summaryrefslogtreecommitdiffstats
path: root/rust/src/api_server.rs
diff options
context:
space:
mode:
authorBryan Newbold <bnewbold@robocracy.org>2019-01-03 16:53:27 -0800
committerBryan Newbold <bnewbold@robocracy.org>2019-01-03 16:53:27 -0800
commit39678e1410a06e99ea71655485786caaf5847e7f (patch)
treed04ba9ae4083892e4d0208be952c98f174d1feef /rust/src/api_server.rs
parent9bfb8e968fcecbe4dc729b89017d0606d271b287 (diff)
downloadfatcat-39678e1410a06e99ea71655485786caaf5847e7f.tar.gz
fatcat-39678e1410a06e99ea71655485786caaf5847e7f.zip
start to impl oidc auth
Diffstat (limited to 'rust/src/api_server.rs')
-rw-r--r--rust/src/api_server.rs33
1 files changed, 27 insertions, 6 deletions
diff --git a/rust/src/api_server.rs b/rust/src/api_server.rs
index be9f1883..1edf739c 100644
--- a/rust/src/api_server.rs
+++ b/rust/src/api_server.rs
@@ -477,12 +477,7 @@ impl Server {
pub fn get_editor_handler(&self, editor_id: FatCatId, conn: &DbConn) -> Result<Editor> {
let row: EditorRow = editor::table.find(editor_id.to_uuid()).first(conn)?;
-
- let ed = Editor {
- editor_id: Some(uuid2fcid(&row.id)),
- username: row.username,
- };
- Ok(ed)
+ Ok(row.into_model())
}
pub fn get_editor_changelog_handler(
@@ -544,6 +539,32 @@ impl Server {
Ok(entry)
}
+ /// This helper either finds an Editor model by OIDC parameters (eg, remote domain and
+ /// identifier), or creates one and inserts the appropriate auth rows. The semantics are
+ /// basically an "upsert" of signup/account-creation.
+ /// Returns an editor model and boolean flag indicating whether a new editor was created or
+ /// not.
+ /// If this function creates an editor, it sets the username to "{iss}-{provider}"; the intent
+ /// is for this to be temporary but unique. Might look like "bnewbold-github", or might look
+ /// like "895139824-github". This is a hack to make check/creation idempotent.
+ pub fn auth_oidc_handler(&self, params: AuthOidc, conn: &DbConn) -> Result<(Editor, bool)> {
+ let existing: Vec<(EditorRow, AuthOidcRow)> = editor::table
+ .inner_join(auth_oidc::table)
+ .filter(auth_oidc::oidc_sub.eq(params.sub.clone()))
+ .filter(auth_oidc::oidc_iss.eq(params.iss))
+ .load(conn)?;
+
+ let (editor_row, created): (EditorRow, bool) = match existing.first() {
+ Some((editor, _)) => (editor.clone(), false),
+ None => {
+ let username = format!("{}-{}", params.sub, params.provider);
+ (create_editor(conn, username, false, false)?, true)
+ }
+ };
+
+ Ok((editor_row.into_model(), created))
+ }
+
entity_batch_handler!(create_container_batch_handler, ContainerEntity);
entity_batch_handler!(create_creator_batch_handler, CreatorEntity);
entity_batch_handler!(create_file_batch_handler, FileEntity);