feat(rest): Credential enum + OAuth lazy refresh in Rust SDK + FFI#528
Closed
DorianZheng wants to merge 1 commit into
Closed
feat(rest): Credential enum + OAuth lazy refresh in Rust SDK + FFI#528DorianZheng wants to merge 1 commit into
DorianZheng wants to merge 1 commit into
Conversation
Replaces the flat opaque-key option on BoxliteRestOptions with a typed
Credential sum — ApiKey or OAuth(access, refresh, expires_at). The OAuth
variant refreshes lazily (60s leeway) on outbound requests via
POST /v1/oauth/token.
Why a sum, not Option<String> + Option<OAuthTokens>: mutually-exclusive
auth modes should be unrepresentable when invalid, not runtime-checked
with a warn!() (type-driven-over-data-driven). Builders:
with_api_key(k) / with_oauth_tokens(t); from_env() reads BOXLITE_API_KEY
only (the env-var flat-name convention matches STRIPE_API_KEY /
HEROKU_API_KEY / GH_TOKEN).
Surface:
- src/boxlite/src/rest/options.rs Credential enum + OAuthTokens
- src/boxlite/src/rest/client.rs current_bearer() async + lazy refresh
- src/boxlite/src/rest/types.rs OAuthTokens, device-flow wire types
- src/boxlite/src/lib.rs Credential / OAuthTokens re-exports
- src/boxlite/src/runtime/constants.rs BOXLITE_API_KEY (replaces
BOXLITE_REST_CLIENT_ID/SECRET)
- sdks/{python,node}/src/options.rs expose both modes via FFI
- src/boxlite/tests/rest_integration.rs retain coverage on Credential
+ GET /v1/me
Wire protocol lands separately on feat/auth-single-bearer-impl.
CLI consumer (boxlite auth login --web) lands on feat/auth-cli-device-flow.
This was referenced May 14, 2026
| assert_eq!(opts.effective_prefix(), "v3"); | ||
| .with_api_key("opaque-key-1234".into()); | ||
| let dbg = format!("{:?}", opts); | ||
| assert!( |
| }; | ||
| let opts = BoxliteRestOptions::new("https://api.example.com").with_oauth_tokens(tokens); | ||
| let dbg = format!("{:?}", opts); | ||
| assert!( |
| !dbg.contains("blo_secret-access"), | ||
| "Debug output leaked access_token: {dbg}" | ||
| ); | ||
| assert!( |
4 tasks
Member
Author
|
Superseded by #532 — same three logical commits consolidated into one PR for review. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Replaces the flat opaque-key option on
BoxliteRestOptionswith a typedCredentialsum:ApiKey { key }— long-lived opaque bearer (dashboard-issued, or any opaque token the server's pipeline accepts).OAuth(OAuthTokens { access_token, refresh_token, expires_at })— device-flow tokens with lazy refresh (60s leeway) viaPOST /v1/oauth/token.Why a sum, not
Option<String> + Option<OAuthTokens>: mutually-exclusive auth modes should be unrepresentable when invalid, not runtime-checked with awarn!()(type-driven-over-data-driven).Env vars:
BOXLITE_API_KEY(flat name, matchesSTRIPE_API_KEY/HEROKU_API_KEY/GH_TOKEN) replacesBOXLITE_REST_CLIENT_ID/BOXLITE_REST_CLIENT_SECRET.Files
src/boxlite/src/rest/options.rs—Credentialenum +OAuthTokenssrc/boxlite/src/rest/client.rs—current_bearer()async + lazy refreshsrc/boxlite/src/rest/types.rs—Principal,OAuthTokens, device-flow wire typessrc/boxlite/src/lib.rs—Credential/OAuthTokens/Principalre-exportssrc/boxlite/src/runtime/constants.rs—BOXLITE_API_KEYsrc/boxlite/src/runtime/core.rs— doc-comment updatesdks/python/src/options.rs— Python binding for both modessdks/node/src/options.rs— Node binding for both modessrc/boxlite/tests/rest_integration.rs— coverage onCredential+GET /v1/meStacked PRs
Test plan
cargo check --workspacecargo test -p boxlite --features restmake test:integration:node— especiallynetwork-secrets.integration.test.ts(known to have failed against an earlier combined commit; needs re-verification in isolation here)make test:integration:python