como/como_auth/src/auth.rs

use std::{ops::Deref, sync::Arc};

use anyhow::Context;
use async_trait::async_trait;
use axum::http::{header::SET_COOKIE, HeaderMap};
use oauth2::url::Url;

use crate::{
    introspection::IntrospectionService,
    oauth::OAuth,
    session::{SessionService, User},
    AuthClap, AuthEngine,
};

#[async_trait]
pub trait Auth {
    async fn login(&self) -> anyhow::Result<Url>;
    async fn login_authorized(&self, code: &str, state: &str) -> anyhow::Result<(HeaderMap, Url)>;
    async fn get_user_from_session(&self, cookie: &str) -> anyhow::Result<User>;
}

#[derive(Clone)]
pub struct AuthService(Arc<dyn Auth + Send + Sync + 'static>);

impl AuthService {
    pub async fn new(config: &AuthClap) -> anyhow::Result<Self> {
        match config.engine {
            AuthEngine::Noop => Ok(Self::new_noop()),
            AuthEngine::Zitadel => Ok(Self::new_zitadel()),
        }
    }

    pub fn new_zitadel() -> Self {
        todo!()
        //Self(Arc::new(ZitadelAuthService {}))
    }

    pub fn new_noop() -> Self {
        Self(Arc::new(NoopAuthService {}))
    }
}

impl Deref for AuthService {
    type Target = Arc<dyn Auth + Send + Sync + 'static>;

    fn deref(&self) -> &Self::Target {
        &self.0
    }
}

pub struct ZitadelAuthService {
    oauth: OAuth,
    introspection: IntrospectionService,
    session: SessionService,
}
pub static COOKIE_NAME: &str = "SESSION";

#[async_trait]
impl Auth for ZitadelAuthService {
    async fn login(&self) -> anyhow::Result<Url> {
        let authorize_url = self.oauth.authorize_url().await?;

        Ok(authorize_url)
    }
    async fn login_authorized(&self, code: &str, _state: &str) -> anyhow::Result<(HeaderMap, Url)> {
        let token = self.oauth.exchange(code).await?;
        let user_id = self.introspection.get_id_token(token.as_str()).await?;
        let cookie_value = self.session.insert_user("user", user_id.as_str()).await?;

        let cookie = format!("{}={}; SameSite=Lax; Path=/", COOKIE_NAME, cookie_value);

        let mut headers = HeaderMap::new();
        headers.insert(SET_COOKIE, cookie.parse().unwrap());

        Ok((
            headers,
            Url::parse("http://localhost:3000/dash/home")
                .context("failed to parse login_authorized zitadel return url")?,
        ))
    }
    async fn get_user_from_session(&self, cookie: &str) -> anyhow::Result<User> {
        match self.session.get_user(cookie).await? {
            Some(u) => Ok(User { id: u }),
            None => Err(anyhow::anyhow!("failed to find user")),
        }
    }
}

pub struct NoopAuthService {}

#[async_trait]
impl Auth for NoopAuthService {
    async fn login(&self) -> anyhow::Result<Url> {
        todo!()
    }
    async fn login_authorized(
        &self,
        _code: &str,
        _state: &str,
    ) -> anyhow::Result<(HeaderMap, Url)> {
        todo!()
    }

    async fn get_user_from_session(&self, cookie: &str) -> anyhow::Result<User> {
        todo!()
    }
}
feat(auth): add authentication integration Signed-off-by: kjuulh <contact@kjuulh.io> 2023-08-20 14:08:40 +02:00			`use std::{ops::Deref, sync::Arc};`

			`use anyhow::Context;`
			`use async_trait::async_trait;`
			`use axum::http::{header::SET_COOKIE, HeaderMap};`
			`use oauth2::url::Url;`

			`use crate::{`
			`introspection::IntrospectionService,`
			`oauth::OAuth,`
			`session::{SessionService, User},`
			`AuthClap, AuthEngine,`
			`};`

			`#[async_trait]`
			`pub trait Auth {`
			`async fn login(&self) -> anyhow::Result<Url>;`
			`async fn login_authorized(&self, code: &str, state: &str) -> anyhow::Result<(HeaderMap, Url)>;`
			`async fn get_user_from_session(&self, cookie: &str) -> anyhow::Result<User>;`
			`}`

			`#[derive(Clone)]`
			`pub struct AuthService(Arc<dyn Auth + Send + Sync + 'static>);`

			`impl AuthService {`
			`pub async fn new(config: &AuthClap) -> anyhow::Result<Self> {`
			`match config.engine {`
			`AuthEngine::Noop => Ok(Self::new_noop()),`
			`AuthEngine::Zitadel => Ok(Self::new_zitadel()),`
			`}`
			`}`

			`pub fn new_zitadel() -> Self {`
			`todo!()`
			`//Self(Arc::new(ZitadelAuthService {}))`
			`}`

			`pub fn new_noop() -> Self {`
			`Self(Arc::new(NoopAuthService {}))`
			`}`
			`}`

			`impl Deref for AuthService {`
			`type Target = Arc<dyn Auth + Send + Sync + 'static>;`

			`fn deref(&self) -> &Self::Target {`
			`&self.0`
			`}`
			`}`

			`pub struct ZitadelAuthService {`
			`oauth: OAuth,`
			`introspection: IntrospectionService,`
			`session: SessionService,`
			`}`
			`pub static COOKIE_NAME: &str = "SESSION";`

			`#[async_trait]`
			`impl Auth for ZitadelAuthService {`
			`async fn login(&self) -> anyhow::Result<Url> {`
			`let authorize_url = self.oauth.authorize_url().await?;`

			`Ok(authorize_url)`
			`}`
			`async fn login_authorized(&self, code: &str, _state: &str) -> anyhow::Result<(HeaderMap, Url)> {`
			`let token = self.oauth.exchange(code).await?;`
			`let user_id = self.introspection.get_id_token(token.as_str()).await?;`
			`let cookie_value = self.session.insert_user("user", user_id.as_str()).await?;`

			`let cookie = format!("{}={}; SameSite=Lax; Path=/", COOKIE_NAME, cookie_value);`

			`let mut headers = HeaderMap::new();`
			`headers.insert(SET_COOKIE, cookie.parse().unwrap());`

			`Ok((`
			`headers,`
			`Url::parse("http://localhost:3000/dash/home")`
			`.context("failed to parse login_authorized zitadel return url")?,`
			`))`
			`}`
			`async fn get_user_from_session(&self, cookie: &str) -> anyhow::Result<User> {`
			`match self.session.get_user(cookie).await? {`
			`Some(u) => Ok(User { id: u }),`
			`None => Err(anyhow::anyhow!("failed to find user")),`
			`}`
			`}`
			`}`

			`pub struct NoopAuthService {}`

			`#[async_trait]`
			`impl Auth for NoopAuthService {`
			`async fn login(&self) -> anyhow::Result<Url> {`
			`todo!()`
			`}`
			`async fn login_authorized(`
			`&self,`
			`_code: &str,`
			`_state: &str,`
			`) -> anyhow::Result<(HeaderMap, Url)> {`
			`todo!()`
			`}`

			`async fn get_user_from_session(&self, cookie: &str) -> anyhow::Result<User> {`
			`todo!()`
			`}`
			`}`