Added Auth0 device authorization flow example

[schoenenberg]

Hi,

thank you for this great library! I have used it to implement a CLI using Auth0. I would like to contribute this example back, because it took me some time to figure out a strange compiler error concerning the request_async method for the oauth2::DeviceAccessTokenRequest.

Best regards,
Max

[Morishiri]

OMG. thank you very much for this!

Turns out the missing point to the one which already exists in the docs: https://docs.rs/oauth2/latest/oauth2/#device-code-flow

is

    .set_auth_type(AuthType::RequestBody);

[michaeljones]

Thank you for the this example. It is very helpful.

[schoenenberg]

Thanks @aminya! I don't know if this will ever be merged. But as long as it is helpful also in the PRs I will leave it here.

[aminya]

@ramosbugs I find this example very useful. Would you please consider merging it?

[ramosbugs]

@ramosbugs I find this example very useful. Would you please consider merging it?

I'm trying to weigh the value of individual examples against the maintenance cost associated with them. I'm currently introducing some breaking changes to the next major release (e.g., #135, #236, #253), and updating all 9 current examples has been a pain.

The intent of this crate's examples is to illustrate how to use different features of this crate. Providing copy-pasteable working production code for every auth vendor is not a goal (though I would consider making exceptions for sponsors who help fund the maintenance of this project). That's the purview of vendor documentation/sample code, blog posts, etc. I'm willing to link to separately-maintained contributed examples, which don't introduce maintenance load to this crate (other than link rot).

The specific features used by this example are:

• exchange_device_code/exchange_device_access_token (already illustrated by google_devicecode, microsoft_devicecode_common_user, and microsoft_devicecode_tenant_user)
• set_auth_type(AuthType::RequestBody) (already illustrated by google_devicecode, letterboxd, and msgraph)
• add_scope (illustrated by 7 examples)
• add_extra_param (illusted by wunderlist)
• device code flow with request_async (illustrated by microsoft_devicecode_common_user and microsoft_devicecode_tenant_user)

Given that there are no new features illustrated by this example, I don't think it meets the criteria for adding a new example. It's reasonable to expect paying users of Auth0 who want to use this crate to read the documentation provided by Auth0 and the documentation provided by this crate and figure out how to use the two together. If an Auth0 user wants to publish a blog post or contribute an external example to help other Auth0 users, that would be great. However, it's unreasonable to expect unfunded libraries that implement standardized protocols to become comprehensive resources for interacting with every other entity that implements the same protocol.

[aminya]

That's fair. I was thinking of creating micro packages to handle common workflows like this. We can have a crate like auth0, and have the supported flows in separate functions e.g. (auth0::device_authotization_flow).

Actually, all the URLs of this example that are separate environment variables can be calculated using the Auth0 domain. So the code can become even simpler.

[ramosbugs]

Vendor-specific packages built on top of this one (or openidconnect) sound good to me!