Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: Initial implementation for OIDC with machines #50

Draft
wants to merge 21 commits into
base: main
Choose a base branch
from
Draft
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
fix: clippy
  • Loading branch information
johannwagner authored and Kek5chen committed Jun 18, 2024
commit de752f2eb93c0355fd766166818cca91fdf516c8
3 changes: 0 additions & 3 deletions vicky/src/bin/vicky/auth.rs
Original file line number Diff line number Diff line change
@@ -33,16 +33,13 @@ impl FromStr for Role {
}
}

#[allow(dead_code)]
#[derive(Deserialize)]
pub struct User {
pub id: Uuid,
pub full_name: String,
pub role: Role,
}

pub struct Machine {}

async fn extract_user_from_token(jwks_verifier: &State<RemoteJwksVerifier>, db: &Database, oidc_config: &OIDCConfigResolved, token: &str) -> Result<DbUser, AppError> {
let jwt = jwks_verifier.verify::<Map<String, Value>>(token).await?;

2 changes: 1 addition & 1 deletion vicky/src/bin/vicky/locks.rs
Original file line number Diff line number Diff line change
@@ -5,7 +5,7 @@ use uuid::Uuid;
use vickylib::database::entities::{Database, Lock};
use vickylib::database::entities::lock::db_impl::LockDatabase;
use vickylib::database::entities::lock::PoisonedLock;
use crate::auth::{Machine, User};
use crate::auth::{User};
use crate::errors::AppError;

async fn locks_get_poisoned(db: &Database) -> Result<Json<Vec<Lock>>, AppError> {
8 changes: 4 additions & 4 deletions vickyctl/src/account.rs
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
use openidconnect::{ErrorResponse, ClientId, IssuerUrl, core::{CoreProviderMetadata, CoreClient, CoreDeviceAuthorizationResponse, CoreAuthDisplay, CoreClientAuthMethod, CoreClaimName, CoreClaimType, CoreGrantType, CoreJweContentEncryptionAlgorithm, CoreJweKeyManagementAlgorithm, CoreJsonWebKey, CoreResponseMode, CoreResponseType, CoreSubjectIdentifierType, CoreJwsSigningAlgorithm, CoreJsonWebKeyType, CoreJsonWebKeyUse}, Scope, reqwest::{http_client}, AdditionalProviderMetadata, ProviderMetadata, DeviceAuthorizationUrl, AuthType, OAuth2TokenResponse};
use openidconnect::{ClientId, IssuerUrl, core::{CoreClient, CoreDeviceAuthorizationResponse, CoreAuthDisplay, CoreClientAuthMethod, CoreClaimName, CoreClaimType, CoreGrantType, CoreJweContentEncryptionAlgorithm, CoreJweKeyManagementAlgorithm, CoreJsonWebKey, CoreResponseMode, CoreResponseType, CoreSubjectIdentifierType, CoreJwsSigningAlgorithm, CoreJsonWebKeyType, CoreJsonWebKeyUse}, Scope, reqwest::{http_client}, AdditionalProviderMetadata, ProviderMetadata, DeviceAuthorizationUrl, AuthType, OAuth2TokenResponse};
use serde::{Deserialize, Serialize};

use crate::{cli::AppContext, error::Error, FileConfig, AuthState};
use crate::{FileConfig, AuthState};


// Taken from https://github.com/ramosbugs/openidconnect-rs/blob/support/3.x/examples/okta_device_grant.rs
@@ -30,11 +30,11 @@ type DeviceProviderMetadata = ProviderMetadata<


pub fn show(auth_state: &AuthState) -> Result<(), anyhow::Error> {
print!("{:?}", auth_state.clone());
print!("{:?}", auth_state);
Ok(())
}

pub fn login(ctx: &AppContext, vicky_url_str: String, issuer_url_str: String, client_id_str: String) -> Result<(), anyhow::Error> {
pub fn login(vicky_url_str: String, issuer_url_str: String, client_id_str: String) -> Result<(), anyhow::Error> {

let client_id = ClientId::new(client_id_str.clone().to_string());
let issuer_url = IssuerUrl::new(issuer_url_str.clone().to_string())?;
8 changes: 4 additions & 4 deletions vickyctl/src/http_client.rs
Original file line number Diff line number Diff line change
@@ -11,11 +11,11 @@ pub fn prepare_client(auth_state: &AuthState) -> Result<(Client, String), Error>
let auth_token: String = "".to_owned();

match auth_state {
AuthState::EnvironmentAuthenticated(envConfig) => {
base_url = envConfig.url.clone();
AuthState::EnvironmentAuthenticated(env_config) => {
base_url = env_config.url.clone();
},
AuthState::FileAuthenticated(fileCfg) => {
base_url = fileCfg.vicky_url.clone();
AuthState::FileAuthenticated(file_config) => {
base_url = file_config.vicky_url.clone();
},
AuthState::Unauthenticated => {
return Err(Error::Unauthenticated())
2 changes: 0 additions & 2 deletions vickyctl/src/locks/http.rs
Original file line number Diff line number Diff line change
@@ -1,8 +1,6 @@
use reqwest::blocking::Client;

use crate::AuthState;
use crate::error::Error;
use crate::http_client::prepare_client;
use crate::locks::types::{LockType, PoisonedLock};

pub fn get_locks_endpoint(lock_type: LockType, detailed: bool) -> &'static str {
4 changes: 2 additions & 2 deletions vickyctl/src/main.rs
Original file line number Diff line number Diff line change
@@ -89,11 +89,11 @@ fn main() {
},
Cli::Tasks(tasks_args) => tasks::show_tasks(&tasks_args, &auth_state),
Cli::Locks(locks_args) => tui::show_locks(&locks_args, &auth_state),
Cli::Resolve(resolve_args) => tui::resolve_lock(&resolve_args, &auth_state),
Cli::Resolve(_) => tui::resolve_lock(&auth_state),

Cli::Account(account_args) => match account_args.commands {
AccountCommands::Show => show(&auth_state).map_err(crate::error::Error::from),
AccountCommands::Login{ vicky_url, client_id, issuer_url} => login(&account_args.ctx, vicky_url, issuer_url, client_id).map_err(crate::error::Error::from)
AccountCommands::Login{ vicky_url, client_id, issuer_url} => login( vicky_url, issuer_url, client_id).map_err(crate::error::Error::from)
}

};
4 changes: 2 additions & 2 deletions vickyctl/src/tui/lock_resolver.rs
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
use crate::cli::{LocksArgs, ResolveArgs};
use crate::cli::{LocksArgs};
use crate::error::Error;
use crate::http_client::prepare_client;
use crate::{humanize, AuthState};
@@ -44,7 +44,7 @@ pub fn show_locks(locks_args: &LocksArgs, auth_state: &AuthState) -> Result<(),
Ok(())
}

pub fn resolve_lock(resolve_args: &ResolveArgs, auth_state: &AuthState) -> Result<(), Error> {
pub fn resolve_lock(auth_state: &AuthState) -> Result<(), Error> {
let (client, vicky_url) = prepare_client(auth_state)?;

let mut locks = fetch_detailed_poisoned_locks(&client, vicky_url.clone())?;
Loading