2 files changed, 37 insertions, 0 deletions

diff --git a/src/server/driver/auth.rs b/src/server/driver/auth.rs
new file mode 100644
index 0000000..9215372
--- /dev/null
+++ b/src/server/driver/auth.rs
@@ -0,0 +1,34 @@
+use bon::Builder;
+use oauth2::{AuthUrl, ClientId, ClientSecret, EndpointNotSet, EndpointSet, RedirectUrl, TokenUrl};
+use secrecy::{ExposeSecret, SecretString};
+
+#[derive(Builder)]
+pub struct ClientOptions {
+    client_id: String,
+    client_secret: SecretString,
+    token_url: String,
+    auth_url: String,
+    redirect_url: String,
+}
+
+pub type OauthClient = oauth2::basic::BasicClient<
+    EndpointSet,
+    EndpointNotSet,
+    EndpointNotSet,
+    EndpointNotSet,
+    EndpointSet,
+>;
+
+pub fn oauth_client(opts: &ClientOptions) -> anyhow::Result<OauthClient> {
+    let redirect_url = RedirectUrl::new(opts.redirect_url.to_owned())?;
+    let client_id = ClientId::new(opts.client_id.to_owned());
+    let auth_url = AuthUrl::new(opts.auth_url.to_owned())?;
+    let token_url = TokenUrl::new(opts.token_url.to_owned())?;
+    let client_secret = ClientSecret::new(opts.client_secret.expose_secret().to_string());
+
+    Ok(oauth2::basic::BasicClient::new(client_id)
+        .set_client_secret(client_secret)
+        .set_auth_uri(auth_url)
+        .set_token_uri(token_url)
+        .set_redirect_uri(redirect_url))
+}
diff --git a/src/server/driver/mod.rs b/src/server/driver/mod.rs
index 4c540cb..c006cb0 100644
--- a/src/server/driver/mod.rs
+++ b/src/server/driver/mod.rs
@@ -1,3 +1,6 @@
+#[cfg(feature = "oauth")]
+pub mod auth;
+
 use async_trait::async_trait;
 use sqlx::PgPool;