Start working on authentication

author: Kjetil Orbekk <kj@orbekk.com> 2022-10-07 16:59:29 -0400
committer: Kjetil Orbekk <kj@orbekk.com> 2022-10-07 16:59:29 -0400
commit: c64a7a640ac8c59eb6339f0a06d2ad2efab3fd11 (patch)
tree: 229ccf88da26d5339aadab98013834b6c2af6cbc /server/src/main.rs
parent: 01753ebd32e4e0fa8adb11fb02a77720773e3018 (diff)
1 files changed, 68 insertions, 11 deletions
diff --git a/server/src/main.rs b/server/src/main.rs
index aaa5798..994c291 100644
--- a/server/src/main.rs
+++ b/server/src/main.rs
@@ -1,10 +1,46 @@
-use std::env;
+use std::{env, sync::Arc};
 
-use axum::{routing::get, Json, Router};
-use data::MyMessage;
-use tracing::info;
+use axum::{extract::{FromRequest, Extension}, routing::get, Json, Router, http::{Request, request::Parts}, body::Body};
+use openidconnect::{
+    core::{CoreClient, CoreProviderMetadata, CoreResponseType},
+    reqwest::async_http_client,
+    AccessTokenHash, AuthenticationFlow, AuthorizationCode, ClientId, ClientSecret, CsrfToken,
+    IssuerUrl, Nonce, OAuth2TokenResponse, PkceCodeChallenge, RedirectUrl, Scope, TokenResponse, url::Url,
+};
+use protocol::UserInfo;
+use tower_http::trace::TraceLayer;
+use tower_cookies::{Cookie, CookieManagerLayer, Cookies};
+use tracing::{info, trace};
 use tracing_subscriber::{layer::SubscriberExt, util::SubscriberInitExt};
-use tower_http::{trace::TraceLayer};
+mod auth;
+use crate::auth::Authenticator;
+
+struct ServerContext {
+    pub app_url: String,
+    pub authenticator: Authenticator,
+}
+type ContextExtension = Extension<Arc<ServerContext>>;
+
+async fn keycloak_client(
+    issuer_url: IssuerUrl,
+    client_id: ClientId,
+    client_secret: ClientSecret,
+    redirect_uri: RedirectUrl,
+) -> CoreClient {
+    // // Use OpenID Connect Discovery to fetch the provider metadata.
+    let provider_metadata = CoreProviderMetadata::discover_async(issuer_url, async_http_client)
+        .await
+        .unwrap();
+
+    let client =
+        CoreClient::from_provider_metadata(provider_metadata, client_id, Some(client_secret))
+            // Set the URL the user will be redirected to after the authorization process.
+            .set_redirect_uri(
+		redirect_uri
+            );
+
+    client
+}
 
 #[tokio::main]
 async fn main() {
@@ -16,12 +52,23 @@ async fn main() {
         ))
         .with(tracing_subscriber::fmt::layer())
         .init();
-    
+
     let bind_address = env::var("BIND_ADDRESS").unwrap();
     info!("Starting server on {}", bind_address);
 
+    let app_url = env::var("APP_URL").unwrap();
+
+    let state = Arc::new(ServerContext {
+        app_url: app_url,
+	authenticator: Authenticator::from_env().await,
+    });
+
     let app = Router::new()
-        .route("/api/test", get(test))
+        .route("/api/user/info", get(user_info))
+        .route("/api/get_login_url", get(get_login_url))
+        .route(auth::LOGIN_CALLBACK, get(login_callback))
+        .layer(CookieManagerLayer::new())
+        .layer(Extension(state))
         .layer(TraceLayer::new_for_http());
 
     axum::Server::bind(&bind_address.parse().unwrap())
@@ -30,8 +77,18 @@ async fn main() {
         .unwrap();
 }
 
-async fn test() -> Json<MyMessage> {
-    Json(MyMessage {
-        message: "Hello, ,World!".to_string(),
-    })
+async fn user_info() -> Json<Option<UserInfo>> {
+    Json(None)
+}
+
+async fn login_callback(mut req: Parts) -> &'static str {
+    info!("{req:?}");
+    "hello"
+}
+
+async fn get_login_url(extension: ContextExtension) -> Json<Url> {
+    let (user_id, auth_url) = extension.authenticator.get_login_url().await;
+    trace!("Creating auth url for {user_id:?}");
+    // cookies.add(Cookie::new("user-id", serde_json::to_string(user_id)));
+    Json(auth_url)
 }
author	Kjetil Orbekk <kj@orbekk.com>	2022-10-07 16:59:29 -0400
committer	Kjetil Orbekk <kj@orbekk.com>	2022-10-07 16:59:29 -0400
commit	c64a7a640ac8c59eb6339f0a06d2ad2efab3fd11 (patch)
tree	229ccf88da26d5339aadab98013834b6c2af6cbc /server/src/main.rs
parent	01753ebd32e4e0fa8adb11fb02a77720773e3018 (diff)