Admin API to list upstream OAuth 2.0 providers (#5043)

Author: sandhose

crates/handlers/src/admin/mod.rs

@@ -91,6 +91,11 @@ fn finish(t: TransformOpenApi) -> TransformOpenApi {
             ),
             ..Default::default()
         })
+        .tag(Tag {
+            name: "upstream-oauth-provider".to_owned(),
+            description: Some("Manage upstream OAuth 2.0 providers".to_owned()),
+            ..Tag::default()
+        })
         .security_scheme("oauth2", oauth_security_scheme(None))
         .security_scheme(
             "token",

crates/handlers/src/admin/model.rs

@@ -695,3 +695,79 @@ impl UserRegistrationToken {
         ]
     }
 }
+
+/// An upstream OAuth 2.0 provider
+#[derive(Serialize, JsonSchema)]
+pub struct UpstreamOAuthProvider {
+    #[serde(skip)]
+    id: Ulid,
+
+    /// The OIDC issuer of the provider
+    issuer: Option<String>,
+
+    /// A human-readable name for the provider
+    human_name: Option<String>,
+
+    /// A brand identifier, e.g. "apple" or "google"
+    brand_name: Option<String>,
+
+    /// When the provider was created
+    created_at: DateTime<Utc>,
+
+    /// When the provider was disabled. If null, the provider is enabled.
+    disabled_at: Option<DateTime<Utc>>,
+}
+
+impl From<mas_data_model::UpstreamOAuthProvider> for UpstreamOAuthProvider {
+    fn from(provider: mas_data_model::UpstreamOAuthProvider) -> Self {
+        Self {
+            id: provider.id,
+            issuer: provider.issuer,
+            human_name: provider.human_name,
+            brand_name: provider.brand_name,
+            created_at: provider.created_at,
+            disabled_at: provider.disabled_at,
+        }
+    }
+}
+
+impl Resource for UpstreamOAuthProvider {
+    const KIND: &'static str = "upstream-oauth-provider";
+    const PATH: &'static str = "/api/admin/v1/upstream-oauth-providers";
+
+    fn id(&self) -> Ulid {
+        self.id
+    }
+}
+
+impl UpstreamOAuthProvider {
+    /// Samples of upstream OAuth 2.0 providers
+    pub fn samples() -> [Self; 3] {
+        [
+            Self {
+                id: Ulid::from_bytes([0x01; 16]),
+                issuer: Some("https://accounts.google.com".to_owned()),
+                human_name: Some("Google".to_owned()),
+                brand_name: Some("google".to_owned()),
+                created_at: DateTime::default(),
+                disabled_at: None,
+            },
+            Self {
+                id: Ulid::from_bytes([0x02; 16]),
+                issuer: Some("https://appleid.apple.com".to_owned()),
+                human_name: Some("Apple ID".to_owned()),
+                brand_name: Some("apple".to_owned()),
+                created_at: DateTime::default(),
+                disabled_at: Some(DateTime::default()),
+            },
+            Self {
+                id: Ulid::from_bytes([0x03; 16]),
+                issuer: None,
+                human_name: Some("Custom OAuth Provider".to_owned()),
+                brand_name: None,
+                created_at: DateTime::default(),
+                disabled_at: None,
+            },
+        ]
+    }
+}

crates/handlers/src/admin/v1/mod.rs

@@ -23,6 +23,7 @@ mod oauth2_sessions;
 mod policy_data;
 mod site_config;
 mod upstream_oauth_links;
+mod upstream_oauth_providers;
 mod user_emails;
 mod user_registration_tokens;
 mod user_sessions;
@@ -187,4 +188,11 @@ where
                 self::upstream_oauth_links::delete_doc,
             ),
         )
+        .api_route(
+            "/upstream-oauth-providers",
+            get_with(
+                self::upstream_oauth_providers::list,
+                self::upstream_oauth_providers::list_doc,
+            ),
+        )
 }