59084a409d
- 拆分 web.rs 为 web/ 子模块;统一 client_ip 提取 - core: user_scope SQL 复用、env_map N+1 消除、FETCH_ALL 上限调整 - entries 列表页并行查询;PgPool 去 Arc;结构化 NotFound 等错误 - CI: SSH 私钥安全写入;crypto/hex 与依赖清理;MCP 输入长度校验 - AGENTS: API Key 明文存储设计说明
46 lines
1.2 KiB
Rust
46 lines
1.2 KiB
Rust
pub mod google;
|
|
pub mod wechat; // not yet implemented — placeholder for future WeChat integration
|
|
|
|
use serde::{Deserialize, Serialize};
|
|
|
|
/// Normalized OAuth user profile from any provider.
|
|
#[derive(Debug, Clone)]
|
|
pub struct OAuthUserInfo {
|
|
pub provider: String,
|
|
pub provider_id: String,
|
|
pub email: Option<String>,
|
|
pub name: Option<String>,
|
|
pub avatar_url: Option<String>,
|
|
}
|
|
|
|
/// OAuth provider configuration.
|
|
#[derive(Clone, Debug, Deserialize, Serialize)]
|
|
pub struct OAuthConfig {
|
|
pub client_id: String,
|
|
pub client_secret: String,
|
|
pub redirect_uri: String,
|
|
}
|
|
|
|
/// Build the Google authorization URL.
|
|
pub fn google_auth_url(config: &OAuthConfig, state: &str) -> String {
|
|
format!(
|
|
"https://accounts.google.com/o/oauth2/v2/auth\
|
|
?client_id={}\
|
|
&redirect_uri={}\
|
|
&response_type=code\
|
|
&scope=openid%20email%20profile\
|
|
&state={}\
|
|
&access_type=offline",
|
|
urlencoding::encode(&config.client_id),
|
|
urlencoding::encode(&config.redirect_uri),
|
|
urlencoding::encode(state),
|
|
)
|
|
}
|
|
|
|
pub fn random_state() -> String {
|
|
use rand::RngExt;
|
|
let mut bytes = [0u8; 16];
|
|
rand::rng().fill(&mut bytes);
|
|
secrets_core::crypto::hex::encode_hex(&bytes)
|
|
}
|