On server config route, add OIDC config

2023-06-01 17:01:57 +02:00 · 2023-06-01 17:01:57 +02:00 · daffea6727
commit daffea6727
parent c0f120bb53
5 changed files with 86 additions and 22 deletions
--- a/geneit_backend/src/app_config.rs
+++ b/geneit_backend/src/app_config.rs
@ -87,6 +87,30 @@ pub struct AppConfig {
        default_value = "http://localhost:3000/reset_password#TOKEN"
    )]
    pub reset_password_url: String,
+
+    /// URL where the OpenID configuration can be found
+    #[arg(long, env, default_value = "url")]
+    pub oidc_configuration_url: String,
+
+    /// Disable OpenID authentication
+    #[arg(long, env)]
+    pub disable_oidc: bool,
+
+    /// OpenID provider name
+    #[arg(long, env, default_value = "3rd party provider")]
+    pub oidc_provider_name: String,
+
+    /// OpenID client ID
+    #[arg(long, env, default_value = "client")]
+    pub oidc_client_id: String,
+
+    /// OpenID client secret
+    #[arg(long, env, default_value = "secret")]
+    pub oidc_client_secret: String,
+
+    /// OpenID login callback URL
+    #[arg(long, env, default_value = "http://localhost:3000/oidc_cb")]
+    pub oidc_callback_url: String,
 }

 lazy_static::lazy_static! {
@ -125,4 +149,31 @@ impl AppConfig {
    pub fn get_password_reset_url(&self, token: &str) -> String {
        self.reset_password_url.replace("TOKEN", token)
    }
+
+    /// Get OpenID providers configuration
+    pub fn openid_providers(&self) -> Vec<OIDCProvider> {
+        if self.disable_oidc {
+            return vec![];
+        }
+
+        return vec![OIDCProvider {
+            id: "first_prov".to_string(),
+            client_id: self.oidc_client_id.to_string(),
+            client_secret: self.oidc_client_secret.to_string(),
+            configuration_url: self.oidc_configuration_url.to_string(),
+            name: self.oidc_provider_name.to_string(),
+        }];
+    }
+}
+
+#[derive(Debug, Clone, serde::Serialize)]
+pub struct OIDCProvider {
+    pub id: String,
+    #[serde(skip_serializing)]
+    pub client_id: String,
+    #[serde(skip_serializing)]
+    pub client_secret: String,
+    #[serde(skip_serializing)]
+    pub configuration_url: String,
+    pub name: String,
 }
--- a/geneit_backend/src/controllers/config_controller.rs
+++ b/geneit_backend/src/controllers/config_controller.rs
@ -1,17 +0,0 @@
-use crate::constants::StaticConstraints;
-use actix_web::{HttpResponse, Responder};
-
-/// Default hello route
-pub async fn home() -> impl Responder {
-    HttpResponse::Ok().json("GeneIT API service.")
-}
-
-#[derive(Debug, Clone, serde::Serialize, Default)]
-struct StaticConfig {
-    constraints: StaticConstraints,
-}
-
-/// Get static configuration
-pub async fn static_config() -> impl Responder {
-    HttpResponse::Ok().json(StaticConfig::default())
-}
--- a/geneit_backend/src/controllers/mod.rs
+++ b/geneit_backend/src/controllers/mod.rs
@ -5,7 +5,7 @@ use actix_web::HttpResponse;
 use std::fmt::{Debug, Display, Formatter};

 pub mod auth_controller;
-pub mod config_controller;
+pub mod server_controller;
 pub mod user_controller;

 /// Custom error to ease controller writing
--- a/geneit_backend/src/controllers/server_controller.rs
+++ b/geneit_backend/src/controllers/server_controller.rs
@ -0,0 +1,30 @@
+use crate::app_config::{AppConfig, OIDCProvider};
+use crate::constants::StaticConstraints;
+use actix_web::{HttpResponse, Responder};
+
+/// Default hello route
+pub async fn home() -> impl Responder {
+    HttpResponse::Ok().json("GeneIT API service.")
+}
+
+#[derive(Debug, Clone, serde::Serialize)]
+struct ServerConfig {
+    constraints: StaticConstraints,
+    mail: &'static str,
+    oidc_providers: Vec<OIDCProvider>,
+}
+
+impl Default for ServerConfig {
+    fn default() -> Self {
+        Self {
+            mail: AppConfig::get().mail_sender.as_str(),
+            constraints: StaticConstraints::default(),
+            oidc_providers: AppConfig::get().openid_providers(),
+        }
+    }
+}
+
+/// Get server configuration
+pub async fn server_config() -> impl Responder {
+    HttpResponse::Ok().json(ServerConfig::default())
+}
--- a/geneit_backend/src/main.rs
+++ b/geneit_backend/src/main.rs
@ -2,7 +2,7 @@ use actix_remote_ip::RemoteIPConfig;
 use actix_web::middleware::Logger;
 use actix_web::{web, App, HttpServer};
 use geneit_backend::app_config::AppConfig;
-use geneit_backend::controllers::{auth_controller, config_controller, user_controller};
+use geneit_backend::controllers::{auth_controller, server_controller, user_controller};

 #[actix_web::main]
 async fn main() -> std::io::Result<()> {
@ -17,10 +17,10 @@ async fn main() -> std::io::Result<()> {
                proxy: AppConfig::get().proxy_ip.clone(),
            }))
            // Config controller
-            .route("/", web::get().to(config_controller::home))
+            .route("/", web::get().to(server_controller::home))
            .route(
-                "/config/static",
-                web::get().to(config_controller::static_config),
+                "/server/config",
+                web::get().to(server_controller::server_config),
            )
            // Auth controller
            .route(