From 549d98f3b457ddfc6dffbe2fad406da4ac50ebc7 Mon Sep 17 00:00:00 2001
From: rtkay123 <dev@kanjala.com>
Date: Mon, 2 Feb 2026 13:30:25 +0200
Subject: refactor: collapse auth

---
 src/server/driver/auth.rs | 34 ++++++++++++++++++++++++++++++++++
 src/server/driver/mod.rs  |  3 +++
 2 files changed, 37 insertions(+)
 create mode 100644 src/server/driver/auth.rs

(limited to 'src/server/driver')

diff --git a/src/server/driver/auth.rs b/src/server/driver/auth.rs
new file mode 100644
index 0000000..9215372
--- /dev/null
+++ b/src/server/driver/auth.rs
@@ -0,0 +1,34 @@
+use bon::Builder;
+use oauth2::{AuthUrl, ClientId, ClientSecret, EndpointNotSet, EndpointSet, RedirectUrl, TokenUrl};
+use secrecy::{ExposeSecret, SecretString};
+
+#[derive(Builder)]
+pub struct ClientOptions {
+    client_id: String,
+    client_secret: SecretString,
+    token_url: String,
+    auth_url: String,
+    redirect_url: String,
+}
+
+pub type OauthClient = oauth2::basic::BasicClient<
+    EndpointSet,
+    EndpointNotSet,
+    EndpointNotSet,
+    EndpointNotSet,
+    EndpointSet,
+>;
+
+pub fn oauth_client(opts: &ClientOptions) -> anyhow::Result<OauthClient> {
+    let redirect_url = RedirectUrl::new(opts.redirect_url.to_owned())?;
+    let client_id = ClientId::new(opts.client_id.to_owned());
+    let auth_url = AuthUrl::new(opts.auth_url.to_owned())?;
+    let token_url = TokenUrl::new(opts.token_url.to_owned())?;
+    let client_secret = ClientSecret::new(opts.client_secret.expose_secret().to_string());
+
+    Ok(oauth2::basic::BasicClient::new(client_id)
+        .set_client_secret(client_secret)
+        .set_auth_uri(auth_url)
+        .set_token_uri(token_url)
+        .set_redirect_uri(redirect_url))
+}
diff --git a/src/server/driver/mod.rs b/src/server/driver/mod.rs
index 4c540cb..c006cb0 100644
--- a/src/server/driver/mod.rs
+++ b/src/server/driver/mod.rs
@@ -1,3 +1,6 @@
+#[cfg(feature = "oauth")]
+pub mod auth;
+
 use async_trait::async_trait;
 use sqlx::PgPool;
 
-- 
cgit v1.2.3