OIDC Authentication in Rust / Axum

Learn how to implement OIDC token validation in Axum applications using Tower layers.

Overview

This guide shows you how to build Axum middleware (Tower layers) that validates OIDC tokens from GitHub Actions, GitLab CI, Kubernetes, and other identity providers.

Coming Soon

This guide is under development. In the meantime, refer to:

Token Validation Concepts
Claims Verification
Node.js / Express Guide for general patterns

Key Topics (Planned)

Using jsonwebtoken and jwks-client crates
Creating Tower middleware layers
Async JWKS fetching
Type-safe claims with serde
Error handling with thiserror
Testing with tokio-test
Production deployment

Example Implementation

use axum::{
    extract::Request,
    middleware::Next,
    response::Response,
};
use jsonwebtoken::{decode, DecodingKey, Validation};

pub async fn auth_middleware(
    mut req: Request,
    next: Next,
) -> Result<Response, StatusCode> {
    let auth_header = req.headers()
        .get("authorization")
        .and_then(|h| h.to_str().ok());

    // Verify token
    // ... (implementation details)

    Ok(next.run(req).await)
}

Contributing

Want to help complete this guide? Contribute on GitHub.

Overview​

Coming Soon​

Key Topics (Planned)​

Example Implementation​

Contributing​

Overview

Coming Soon

Key Topics (Planned)

Example Implementation

Contributing