feat: update scripts to use new cuddle
Signed-off-by: kjuulh <contact@kjuulh.io>
This commit is contained in:
parent
88c7acd439
commit
3e5309e1e6
@ -1,9 +1,12 @@
|
|||||||
|
use std::borrow::Cow;
|
||||||
|
|
||||||
use crate::router::AppState;
|
use crate::router::AppState;
|
||||||
use crate::zitadel::{IntrospectionConfig, IntrospectionState};
|
use crate::zitadel::{IntrospectionConfig, IntrospectionState};
|
||||||
|
|
||||||
use async_sqlx_session::PostgresSessionStore;
|
use async_sqlx_session::PostgresSessionStore;
|
||||||
use axum::extract::{FromRef, FromRequestParts, Query, State};
|
use axum::extract::{FromRef, FromRequestParts, Query, State};
|
||||||
use axum::headers::Cookie;
|
use axum::headers::authorization::Basic;
|
||||||
|
use axum::headers::{Authorization, Cookie};
|
||||||
use axum::http::request::Parts;
|
use axum::http::request::Parts;
|
||||||
use axum::http::StatusCode;
|
use axum::http::StatusCode;
|
||||||
use axum::http::{header::SET_COOKIE, HeaderMap};
|
use axum::http::{header::SET_COOKIE, HeaderMap};
|
||||||
@ -14,11 +17,16 @@ use axum_sessions::async_session::{Session, SessionStore};
|
|||||||
use como_domain::users::User;
|
use como_domain::users::User;
|
||||||
use como_infrastructure::register::ServiceRegister;
|
use como_infrastructure::register::ServiceRegister;
|
||||||
use oauth2::basic::BasicClient;
|
use oauth2::basic::BasicClient;
|
||||||
use oauth2::TokenIntrospectionResponse;
|
|
||||||
use oauth2::{reqwest::async_http_client, AuthorizationCode, CsrfToken, Scope, TokenResponse};
|
use oauth2::{reqwest::async_http_client, AuthorizationCode, CsrfToken, Scope, TokenResponse};
|
||||||
|
use oauth2::{RedirectUrl, TokenIntrospectionResponse};
|
||||||
use serde::Deserialize;
|
use serde::Deserialize;
|
||||||
use zitadel::oidc::introspection::introspect;
|
use zitadel::oidc::introspection::introspect;
|
||||||
|
|
||||||
|
#[derive(Debug, Deserialize)]
|
||||||
|
pub struct ZitadelAuthParams {
|
||||||
|
return_url: Option<String>,
|
||||||
|
}
|
||||||
|
|
||||||
pub async fn zitadel_auth(State(client): State<BasicClient>) -> impl IntoResponse {
|
pub async fn zitadel_auth(State(client): State<BasicClient>) -> impl IntoResponse {
|
||||||
let (auth_url, _csrf_token) = client
|
let (auth_url, _csrf_token) = client
|
||||||
.authorize_url(CsrfToken::new_random)
|
.authorize_url(CsrfToken::new_random)
|
||||||
@ -78,7 +86,7 @@ pub async fn login_authorized(
|
|||||||
let mut headers = HeaderMap::new();
|
let mut headers = HeaderMap::new();
|
||||||
headers.insert(SET_COOKIE, cookie.parse().unwrap());
|
headers.insert(SET_COOKIE, cookie.parse().unwrap());
|
||||||
|
|
||||||
(headers, Redirect::to("/"))
|
(headers, Redirect::to("http://localhost:3000/dash/home"))
|
||||||
}
|
}
|
||||||
|
|
||||||
pub struct AuthController;
|
pub struct AuthController;
|
||||||
@ -103,6 +111,8 @@ pub struct UserFromSession {
|
|||||||
impl<S> FromRequestParts<S> for UserFromSession
|
impl<S> FromRequestParts<S> for UserFromSession
|
||||||
where
|
where
|
||||||
PostgresSessionStore: FromRef<S>,
|
PostgresSessionStore: FromRef<S>,
|
||||||
|
BasicClient: FromRef<S>,
|
||||||
|
IntrospectionState: FromRef<S>,
|
||||||
S: Send + Sync,
|
S: Send + Sync,
|
||||||
{
|
{
|
||||||
type Rejection = (StatusCode, &'static str);
|
type Rejection = (StatusCode, &'static str);
|
||||||
@ -114,6 +124,29 @@ where
|
|||||||
|
|
||||||
let session_cookie = cookie.as_ref().and_then(|cookie| cookie.get(COOKIE_NAME));
|
let session_cookie = cookie.as_ref().and_then(|cookie| cookie.get(COOKIE_NAME));
|
||||||
if let None = session_cookie {
|
if let None = session_cookie {
|
||||||
|
let introspection_state = IntrospectionState::from_ref(state);
|
||||||
|
|
||||||
|
let basic: Option<TypedHeader<Authorization<Basic>>> = parts.extract().await.unwrap();
|
||||||
|
|
||||||
|
if let Some(basic) = basic {
|
||||||
|
let config = IntrospectionConfig::from_ref(&introspection_state);
|
||||||
|
|
||||||
|
let res = introspect(
|
||||||
|
&config.introspection_uri,
|
||||||
|
&config.authority,
|
||||||
|
&config.authentication,
|
||||||
|
basic.password(),
|
||||||
|
)
|
||||||
|
.await
|
||||||
|
.unwrap();
|
||||||
|
|
||||||
|
return Ok(UserFromSession {
|
||||||
|
user: User {
|
||||||
|
id: res.sub().unwrap().into(),
|
||||||
|
},
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
return Err((StatusCode::UNAUTHORIZED, "No session was found"));
|
return Err((StatusCode::UNAUTHORIZED, "No session was found"));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -59,7 +59,8 @@ impl Api {
|
|||||||
.context("could not parse cors origin as header")?,
|
.context("could not parse cors origin as header")?,
|
||||||
)
|
)
|
||||||
.allow_headers([axum::http::header::CONTENT_TYPE])
|
.allow_headers([axum::http::header::CONTENT_TYPE])
|
||||||
.allow_methods([Method::GET, Method::POST, Method::OPTIONS]),
|
.allow_methods([Method::GET, Method::POST, Method::OPTIONS])
|
||||||
|
.allow_credentials(true),
|
||||||
),
|
),
|
||||||
);
|
);
|
||||||
|
|
||||||
|
@ -1,5 +1,6 @@
|
|||||||
use crate::common::*;
|
use crate::common::*;
|
||||||
use crate::items::{CreatedItem, Item};
|
use crate::items::{CreatedItem, Item};
|
||||||
|
use crate::projects::Project;
|
||||||
use async_graphql::{Context, EmptySubscription, Object, Schema};
|
use async_graphql::{Context, EmptySubscription, Object, Schema};
|
||||||
use como_domain::item::queries::{GetItemQuery, GetItemsQuery};
|
use como_domain::item::queries::{GetItemQuery, GetItemsQuery};
|
||||||
use como_domain::item::requests::{CreateItemDto, UpdateItemDto};
|
use como_domain::item::requests::{CreateItemDto, UpdateItemDto};
|
||||||
@ -77,15 +78,17 @@ impl QueryRoot {
|
|||||||
&self,
|
&self,
|
||||||
ctx: &Context<'_>,
|
ctx: &Context<'_>,
|
||||||
query: GetProjectQuery,
|
query: GetProjectQuery,
|
||||||
) -> anyhow::Result<ProjectDto> {
|
) -> anyhow::Result<Project> {
|
||||||
project_service(ctx)
|
project_service(ctx)
|
||||||
.get_project(get_domain_context(ctx), query)
|
.get_project(get_domain_context(ctx), query)
|
||||||
.await
|
.await
|
||||||
|
.map(|p| p.into())
|
||||||
}
|
}
|
||||||
|
|
||||||
async fn get_projects(&self, ctx: &Context<'_>) -> anyhow::Result<Vec<ProjectDto>> {
|
async fn get_projects(&self, ctx: &Context<'_>) -> anyhow::Result<Vec<Project>> {
|
||||||
project_service(ctx)
|
project_service(ctx)
|
||||||
.get_projects(get_domain_context(ctx))
|
.get_projects(get_domain_context(ctx))
|
||||||
.await
|
.await
|
||||||
|
.map(|p| p.into_iter().map(|p| p.into()).collect())
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -1,8 +1,8 @@
|
|||||||
export $(cat .env | xargs)
|
export $(cat .env | xargs)
|
||||||
|
|
||||||
cuddle_cli x start_deployment
|
cuddle x start_deployment
|
||||||
cuddle_cli x render_templates
|
cuddle x render_templates
|
||||||
cuddle_cli x render_como_templates
|
cuddle x render_como_templates
|
||||||
cuddle_cli x build_release
|
cuddle x build_release
|
||||||
cuddle_cli x push_release
|
cuddle x push_release
|
||||||
cuddle_cli x deploy_release
|
cuddle x deploy_release
|
||||||
|
@ -2,6 +2,6 @@
|
|||||||
|
|
||||||
set -e
|
set -e
|
||||||
|
|
||||||
cuddle_cli render_template --template-file $TMP/docker-compose.local_up.yml.tmpl --dest $TMP/docker-compose.local_up.yml
|
cuddle render_template --template-file $TMP/docker-compose.local_up.yml.tmpl --dest $TMP/docker-compose.local_up.yml
|
||||||
|
|
||||||
docker compose -f $TMP/docker-compose.local_up.yml down -v
|
docker compose -f $TMP/docker-compose.local_up.yml down -v
|
||||||
|
@ -2,6 +2,6 @@
|
|||||||
|
|
||||||
set -e
|
set -e
|
||||||
|
|
||||||
cuddle_cli render_template --template-file $TMP/docker-compose.local_up.yml.tmpl --dest $TMP/docker-compose.local_up.yml
|
cuddle render_template --template-file $TMP/docker-compose.local_up.yml.tmpl --dest $TMP/docker-compose.local_up.yml
|
||||||
|
|
||||||
docker compose -f $TMP/docker-compose.local_up.yml up -d --remove-orphans --build
|
docker compose -f $TMP/docker-compose.local_up.yml up -d --remove-orphans --build
|
||||||
|
@ -4,7 +4,7 @@ set -e
|
|||||||
|
|
||||||
deploymentrepo="$TMP/deployments"
|
deploymentrepo="$TMP/deployments"
|
||||||
|
|
||||||
CUDDLE_FETCH_POLICY=never cuddle_cli render_template \
|
CUDDLE_FETCH_POLICY=never cuddle render_template \
|
||||||
--template-file "$TMP/.env.example.tmpl" \
|
--template-file "$TMP/.env.example.tmpl" \
|
||||||
--dest "$deploymentrepo/$SERVICE/env.example"
|
--dest "$deploymentrepo/$SERVICE/env.example"
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user