|
1 | 1 | //! Unified auth portal integration for streamlined authentication |
2 | 2 | //! Handles callbacks from https://app.kiro.dev/signin |
3 | 3 |
|
| 4 | +use std::env; |
4 | 5 | use std::time::Duration; |
5 | 6 |
|
6 | 7 | use bytes::Bytes; |
@@ -35,7 +36,7 @@ use crate::auth::social::{ |
35 | 36 | use crate::database::Database; |
36 | 37 | use crate::util::system_info::is_mwinit_available; |
37 | 38 |
|
38 | | -const AUTH_PORTAL_URL: &str = "https://app.kiro.dev/signin"; |
| 39 | +const DEFAULT_AUTH_PORTAL_URL: &str = "https://app.kiro.dev"; |
39 | 40 | const DEFAULT_AUTHORIZATION_TIMEOUT: Duration = Duration::from_secs(600); |
40 | 41 |
|
41 | 42 | #[derive(Debug, Clone)] |
@@ -143,10 +144,11 @@ fn format_user_friendly_error(error_code: &str, description: Option<&str>, provi |
143 | 144 | fn build_auth_url(redirect_base: &str, state: &str, challenge: &str) -> String { |
144 | 145 | let is_internal = is_mwinit_available(); |
145 | 146 | let internal_param = if is_internal { "&from_amazon_internal=true" } else { "" }; |
| 147 | + let auth_portal_url = get_auth_portal_url(); |
146 | 148 |
|
147 | 149 | format!( |
148 | | - "{}?state={}&code_challenge={}&code_challenge_method=S256&redirect_uri={}{}&redirect_from=kirocli", |
149 | | - AUTH_PORTAL_URL, |
| 150 | + "{}/signin?state={}&code_challenge={}&code_challenge_method=S256&redirect_uri={}{}&redirect_from=kirocli", |
| 151 | + auth_portal_url, |
150 | 152 | state, |
151 | 153 | challenge, |
152 | 154 | urlencoding::encode(redirect_base), |
@@ -357,7 +359,11 @@ async fn handle_invalid_callback(path: &str) -> Result<Response<Full<Bytes>>, Au |
357 | 359 |
|
358 | 360 | /// Build a redirect response to the auth portal |
359 | 361 | fn build_redirect_response(status: &str, error_message: Option<&str>) -> Result<Response<Full<Bytes>>, AuthError> { |
360 | | - let mut redirect_url = format!("{}?auth_status={}&redirect_from=kirocli", AUTH_PORTAL_URL, status); |
| 362 | + let auth_portal_url = get_auth_portal_url(); |
| 363 | + let mut redirect_url = format!( |
| 364 | + "{}/signin?auth_status={}&redirect_from=kirocli", |
| 365 | + auth_portal_url, status |
| 366 | + ); |
361 | 367 |
|
362 | 368 | if let Some(msg) = error_message { |
363 | 369 | redirect_url.push_str(&format!("&error_message={}", urlencoding::encode(msg))); |
@@ -385,3 +391,7 @@ async fn bind_allowed_port(ports: &[u16]) -> Result<TcpListener, AuthError> { |
385 | 391 | "All callback ports are in use. Please close some applications and try again.".into(), |
386 | 392 | )) |
387 | 393 | } |
| 394 | + |
| 395 | +fn get_auth_portal_url() -> String { |
| 396 | + env::var("KIRO_AUTH_PORTAL_URL").unwrap_or_else(|_| DEFAULT_AUTH_PORTAL_URL.to_string()) |
| 397 | +} |
0 commit comments