bitwarden_auth/api/enums/
scope.rs

1use serde::{Deserialize, Serialize};
2
3/// The OAuth 2.0 scopes recognized by the Bitwarden API.
4/// Scopes define the specific permissions an access token grants to the client.
5/// They are requested by the client during token acquisition and enforced by the
6/// resource server when the token is used.
7#[derive(Serialize, Deserialize, Debug, Clone, Copy, PartialEq, Eq)]
8pub(crate) enum Scope {
9    /// The scope for accessing the Bitwarden API as a Bitwarden user.
10    #[serde(rename = "api")]
11    Api,
12    /// The scope for obtaining Bitwarden user scoped refresh tokens that allow offline access.
13    #[serde(rename = "offline_access")]
14    OfflineAccess,
15    /// The scope for accessing send resources outside the context of a Bitwarden user.
16    #[serde(rename = "api.send.access")]
17    ApiSendAccess,
18}
19
20impl Scope {
21    /// Returns the string representation of the scope as used in OAuth 2.0 requests.
22    pub(crate) fn as_str(&self) -> &'static str {
23        match self {
24            Scope::Api => "api",
25            Scope::OfflineAccess => "offline_access",
26            Scope::ApiSendAccess => "api.send.access",
27        }
28    }
29}
30
31/// Converts a slice of scopes into a space-separated string suitable for OAuth 2.0 requests.
32pub(crate) fn scopes_to_string(scopes: &[Scope]) -> String {
33    scopes
34        .iter()
35        .map(|s| s.as_str())
36        .collect::<Vec<_>>()
37        .join(" ")
38}
bitwarden_auth/api/enums/scope.rs

bitwarden_auth/api/enums/
scope.rs
