From f1cff02673dbeefae1fc282b63fff93fc45e927c Mon Sep 17 00:00:00 2001 From: kjuulh Date: Sun, 22 Oct 2023 17:01:25 +0200 Subject: [PATCH] feat: with fmt Signed-off-by: kjuulh --- crates/nefarious-login/src/lib.rs | 2 +- crates/nefarious-login/src/login.rs | 2 +- crates/nefarious-login/src/oauth.rs | 157 ++------------------ crates/nefarious-login/src/oauth/noop.rs | 20 +++ crates/nefarious-login/src/oauth/zitadel.rs | 129 ++++++++++++++++ 5 files changed, 162 insertions(+), 148 deletions(-) create mode 100644 crates/nefarious-login/src/oauth/noop.rs create mode 100644 crates/nefarious-login/src/oauth/zitadel.rs diff --git a/crates/nefarious-login/src/lib.rs b/crates/nefarious-login/src/lib.rs index 2c530c7..bbc1f68 100644 --- a/crates/nefarious-login/src/lib.rs +++ b/crates/nefarious-login/src/lib.rs @@ -15,7 +15,7 @@ pub mod auth { use crate::{ introspection::IntrospectionService, login::{config::AuthEngine, AuthClap}, - oauth::{OAuth, ZitadelConfig}, + oauth::{zitadel::ZitadelConfig, OAuth}, session::{SessionService, User}, }; diff --git a/crates/nefarious-login/src/login.rs b/crates/nefarious-login/src/login.rs index fb0689e..197fb3d 100644 --- a/crates/nefarious-login/src/login.rs +++ b/crates/nefarious-login/src/login.rs @@ -34,7 +34,7 @@ pub struct AuthClap { pub mod config { use serde::{Deserialize, Serialize}; - use crate::oauth::{OAuth, ZitadelConfig}; + use crate::oauth::{zitadel::ZitadelConfig, OAuth}; use super::AuthClap; diff --git a/crates/nefarious-login/src/oauth.rs b/crates/nefarious-login/src/oauth.rs index 8b9374a..01904b2 100644 --- a/crates/nefarious-login/src/oauth.rs +++ b/crates/nefarious-login/src/oauth.rs @@ -2,20 +2,13 @@ use std::{ops::Deref, sync::Arc}; use async_trait::async_trait; -use oauth2::{ - basic::BasicClient, reqwest::async_http_client, url::Url, AuthUrl, AuthorizationCode, ClientId, - ClientSecret, CsrfToken, RedirectUrl, Scope, TokenResponse, TokenUrl, +use oauth2::url::Url; + +use self::{ + noop::NoopOAuthClient, + zitadel::{ZitadelConfig, ZitadelOAuthClient}, }; -use crate::login::config::ZitadelClap; - -#[async_trait] -pub trait OAuthClient { - async fn get_token(&self) -> anyhow::Result<()>; - async fn authorize_url(&self) -> anyhow::Result; - async fn exchange(&self, code: &str) -> anyhow::Result; -} - pub struct OAuth(Arc); impl OAuth { @@ -35,143 +28,15 @@ impl Deref for OAuth { } } -impl From for OAuth { - fn from(value: ZitadelConfig) -> Self { - Self::new_zitadel(value) - } -} - -// -- Noop -#[derive(clap::Args, Clone)] -pub struct NoopOAuthClient; #[async_trait] -impl OAuthClient for NoopOAuthClient { - async fn get_token(&self) -> anyhow::Result<()> { - Ok(()) - } - async fn authorize_url(&self) -> anyhow::Result { - Ok(Url::parse("http://localhost:3000/auth/zitadel").unwrap()) - } - - async fn exchange(&self, _code: &str) -> anyhow::Result { - Ok(String::new()) - } +pub trait OAuthClient { + async fn get_token(&self) -> anyhow::Result<()>; + async fn authorize_url(&self) -> anyhow::Result; + async fn exchange(&self, code: &str) -> anyhow::Result; } -// -- Zitadel - -#[derive(Clone)] -pub struct ZitadelConfig { - auth_url: String, - client_id: String, - client_secret: String, - redirect_url: String, - token_url: String, - authority_url: String, -} - -pub struct ZitadelOAuthClient { - client: BasicClient, -} - -impl ZitadelOAuthClient { - pub fn new( - client_id: impl Into, - client_secret: impl Into, - redirect_url: impl Into, - auth_url: impl Into, - token_url: impl Into, - authority_url: impl Into, - ) -> Self { - Self { - client: Self::oauth_client(ZitadelConfig { - client_id: client_id.into(), - client_secret: client_secret.into(), - redirect_url: redirect_url.into(), - auth_url: auth_url.into(), - token_url: token_url.into(), - authority_url: authority_url.into(), - }), - } - } - - fn oauth_client(config: ZitadelConfig) -> BasicClient { - BasicClient::new( - ClientId::new(config.client_id), - Some(ClientSecret::new(config.client_secret)), - AuthUrl::new(config.auth_url).unwrap(), - Some(TokenUrl::new(config.token_url).unwrap()), - ) - .set_redirect_uri(RedirectUrl::new(config.redirect_url).unwrap()) - } -} - -impl From for ZitadelOAuthClient { - fn from(value: ZitadelConfig) -> Self { - Self::new( - value.client_id, - value.client_secret, - value.redirect_url, - value.auth_url, - value.token_url, - value.authority_url, - ) - } -} - -impl TryFrom for ZitadelConfig { - type Error = anyhow::Error; - - fn try_from(value: ZitadelClap) -> Result { - Ok(Self { - auth_url: value - .auth_url - .ok_or(anyhow::anyhow!("auth_url was not set"))?, - client_id: value - .client_id - .ok_or(anyhow::anyhow!("client_id was not set"))?, - client_secret: value - .client_secret - .ok_or(anyhow::anyhow!("client_secret was not set"))?, - redirect_url: value - .redirect_url - .ok_or(anyhow::anyhow!("redirect_url was not set"))?, - token_url: value - .token_url - .ok_or(anyhow::anyhow!("token_url was not set"))?, - authority_url: value - .authority_url - .ok_or(anyhow::anyhow!("authority_url was not set"))?, - }) - } -} - -#[async_trait] -impl OAuthClient for ZitadelOAuthClient { - async fn get_token(&self) -> anyhow::Result<()> { - Ok(()) - } - async fn authorize_url(&self) -> anyhow::Result { - let (auth_url, _csrf_token) = self - .client - .authorize_url(CsrfToken::new_random) - .add_scope(Scope::new("identify".to_string())) - .add_scope(Scope::new("openid".to_string())) - .url(); - - Ok(auth_url) - } - - async fn exchange(&self, code: &str) -> anyhow::Result { - let token = self - .client - .exchange_code(AuthorizationCode::new(code.to_string())) - .request_async(async_http_client) - .await?; - - Ok(token.access_token().secret().clone()) - } -} +pub mod noop; +pub mod zitadel; #[cfg(test)] mod tests { diff --git a/crates/nefarious-login/src/oauth/noop.rs b/crates/nefarious-login/src/oauth/noop.rs new file mode 100644 index 0000000..5d5432a --- /dev/null +++ b/crates/nefarious-login/src/oauth/noop.rs @@ -0,0 +1,20 @@ +use async_trait::async_trait; +use oauth2::url::Url; + +use super::OAuthClient; + +#[derive(clap::Args, Clone)] +pub struct NoopOAuthClient; +#[async_trait] +impl OAuthClient for NoopOAuthClient { + async fn get_token(&self) -> anyhow::Result<()> { + Ok(()) + } + async fn authorize_url(&self) -> anyhow::Result { + Ok(Url::parse("http://localhost:3000/auth/zitadel").unwrap()) + } + + async fn exchange(&self, _code: &str) -> anyhow::Result { + Ok(String::new()) + } +} diff --git a/crates/nefarious-login/src/oauth/zitadel.rs b/crates/nefarious-login/src/oauth/zitadel.rs new file mode 100644 index 0000000..4d3a1c6 --- /dev/null +++ b/crates/nefarious-login/src/oauth/zitadel.rs @@ -0,0 +1,129 @@ +impl From for OAuth { + fn from(value: ZitadelConfig) -> Self { + Self::new_zitadel(value) + } +} + +use async_trait::async_trait; + +use oauth2::{ + basic::BasicClient, reqwest::async_http_client, url::Url, AuthUrl, AuthorizationCode, ClientId, + ClientSecret, CsrfToken, RedirectUrl, Scope, TokenResponse, TokenUrl, +}; + +use crate::login::config::ZitadelClap; + +use super::{OAuth, OAuthClient}; + +#[derive(Clone)] +pub struct ZitadelConfig { + auth_url: String, + client_id: String, + client_secret: String, + redirect_url: String, + token_url: String, + authority_url: String, +} + +pub struct ZitadelOAuthClient { + client: BasicClient, +} + +impl ZitadelOAuthClient { + pub fn new( + client_id: impl Into, + client_secret: impl Into, + redirect_url: impl Into, + auth_url: impl Into, + token_url: impl Into, + authority_url: impl Into, + ) -> Self { + Self { + client: Self::oauth_client(ZitadelConfig { + client_id: client_id.into(), + client_secret: client_secret.into(), + redirect_url: redirect_url.into(), + auth_url: auth_url.into(), + token_url: token_url.into(), + authority_url: authority_url.into(), + }), + } + } + + fn oauth_client(config: ZitadelConfig) -> BasicClient { + BasicClient::new( + ClientId::new(config.client_id), + Some(ClientSecret::new(config.client_secret)), + AuthUrl::new(config.auth_url).unwrap(), + Some(TokenUrl::new(config.token_url).unwrap()), + ) + .set_redirect_uri(RedirectUrl::new(config.redirect_url).unwrap()) + } +} + +impl From for ZitadelOAuthClient { + fn from(value: ZitadelConfig) -> Self { + Self::new( + value.client_id, + value.client_secret, + value.redirect_url, + value.auth_url, + value.token_url, + value.authority_url, + ) + } +} + +impl TryFrom for ZitadelConfig { + type Error = anyhow::Error; + + fn try_from(value: ZitadelClap) -> Result { + Ok(Self { + auth_url: value + .auth_url + .ok_or(anyhow::anyhow!("auth_url was not set"))?, + client_id: value + .client_id + .ok_or(anyhow::anyhow!("client_id was not set"))?, + client_secret: value + .client_secret + .ok_or(anyhow::anyhow!("client_secret was not set"))?, + redirect_url: value + .redirect_url + .ok_or(anyhow::anyhow!("redirect_url was not set"))?, + token_url: value + .token_url + .ok_or(anyhow::anyhow!("token_url was not set"))?, + authority_url: value + .authority_url + .ok_or(anyhow::anyhow!("authority_url was not set"))?, + }) + } +} + +#[async_trait] +impl OAuthClient for ZitadelOAuthClient { + async fn get_token(&self) -> anyhow::Result<()> { + Ok(()) + } + async fn authorize_url(&self) -> anyhow::Result { + let (auth_url, _csrf_token) = self + .client + .authorize_url(CsrfToken::new_random) + .add_scope(Scope::new("identify".to_string())) + .add_scope(Scope::new("openid".to_string())) + .url(); + + Ok(auth_url) + } + + async fn exchange(&self, code: &str) -> anyhow::Result { + let token = self + .client + .exchange_code(AuthorizationCode::new(code.to_string())) + .request_async(async_http_client) + .await?; + + Ok(token.access_token().secret().clone()) + } +}