axum-oidc/examples/basic/src/main.rs

use axum::{
    error_handling::HandleErrorLayer, http::Uri, response::IntoResponse, routing::get, Router,
};
use axum_oidc::{
    error::MiddlewareError, EmptyAdditionalClaims, OidcAuthLayer, OidcClaims, OidcLoginLayer,
};
use tokio::net::TcpListener;
use tower::ServiceBuilder;
use tower_sessions::{
    cookie::{time::Duration, SameSite},
    Expiry, MemoryStore, SessionManagerLayer,
};

#[tokio::main]
async fn main() {
    let session_store = MemoryStore::default();
    let session_layer = SessionManagerLayer::new(session_store)
        .with_secure(false)
        .with_same_site(SameSite::Lax)
        .with_expiry(Expiry::OnInactivity(Duration::seconds(120)));

    let oidc_login_service = ServiceBuilder::new()
        .layer(HandleErrorLayer::new(|e: MiddlewareError| async {
            e.into_response()
        }))
        .layer(OidcLoginLayer::<EmptyAdditionalClaims>::new());

    let oidc_auth_service = ServiceBuilder::new()
        .layer(HandleErrorLayer::new(|e: MiddlewareError| async {
            e.into_response()
        }))
        .layer(
            OidcAuthLayer::<EmptyAdditionalClaims>::discover_client(
                Uri::from_static("https://app.example.com"),
                "https://auth.example.com/auth/realms/example".to_string(),
                "my-client".to_string(),
                Some("123456".to_owned()),
                vec![],
            )
            .await
            .unwrap(),
        );

    let app = Router::new()
        .route("/foo", get(authenticated))
        .layer(oidc_login_service)
        .route("/bar", get(maybe_authenticated))
        .layer(oidc_auth_service)
        .layer(session_layer);

    let listener = TcpListener::bind("[::]:8080").await.unwrap();
    axum::serve(listener, app.into_make_service())
        .await
        .unwrap();
}

async fn authenticated(claims: OidcClaims<EmptyAdditionalClaims>) -> impl IntoResponse {
    format!("Hello {}", claims.subject().as_str())
}

async fn maybe_authenticated(
    claims: Option<OidcClaims<EmptyAdditionalClaims>>,
) -> impl IntoResponse {
    if let Some(claims) = claims {
        format!(
            "Hello {}! You are already logged in from another Handler.",
            claims.subject().as_str()
        )
    } else {
        "Hello anon!".to_string()
    }
}
Dependency Update, Added examples/basic, CI Updated the dependencies to the newest version. Added `AsRef` and `Deref` traits to the extractors. Moved the example from `README.md` to `examples/basic`. Added a CI Pipeline. 2024-03-08 17:17:00 +01:00			`use axum::{`
			`error_handling::HandleErrorLayer, http::Uri, response::IntoResponse, routing::get, Router,`
			`};`
			`use axum_oidc::{`
			`error::MiddlewareError, EmptyAdditionalClaims, OidcAuthLayer, OidcClaims, OidcLoginLayer,`
			`};`
			`use tokio::net::TcpListener;`
			`use tower::ServiceBuilder;`
			`use tower_sessions::{`
			`cookie::{time::Duration, SameSite},`
			`Expiry, MemoryStore, SessionManagerLayer,`
			`};`

			`#[tokio::main]`
			`async fn main() {`
			`let session_store = MemoryStore::default();`
			`let session_layer = SessionManagerLayer::new(session_store)`
			`.with_secure(false)`
			`.with_same_site(SameSite::Lax)`
			`.with_expiry(Expiry::OnInactivity(Duration::seconds(120)));`

			`let oidc_login_service = ServiceBuilder::new()`
			`.layer(HandleErrorLayer::new(\|e: MiddlewareError\| async {`
			`e.into_response()`
			`}))`
			`.layer(OidcLoginLayer::<EmptyAdditionalClaims>::new());`

			`let oidc_auth_service = ServiceBuilder::new()`
			`.layer(HandleErrorLayer::new(\|e: MiddlewareError\| async {`
			`e.into_response()`
			`}))`
			`.layer(`
			`OidcAuthLayer::<EmptyAdditionalClaims>::discover_client(`
replace outdated test credentials with placeholder 2024-03-12 16:18:18 +01:00			`Uri::from_static("https://app.example.com"),`
			`"https://auth.example.com/auth/realms/example".to_string(),`
			`"my-client".to_string(),`
			`Some("123456".to_owned()),`
Dependency Update, Added examples/basic, CI Updated the dependencies to the newest version. Added `AsRef` and `Deref` traits to the extractors. Moved the example from `README.md` to `examples/basic`. Added a CI Pipeline. 2024-03-08 17:17:00 +01:00			`vec![],`
			`)`
			`.await`
			`.unwrap(),`
			`);`

			`let app = Router::new()`
			`.route("/foo", get(authenticated))`
			`.layer(oidc_login_service)`
			`.route("/bar", get(maybe_authenticated))`
			`.layer(oidc_auth_service)`
			`.layer(session_layer);`

			`let listener = TcpListener::bind("[::]:8080").await.unwrap();`
			`axum::serve(listener, app.into_make_service())`
			`.await`
			`.unwrap();`
			`}`

			`async fn authenticated(claims: OidcClaims<EmptyAdditionalClaims>) -> impl IntoResponse {`
			`format!("Hello {}", claims.subject().as_str())`
			`}`

			`async fn maybe_authenticated(`
			`claims: Option<OidcClaims<EmptyAdditionalClaims>>,`
			`) -> impl IntoResponse {`
			`if let Some(claims) = claims {`
			`format!(`
			`"Hello {}! You are already logged in from another Handler.",`
			`claims.subject().as_str()`
			`)`
			`} else {`
			`"Hello anon!".to_string()`
			`}`
			`}`