Passage Authentication Library for Rust! 🦀
passage-auth
is an unofficial Rust library for Passage by 1Password.
-
It strictly follows the Passage Authentication API.
-
Current features:
- Apps
- Authenticate
- Currentuser
- JWKS
- Login
- MagicLink
- OpenId
- OTP
- Register
- Tokens
- Users
- OAuth2
- Passkey Readiness (Not planning to add support)
Models were automatically generated thanks to OpenAPI Generator. The rest of the auth API was built by your friends at Kindness. With some prior art for the validation function from our friend Rob Yoder.
Warning
This crate is brand new and not all features have been tested or documented.
Expect breaking changes.
The library reads your Passage APP ID from the environment variable PASSAGE_APP_ID
and optionally a JSON Web Key (JWK) to verify tokens from PASSAGE_PUB_JWK
. You can also pass a Config
object or use the Config
builder to create the Passage client.
// Create a new passage instance
let passage = Passage::with_config(Config::default().with_app_id(APP_ID.to_string()));
// Retrieve the JSON Web Key Set (JWKS) for your Passage application.
let response: JwkResponse = passage.jwks().get_jwks().await?;
passage.set_pub_jwk(response.keys.first()?)
// Verify a user's JWT
let passage_id = passage.authenticate().authenticate_token(jwt)?;
assert_eq!(passage_id, "AabRBkquedeVBxv9kFyfeXHI".to_owned());
Once you have verified the user, your app can do its thing! This library is almost feature-complete with the Passage auth API, so you can do a lot more. For example:
let passage = Passage::with_config(
Config::default()
.with_app_id(APP_ID.to_string())
.with_user_bearer_token(JWT.to_string()),
);
let response: CurrentUserResponse = passage.current_user().get_current_user().await?;
println!(response.user)
CurrentUserResponse { user: CurrentUser { created_at: "2024-05-25T12:14:42.420571Z", email: "ted@tedlasso.org", email_verified: true, id: "AabRBkquedeVBxv9kFyfeXHI", last_login_at: "2024-05-25T14:27:53.825045Z", login_count: 3, phone: "", phone_verified: false, social_connections: UserSocialConnections { apple: None, github: None, google: None }, status: Active, updated_at: "2024-05-25T14:27:53.975632Z", user_metadata: None, webauthn: false, webauthn_devices: [], webauthn_types: [] } }
// APP ID loaded via environment variable
let passage = Passage::new();
// Refresh tokens
let response = passage.tokens().refresh_auth_token(RefreshAuthTokenRequest{refresh_token}).await
// Revoke refresh token
let response = passage.tokens().revoke_refresh_token(refresh_token)
This project is licensed under MIT license.