diff --git a/crates/frontend/src/config.rs b/crates/frontend/src/config.rs index 8fb3581..ba49206 100644 --- a/crates/frontend/src/config.rs +++ b/crates/frontend/src/config.rs @@ -5,7 +5,7 @@ fn default_enabled() -> bool { true } -#[derive(Deserialize, Serialize, Debug, Clone)] +#[derive(Deserialize, Serialize, Clone)] pub struct OidcConfig { pub name: String, pub issuer: IssuerUrl, @@ -15,7 +15,7 @@ pub struct OidcConfig { pub allow_sign_up: bool, } -#[derive(Deserialize, Serialize, Debug, Clone)] +#[derive(Deserialize, Serialize, Clone)] #[serde(deny_unknown_fields)] pub struct FrontendConfig { #[serde(serialize_with = "hex::serde::serialize")] diff --git a/crates/frontend/src/oidc/error.rs b/crates/frontend/src/oidc/error.rs new file mode 100644 index 0000000..926f933 --- /dev/null +++ b/crates/frontend/src/oidc/error.rs @@ -0,0 +1,42 @@ +use actix_session::SessionInsertError; +use actix_web::{ + HttpResponse, ResponseError, body::BoxBody, error::UrlGenerationError, http::StatusCode, +}; +use openidconnect::{ClaimsVerificationError, ConfigurationError, url::ParseError}; + +#[derive(Debug, thiserror::Error)] +pub enum OidcError { + #[error("Cannot generate redirect url, something's not configured correctly")] + OidcParseError(#[from] ParseError), + + #[error("Cannot generate redirect url, something's not configured correctly")] + ActixUrlGenerationError(#[from] UrlGenerationError), + + #[error("RustiCal is not configured correctly for OIDC")] + IncorrectConfiguration, + + #[error(transparent)] + OidcConfigurationError(#[from] ConfigurationError), + + #[error(transparent)] + OidcClaimsVerificationError(#[from] ClaimsVerificationError), + + #[error(transparent)] + SessionInsertError(#[from] SessionInsertError), + + #[error(transparent)] + StoreError(#[from] rustical_store::Error), + + #[error("{0}")] + Other(&'static str), +} + +impl ResponseError for OidcError { + fn status_code(&self) -> StatusCode { + StatusCode::INTERNAL_SERVER_ERROR + } + + fn error_response(&self) -> HttpResponse { + HttpResponse::build(self.status_code()).body(self.to_string()) + } +} diff --git a/crates/frontend/src/oidc/mod.rs b/crates/frontend/src/oidc/mod.rs index 1cfff7e..5a361b8 100644 --- a/crates/frontend/src/oidc/mod.rs +++ b/crates/frontend/src/oidc/mod.rs @@ -1,59 +1,21 @@ use crate::{FrontendConfig, config::OidcConfig}; -use actix_session::{Session, SessionInsertError}; +use actix_session::Session; use actix_web::{ - HttpRequest, HttpResponse, Responder, ResponseError, - body::BoxBody, - error::UrlGenerationError, + HttpRequest, HttpResponse, Responder, http::StatusCode, web::{Data, Form, Query, Redirect}, }; +use error::OidcError; use openidconnect::{ - AuthenticationFlow, AuthorizationCode, ClaimsVerificationError, ConfigurationError, CsrfToken, - EmptyAdditionalClaims, EndpointMaybeSet, EndpointNotSet, EndpointSet, IssuerUrl, Nonce, - OAuth2TokenResponse, PkceCodeChallenge, PkceCodeVerifier, RedirectUrl, TokenResponse, - UserInfoClaims, + AuthenticationFlow, AuthorizationCode, CsrfToken, EmptyAdditionalClaims, EndpointMaybeSet, + EndpointNotSet, EndpointSet, IssuerUrl, Nonce, OAuth2TokenResponse, PkceCodeChallenge, + PkceCodeVerifier, RedirectUrl, TokenResponse, UserInfoClaims, core::{CoreClient, CoreGenderClaim, CoreProviderMetadata, CoreResponseType}, - url::ParseError, }; use rustical_store::auth::{AuthenticationProvider, User, user::PrincipalType::Individual}; use serde::{Deserialize, Serialize}; -#[derive(Debug, thiserror::Error)] -pub enum OidcError { - #[error("Cannot generate redirect url, something's not configured correctly")] - OidcParseError(#[from] ParseError), - - #[error("Cannot generate redirect url, something's not configured correctly")] - ActixUrlGenerationError(#[from] UrlGenerationError), - - #[error("RustiCal is not configured correctly for OIDC")] - IncorrectConfiguration, - - #[error(transparent)] - OidcConfigurationError(#[from] ConfigurationError), - - #[error(transparent)] - OidcClaimsVerificationError(#[from] ClaimsVerificationError), - - #[error(transparent)] - SessionInsertError(#[from] SessionInsertError), - - #[error(transparent)] - StoreError(#[from] rustical_store::Error), - - #[error("{0}")] - Other(&'static str), -} - -impl ResponseError for OidcError { - fn status_code(&self) -> StatusCode { - StatusCode::INTERNAL_SERVER_ERROR - } - - fn error_response(&self) -> HttpResponse { - HttpResponse::build(self.status_code()).body(self.to_string()) - } -} +mod error; pub(crate) struct OidcProviderData<'a> { pub name: &'a str, diff --git a/crates/frontend/src/routes/login.rs b/crates/frontend/src/routes/login.rs index 6750697..4932ab3 100644 --- a/crates/frontend/src/routes/login.rs +++ b/crates/frontend/src/routes/login.rs @@ -23,7 +23,7 @@ pub struct GetLoginQuery { redirect_uri: Option, } -#[instrument(skip(req))] +#[instrument(skip(req, config))] pub async fn route_get_login( Query(GetLoginQuery { redirect_uri }): Query, req: HttpRequest,