,8 @@ async fn token_endpoint_post<A: AuthBackend, D: Storage + 'static>(
                 me: data.me,
                 profile,
                 access_token,
+                token_type: kittybox_indieauth::TokenType::Bearer,
+                scope: Some(scope),
                 expires_in: Some(ACCESS_TOKEN_VALIDITY),
                 refresh_token: Some(refresh_token)
             }.into_response()