Conversation
…ment - Add OAuth authorization endpoints for GET and POST requests. - Implement CSRF protection for authorization requests. - Create HTML template for authorization page with error handling. - Integrate Redis for storing authorization codes and refresh tokens. - Update dependencies in Cargo.toml for new features. - Add error handling for user authentication and authorization processes. - Refactor server setup to include Redis connection pooling.
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## master #1508 +/- ##
=======================================
Coverage 56.23% 56.23%
=======================================
Files 142 142
Lines 6284 6284
Branches 1298 1298
=======================================
Hits 3534 3534
Misses 2135 2135
Partials 615 615 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
trim21
changed the title
There was a problem hiding this comment.
Pull request overview
This PR implements the OAuth 2.0 authorization flow in Rust as part of the broader TypeScript-to-Rust migration effort. The implementation includes authorization endpoints (GET/POST /oauth/authorize), token exchange endpoint (POST /oauth/access_token), CSRF protection, Redis integration for authorization codes, and MySQL persistence for access and refresh tokens.
Changes:
- Implements complete OAuth 2.0 authorization code and refresh token grant flows in Rust
- Adds Redis connection pooling and integration for storing temporary authorization codes
- Updates migration documentation to track OAuth API implementation progress and parity status
- Creates HTML templates for OAuth authorization page and error handling
Reviewed changes
Copilot reviewed 8 out of 9 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
crates/api/src/oauth.rs |
Complete OAuth 2.0 flow implementation including authorization endpoints, token exchange, CSRF protection, scope parsing, and database/Redis operations |
crates/api/src/server.rs |
Adds Redis pool setup, cookie signing key initialization, and routes OAuth endpoints through auth middleware |
crates/api/src/lib.rs |
Adds oauth module declaration |
crates/api/src/error.rs |
Adds not_found error constructor for 404 responses |
crates/api/templates/oauth/authorize.html |
OAuth authorization page template with app info, scope permissions, and CSRF-protected form |
crates/api/templates/oauth/error.html |
OAuth error page template for authorization failures |
crates/api/Cargo.toml |
Adds dependencies for cookies, Redis, URL handling, and random token generation |
Cargo.lock |
Lock file updates for new dependencies |
docs/rust-migration-plan.md |
Comprehensive updates documenting OAuth migration timeline, implementation status, parity checklist, and migration tracking tables |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| #[derive(Debug, FromRow)] | ||
| struct RefreshTokenRow { | ||
| user_id: String, | ||
| scope: Option<String>, | ||
| } |
There was a problem hiding this comment.
The RefreshTokenRow struct is missing fields that are selected in the SQL query. The query at line 638 selects refresh_token, client_id, user_id, expires, scope, but the RefreshTokenRow struct at lines 798-802 only defines user_id and scope. This mismatch will cause a runtime error when sqlx tries to map the query results to the struct.
Add the missing fields to the RefreshTokenRow struct:
- refresh_token: String
- client_id: String
- expires: chrono::DateTime<Utc> (or appropriate timestamp type)
Even if these fields aren't used in the business logic, they need to be present for sqlx to successfully deserialize the query results.
1 participant
No description provided.