Ready to initiate OpenID login

moneymgr_backend/src/constants.rs

@@ -1 +1,5 @@
-// TODO
+/// Session-specific constants
+pub mod sessions {
+    /// OpenID auth session state key
+    pub const OIDC_STATE_KEY: &str = "oidc-state";
+}

moneymgr_backend/src/controllers/auth_controller.rs

@@ -0,0 +1,42 @@
+use crate::app_config::AppConfig;
+use crate::controllers::HttpResult;
+use crate::extractors::money_session::MoneySession;
+use actix_web::HttpResponse;
+use light_openid::primitives::OpenIDConfig;
+
+#[derive(serde::Serialize)]
+struct StartOIDCResponse {
+    url: String,
+}
+
+/// Start OIDC authentication
+pub async fn start_oidc(session: MoneySession) -> HttpResult {
+    let prov = AppConfig::get().openid_provider();
+
+    let conf = match OpenIDConfig::load_from_url(prov.configuration_url).await {
+        Ok(c) => c,
+        Err(e) => {
+            log::error!("Failed to fetch OpenID provider configuration! {e}");
+            return Ok(HttpResponse::InternalServerError()
+                .json("Failed to fetch OpenID provider configuration!"));
+        }
+    };
+
+    let state = match session.gen_oidc_state() {
+        Ok(s) => s,
+        Err(e) => {
+            log::error!("Failed to generate auth state! {e}");
+            return Ok(HttpResponse::InternalServerError().json("Failed to generate auth state!"));
+        }
+    };
+
+    Ok(HttpResponse::Ok().json(StartOIDCResponse {
+        url: conf.gen_authorization_url(
+            prov.client_id,
+            &state,
+            &AppConfig::get().oidc_redirect_url(),
+        ),
+    }))
+}
+
+// TODO : take from previous projects

moneymgr_backend/src/controllers/mod.rs

@@ -1 +1,42 @@
+use actix_web::http::StatusCode;
+use actix_web::{HttpResponse, ResponseError};
+use std::error::Error;
+
+pub mod auth_controller;
 pub mod server_controller;
+
+#[derive(thiserror::Error, Debug)]
+pub enum HttpFailure {
+    #[error("this resource requires higher privileges")]
+    Forbidden,
+    #[error("this resource was not found")]
+    NotFound,
+    #[error("Actix web error")]
+    ActixError(#[from] actix_web::Error),
+    #[error("an unhandled session insert error occurred")]
+    SessionInsertError(#[from] actix_session::SessionInsertError),
+    #[error("an unhandled session error occurred")]
+    SessionError(#[from] actix_session::SessionGetError),
+    #[error("an unspecified open id error occurred: {0}")]
+    OpenID(Box<dyn Error>),
+    #[error("an unspecified internal error occurred: {0}")]
+    InternalError(#[from] anyhow::Error),
+    #[error("a serde_json error occurred: {0}")]
+    SerdeJsonError(#[from] serde_json::error::Error),
+}
+
+impl ResponseError for HttpFailure {
+    fn status_code(&self) -> StatusCode {
+        match &self {
+            Self::Forbidden => StatusCode::FORBIDDEN,
+            Self::NotFound => StatusCode::NOT_FOUND,
+            _ => StatusCode::INTERNAL_SERVER_ERROR,
+        }
+    }
+
+    fn error_response(&self) -> HttpResponse {
+        HttpResponse::build(self.status_code()).body(self.to_string())
+    }
+}
+
+pub type HttpResult = Result<HttpResponse, HttpFailure>;

moneymgr_backend/src/extractors/mod.rs

@@ -0,0 +1 @@
+pub mod money_session;

moneymgr_backend/src/extractors/money_session.rs

@@ -0,0 +1,35 @@
+use crate::constants;
+use crate::utils::rand_utils::rand_string;
+use actix_session::Session;
+use actix_web::dev::Payload;
+use actix_web::{Error, FromRequest, HttpRequest};
+use futures_util::future::{Ready, ready};
+
+/// Money session
+///
+/// Basic wrapper around actix-session extractor
+pub struct MoneySession(Session);
+
+impl MoneySession {
+    /// Generate OpenID state for this session
+    pub fn gen_oidc_state(&self) -> anyhow::Result<String> {
+        let random_string = rand_string(50);
+        self.0
+            .insert(constants::sessions::OIDC_STATE_KEY, random_string.clone())?;
+        Ok(random_string)
+    }
+}
+
+impl FromRequest for MoneySession {
+    type Error = Error;
+    type Future = Ready<Result<Self, Error>>;
+
+    #[inline]
+    fn from_request(req: &HttpRequest, _: &mut Payload) -> Self::Future {
+        ready(
+            Session::from_request(req, &mut Payload::None)
+                .into_inner()
+                .map(MoneySession),
+        )
+    }
+}

moneymgr_backend/src/lib.rs

@@ -2,6 +2,7 @@ pub mod app_config;
 pub mod connections;
 pub mod constants;
 pub mod controllers;
+pub mod extractors;
 pub mod models;
 pub mod routines;
 pub mod schema;

moneymgr_backend/src/main.rs

@@ -9,7 +9,7 @@ use actix_web::middleware::Logger;
 use actix_web::{App, HttpServer, web};
 use moneymgr_backend::app_config::AppConfig;
 use moneymgr_backend::connections::{db_connection, s3_connection};
-use moneymgr_backend::controllers::server_controller;
+use moneymgr_backend::controllers::{auth_controller, server_controller};
 use moneymgr_backend::routines;
 use moneymgr_backend::services::users_service;
 
@@ -72,6 +72,11 @@ async fn main() -> std::io::Result<()> {
             .app_data(TempFileConfig::default().directory(&AppConfig::get().temp_dir))
             // Server controller
             .route("/robots.txt", web::get().to(server_controller::robots_txt))
+            // Auth controller
+            .route(
+                "/api/auth/start_oidc",
+                web::get().to(auth_controller::start_oidc),
+            )
     })
     .bind(AppConfig::get().listen_address.as_str())?
     .run()

moneymgr_backend/src/utils/mod.rs

@@ -1 +1,2 @@
+pub mod rand_utils;
 pub mod time_utils;

moneymgr_backend/src/utils/rand_utils.rs

@@ -0,0 +1,6 @@
+use rand::distr::{Alphanumeric, SampleString};
+
+/// Generate a random string of a given length
+pub fn rand_string(len: usize) -> String {
+    Alphanumeric.sample_string(&mut rand::rng(), len)
+}