libclientauth-rs

[!CAUTION] The content of this repository is publicly accessible; follow the guidelines in RFC 545 (internal document)

A client-side authentication library for Rust that implements OAuth2 authentication with PKCE (Proof Key for Code Exchange).

Overview

libclientauth-rs provides a simple and secure way to implement OAuth2 authentication flows in your Rust applications. The library includes built-in PKCE support for enhanced security.

Features

• OAuth2 authentication with PKCE support
• Stytch provider support
• Built-in local callback listener for CLI applications
• Async/await support via Tokio
• Configurable features for different use cases

Installation

Add this to your Cargo.toml:

[dependencies]
libclientauth-rs = "0.1.0"

Feature Flags

• cli - Enables CLI support with built-in listener (default)
• stytch - Enables Stytch provider support (default)
• std - Standard library support

Default features: ["cli", "stytch"]

Usage

Basic Authentication Flow

The library provides traits for implementing authentication:

use libclientauth_rs::{Auth, Callback};

// Start authentication
let auth_url = provider.start().await?;

// Handle callback after user authorization
let token = provider.handle(callback_url, &verifier, &csrf_token).await?;

Token Exchange

Exchange an authorization code for an access token:

use libclientauth_rs::exchange_code_for_token;

let token = exchange_code_for_token(
    "https://your-domain.com/oauth2/token",
    "your_client_id",
    "authorization_code",
    "http://localhost:3000/callback",
    "code_verifier"
).await?;

Supported Providers

• Stytch

Security

This library implements PKCE (Proof Key for Code Exchange) as defined in RFC 7636, which provides additional security for OAuth2 flows, especially for public clients.

Learn more about PKCE: https://blog.postman.com/what-is-pkce/

License

MIT

Repository

https://github.com/strangelightstudios/strl1.git