feat: move project to crates

Signed-off-by: kjuulh <contact@kjuulh.io>

crates/como_api/Cargo.toml

@@ -0,0 +1,34 @@
+[package]
+name = "como_api"
+version = "0.1.0"
+edition = "2021"
+
+# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
+
+[dependencies]
+como_gql.workspace = true
+como_core.workspace = true
+como_domain.workspace = true
+como_infrastructure.workspace = true
+como_auth.workspace = true
+
+async-trait.workspace = true
+async-graphql.workspace = true
+async-graphql-axum.workspace = true
+axum.workspace = true
+axum-extra.workspace = true
+axum-sessions.workspace = true
+serde.workspace = true
+serde_json.workspace = true
+tokio.workspace = true
+uuid.workspace = true
+sqlx.workspace = true
+anyhow.workspace = true
+tracing.workspace = true
+async-sqlx-session.workspace = true
+
+zitadel = { version = "3.3.1", features = ["axum"] }
+tower = "0.4.13"
+tower-http = { version = "0.4.0", features = ["cors", "trace"] }
+oauth2 = "4.4.0"
+openidconnect = "3.0.0"

crates/como_api/src/controllers/auth.rs

@@ -0,0 +1,160 @@
+use std::fmt::Display;
+
+use crate::router::AppState;
+
+use axum::extract::{FromRef, FromRequestParts, Query, State};
+
+use axum::headers::authorization::Basic;
+use axum::headers::{Authorization, Cookie};
+use axum::http::request::Parts;
+use axum::http::StatusCode;
+
+use axum::response::{ErrorResponse, IntoResponse, Redirect};
+use axum::routing::get;
+use axum::{async_trait, Json, RequestPartsExt, Router, TypedHeader};
+
+use como_domain::users::User;
+use como_infrastructure::register::ServiceRegister;
+
+use serde::Deserialize;
+use serde_json::json;
+
+#[derive(Debug, Deserialize)]
+pub struct ZitadelAuthParams {
+    #[allow(dead_code)]
+    return_url: Option<String>,
+}
+
+trait AnyhowExtensions<T, E>
+where
+    E: Display,
+{
+    fn into_response(self) -> Result<T, ErrorResponse>;
+}
+impl<T, E> AnyhowExtensions<T, E> for anyhow::Result<T, E>
+where
+    E: Display,
+{
+    fn into_response(self) -> Result<T, ErrorResponse> {
+        match self {
+            Ok(o) => Ok(o),
+            Err(e) => {
+                tracing::error!("failed with anyhow error: {}", e);
+                Err(ErrorResponse::from((
+                    StatusCode::INTERNAL_SERVER_ERROR,
+                    Json(json!({
+                        "status": "something",
+                    })),
+                )))
+            }
+        }
+    }
+}
+
+pub async fn zitadel_auth(
+    State(services): State<ServiceRegister>,
+) -> Result<impl IntoResponse, ErrorResponse> {
+    let url = services.auth_service.login().await.into_response()?;
+
+    Ok(Redirect::to(&url.to_string()))
+}
+
+#[derive(Debug, Deserialize)]
+#[allow(dead_code)]
+pub struct AuthRequest {
+    code: String,
+    state: String,
+}
+
+pub async fn login_authorized(
+    Query(query): Query<AuthRequest>,
+    State(services): State<ServiceRegister>,
+) -> Result<impl IntoResponse, ErrorResponse> {
+    let (headers, url) = services
+        .auth_service
+        .login_authorized(&query.code, &query.state)
+        .await
+        .into_response()?;
+
+    Ok((headers, Redirect::to(url.as_str())))
+}
+
+pub struct AuthController;
+
+impl AuthController {
+    pub async fn new_router(
+        _service_register: ServiceRegister,
+        app_state: AppState,
+    ) -> anyhow::Result<Router> {
+        Ok(Router::new()
+            .route("/zitadel", get(zitadel_auth))
+            .route("/authorized", get(login_authorized))
+            .with_state(app_state))
+    }
+}
+
+pub struct UserFromSession {
+    pub user: User,
+}
+
+pub static COOKIE_NAME: &str = "SESSION";
+
+#[async_trait]
+impl<S> FromRequestParts<S> for UserFromSession
+where
+    ServiceRegister: FromRef<S>,
+    S: Send + Sync,
+{
+    type Rejection = (StatusCode, &'static str);
+
+    async fn from_request_parts(parts: &mut Parts, state: &S) -> Result<Self, Self::Rejection> {
+        let services = ServiceRegister::from_ref(state);
+
+        let cookie: Option<TypedHeader<Cookie>> = parts.extract().await.unwrap();
+        let session_cookie = cookie.as_ref().and_then(|cookie| cookie.get(COOKIE_NAME));
+        if let None = session_cookie {
+            let basic: Option<TypedHeader<Authorization<Basic>>> = parts.extract().await.unwrap();
+
+            if let Some(basic) = basic {
+                let token = services
+                    .auth_service
+                    .login_token(basic.username(), basic.password())
+                    .await
+                    .into_response()
+                    .map_err(|_| {
+                        (
+                            StatusCode::INTERNAL_SERVER_ERROR,
+                            "could not get token from basic",
+                        )
+                    })?;
+
+                return Ok(UserFromSession {
+                    user: User { id: token },
+                });
+            }
+
+            return Err(anyhow::anyhow!("No session was found"))
+                .into_response()
+                .map_err(|_| (StatusCode::INTERNAL_SERVER_ERROR, "did not find a cookie"))?;
+        }
+
+        let session_cookie = session_cookie.unwrap();
+
+        // continue to decode the session cookie
+        let user = services
+            .auth_service
+            .get_user_from_session(session_cookie)
+            .await
+            .into_response()
+            .map_err(|_| {
+                (
+                    StatusCode::INTERNAL_SERVER_ERROR,
+                    "failed to decode session cookie",
+                )
+            })?;
+
+        Ok(UserFromSession {
+            user: User { id: user.id },
+        })
+    }
+}

crates/como_api/src/controllers/graphql.rs

@@ -0,0 +1,48 @@
+use super::auth::UserFromSession;
+use crate::router::AppState;
+
+use async_graphql::http::{playground_source, GraphQLPlaygroundConfig};
+use async_graphql::{EmptySubscription, Schema};
+use async_graphql_axum::{GraphQLRequest, GraphQLResponse};
+use axum::response::Html;
+use axum::{http::StatusCode, response::IntoResponse, routing::get, Extension, Router};
+
+use como_domain::user::ContextUserExt;
+use como_domain::Context;
+use como_gql::graphql::{ComoSchema, MutationRoot, QueryRoot};
+use como_infrastructure::register::ServiceRegister;
+use tower::ServiceBuilder;
+
+pub struct GraphQLController;
+
+impl GraphQLController {
+    pub fn new_router(service_register: ServiceRegister, state: AppState) -> Router {
+        let schema = Schema::build(QueryRoot, MutationRoot, EmptySubscription)
+            .data(service_register)
+            .finish();
+
+        Router::new()
+            .route("/", get(graphql_playground).post(graphql_handler))
+            .layer(ServiceBuilder::new().layer(Extension(schema)))
+            .with_state(state)
+    }
+}
+
+pub async fn graphql_handler(
+    user: UserFromSession,
+    schema: Extension<ComoSchema>,
+    req: GraphQLRequest,
+) -> Result<GraphQLResponse, StatusCode> {
+    let req = req.into_inner();
+    let req = req.data(user.user.clone());
+
+    let context = Context::new();
+    let context = context.set_user_id(user.user.id.clone());
+    let req = req.data(context);
+
+    Ok(schema.execute(req).await.into())
+}
+
+pub async fn graphql_playground() -> impl IntoResponse {
+    Html(playground_source(GraphQLPlaygroundConfig::new("/graphql")))
+}

crates/como_api/src/controllers/mod.rs

@@ -0,0 +1,2 @@
+pub mod auth;
+pub mod graphql;

crates/como_api/src/lib.rs

@@ -0,0 +1,3 @@
+mod controllers;
+pub mod router;
+pub mod zitadel;

crates/como_api/src/router.rs

@@ -0,0 +1,73 @@
+use std::env;
+
+use anyhow::Context;
+use axum::extract::FromRef;
+use axum::http::{HeaderValue, Method};
+use axum::Router;
+use como_infrastructure::register::ServiceRegister;
+use tower::ServiceBuilder;
+use tower_http::{cors::CorsLayer, trace::TraceLayer};
+
+use crate::controllers::auth::AuthController;
+use crate::controllers::graphql::GraphQLController;
+
+pub struct Api;
+
+impl Api {
+    pub async fn new(
+        port: u32,
+        cors_origin: &str,
+        service_register: ServiceRegister,
+    ) -> anyhow::Result<()> {
+        let app_state = AppState {
+            service_register: service_register.clone(),
+        };
+
+        let router = Router::new()
+            .nest(
+                "/auth",
+                AuthController::new_router(service_register.clone(), app_state.clone()).await?,
+            )
+            .nest(
+                "/graphql",
+                GraphQLController::new_router(service_register.clone(), app_state.clone()),
+            )
+            .layer(
+                ServiceBuilder::new()
+                    .layer(TraceLayer::new_for_http())
+                    .layer(
+                        CorsLayer::new()
+                            .allow_origin(
+                                cors_origin
+                                    .parse::<HeaderValue>()
+                                    .context("could not parse cors origin as header")?,
+                            )
+                            .allow_headers([axum::http::header::CONTENT_TYPE])
+                            .allow_methods([Method::GET, Method::POST, Method::OPTIONS])
+                            .allow_credentials(true),
+                    ),
+            );
+
+        let host = env::var("HOST").unwrap_or("0.0.0.0".to_string());
+
+        tracing::info!("running on: {host}:{}", port);
+
+        axum::Server::bind(&format!("{host}:{}", port).parse().unwrap())
+            .serve(router.into_make_service())
+            .await
+            .context("error while starting API")?;
+
+        Ok(())
+    }
+}
+
+#[derive(Clone)]
+pub struct AppState {
+    service_register: ServiceRegister,
+}
+
+impl FromRef<AppState> for ServiceRegister {
+    fn from_ref(input: &AppState) -> Self {
+        input.service_register.clone()
+    }
+}

crates/como_api/src/zitadel/client.rs

@@ -0,0 +1,67 @@
+use async_trait::async_trait;
+use oauth2::{basic::BasicClient, AuthUrl, ClientId, ClientSecret, RedirectUrl, TokenUrl};
+use std::{env, ops::Deref, sync::Arc};
+
+#[async_trait]
+pub trait OAuthClient {
+    async fn get_token(&self) -> anyhow::Result<()>;
+}
+
+pub struct OAuth(Arc<dyn OAuthClient + Send + Sync + 'static>);
+
+impl OAuth {
+    pub fn new_zitadel() -> Self {
+        Self(Arc::new(ZitadelOAuthClient {
+            client: oauth_client(),
+        }))
+    }
+    pub fn new_noop() -> Self {
+        Self(Arc::new(NoopOAuthClient {}))
+    }
+}
+
+impl Deref for OAuth {
+    type Target = Arc<dyn OAuthClient + Send + Sync + 'static>;
+
+    fn deref(&self) -> &Self::Target {
+        &self.0
+    }
+}
+
+pub struct NoopOAuthClient;
+
+#[async_trait]
+impl OAuthClient for NoopOAuthClient {
+    async fn get_token(&self) -> anyhow::Result<()> {
+        Ok(())
+    }
+}
+
+pub struct ZitadelOAuthClient {
+    client: BasicClient,
+}
+
+#[async_trait]
+impl OAuthClient for ZitadelOAuthClient {
+    async fn get_token(&self) -> anyhow::Result<()> {
+        Ok(())
+    }
+}
+
+fn oauth_client() -> BasicClient {
+    let client_id = env::var("CLIENT_ID").expect("Missing CLIENT_ID!");
+    let client_secret = env::var("CLIENT_SECRET").expect("Missing CLIENT_SECRET!");
+    let redirect_url = env::var("REDIRECT_URL").expect("missing REDIRECT_URL");
+
+    let auth_url = env::var("AUTH_URL").expect("missing AUTH_URL");
+
+    let token_url = env::var("TOKEN_URL").expect("missing TOKEN_URL");
+
+    BasicClient::new(
+        ClientId::new(client_id),
+        Some(ClientSecret::new(client_secret)),
+        AuthUrl::new(auth_url).unwrap(),
+        Some(TokenUrl::new(token_url).unwrap()),
+    )
+    .set_redirect_uri(RedirectUrl::new(redirect_url).unwrap())
+}

crates/como_api/src/zitadel/mod.rs

@@ -0,0 +1 @@
+