Skip to content
/ passage-rs Public

Server-side authentication, authentication API, and management API for Passage.id

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Kindness-Works/passage-rs

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

25 Commits
.github/workflows
.github/workflows
 
 
docs
docs
 
 
passage-auth
passage-auth
 
 
.gitignore
.gitignore
 
 
Cargo.toml
Cargo.toml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
rustfmt.toml
rustfmt.toml
 
 

Repository files navigation

passage-auth

Passage Authentication Library for Rust! 🦀

Overview

passage-auth is an unofficial Rust library for Passage by 1Password.

  • It strictly follows the Passage Authentication API.

  • Current features:

    • Apps
    • Authenticate
    • Currentuser
    • JWKS
    • Login
    • MagicLink
    • OpenId
    • OTP
    • Register
    • Tokens
    • Users
    • OAuth2
    • Passkey Readiness (Not planning to add support)

Models were automatically generated thanks to OpenAPI Generator. The rest of the auth API was built by your friends at Kindness. With some prior art for the validation function from our friend Rob Yoder.

Warning

This crate is brand new and not all features have been tested or documented.

Expect breaking changes.

Usage

The library reads your Passage APP ID from the environment variable PASSAGE_APP_ID and optionally a JSON Web Key (JWK) to verify tokens from PASSAGE_PUB_JWK. You can also pass a Config object or use the Config builder to create the Passage client.

Verify a JWT

// Create a new passage instance
let passage = Passage::with_config(Config::default().with_app_id(APP_ID.to_string()));

// Retrieve the JSON Web Key Set (JWKS) for your Passage application. 
let response: JwkResponse = passage.jwks().get_jwks().await?;
passage.set_pub_jwk(response.keys.first()?)

// Verify a user's JWT
let passage_id = passage.authenticate().authenticate_token(jwt)?;

assert_eq!(passage_id, "AabRBkquedeVBxv9kFyfeXHI".to_owned());

Once you have verified the user, your app can do its thing! This library is almost feature-complete with the Passage auth API, so you can do a lot more. For example:

Get information about a user

let passage = Passage::with_config(
 Config::default()
  .with_app_id(APP_ID.to_string())
  .with_user_bearer_token(JWT.to_string()),
);
let response: CurrentUserResponse = passage.current_user().get_current_user().await?;

println!(response.user)
CurrentUserResponse { user: CurrentUser { created_at: "2024-05-25T12:14:42.420571Z", email: "[email protected]", email_verified: true, id: "AabRBkquedeVBxv9kFyfeXHI", last_login_at: "2024-05-25T14:27:53.825045Z", login_count: 3, phone: "", phone_verified: false, social_connections: UserSocialConnections { apple: None, github: None, google: None }, status: Active, updated_at: "2024-05-25T14:27:53.975632Z", user_metadata: None, webauthn: false, webauthn_devices: [], webauthn_types: [] } }

Refresh tokens or revoke a refresh token

// APP ID loaded via environment variable
let passage = Passage::new();

// Refresh tokens
let response = passage.tokens().refresh_auth_token(RefreshAuthTokenRequest{refresh_token}).await

// Revoke refresh token
let response = passage.tokens().revoke_refresh_token(refresh_token)

License

This project is licensed under MIT license.

About

Server-side authentication, authentication API, and management API for Passage.id

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases 6

v0.4.0 Latest
May 26, 2024
+ 5 releases

Packages

No packages published

Languages