diff --git a/examples/leptos-actix/src/app.rs b/examples/leptos-actix/src/app.rs
index d0c8fb0..de5fecd 100644
--- a/examples/leptos-actix/src/app.rs
+++ b/examples/leptos-actix/src/app.rs
@@ -1,7 +1,7 @@
use leptos::prelude::*;
use leptos_meta::{provide_meta_context, MetaTags, Title};
use leptos_router::{
- components::{Route, Router, Routes},
+ components::{Route, Router, Routes, A},
path,
};
use shield_leptos::routes::SignIn;
@@ -29,11 +29,11 @@ pub fn App() -> impl IntoView {
provide_meta_context();
view! {
-
+
-
+
@@ -45,11 +45,10 @@ pub fn App() -> impl IntoView {
#[component]
fn HomePage() -> impl IntoView {
- let count = RwSignal::new(0);
- let on_click = move |_| *count.write() += 1;
-
view! {
- "Welcome to Leptos!"
-
+ "Shield Leptos Actix Example"
+
+
+
}
}
diff --git a/examples/leptos-axum/src/app.rs b/examples/leptos-axum/src/app.rs
index d0c8fb0..23d707c 100644
--- a/examples/leptos-axum/src/app.rs
+++ b/examples/leptos-axum/src/app.rs
@@ -1,7 +1,7 @@
use leptos::prelude::*;
use leptos_meta::{provide_meta_context, MetaTags, Title};
use leptos_router::{
- components::{Route, Router, Routes},
+ components::{Route, Router, Routes, A},
path,
};
use shield_leptos::routes::SignIn;
@@ -29,11 +29,11 @@ pub fn App() -> impl IntoView {
provide_meta_context();
view! {
-
+
-
+
@@ -45,11 +45,10 @@ pub fn App() -> impl IntoView {
#[component]
fn HomePage() -> impl IntoView {
- let count = RwSignal::new(0);
- let on_click = move |_| *count.write() += 1;
-
view! {
- "Welcome to Leptos!"
-
+ "Shield Leptos Axum Example"
+
+
+
}
}
diff --git a/examples/leptos-axum/src/main.rs b/examples/leptos-axum/src/main.rs
index 5868b3e..f30f021 100644
--- a/examples/leptos-axum/src/main.rs
+++ b/examples/leptos-axum/src/main.rs
@@ -25,7 +25,7 @@ async fn main() {
let session_store = MemoryStore::default();
let session_layer = SessionManagerLayer::new(session_store)
.with_secure(false)
- .with_expiry(Expiry::OnInactivity(Duration::hours(1)));
+ .with_expiry(Expiry::OnInactivity(Duration::minutes(10)));
// Initialize Shield
let shield = Shield::new(
diff --git a/packages/providers/shield-oidc/src/claims.rs b/packages/providers/shield-oidc/src/claims.rs
new file mode 100644
index 0000000..da4b3bc
--- /dev/null
+++ b/packages/providers/shield-oidc/src/claims.rs
@@ -0,0 +1,31 @@
+use openidconnect::{
+ core::CoreGenderClaim, EmptyAdditionalClaims, IdTokenClaims, SubjectIdentifier, UserInfoClaims,
+};
+
+/// Unified interface for [`IdTokenClaims`] and [`UserInfoClaims`].
+#[derive(Clone, Debug)]
+pub enum Claims {
+ IdToken(IdTokenClaims),
+ UserInfo(UserInfoClaims),
+}
+
+impl Claims {
+ pub fn subject(&self) -> &SubjectIdentifier {
+ match &self {
+ Claims::IdToken(id_token_claims) => id_token_claims.subject(),
+ Claims::UserInfo(user_info_claims) => user_info_claims.subject(),
+ }
+ }
+}
+
+impl From> for Claims {
+ fn from(value: IdTokenClaims) -> Self {
+ Self::IdToken(value)
+ }
+}
+
+impl From> for Claims {
+ fn from(value: UserInfoClaims) -> Self {
+ Self::UserInfo(value)
+ }
+}
diff --git a/packages/providers/shield-oidc/src/lib.rs b/packages/providers/shield-oidc/src/lib.rs
index 854b659..c5e3afa 100644
--- a/packages/providers/shield-oidc/src/lib.rs
+++ b/packages/providers/shield-oidc/src/lib.rs
@@ -1,4 +1,5 @@
mod builders;
+mod claims;
mod provider;
mod storage;
mod subprovider;
diff --git a/packages/providers/shield-oidc/src/provider.rs b/packages/providers/shield-oidc/src/provider.rs
index 7691439..b0db70d 100644
--- a/packages/providers/shield-oidc/src/provider.rs
+++ b/packages/providers/shield-oidc/src/provider.rs
@@ -1,14 +1,19 @@
use async_trait::async_trait;
use openidconnect::{
- core::CoreAuthenticationFlow, reqwest::async_http_client, AccessToken, AuthorizationCode,
- CsrfToken, Nonce, PkceCodeChallenge, PkceCodeVerifier, Scope, TokenResponse,
+ core::{CoreAuthenticationFlow, CoreGenderClaim},
+ reqwest::async_http_client,
+ AccessToken, AuthorizationCode, CsrfToken, EmptyAdditionalClaims, Nonce, OAuth2TokenResponse,
+ PkceCodeChallenge, PkceCodeVerifier, Scope, TokenResponse, UserInfoClaims,
};
use shield::{
ConfigurationError, Provider, ProviderError, Response, Session, SessionError, ShieldError,
SignInCallbackRequest, SignInRequest, SignOutRequest, Subprovider,
};
-use crate::{storage::OidcStorage, subprovider::OidcSubprovider, OidcProviderPkceCodeChallenge};
+use crate::{
+ claims::Claims, storage::OidcStorage, subprovider::OidcSubprovider,
+ OidcProviderPkceCodeChallenge,
+};
pub const OIDC_PROVIDER_ID: &str = "oidc";
@@ -201,7 +206,7 @@ impl Provider for OidcProvider {
.await
.map_err(|err| ShieldError::Request(err.to_string()))?;
- if let Some(id_token) = token_response.id_token() {
+ let claims = if let Some(id_token) = token_response.id_token() {
let claims =
id_token
.claims(
@@ -212,10 +217,19 @@ impl Provider for OidcProvider {
)
.map_err(|err| ShieldError::Verification(err.to_string()))?;
- println!("{:?}", claims);
- }
+ Claims::from(claims.clone())
+ } else {
+ let claims: UserInfoClaims = client
+ .user_info(token_response.access_token().to_owned(), None)
+ .map_err(|err| ConfigurationError::Missing(err.to_string()))?
+ .request_async(async_http_client)
+ .await
+ .map_err(|err| ShieldError::Request(err.to_string()))?;
+
+ Claims::from(claims)
+ };
- // let user_info = client.user_info(token_response.access_token(), None)
+ println!("{:?}\n{:?}", claims.subject(), claims);
// TODO
Ok(Response::Redirect("/".to_owned()))