feat(auth): with basic auth options
Some checks failed
continuous-integration/drone/push Build is failing

Signed-off-by: kjuulh <contact@kjuulh.io>
This commit is contained in:
Kasper Juul Hermansen 2023-08-20 21:19:54 +02:00
parent ec483ce875
commit cdeefba39a
Signed by: kjuulh
GPG Key ID: 9AA7BC13CE474394
3 changed files with 36 additions and 26 deletions

View File

@ -4,7 +4,8 @@ use crate::router::AppState;
use axum::extract::{FromRef, FromRequestParts, Query, State}; use axum::extract::{FromRef, FromRequestParts, Query, State};
use axum::headers::Cookie; use axum::headers::authorization::Basic;
use axum::headers::{Authorization, Cookie};
use axum::http::request::Parts; use axum::http::request::Parts;
use axum::http::StatusCode; use axum::http::StatusCode;
@ -111,31 +112,29 @@ where
let cookie: Option<TypedHeader<Cookie>> = parts.extract().await.unwrap(); let cookie: Option<TypedHeader<Cookie>> = parts.extract().await.unwrap();
let session_cookie = cookie.as_ref().and_then(|cookie| cookie.get(COOKIE_NAME)); let session_cookie = cookie.as_ref().and_then(|cookie| cookie.get(COOKIE_NAME));
if let None = session_cookie { if let None = session_cookie {
// let introspection_state = IntrospectionState::from_ref(state); let basic: Option<TypedHeader<Authorization<Basic>>> = parts.extract().await.unwrap();
// let basic: Option<TypedHeader<Authorization<Basic>>> = parts.extract().await.unwrap(); if let Some(basic) = basic {
let token = services
.auth_service
.login_token(basic.username(), basic.password())
.await
.into_response()
.map_err(|_| {
(
StatusCode::INTERNAL_SERVER_ERROR,
"could not get token from basic",
)
})?;
// if let Some(basic) = basic { return Ok(UserFromSession {
// let config = IntrospectionConfig::from_ref(&introspection_state); user: User { id: token },
});
}
// let res = introspect( return Err(anyhow::anyhow!("No session was found"))
// &config.introspection_uri, .into_response()
// &config.authority, .map_err(|_| (StatusCode::INTERNAL_SERVER_ERROR, "did not find a cookie"))?;
// &config.authentication,
// basic.password(),
// )
// .await
// .unwrap();
// return Ok(UserFromSession {
// user: User {
// id: res.sub().unwrap().into(),
// },
// });
// }
todo!()
//return Err(anyhow::anyhow!("No session was found")).into_response();
} }
let session_cookie = session_cookie.unwrap(); let session_cookie = session_cookie.unwrap();
@ -146,7 +145,12 @@ where
.get_user_from_session(session_cookie) .get_user_from_session(session_cookie)
.await .await
.into_response() .into_response()
.map_err(|_| (StatusCode::INTERNAL_SERVER_ERROR, "failed with error"))?; .map_err(|_| {
(
StatusCode::INTERNAL_SERVER_ERROR,
"failed to decode session cookie",
)
})?;
Ok(UserFromSession { Ok(UserFromSession {
user: User { id: user.id }, user: User { id: user.id },

View File

@ -15,6 +15,7 @@ use crate::{
#[async_trait] #[async_trait]
pub trait Auth { pub trait Auth {
async fn login(&self) -> anyhow::Result<Url>; async fn login(&self) -> anyhow::Result<Url>;
async fn login_token(&self, user: &str, password: &str) -> anyhow::Result<String>;
async fn login_authorized(&self, code: &str, state: &str) -> anyhow::Result<(HeaderMap, Url)>; async fn login_authorized(&self, code: &str, state: &str) -> anyhow::Result<(HeaderMap, Url)>;
async fn get_user_from_session(&self, cookie: &str) -> anyhow::Result<User>; async fn get_user_from_session(&self, cookie: &str) -> anyhow::Result<User>;
} }
@ -91,6 +92,9 @@ impl Auth for ZitadelAuthService {
.context("failed to parse login_authorized zitadel return url")?, .context("failed to parse login_authorized zitadel return url")?,
)) ))
} }
async fn login_token(&self, _user: &str, password: &str) -> anyhow::Result<String> {
self.introspection.get_id_token(password).await
}
async fn get_user_from_session(&self, cookie: &str) -> anyhow::Result<User> { async fn get_user_from_session(&self, cookie: &str) -> anyhow::Result<User> {
match self.session.get_user(cookie).await? { match self.session.get_user(cookie).await? {
Some(u) => Ok(User { id: u }), Some(u) => Ok(User { id: u }),
@ -114,6 +118,10 @@ impl Auth for NoopAuthService {
todo!() todo!()
} }
async fn login_token(&self, user: &str, password: &str) -> anyhow::Result<String> {
todo!()
}
async fn get_user_from_session(&self, _cookie: &str) -> anyhow::Result<User> { async fn get_user_from_session(&self, _cookie: &str) -> anyhow::Result<User> {
todo!() todo!()
} }

View File

@ -9,8 +9,6 @@ pub struct AppConfig {
pub database_type: DatabaseType, pub database_type: DatabaseType,
#[clap(long, env)] #[clap(long, env)]
pub rust_log: String, pub rust_log: String,
#[clap(long, env)]
pub token_secret: String,
#[clap(long, env, default_value = "3001")] #[clap(long, env, default_value = "3001")]
pub api_port: u32, pub api_port: u32,
#[clap(long, env, default_value = "true")] #[clap(long, env, default_value = "true")]