Loads clients list only once (#106)

Currently, the list of client is loaded separately for each Actix HTTP handler threads. In prevision of future improvements, it is worthwhile to load this list only once. Reviewed-on: #106
2023-04-17 16:49:19 +00:00 · 2023-04-17 16:49:19 +00:00 · 4f7c56a4b8
commit 4f7c56a4b8
parent 6d2e52d632
4 changed files with 21 additions and 10 deletions
--- a/README.md
+++ b/README.md
@ -64,5 +64,7 @@ Corresponding client configuration:

 > Note: We do need to use real domain name instead of IP address due to the `webauthn-rs` crate limitations. We therefore use the `nip.io` domain helper.

+OAuth proxy can then be access on this URL: http://192.168.2.103:4180/
+
 ## Contributing
 If you wish to contribute to this software, feel free to send an email to contact@communiquons.org to get an account on my system, managed by BasicOIDC :)
--- a/src/controllers/admin_controller.rs
+++ b/src/controllers/admin_controller.rs
@ -1,4 +1,5 @@
 use std::ops::Deref;
+use std::sync::Arc;

 use actix::Addr;
 use actix_web::{web, HttpResponse, Responder};
@ -36,7 +37,10 @@ struct EditUserTemplate {
    clients: Vec<Client>,
 }

-pub async fn clients_route(user: CurrentUser, clients: web::Data<ClientManager>) -> impl Responder {
+pub async fn clients_route(
+    user: CurrentUser,
+    clients: web::Data<Arc<ClientManager>>,
+) -> impl Responder {
    HttpResponse::Ok().body(
        ClientsListTemplate {
            _p: BaseSettingsPage::get("Clients list", &user, None, None),
@ -233,7 +237,10 @@ pub async fn users_route(
    )
 }

-pub async fn create_user(admin: CurrentUser, clients: web::Data<ClientManager>) -> impl Responder {
+pub async fn create_user(
+    admin: CurrentUser,
+    clients: web::Data<Arc<ClientManager>>,
+) -> impl Responder {
    let user = User {
        authorized_clients: Some(
            clients
@ -263,7 +270,7 @@ pub struct EditUserQuery {

 pub async fn edit_user(
    admin: CurrentUser,
-    clients: web::Data<ClientManager>,
+    clients: web::Data<Arc<ClientManager>>,
    users: web::Data<Addr<UsersActor>>,
    query: web::Query<EditUserQuery>,
 ) -> impl Responder {
--- a/src/controllers/openid_controller.rs
+++ b/src/controllers/openid_controller.rs
@ -1,4 +1,5 @@
 use std::fmt::Debug;
+use std::sync::Arc;

 use actix::Addr;
 use actix_identity::Identity;
@ -113,7 +114,7 @@ pub async fn authorize(
    user: CurrentUser,
    id: Identity,
    query: web::Query<AuthorizeQuery>,
-    clients: web::Data<ClientManager>,
+    clients: web::Data<Arc<ClientManager>>,
    sessions: web::Data<Addr<OpenIDSessionsActor>>,
    logger: ActionLogger,
 ) -> impl Responder {
@ -267,7 +268,7 @@ pub struct TokenResponse {
 pub async fn token(
    req: HttpRequest,
    query: web::Form<TokenQuery>,
-    clients: web::Data<ClientManager>,
+    clients: web::Data<Arc<ClientManager>>,
    sessions: web::Data<Addr<OpenIDSessionsActor>>,
    users: web::Data<Addr<UsersActor>>,
    jwt_signer: web::Data<JWTSigner>,
--- a/src/main.rs
+++ b/src/main.rs
@ -72,14 +72,15 @@ async fn main() -> std::io::Result<()> {
    let jwt_signer = JWTSigner::gen_from_memory().expect("Failed to generate JWKS key");
    let webauthn_manager = Arc::new(WebAuthManager::init(config));

+    let mut clients =
+        ClientManager::open_or_create(config.clients_file()).expect("Failed to load clients list!");
+    clients.apply_environment_variables();
+    let clients = Arc::new(clients);
+
    log::info!("Server will listen on {}", config.listen_address);
    let listen_address = config.listen_address.to_string();

    HttpServer::new(move || {
-        let mut clients = ClientManager::open_or_create(config.clients_file())
-            .expect("Failed to load clients list!");
-        clients.apply_environment_variables();
-
        let session_mw = SessionMiddleware::builder(
            CookieSessionStore::default(),
            Key::from(config.token_key.as_bytes()),
@ -99,7 +100,7 @@ async fn main() -> std::io::Result<()> {
            .app_data(web::Data::new(users_actor.clone()))
            .app_data(web::Data::new(bruteforce_actor.clone()))
            .app_data(web::Data::new(openid_sessions_actor.clone()))
-            .app_data(web::Data::new(clients))
+            .app_data(web::Data::new(clients.clone()))
            .app_data(web::Data::new(jwt_signer.clone()))
            .app_data(web::Data::new(webauthn_manager.clone()))
            .wrap(