chore(auth): with introspection
Signed-off-by: kjuulh <contact@kjuulh.io>
This commit is contained in:
@@ -10,7 +10,9 @@ como_gql.workspace = true
|
||||
como_core.workspace = true
|
||||
como_domain.workspace = true
|
||||
como_infrastructure.workspace = true
|
||||
como_auth.workspace = true
|
||||
|
||||
async-trait.workspace = true
|
||||
async-graphql.workspace = true
|
||||
async-graphql-axum.workspace = true
|
||||
axum.workspace = true
|
||||
|
||||
@@ -49,7 +49,6 @@ pub struct AuthRequest {
|
||||
pub async fn login_authorized(
|
||||
Query(query): Query<AuthRequest>,
|
||||
State(store): State<PostgresSessionStore>,
|
||||
State(oauth_client): State<BasicClient>,
|
||||
State(introspection_state): State<IntrospectionState>,
|
||||
) -> impl IntoResponse {
|
||||
let token = oauth_client
|
||||
@@ -111,7 +110,6 @@ pub struct UserFromSession {
|
||||
impl<S> FromRequestParts<S> for UserFromSession
|
||||
where
|
||||
PostgresSessionStore: FromRef<S>,
|
||||
BasicClient: FromRef<S>,
|
||||
IntrospectionState: FromRef<S>,
|
||||
S: Send + Sync,
|
||||
{
|
||||
|
||||
@@ -12,7 +12,6 @@ use tower_http::{cors::CorsLayer, trace::TraceLayer};
|
||||
|
||||
use crate::controllers::auth::AuthController;
|
||||
use crate::controllers::graphql::GraphQLController;
|
||||
use crate::zitadel::client::oauth_client;
|
||||
use crate::zitadel::{IntrospectionState, IntrospectionStateBuilder};
|
||||
|
||||
pub struct Api;
|
||||
@@ -32,9 +31,7 @@ impl Api {
|
||||
.build()
|
||||
.await?;
|
||||
|
||||
let oauth_client = oauth_client();
|
||||
let app_state = AppState {
|
||||
oauth_client,
|
||||
store: service_register.session_store.clone(),
|
||||
introspection_state: is,
|
||||
};
|
||||
@@ -79,17 +76,10 @@ impl Api {
|
||||
|
||||
#[derive(Clone)]
|
||||
pub struct AppState {
|
||||
oauth_client: BasicClient,
|
||||
introspection_state: IntrospectionState,
|
||||
store: PostgresSessionStore,
|
||||
}
|
||||
|
||||
impl FromRef<AppState> for BasicClient {
|
||||
fn from_ref(state: &AppState) -> Self {
|
||||
state.oauth_client.clone()
|
||||
}
|
||||
}
|
||||
|
||||
impl FromRef<AppState> for PostgresSessionStore {
|
||||
fn from_ref(state: &AppState) -> Self {
|
||||
state.store.clone()
|
||||
|
||||
@@ -1,7 +1,54 @@
|
||||
use async_trait::async_trait;
|
||||
use oauth2::{basic::BasicClient, AuthUrl, ClientId, ClientSecret, RedirectUrl, TokenUrl};
|
||||
use std::env;
|
||||
use std::{env, ops::Deref, sync::Arc};
|
||||
|
||||
pub fn oauth_client() -> BasicClient {
|
||||
#[async_trait]
|
||||
pub trait OAuthClient {
|
||||
async fn get_token(&self) -> anyhow::Result<()>;
|
||||
}
|
||||
|
||||
pub struct OAuth(Arc<dyn OAuthClient + Send + Sync + 'static>);
|
||||
|
||||
impl OAuth {
|
||||
pub fn new_zitadel() -> Self {
|
||||
Self(Arc::new(ZitadelOAuthClient {
|
||||
client: oauth_client(),
|
||||
}))
|
||||
}
|
||||
pub fn new_noop() -> Self {
|
||||
Self(Arc::new(NoopOAuthClient {}))
|
||||
}
|
||||
}
|
||||
|
||||
impl Deref for OAuth {
|
||||
type Target = Arc<dyn OAuthClient + Send + Sync + 'static>;
|
||||
|
||||
fn deref(&self) -> &Self::Target {
|
||||
&self.0
|
||||
}
|
||||
}
|
||||
|
||||
pub struct NoopOAuthClient;
|
||||
|
||||
#[async_trait]
|
||||
impl OAuthClient for NoopOAuthClient {
|
||||
async fn get_token(&self) -> anyhow::Result<()> {
|
||||
Ok(())
|
||||
}
|
||||
}
|
||||
|
||||
pub struct ZitadelOAuthClient {
|
||||
client: BasicClient,
|
||||
}
|
||||
|
||||
#[async_trait]
|
||||
impl OAuthClient for ZitadelOAuthClient {
|
||||
async fn get_token(&self) -> anyhow::Result<()> {
|
||||
Ok(())
|
||||
}
|
||||
}
|
||||
|
||||
fn oauth_client() -> BasicClient {
|
||||
let client_id = env::var("CLIENT_ID").expect("Missing CLIENT_ID!");
|
||||
let client_secret = env::var("CLIENT_SECRET").expect("Missing CLIENT_SECRET!");
|
||||
let redirect_url = env::var("REDIRECT_URL").expect("missing REDIRECT_URL");
|
||||
|
||||
Reference in New Issue
Block a user