Browse Source

make url key in config optional, since it can be determined from request

master
Adrian Malacoda 2 years ago
parent
commit
c6667c977a
4 changed files with 31 additions and 6 deletions
  1. + 1
    - 1
      src/config.rs
  2. + 15
    - 0
      src/http.rs
  3. + 14
    - 4
      src/oidc/provider.rs
  4. + 1
    - 1
      who-server.toml

+ 1
- 1
src/config.rs

@ -9,7 +9,7 @@ use std::io::Read;
#[derive(Debug, Deserialize)]
pub struct Config {
pub url: String,
pub url: Option<String>,
pub keyfile: Option<String>,
pub user_store: Option<UserStoreConfig>,
pub web: Option<WebConfig>

+ 15
- 0
src/http.rs

@ -2,6 +2,7 @@ use rocket::request::{self, Outcome, Request, FromRequest};
use rocket::Outcome::{Success, Forward};
static REFERER_HEADER: &'static str = "referer";
static HOST_HEADER: &'static str = "host";
static AUTH_HEADER: &'static str = "authorization";
static AUTH_SCHEME: &'static str = "Bearer ";
@ -19,6 +20,20 @@ impl<'a, 'r> FromRequest<'a, 'r> for Referer<'a> {
}
}
#[derive(Into)]
pub struct Host<'a>(&'a str);
impl<'a, 'r> FromRequest<'a, 'r> for Host<'a> {
type Error = ();
fn from_request(request: &'a Request<'r>) -> Outcome<Host<'a>, ()> {
match request.headers().get_one(HOST_HEADER) {
Some(host) => Success(Host(host)),
None => Forward(())
}
}
}
#[derive(Into)]
pub struct BearerToken<'a>(&'a str);

+ 14
- 4
src/oidc/provider.rs

@ -1,3 +1,4 @@
use http::Host;
use rocket::Route;
use rocket::State;
use rocket::request::Form;
@ -109,7 +110,7 @@ struct TokenRequest {
// http://openid.net/specs/openid-connect-core-1_0.html#TokenEndpoint
#[post("/oidc/token", data="<form>")]
fn token(key: State<Key>, config: State<Config>, token_store_mutex: State<Mutex<Box<TokenStore>>>, form: Form<TokenRequest>) -> Option<Json<Token>> {
fn token(key: State<Key>, config: State<Config>, token_store_mutex: State<Mutex<Box<TokenStore>>>, form: Form<TokenRequest>, host: Option<Host>) -> Option<Json<Token>> {
println!("{:?}", form.get());
let mut token_store = token_store_mutex.lock().expect("Failed to acquire lock on token store");
let request = form.get();
@ -119,11 +120,16 @@ fn token(key: State, config: State, token_store_mutex: State
code.subject.to_owned()
});
let server_url = config.url.to_owned().or_else(|| host.map(|host| {
let host_str: &str = host.into();
format!("http://{}/", host_str)
})).expect("Failed to determine server url");
subject.map(|sub| {
let now_seconds = get_time().sec as u64;
let jwt_header = json!({});
let jwt_claims = json!({
"iss": config.url.to_owned(),
"iss": server_url.to_owned(),
"sub": sub.to_owned(),
"aud": client_id,
"exp": now_seconds + 3600,
@ -186,8 +192,12 @@ fn userinfo(token_store: &Box, access_token: BearerToken) -> Option<
}
#[get("/.well-known/openid-configuration")]
fn configuration(config: State<Config>) -> Json<Configuration> {
let server_url = config.url.to_owned();
fn configuration(config: State<Config>, host: Option<Host>) -> Json<Configuration> {
let server_url = config.url.to_owned().or_else(|| host.map(|host| {
let host_str: &str = host.into();
format!("http://{}/", host_str)
})).expect("Failed to determine server url");
Json(Configuration {
issuer: server_url.to_owned(),
authorization_endpoint: format!("{}oidc/authenticate", server_url),

+ 1
- 1
who-server.toml

@ -1,4 +1,4 @@
url = "http://baragaki:8000/"
#url = "http://kraken:8000/"
[web]
port = 8000

Loading…
Cancel
Save