Skip to content

Commit 05ead05

Browse files
avacore1337avacore1337
committed
using new auth fully
1 parent efa1720 commit 05ead05

File tree

2 files changed

+26
-18
lines changed

2 files changed

+26
-18
lines changed

src/routes/users.rs

Lines changed: 22 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@ use crate::auth::Auth;
22
use crate::config::AppState;
33
use crate::db;
44
use crate::errors::{Errors, FieldValidator};
5-
use crate::util::{handle_login, Ticket};
5+
use crate::util::{handle_login, ugkthid_to_user, Ticket};
66
use anyhow::{anyhow, Result};
77
use openidconnect::core::{
88
CoreAuthDisplay, CoreAuthPrompt, CoreAuthenticationFlow, CoreErrorResponseType,
@@ -133,24 +133,38 @@ pub fn kth_login(cookies: Cookies) -> Redirect {
133133
#[derive(FromForm, Default)]
134134
pub struct Code {
135135
code: Option<String>,
136+
#[allow(dead_code)]
136137
state: Option<String>,
137138
}
138139

139140
#[get("/oidc-auth?<params..>")]
140141
pub fn kth_oidc_auth(
141-
cookies: Cookies,
142-
_conn: db::DbConn,
143-
_state: State<AppState>,
142+
mut cookies: Cookies,
143+
conn: db::DbConn,
144+
state: State<AppState>,
144145
params: Form<Code>,
145-
// client_addr: &ClientAddr,
146+
client_addr: &ClientAddr,
146147
) -> Redirect {
147148
println!("starting oidc auth");
148149
// cookies.add(Cookie::new("nonce", nonce.secret().clone()));
149150
match cookies.get("nonce") {
150151
Some(nonce) => {
151152
println!("got nonce: {}", nonce.value());
152153
match get_oidc_user(params, Nonce::new(nonce.value().to_string())) {
153-
Ok(_) => println!("good login!"),
154+
Ok(ugkthid) => {
155+
println!("good login!");
156+
match ugkthid_to_user(&conn, ugkthid) {
157+
Some(user) => {
158+
println!("User logged in: {:?}", user);
159+
cookies.add(Cookie::new(
160+
"userdata",
161+
json!(user.to_user_auth(&conn, &state.secret, client_addr))
162+
.to_string(),
163+
));
164+
}
165+
None => println!("Login failed for some reason..."),
166+
}
167+
}
154168
Err(err) => {
155169
println!("oidc error: {:?}", err);
156170
}
@@ -223,7 +237,7 @@ pub fn use_oidc(mut cookies: Cookies) -> Result<Redirect> {
223237
Ok(Redirect::to(auth_url.to_string()))
224238
}
225239

226-
pub fn get_oidc_user(params: Form<Code>, nonce: Nonce) -> Result<()> {
240+
pub fn get_oidc_user(params: Form<Code>, nonce: Nonce) -> Result<String> {
227241
// println!("got nonce: {:?}", nonce.secret());
228242
let client = get_client()?;
229243
let code = params
@@ -260,14 +274,5 @@ pub fn get_oidc_user(params: Form<Code>, nonce: Nonce) -> Result<()> {
260274
// The authenticated user's identity is now available. See the IdTokenClaims struct for a
261275
// complete listing of the available claims.
262276
println!("Got kthid: {:?}", claims.additional_claims().kthid);
263-
println!(
264-
"User {} with e-mail address {} has authenticated successfully",
265-
claims.subject().as_str(),
266-
claims
267-
.email()
268-
.map(|email| email.as_str())
269-
.unwrap_or("<not provided>"),
270-
);
271-
272-
Ok(())
277+
Ok(claims.additional_claims().kthid.clone())
273278
}

src/util.rs

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -125,9 +125,12 @@ fn validate_ticket(ticket: &str) -> Option<String> {
125125
re.captures(&res).map(|cap| cap[0].to_string())
126126
}
127127
}
128-
129128
pub fn handle_login(conn: &PgConnection, params: Form<Ticket>) -> Option<User> {
130129
let ugkthid = validate_ticket(params.ticket.as_ref()?)?;
130+
ugkthid_to_user(conn, ugkthid)
131+
}
132+
133+
pub fn ugkthid_to_user(conn: &PgConnection, ugkthid: String) -> Option<User> {
131134
match fetch_ldap_data_by_ugkthid(&ugkthid) {
132135
Ok(ldap_user) => match db::users::find_by_ugkthid(conn, &ugkthid) {
133136
Ok(user) => diesel::update(&user)

0 commit comments

Comments
 (0)