dog-auth-oauth 0.1.7

OAuth authentication support for DogRS
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107

// OAuth service.

use std::sync::Arc;

use anyhow::Result;
use async_trait::async_trait;
use dog_auth::core::{AuthenticationParams, AuthenticationRequest, AuthenticationResult, JwtOverrides};
use dog_auth::service::AuthenticationService;
use dog_core::errors::DogError;
use dog_core::HookContext;
use serde_json::{Map, Value};

pub struct OAuthCallbackResponse {
    pub auth_result: AuthenticationResult,
    pub location: Option<String>,
}

#[derive(Debug)]
pub struct OAuthError {
    pub message: String,
    pub location: Option<String>,
}

impl std::fmt::Display for OAuthError {
    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
        write!(f, "{}", self.message)
    }
}

impl std::error::Error for OAuthError {}

#[async_trait]
pub trait OAuthRedirect<P>: Send + Sync
where
    P: Clone + Send + Sync + 'static,
{
    async fn get_redirect(
        &self,
        provider: &str,
        result: &Result<AuthenticationResult>,
        ctx: &mut HookContext<Value, P>,
    ) -> Result<Option<String>>;
}

pub struct OAuthService<P>
where
    P: Clone + Send + Sync + 'static,
{
    pub auth_service: Arc<AuthenticationService<P>>,
    pub redirect: Option<Arc<dyn OAuthRedirect<P>>>,
}

impl<P> OAuthService<P>
where
    P: Clone + Send + Sync + 'static,
{
    pub fn new(auth_service: Arc<AuthenticationService<P>>) -> Self {
        Self {
            auth_service,
            redirect: None,
        }
    }

    pub fn with_redirect(mut self, redirect: Arc<dyn OAuthRedirect<P>>) -> Self {
        self.redirect = Some(redirect);
        self
    }

    pub async fn authenticate_callback(
        &self,
        provider: &str,
        payload: Map<String, Value>,
        params: &AuthenticationParams,
        ctx: &mut HookContext<Value, P>,
        jwt_overrides: Option<JwtOverrides>,
    ) -> Result<OAuthCallbackResponse> {
        if provider.trim().is_empty() {
            return Err(DogError::bad_request("Missing OAuth provider").into_anyhow());
        }

        let authentication = AuthenticationRequest {
            strategy: Some(provider.to_string()),
            data: payload,
        };

        let strategies = vec![provider.to_string()];

        let result = self
            .auth_service
            .create(&authentication, params, ctx, &strategies, jwt_overrides)
            .await;

        let location = match &self.redirect {
            Some(r) => r.get_redirect(provider, &result, ctx).await?,
            None => None,
        };

        match result {
            Ok(auth_result) => Ok(OAuthCallbackResponse { auth_result, location }),
            Err(e) => {
                // We keep this transport-agnostic: adapters can map OAuthError.location to headers.
                let msg = e.to_string();
                Err(anyhow::anyhow!(OAuthError { message: msg, location }))
            }
        }
    }
}