feat: update scripts to use new cuddle

Signed-off-by: kjuulh <contact@kjuulh.io>
This commit is contained in:
Kasper Juul Hermansen 2023-06-10 14:35:03 +02:00
parent 88c7acd439
commit 3e5309e1e6
Signed by: kjuulh
GPG Key ID: 57B6E1465221F912
7 changed files with 52 additions and 15 deletions

View File

@ -1,9 +1,12 @@
use std::borrow::Cow;
use crate::router::AppState; use crate::router::AppState;
use crate::zitadel::{IntrospectionConfig, IntrospectionState}; use crate::zitadel::{IntrospectionConfig, IntrospectionState};
use async_sqlx_session::PostgresSessionStore; use async_sqlx_session::PostgresSessionStore;
use axum::extract::{FromRef, FromRequestParts, Query, State}; use axum::extract::{FromRef, FromRequestParts, Query, State};
use axum::headers::Cookie; use axum::headers::authorization::Basic;
use axum::headers::{Authorization, Cookie};
use axum::http::request::Parts; use axum::http::request::Parts;
use axum::http::StatusCode; use axum::http::StatusCode;
use axum::http::{header::SET_COOKIE, HeaderMap}; use axum::http::{header::SET_COOKIE, HeaderMap};
@ -14,11 +17,16 @@ use axum_sessions::async_session::{Session, SessionStore};
use como_domain::users::User; use como_domain::users::User;
use como_infrastructure::register::ServiceRegister; use como_infrastructure::register::ServiceRegister;
use oauth2::basic::BasicClient; use oauth2::basic::BasicClient;
use oauth2::TokenIntrospectionResponse;
use oauth2::{reqwest::async_http_client, AuthorizationCode, CsrfToken, Scope, TokenResponse}; use oauth2::{reqwest::async_http_client, AuthorizationCode, CsrfToken, Scope, TokenResponse};
use oauth2::{RedirectUrl, TokenIntrospectionResponse};
use serde::Deserialize; use serde::Deserialize;
use zitadel::oidc::introspection::introspect; use zitadel::oidc::introspection::introspect;
#[derive(Debug, Deserialize)]
pub struct ZitadelAuthParams {
return_url: Option<String>,
}
pub async fn zitadel_auth(State(client): State<BasicClient>) -> impl IntoResponse { pub async fn zitadel_auth(State(client): State<BasicClient>) -> impl IntoResponse {
let (auth_url, _csrf_token) = client let (auth_url, _csrf_token) = client
.authorize_url(CsrfToken::new_random) .authorize_url(CsrfToken::new_random)
@ -78,7 +86,7 @@ pub async fn login_authorized(
let mut headers = HeaderMap::new(); let mut headers = HeaderMap::new();
headers.insert(SET_COOKIE, cookie.parse().unwrap()); headers.insert(SET_COOKIE, cookie.parse().unwrap());
(headers, Redirect::to("/")) (headers, Redirect::to("http://localhost:3000/dash/home"))
} }
pub struct AuthController; pub struct AuthController;
@ -103,6 +111,8 @@ pub struct UserFromSession {
impl<S> FromRequestParts<S> for UserFromSession impl<S> FromRequestParts<S> for UserFromSession
where where
PostgresSessionStore: FromRef<S>, PostgresSessionStore: FromRef<S>,
BasicClient: FromRef<S>,
IntrospectionState: FromRef<S>,
S: Send + Sync, S: Send + Sync,
{ {
type Rejection = (StatusCode, &'static str); type Rejection = (StatusCode, &'static str);
@ -114,6 +124,29 @@ where
let session_cookie = cookie.as_ref().and_then(|cookie| cookie.get(COOKIE_NAME)); let session_cookie = cookie.as_ref().and_then(|cookie| cookie.get(COOKIE_NAME));
if let None = session_cookie { if let None = session_cookie {
let introspection_state = IntrospectionState::from_ref(state);
let basic: Option<TypedHeader<Authorization<Basic>>> = parts.extract().await.unwrap();
if let Some(basic) = basic {
let config = IntrospectionConfig::from_ref(&introspection_state);
let res = introspect(
&config.introspection_uri,
&config.authority,
&config.authentication,
basic.password(),
)
.await
.unwrap();
return Ok(UserFromSession {
user: User {
id: res.sub().unwrap().into(),
},
});
}
return Err((StatusCode::UNAUTHORIZED, "No session was found")); return Err((StatusCode::UNAUTHORIZED, "No session was found"));
} }

View File

@ -59,7 +59,8 @@ impl Api {
.context("could not parse cors origin as header")?, .context("could not parse cors origin as header")?,
) )
.allow_headers([axum::http::header::CONTENT_TYPE]) .allow_headers([axum::http::header::CONTENT_TYPE])
.allow_methods([Method::GET, Method::POST, Method::OPTIONS]), .allow_methods([Method::GET, Method::POST, Method::OPTIONS])
.allow_credentials(true),
), ),
); );

View File

@ -1,5 +1,6 @@
use crate::common::*; use crate::common::*;
use crate::items::{CreatedItem, Item}; use crate::items::{CreatedItem, Item};
use crate::projects::Project;
use async_graphql::{Context, EmptySubscription, Object, Schema}; use async_graphql::{Context, EmptySubscription, Object, Schema};
use como_domain::item::queries::{GetItemQuery, GetItemsQuery}; use como_domain::item::queries::{GetItemQuery, GetItemsQuery};
use como_domain::item::requests::{CreateItemDto, UpdateItemDto}; use como_domain::item::requests::{CreateItemDto, UpdateItemDto};
@ -77,15 +78,17 @@ impl QueryRoot {
&self, &self,
ctx: &Context<'_>, ctx: &Context<'_>,
query: GetProjectQuery, query: GetProjectQuery,
) -> anyhow::Result<ProjectDto> { ) -> anyhow::Result<Project> {
project_service(ctx) project_service(ctx)
.get_project(get_domain_context(ctx), query) .get_project(get_domain_context(ctx), query)
.await .await
.map(|p| p.into())
} }
async fn get_projects(&self, ctx: &Context<'_>) -> anyhow::Result<Vec<ProjectDto>> { async fn get_projects(&self, ctx: &Context<'_>) -> anyhow::Result<Vec<Project>> {
project_service(ctx) project_service(ctx)
.get_projects(get_domain_context(ctx)) .get_projects(get_domain_context(ctx))
.await .await
.map(|p| p.into_iter().map(|p| p.into()).collect())
} }
} }

View File

@ -1,8 +1,8 @@
export $(cat .env | xargs) export $(cat .env | xargs)
cuddle_cli x start_deployment cuddle x start_deployment
cuddle_cli x render_templates cuddle x render_templates
cuddle_cli x render_como_templates cuddle x render_como_templates
cuddle_cli x build_release cuddle x build_release
cuddle_cli x push_release cuddle x push_release
cuddle_cli x deploy_release cuddle x deploy_release

View File

@ -2,6 +2,6 @@
set -e set -e
cuddle_cli render_template --template-file $TMP/docker-compose.local_up.yml.tmpl --dest $TMP/docker-compose.local_up.yml cuddle render_template --template-file $TMP/docker-compose.local_up.yml.tmpl --dest $TMP/docker-compose.local_up.yml
docker compose -f $TMP/docker-compose.local_up.yml down -v docker compose -f $TMP/docker-compose.local_up.yml down -v

View File

@ -2,6 +2,6 @@
set -e set -e
cuddle_cli render_template --template-file $TMP/docker-compose.local_up.yml.tmpl --dest $TMP/docker-compose.local_up.yml cuddle render_template --template-file $TMP/docker-compose.local_up.yml.tmpl --dest $TMP/docker-compose.local_up.yml
docker compose -f $TMP/docker-compose.local_up.yml up -d --remove-orphans --build docker compose -f $TMP/docker-compose.local_up.yml up -d --remove-orphans --build

View File

@ -4,7 +4,7 @@ set -e
deploymentrepo="$TMP/deployments" deploymentrepo="$TMP/deployments"
CUDDLE_FETCH_POLICY=never cuddle_cli render_template \ CUDDLE_FETCH_POLICY=never cuddle render_template \
--template-file "$TMP/.env.example.tmpl" \ --template-file "$TMP/.env.example.tmpl" \
--dest "$deploymentrepo/$SERVICE/env.example" --dest "$deploymentrepo/$SERVICE/env.example"