diff options
author | Bryan Newbold <bnewbold@robocracy.org> | 2019-01-03 16:53:27 -0800 |
---|---|---|
committer | Bryan Newbold <bnewbold@robocracy.org> | 2019-01-03 16:53:27 -0800 |
commit | 39678e1410a06e99ea71655485786caaf5847e7f (patch) | |
tree | d04ba9ae4083892e4d0208be952c98f174d1feef /rust/src/api_server.rs | |
parent | 9bfb8e968fcecbe4dc729b89017d0606d271b287 (diff) | |
download | fatcat-39678e1410a06e99ea71655485786caaf5847e7f.tar.gz fatcat-39678e1410a06e99ea71655485786caaf5847e7f.zip |
start to impl oidc auth
Diffstat (limited to 'rust/src/api_server.rs')
-rw-r--r-- | rust/src/api_server.rs | 33 |
1 files changed, 27 insertions, 6 deletions
diff --git a/rust/src/api_server.rs b/rust/src/api_server.rs index be9f1883..1edf739c 100644 --- a/rust/src/api_server.rs +++ b/rust/src/api_server.rs @@ -477,12 +477,7 @@ impl Server { pub fn get_editor_handler(&self, editor_id: FatCatId, conn: &DbConn) -> Result<Editor> { let row: EditorRow = editor::table.find(editor_id.to_uuid()).first(conn)?; - - let ed = Editor { - editor_id: Some(uuid2fcid(&row.id)), - username: row.username, - }; - Ok(ed) + Ok(row.into_model()) } pub fn get_editor_changelog_handler( @@ -544,6 +539,32 @@ impl Server { Ok(entry) } + /// This helper either finds an Editor model by OIDC parameters (eg, remote domain and + /// identifier), or creates one and inserts the appropriate auth rows. The semantics are + /// basically an "upsert" of signup/account-creation. + /// Returns an editor model and boolean flag indicating whether a new editor was created or + /// not. + /// If this function creates an editor, it sets the username to "{iss}-{provider}"; the intent + /// is for this to be temporary but unique. Might look like "bnewbold-github", or might look + /// like "895139824-github". This is a hack to make check/creation idempotent. + pub fn auth_oidc_handler(&self, params: AuthOidc, conn: &DbConn) -> Result<(Editor, bool)> { + let existing: Vec<(EditorRow, AuthOidcRow)> = editor::table + .inner_join(auth_oidc::table) + .filter(auth_oidc::oidc_sub.eq(params.sub.clone())) + .filter(auth_oidc::oidc_iss.eq(params.iss)) + .load(conn)?; + + let (editor_row, created): (EditorRow, bool) = match existing.first() { + Some((editor, _)) => (editor.clone(), false), + None => { + let username = format!("{}-{}", params.sub, params.provider); + (create_editor(conn, username, false, false)?, true) + } + }; + + Ok((editor_row.into_model(), created)) + } + entity_batch_handler!(create_container_batch_handler, ContainerEntity); entity_batch_handler!(create_creator_batch_handler, CreatorEntity); entity_batch_handler!(create_file_batch_handler, FileEntity); |