@@ -13,18 +13,29 @@ use std::sync::Arc;
1313use uuid:: Uuid ;
1414
1515use crate :: channel:: call_js_with_channel_as_callback;
16+ use crate :: gateway:: {
17+ GatewayAuthContext , GatewayAuthContextRef , GatewayAuthService , GatewayAuthenticateResponse ,
18+ GatewayCheckAuthRequest ,
19+ } ;
1620
1721#[ derive( Debug ) ]
1822pub struct NodeBridgeAuthService {
1923 channel : Arc < Channel > ,
24+ check_auth : Arc < Root < JsFunction > > ,
2025 check_sql_auth : Arc < Root < JsFunction > > ,
2126}
2227
28+ pub struct NodeBridgeAuthServiceOptions {
29+ pub check_auth : Root < JsFunction > ,
30+ pub check_sql_auth : Root < JsFunction > ,
31+ }
32+
2333impl NodeBridgeAuthService {
24- pub fn new ( channel : Channel , check_sql_auth : Root < JsFunction > ) -> Self {
34+ pub fn new ( channel : Channel , options : NodeBridgeAuthServiceOptions ) -> Self {
2535 Self {
2636 channel : Arc :: new ( channel) ,
27- check_sql_auth : Arc :: new ( check_sql_auth) ,
37+ check_auth : Arc :: new ( options. check_auth ) ,
38+ check_sql_auth : Arc :: new ( options. check_sql_auth ) ,
2839 }
2940 }
3041}
@@ -36,14 +47,14 @@ pub struct TransportRequest {
3647}
3748
3849#[ derive( Debug , Serialize ) ]
39- struct CheckSQLAuthRequest {
50+ struct CheckSQLAuthTransportRequest {
4051 request : TransportRequest ,
4152 user : Option < String > ,
4253 password : Option < String > ,
4354}
4455
4556#[ derive( Debug , Deserialize ) ]
46- struct CheckSQLAuthResponse {
57+ struct CheckSQLAuthTransportResponse {
4758 password : Option < String > ,
4859 superuser : bool ,
4960 #[ serde( rename = "securityContext" , skip_serializing_if = "Option::is_none" ) ]
@@ -53,13 +64,13 @@ struct CheckSQLAuthResponse {
5364}
5465
5566#[ derive( Debug ) ]
56- pub struct NativeAuthContext {
67+ pub struct NativeSQLAuthContext {
5768 pub user : Option < String > ,
5869 pub superuser : bool ,
5970 pub security_context : Option < serde_json:: Value > ,
6071}
6172
62- impl AuthContext for NativeAuthContext {
73+ impl AuthContext for NativeSQLAuthContext {
6374 fn as_any ( & self ) -> & dyn Any {
6475 self
6576 }
@@ -72,28 +83,28 @@ impl SqlAuthService for NodeBridgeAuthService {
7283 user : Option < String > ,
7384 password : Option < String > ,
7485 ) -> Result < AuthenticateResponse , CubeError > {
75- trace ! ( "[auth] Request ->" ) ;
86+ trace ! ( "[sql auth] Request ->" ) ;
7687
7788 let request_id = Uuid :: new_v4 ( ) . to_string ( ) ;
7889
79- let extra = serde_json:: to_string ( & CheckSQLAuthRequest {
90+ let extra = serde_json:: to_string ( & CheckSQLAuthTransportRequest {
8091 request : TransportRequest {
8192 id : format ! ( "{}-span-1" , request_id) ,
8293 meta : None ,
8394 } ,
8495 user : user. clone ( ) ,
8596 password : password. clone ( ) ,
8697 } ) ?;
87- let response: CheckSQLAuthResponse = call_js_with_channel_as_callback (
98+ let response: CheckSQLAuthTransportResponse = call_js_with_channel_as_callback (
8899 self . channel . clone ( ) ,
89100 self . check_sql_auth . clone ( ) ,
90101 Some ( extra) ,
91102 )
92103 . await ?;
93- trace ! ( "[auth] Request <- {:?}" , response) ;
104+ trace ! ( "[sql auth] Request <- {:?}" , response) ;
94105
95106 Ok ( AuthenticateResponse {
96- context : Arc :: new ( NativeAuthContext {
107+ context : Arc :: new ( NativeSQLAuthContext {
97108 user,
98109 superuser : response. superuser ,
99110 security_context : response. security_context ,
@@ -104,4 +115,70 @@ impl SqlAuthService for NodeBridgeAuthService {
104115 }
105116}
106117
107- di_service ! ( NodeBridgeAuthService , [ SqlAuthService ] ) ;
118+ #[ derive( Debug , Serialize ) ]
119+ struct CheckAuthTransportRequest {
120+ request : TransportRequest ,
121+ req : GatewayCheckAuthRequest ,
122+ token : String ,
123+ }
124+
125+ #[ derive( Debug , Deserialize ) ]
126+ struct CheckAuthTransportResponse {
127+ #[ serde( rename = "securityContext" , skip_serializing_if = "Option::is_none" ) ]
128+ security_context : Option < serde_json:: Value > ,
129+ }
130+
131+ #[ derive( Debug ) ]
132+ pub struct NativeAuthContext {
133+ pub security_context : Option < serde_json:: Value > ,
134+ }
135+
136+ impl GatewayAuthContext for NativeAuthContext {
137+ fn as_any ( & self ) -> & dyn Any {
138+ self
139+ }
140+ }
141+
142+ #[ async_trait]
143+ impl GatewayAuthService for NodeBridgeAuthService {
144+ async fn authenticate (
145+ & self ,
146+ req : GatewayCheckAuthRequest ,
147+ token : String ,
148+ ) -> Result < GatewayAuthenticateResponse , CubeError > {
149+ trace ! ( "[auth] Request ->" ) ;
150+
151+ let request_id = Uuid :: new_v4 ( ) . to_string ( ) ;
152+
153+ let extra = serde_json:: to_string ( & CheckAuthTransportRequest {
154+ request : TransportRequest {
155+ id : format ! ( "{}-span-1" , request_id) ,
156+ meta : None ,
157+ } ,
158+ req,
159+ token : token. clone ( ) ,
160+ } ) ?;
161+ let response: CheckAuthTransportResponse = call_js_with_channel_as_callback (
162+ self . channel . clone ( ) ,
163+ self . check_auth . clone ( ) ,
164+ Some ( extra) ,
165+ )
166+ . await ?;
167+ trace ! ( "[auth] Request <- {:?}" , response) ;
168+
169+ Ok ( GatewayAuthenticateResponse {
170+ context : Arc :: new ( NativeAuthContext {
171+ security_context : response. security_context ,
172+ } ) ,
173+ } )
174+ }
175+
176+ async fn context_to_api_scopes (
177+ & self ,
178+ auth_context : GatewayAuthContextRef ,
179+ ) -> Result < GatewayAuthenticateResponse , CubeError > {
180+ unimplemented ! ( ) ;
181+ }
182+ }
183+
184+ di_service ! ( NodeBridgeAuthService , [ SqlAuthService , GatewayAuthService ] ) ;
0 commit comments