Module oauth

Expand description

OAuth 2.0 helper for consumer cloud provider authentication.

Provides PKCE-based authorization code flow with a localhost callback server. Used by Google Drive, Dropbox, and OneDrive cloud home backends.

Structs§

OAuthClientCreds: OAuth client credentials for one provider — the consuming app’s registered OAuth application. coven ships no app credentials of its own; the host registers them at startup via set_oauth_client_creds.
OAuthConfig: OAuth provider configuration.
OAuthTokens: Tokens returned from an OAuth authorization or refresh.

authorize: Open the user’s browser, wait for the OAuth callback, and exchange the authorization code for tokens.
authorize_provider: Run an OAuth authorization flow for the given cloud provider.
code_challenge: Compute the S256 PKCE code challenge from a verifier.
exchange_code: Exchange an authorization code for tokens.
generate_code_verifier: Generate a random PKCE code verifier (43-128 URL-safe characters).
oauth_client_creds: The credentials registered for a provider, or empty if none were registered.
refresh: Refresh an expired access token using a refresh token.
set_oauth_client_creds: Register the host’s OAuth client credentials, keyed by provider name ("google_drive", "dropbox", "onedrive"). Call once at startup, before any OAuth flow. Providers absent from the map get empty credentials.