tame-oauth
is a small oauth crate that follows the sans-io approach.
- You want to control how you actually make oauth HTTP requests
- The only auth flow that is currently implemented is the service account flow for GCP. Other flows can be added, but right now that is the only one we need.
- There are several other oauth crates available that have many more features and are easier to work with, if you don't care about what HTTP clients they use.
- This crate requires more boilerplate to use.
gcp
(default) - Support for GCP oauth2wasm-web
- Enables wasm features inchrono
andring
needed fortame-oauth
to be used in a wasm browser context. Note this feature should not be used when targetting wasm outside the browser context, in which case you would likely need to targetwasm32-wasi
.jwt
(default) - Support for JSON Web Tokens, required forgcp
url
(default) - Url parsing, required forgcp
Usage: cargo run --example svc_account -- <key_path> <scope..>
A small example of using tame-oauth
together with reqwest. Given a key file and 1 or more scopes, it will attempt to get a token that could be used to access resources in those scopes.
cargo run --example svc_account -- ~/.secrets/super-sekret.json https://www.googleapis.com/auth/pubsub https://www.googleapis.com/auth/devstorage.read_only
We welcome community contributions to this project.
Please read our Contributor Guide for more information on how to get started.
Licensed under either of
- Apache License, Version 2.0, (LICENSE-APACHE or https://www.apache.org/licenses/LICENSE-2.0)
- MIT license (LICENSE-MIT or https://opensource.org/licenses/MIT)
at your option.
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.