feat: with config
Signed-off-by: kjuulh <contact@kjuulh.io>
This commit is contained in:
parent
393be43db1
commit
8711fc2a7b
@ -7,7 +7,7 @@ use oauth2::url::Url;
|
|||||||
|
|
||||||
use crate::{
|
use crate::{
|
||||||
introspection::IntrospectionService,
|
introspection::IntrospectionService,
|
||||||
login::{config::AuthEngine, AuthClap},
|
login::{auth_clap::AuthEngine, AuthClap},
|
||||||
oauth::{zitadel::ZitadelConfig, OAuth},
|
oauth::{zitadel::ZitadelConfig, OAuth},
|
||||||
session::{SessionService, User},
|
session::{SessionService, User},
|
||||||
};
|
};
|
||||||
|
@ -12,7 +12,8 @@ mod test {
|
|||||||
|
|
||||||
use crate::{
|
use crate::{
|
||||||
login::{
|
login::{
|
||||||
config::{AuthEngine, ZitadelClap},
|
auth_clap::{AuthEngine, ZitadelClap},
|
||||||
|
config::ConfigClap,
|
||||||
AuthClap,
|
AuthClap,
|
||||||
},
|
},
|
||||||
session::{PostgresqlSessionClap, SessionBackend, SessionClap},
|
session::{PostgresqlSessionClap, SessionBackend, SessionClap},
|
||||||
@ -35,7 +36,7 @@ mod test {
|
|||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn test_command_parse_as_default_noop() {
|
fn test_command_parse_as_default_noop() {
|
||||||
let cli: Cli = Cli::parse_from(["base", "one"]);
|
let cli: Cli = Cli::parse_from(["base", "one", "--login-return-url=http://localhost:3001"]);
|
||||||
|
|
||||||
assert_eq!(
|
assert_eq!(
|
||||||
cli.command,
|
cli.command,
|
||||||
@ -51,6 +52,9 @@ mod test {
|
|||||||
session_backend: SessionBackend::InMemory,
|
session_backend: SessionBackend::InMemory,
|
||||||
session: SessionClap {
|
session: SessionClap {
|
||||||
postgresql: PostgresqlSessionClap { conn: None }
|
postgresql: PostgresqlSessionClap { conn: None }
|
||||||
|
},
|
||||||
|
config: ConfigClap {
|
||||||
|
return_url: "http://localhost:3001".into()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -59,7 +63,13 @@ mod test {
|
|||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn test_command_parse_as_noop() {
|
fn test_command_parse_as_noop() {
|
||||||
let cli: Cli = Cli::parse_from(["base", "one", "--auth-engine", "noop"]);
|
let cli: Cli = Cli::parse_from([
|
||||||
|
"base",
|
||||||
|
"one",
|
||||||
|
"--auth-engine",
|
||||||
|
"noop",
|
||||||
|
"--login-return-url=http://localhost:3001",
|
||||||
|
]);
|
||||||
|
|
||||||
assert_eq!(
|
assert_eq!(
|
||||||
cli.command,
|
cli.command,
|
||||||
@ -75,6 +85,9 @@ mod test {
|
|||||||
session_backend: SessionBackend::InMemory,
|
session_backend: SessionBackend::InMemory,
|
||||||
session: SessionClap {
|
session: SessionClap {
|
||||||
postgresql: PostgresqlSessionClap { conn: None }
|
postgresql: PostgresqlSessionClap { conn: None }
|
||||||
|
},
|
||||||
|
config: ConfigClap {
|
||||||
|
return_url: "http://localhost:3001".into()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -91,6 +104,7 @@ mod test {
|
|||||||
"--zitadel-client-secret=something",
|
"--zitadel-client-secret=something",
|
||||||
"--zitadel-redirect-url=https://something",
|
"--zitadel-redirect-url=https://something",
|
||||||
"--zitadel-authority-url=https://something",
|
"--zitadel-authority-url=https://something",
|
||||||
|
"--login-return-url=http://localhost:3001",
|
||||||
]);
|
]);
|
||||||
|
|
||||||
assert_eq!(
|
assert_eq!(
|
||||||
@ -107,6 +121,9 @@ mod test {
|
|||||||
session_backend: SessionBackend::InMemory,
|
session_backend: SessionBackend::InMemory,
|
||||||
session: SessionClap {
|
session: SessionClap {
|
||||||
postgresql: PostgresqlSessionClap { conn: None }
|
postgresql: PostgresqlSessionClap { conn: None }
|
||||||
|
},
|
||||||
|
config: ConfigClap {
|
||||||
|
return_url: "http://localhost:3001".into()
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
@ -1,6 +1,9 @@
|
|||||||
use crate::session::{SessionBackend, SessionClap};
|
use crate::session::{SessionBackend, SessionClap};
|
||||||
|
|
||||||
use self::config::{AuthEngine, ZitadelClap};
|
use self::{
|
||||||
|
auth_clap::{AuthEngine, ZitadelClap},
|
||||||
|
config::ConfigClap,
|
||||||
|
};
|
||||||
|
|
||||||
#[derive(clap::Args, Clone, PartialEq, Eq, Debug)]
|
#[derive(clap::Args, Clone, PartialEq, Eq, Debug)]
|
||||||
pub struct AuthClap {
|
pub struct AuthClap {
|
||||||
@ -29,79 +32,10 @@ pub struct AuthClap {
|
|||||||
|
|
||||||
#[clap(flatten)]
|
#[clap(flatten)]
|
||||||
pub session: SessionClap,
|
pub session: SessionClap,
|
||||||
|
|
||||||
|
#[clap(flatten)]
|
||||||
|
pub config: ConfigClap,
|
||||||
}
|
}
|
||||||
|
|
||||||
pub mod config {
|
pub mod auth_clap;
|
||||||
use serde::{Deserialize, Serialize};
|
pub mod config;
|
||||||
|
|
||||||
use crate::oauth::{zitadel::ZitadelConfig, OAuth};
|
|
||||||
|
|
||||||
use super::AuthClap;
|
|
||||||
|
|
||||||
#[derive(clap::ValueEnum, Clone, PartialEq, Eq, Debug)]
|
|
||||||
pub enum AuthEngine {
|
|
||||||
Noop,
|
|
||||||
Zitadel,
|
|
||||||
}
|
|
||||||
|
|
||||||
#[derive(Clone, Debug, PartialEq, Eq, Serialize, Deserialize)]
|
|
||||||
pub struct AuthConfigFile {
|
|
||||||
zitadel: Option<ZitadelClap>,
|
|
||||||
}
|
|
||||||
|
|
||||||
#[derive(clap::Args, Clone, Debug, PartialEq, Eq, Serialize, Deserialize)]
|
|
||||||
#[group(requires_all = ["client_id", "client_secret", "redirect_url", "authority_url"])]
|
|
||||||
pub struct ZitadelClap {
|
|
||||||
#[arg(env = "ZITADEL_CLIENT_ID", long = "zitadel-client-id")]
|
|
||||||
pub client_id: Option<String>,
|
|
||||||
|
|
||||||
#[arg(env = "ZITADEL_CLIENT_SECRET", long = "zitadel-client-secret")]
|
|
||||||
pub client_secret: Option<String>,
|
|
||||||
|
|
||||||
#[arg(env = "ZITADEL_REDIRECT_URL", long = "zitadel-redirect-url")]
|
|
||||||
pub redirect_url: Option<String>,
|
|
||||||
|
|
||||||
#[arg(env = "ZITADEL_AUTHORITY_URL", long = "zitadel-authority-url")]
|
|
||||||
pub authority_url: Option<String>,
|
|
||||||
}
|
|
||||||
|
|
||||||
impl TryFrom<AuthClap> for OAuth {
|
|
||||||
type Error = anyhow::Error;
|
|
||||||
|
|
||||||
fn try_from(value: AuthClap) -> Result<Self, Self::Error> {
|
|
||||||
match value.engine {
|
|
||||||
AuthEngine::Noop => Ok(OAuth::new_noop()),
|
|
||||||
AuthEngine::Zitadel => Ok(OAuth::from(ZitadelConfig::try_from(value.zitadel)?)),
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
impl AuthClap {
|
|
||||||
pub fn merge(&mut self, config: AuthConfigFile) -> &mut Self {
|
|
||||||
if let Some(zitadel) = config.zitadel {
|
|
||||||
if let Some(client_id) = zitadel.client_id {
|
|
||||||
if self.zitadel.client_id.is_some() {
|
|
||||||
_ = self.zitadel.client_id.replace(client_id);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if let Some(client_secret) = zitadel.client_secret {
|
|
||||||
if self.zitadel.client_secret.is_some() {
|
|
||||||
_ = self.zitadel.client_secret.replace(client_secret);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if let Some(redirect_url) = zitadel.redirect_url {
|
|
||||||
if self.zitadel.redirect_url.is_some() {
|
|
||||||
_ = self.zitadel.redirect_url.replace(redirect_url);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if let Some(authority_url) = zitadel.authority_url {
|
|
||||||
if self.zitadel.authority_url.is_some() {
|
|
||||||
_ = self.zitadel.authority_url.replace(authority_url);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
self
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
72
crates/nefarious-login/src/login/auth_clap.rs
Normal file
72
crates/nefarious-login/src/login/auth_clap.rs
Normal file
@ -0,0 +1,72 @@
|
|||||||
|
use serde::{Deserialize, Serialize};
|
||||||
|
|
||||||
|
use crate::oauth::{zitadel::ZitadelConfig, OAuth};
|
||||||
|
|
||||||
|
use super::AuthClap;
|
||||||
|
|
||||||
|
#[derive(clap::ValueEnum, Clone, PartialEq, Eq, Debug)]
|
||||||
|
pub enum AuthEngine {
|
||||||
|
Noop,
|
||||||
|
Zitadel,
|
||||||
|
}
|
||||||
|
|
||||||
|
#[derive(Clone, Debug, PartialEq, Eq, Serialize, Deserialize)]
|
||||||
|
pub struct AuthConfigFile {
|
||||||
|
zitadel: Option<ZitadelClap>,
|
||||||
|
}
|
||||||
|
|
||||||
|
#[derive(clap::Args, Clone, Debug, PartialEq, Eq, Serialize, Deserialize)]
|
||||||
|
#[group(requires_all = ["client_id", "client_secret", "redirect_url", "authority_url"])]
|
||||||
|
pub struct ZitadelClap {
|
||||||
|
#[arg(env = "ZITADEL_CLIENT_ID", long = "zitadel-client-id")]
|
||||||
|
pub client_id: Option<String>,
|
||||||
|
|
||||||
|
#[arg(env = "ZITADEL_CLIENT_SECRET", long = "zitadel-client-secret")]
|
||||||
|
pub client_secret: Option<String>,
|
||||||
|
|
||||||
|
#[arg(env = "ZITADEL_REDIRECT_URL", long = "zitadel-redirect-url")]
|
||||||
|
pub redirect_url: Option<String>,
|
||||||
|
|
||||||
|
#[arg(env = "ZITADEL_AUTHORITY_URL", long = "zitadel-authority-url")]
|
||||||
|
pub authority_url: Option<String>,
|
||||||
|
}
|
||||||
|
|
||||||
|
impl TryFrom<AuthClap> for OAuth {
|
||||||
|
type Error = anyhow::Error;
|
||||||
|
|
||||||
|
fn try_from(value: AuthClap) -> Result<Self, Self::Error> {
|
||||||
|
match value.engine {
|
||||||
|
AuthEngine::Noop => Ok(OAuth::new_noop()),
|
||||||
|
AuthEngine::Zitadel => Ok(OAuth::from(ZitadelConfig::try_from(value.zitadel)?)),
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
impl AuthClap {
|
||||||
|
pub fn merge(&mut self, config: AuthConfigFile) -> &mut Self {
|
||||||
|
if let Some(zitadel) = config.zitadel {
|
||||||
|
if let Some(client_id) = zitadel.client_id {
|
||||||
|
if self.zitadel.client_id.is_some() {
|
||||||
|
_ = self.zitadel.client_id.replace(client_id);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if let Some(client_secret) = zitadel.client_secret {
|
||||||
|
if self.zitadel.client_secret.is_some() {
|
||||||
|
_ = self.zitadel.client_secret.replace(client_secret);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if let Some(redirect_url) = zitadel.redirect_url {
|
||||||
|
if self.zitadel.redirect_url.is_some() {
|
||||||
|
_ = self.zitadel.redirect_url.replace(redirect_url);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if let Some(authority_url) = zitadel.authority_url {
|
||||||
|
if self.zitadel.authority_url.is_some() {
|
||||||
|
_ = self.zitadel.authority_url.replace(authority_url);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
self
|
||||||
|
}
|
||||||
|
}
|
7
crates/nefarious-login/src/login/config.rs
Normal file
7
crates/nefarious-login/src/login/config.rs
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
use serde::{Deserialize, Serialize};
|
||||||
|
|
||||||
|
#[derive(clap::Args, Clone, Debug, PartialEq, Eq, Serialize, Deserialize)]
|
||||||
|
pub struct ConfigClap {
|
||||||
|
#[arg(env = "NEF_LOGIN_RETURN_URL", long = "login-return-url")]
|
||||||
|
pub return_url: String,
|
||||||
|
}
|
@ -43,7 +43,7 @@ mod tests {
|
|||||||
use clap::Parser;
|
use clap::Parser;
|
||||||
use sealed_test::prelude::*;
|
use sealed_test::prelude::*;
|
||||||
|
|
||||||
use crate::login::config::ZitadelClap;
|
use crate::login::auth_clap::ZitadelClap;
|
||||||
|
|
||||||
#[derive(Parser)]
|
#[derive(Parser)]
|
||||||
#[command(author, version, about, long_about = None)]
|
#[command(author, version, about, long_about = None)]
|
||||||
|
@ -11,7 +11,7 @@ use oauth2::{
|
|||||||
ClientSecret, CsrfToken, RedirectUrl, Scope, TokenResponse, TokenUrl,
|
ClientSecret, CsrfToken, RedirectUrl, Scope, TokenResponse, TokenUrl,
|
||||||
};
|
};
|
||||||
|
|
||||||
use crate::login::config::ZitadelClap;
|
use crate::login::auth_clap::ZitadelClap;
|
||||||
|
|
||||||
use super::{OAuth, OAuthClient};
|
use super::{OAuth, OAuthClient};
|
||||||
|
|
||||||
|
@ -10,7 +10,8 @@ use nefarious_login::{
|
|||||||
auth::AuthService,
|
auth::AuthService,
|
||||||
axum::{AuthController, UserFromSession},
|
axum::{AuthController, UserFromSession},
|
||||||
login::{
|
login::{
|
||||||
config::{AuthEngine, ZitadelClap},
|
auth_clap::{AuthEngine, ZitadelClap},
|
||||||
|
config::ConfigClap,
|
||||||
AuthClap,
|
AuthClap,
|
||||||
},
|
},
|
||||||
session::{PostgresqlSessionClap, SessionBackend},
|
session::{PostgresqlSessionClap, SessionBackend},
|
||||||
@ -44,6 +45,7 @@ async fn main() -> anyhow::Result<()> {
|
|||||||
conn: Some("postgres://nefarious-test:somenotverysecurepassword@localhost:5432/nefarious-test".into()),
|
conn: Some("postgres://nefarious-test:somenotverysecurepassword@localhost:5432/nefarious-test".into()),
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
config: ConfigClap { return_url: "http://localhost:3001/authed".into() }
|
||||||
};
|
};
|
||||||
|
|
||||||
let auth_service = AuthService::new(&auth).await?;
|
let auth_service = AuthService::new(&auth).await?;
|
||||||
|
@ -40,6 +40,7 @@ async fn main() -> anyhow::Result<()> {
|
|||||||
"--zitadel-client-secret=rWwDi8gjNOyuMFKoOjNSlhjcVZ1B25wDh6HsDL27f0g2Hb0xGbvEf0WXFY2akOlL",
|
"--zitadel-client-secret=rWwDi8gjNOyuMFKoOjNSlhjcVZ1B25wDh6HsDL27f0g2Hb0xGbvEf0WXFY2akOlL",
|
||||||
"--session-backend=postgresql",
|
"--session-backend=postgresql",
|
||||||
"--session-postgres-conn=postgres://nefarious-test:somenotverysecurepassword@localhost:5432/nafarious-test",
|
"--session-postgres-conn=postgres://nefarious-test:somenotverysecurepassword@localhost:5432/nafarious-test",
|
||||||
|
"--login-return-url=http://localhost:3001/authed"
|
||||||
]);
|
]);
|
||||||
|
|
||||||
let auth_service = AuthService::new(&cmd.auth).await?;
|
let auth_service = AuthService::new(&cmd.auth).await?;
|
||||||
|
Loading…
Reference in New Issue
Block a user