Struct ThirdPartyApp

pub struct ThirdPartyApp {

    pub id: usize,
    pub created: usize,
    pub owner: usize,
    pub title: String,
    pub homepage: String,
    pub redirect: String,
    pub quota_status: AppQuota,
    pub banned: bool,
    pub grants: usize,
    pub scopes: Vec<AppScope>,
    pub api_key: String,
    pub data_used: usize,
    pub storage_capacity: DeveloperPassStorageQuota,
}

An app is required to request grants on user accounts.

Users must approve grants through a web portal.

Fields

id: usize

created: usize

owner: usize

The ID of the owner of the app.

title: String

The name of the app.

homepage: String

The URL of the app’s homepage.

redirect: String

The redirect URL for the app.

Upon accepting a grant request, the user will be redirected to this URL with a query parameter named token, which should be saved by the app for future authentication.

The developer dashboard lists the URL you should send users to in order to create a grant on their account in the information section under the label “Grant URL”.

Any search parameters sent with your grant URL (such as an internal user ID) will also be sent back when the user is redirected to your redirect URL.

You can use this behaviour to keep track of what user you should save the grant token under.

1. Redirect user to grant URL with their ID: {grant_url}?my_app_user_id={id}
2. In your redirect endpoint, read that ID and the added token parameter to store the token under the given my_app_user_id

The redirect URL will also have a verifier search parameter appended. This verifier is required to refresh the grant’s token (which is what is used in the Atto-Grant cookie).

Tokens only last a week after they were generated (with the verifier), but you can refresh them by sending a request to: {tetratto}/api/v1/auth/user/{user_id}/grants/{app_id}/refresh.

Tetratto will generate the verifier and challenge for you. The challenge is an SHA-256 hashed + base64 url encoded version of the verifier. This means if the verifier doesn’t match, it won’t pass the challenge.

Requests to API endpoints using your grant token should be sent with a cookie (in the Cookie or X-Cookie header) named Atto-Grant. This cookie should contain the token you received from either the initial connection, or a token refresh.

quota_status: AppQuota

The app’s quota status, which determines how many grants the app is allowed to maintain.

banned: bool

If the app is banned. A banned app cannot use any of its grants.

grants: usize

The number of accepted grants the app maintains.

scopes: Vec<AppScope>

The scopes used for every grant the app maintains.

These scopes are only cloned into new grants created for the app. An app cannot change scopes and have them affect users who already have the app connected. Users must delete the app’s grant and authenticate it again to update their scopes.

Your app should handle informing users when scopes change.

api_key: String

The app’s secret API key (for app_data access).

data_used: usize

The number of bytes the app’s app_data rows are using.

storage_capacity: DeveloperPassStorageQuota

The app’s storage capacity.

Implementations

impl ThirdPartyApp

pub fn new( title: String, owner: usize, homepage: String, redirect: String, ) -> Self

Create a new ThirdPartyApp.

Trait Implementations

impl Clone for ThirdPartyApp

fn clone(&self) -> ThirdPartyApp

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for ThirdPartyApp

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl<'de> Deserialize<'de> for ThirdPartyApp

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>

where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer.

impl Serialize for ThirdPartyApp

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>

where __S: Serializer,

Serialize this value into the given Serde serializer.