On server config route, add OIDC config

This commit is contained in:
Pierre HUBERT 2023-06-01 17:01:57 +02:00
parent c0f120bb53
commit daffea6727
5 changed files with 86 additions and 22 deletions

View File

@ -87,6 +87,30 @@ pub struct AppConfig {
default_value = "http://localhost:3000/reset_password#TOKEN"
)]
pub reset_password_url: String,
/// URL where the OpenID configuration can be found
#[arg(long, env, default_value = "url")]
pub oidc_configuration_url: String,
/// Disable OpenID authentication
#[arg(long, env)]
pub disable_oidc: bool,
/// OpenID provider name
#[arg(long, env, default_value = "3rd party provider")]
pub oidc_provider_name: String,
/// OpenID client ID
#[arg(long, env, default_value = "client")]
pub oidc_client_id: String,
/// OpenID client secret
#[arg(long, env, default_value = "secret")]
pub oidc_client_secret: String,
/// OpenID login callback URL
#[arg(long, env, default_value = "http://localhost:3000/oidc_cb")]
pub oidc_callback_url: String,
}
lazy_static::lazy_static! {
@ -125,4 +149,31 @@ impl AppConfig {
pub fn get_password_reset_url(&self, token: &str) -> String {
self.reset_password_url.replace("TOKEN", token)
}
/// Get OpenID providers configuration
pub fn openid_providers(&self) -> Vec<OIDCProvider> {
if self.disable_oidc {
return vec![];
}
return vec![OIDCProvider {
id: "first_prov".to_string(),
client_id: self.oidc_client_id.to_string(),
client_secret: self.oidc_client_secret.to_string(),
configuration_url: self.oidc_configuration_url.to_string(),
name: self.oidc_provider_name.to_string(),
}];
}
}
#[derive(Debug, Clone, serde::Serialize)]
pub struct OIDCProvider {
pub id: String,
#[serde(skip_serializing)]
pub client_id: String,
#[serde(skip_serializing)]
pub client_secret: String,
#[serde(skip_serializing)]
pub configuration_url: String,
pub name: String,
}

View File

@ -1,17 +0,0 @@
use crate::constants::StaticConstraints;
use actix_web::{HttpResponse, Responder};
/// Default hello route
pub async fn home() -> impl Responder {
HttpResponse::Ok().json("GeneIT API service.")
}
#[derive(Debug, Clone, serde::Serialize, Default)]
struct StaticConfig {
constraints: StaticConstraints,
}
/// Get static configuration
pub async fn static_config() -> impl Responder {
HttpResponse::Ok().json(StaticConfig::default())
}

View File

@ -5,7 +5,7 @@ use actix_web::HttpResponse;
use std::fmt::{Debug, Display, Formatter};
pub mod auth_controller;
pub mod config_controller;
pub mod server_controller;
pub mod user_controller;
/// Custom error to ease controller writing

View File

@ -0,0 +1,30 @@
use crate::app_config::{AppConfig, OIDCProvider};
use crate::constants::StaticConstraints;
use actix_web::{HttpResponse, Responder};
/// Default hello route
pub async fn home() -> impl Responder {
HttpResponse::Ok().json("GeneIT API service.")
}
#[derive(Debug, Clone, serde::Serialize)]
struct ServerConfig {
constraints: StaticConstraints,
mail: &'static str,
oidc_providers: Vec<OIDCProvider>,
}
impl Default for ServerConfig {
fn default() -> Self {
Self {
mail: AppConfig::get().mail_sender.as_str(),
constraints: StaticConstraints::default(),
oidc_providers: AppConfig::get().openid_providers(),
}
}
}
/// Get server configuration
pub async fn server_config() -> impl Responder {
HttpResponse::Ok().json(ServerConfig::default())
}

View File

@ -2,7 +2,7 @@ use actix_remote_ip::RemoteIPConfig;
use actix_web::middleware::Logger;
use actix_web::{web, App, HttpServer};
use geneit_backend::app_config::AppConfig;
use geneit_backend::controllers::{auth_controller, config_controller, user_controller};
use geneit_backend::controllers::{auth_controller, server_controller, user_controller};
#[actix_web::main]
async fn main() -> std::io::Result<()> {
@ -17,10 +17,10 @@ async fn main() -> std::io::Result<()> {
proxy: AppConfig::get().proxy_ip.clone(),
}))
// Config controller
.route("/", web::get().to(config_controller::home))
.route("/", web::get().to(server_controller::home))
.route(
"/config/static",
web::get().to(config_controller::static_config),
"/server/config",
web::get().to(server_controller::server_config),
)
// Auth controller
.route(