chore: Updates to rextendr and prepares for CRAN release

andyquinterom · andyquinterom · commit f58b40696443 · 2025-04-14T13:06:51.000-05:00
diff --git a/.Rbuildignore b/.Rbuildignore
@@ -16,3 +16,4 @@
 ^src/Makevars$
 ^src/Makevars\.win$
 ^Taskfile.yml$
+^src/rust/target$
diff --git a/.github/workflows/R-CMD-check.yaml b/.github/workflows/R-CMD-check.yaml
@@ -50,3 +50,5 @@ jobs:
         with:
           upload-snapshots: true
           build_args: 'c("--no-manual","--compact-vignettes=gs+qpdf")'
+        env:
+          NOT_CRAN: false
diff --git a/DESCRIPTION b/DESCRIPTION
@@ -17,8 +17,6 @@ Depends: R (>= 4.2.0)
 Imports:
     glue,
     promises,
-    purrr,
-    stats,
     stringr,
     shiny,
     later,
@@ -36,4 +34,4 @@ Encoding: UTF-8
 Roxygen: list(markdown = TRUE)
 RoxygenNote: 7.3.2
 Config/rextendr/version: 0.3.1.9001
-SystemRequirements: Cargo (Rust's package manager), rustc
+SystemRequirements: Cargo (Rust's package manager), rustc, OpenSSL >= 1.0.2
diff --git a/README.md b/README.md
@@ -117,4 +117,4 @@ connections are started until the user is authenticated. It also prevents
 sensitive data in the UI portion of the application from being exposed to
 unauthenticated users.
 
-![Auth Flow](man/flow.png)
+![Auth Flow](vignettes/flow.png)
diff --git a/Taskfile.yml b/Taskfile.yml
@@ -6,7 +6,7 @@ env:
 tasks:
   clean:
     - rm -rf src/.cargo
-    - rm -rf orbweaver_*.tar.gz
+    - rm -rf tapLock_*.tar.gz
   vendor:
     dir: src/rust
     deps:
@@ -40,4 +40,4 @@ tasks:
       - clean
     cmds:
       - R CMD build .
-      - R CMD check orbweaver*.tar.gz
+      - R CMD check tapLock*.tar.gz
diff --git a/src/Makevars.in b/src/Makevars.in
@@ -1,7 +1,7 @@
 TARGET_DIR = ./rust/target
 LIBDIR = $(TARGET_DIR)/release
-STATLIB = $(LIBDIR)/libtapLock.a
-PKG_LIBS = -L$(LIBDIR) -ltapLock
+STATLIB = $(LIBDIR)/libtap_lock.a
+PKG_LIBS = -L$(LIBDIR) -ltap_lock
 
 all: C_clean
 
diff --git a/src/Makevars.win.in b/src/Makevars.win.in
@@ -2,8 +2,8 @@ TARGET = $(subst 64,x86_64,$(subst 32,i686,$(WIN)))-pc-windows-gnu
 
 TARGET_DIR = ./rust/target
 LIBDIR = $(TARGET_DIR)/$(TARGET)/release
-STATLIB = $(LIBDIR)/libtapLock.a
-PKG_LIBS = -L$(LIBDIR) -ltapLock -lws2_32 -lntdll -lbcrypt -luserenv
+STATLIB = $(LIBDIR)/libtap_lock.a
+PKG_LIBS = -L$(LIBDIR) -ltap_lock -lws2_32 -lntdll -lbcrypt -luserenv
 
 all: C_clean
 
diff --git a/src/rust/Cargo.lock b/src/rust/Cargo.lock
diff --git a/src/rust/Cargo.toml b/src/rust/Cargo.toml
@@ -1,20 +1,33 @@
 [package]
-name = 'tapLock'
+name = 'tap_lock'
 publish = false
 version = '0.1.0'
 edition = '2021'
 
 [lib]
 crate-type = [ 'staticlib' ]
-name = 'tapLock'
+name = 'tap_lock'
 
 [dependencies]
 async-trait = "0.1.87"
-extendr-api = { version = '0.7.1', features = ["serde", "result_condition"] }
+extendr-api = { version = '0.8', features = ["serde", "result_condition"] }
 jsonwebtoken = "9.3.1"
 oauth2 = { version = "5.0.0", features = ["reqwest"] }
 reqwest = { version = "0.12.14", features = ["json", "rustls-tls"], default-features = false }
 serde = { version = "1.0.219", features = ["derive"] }
 serde_json = "1.0.140"
 tokio = { version = "1.44.1", features = ["rt-multi-thread"] }
 urlencoding = "2.1.3"
+
+[package.metadata.vendor-filter]
+platforms = [
+    # Linux
+    "x86_64-unknown-linux-gnu",
+    "aarch64-unknown-linux-gnu",
+    # Windows
+    "x86_64-pc-windows-gnu",
+    # MacOS
+    "x86_64-apple-darwin",
+    "aarch64-apple-darwin"
+]
+all-features = true
diff --git a/src/rust/src/entra_id.rs b/src/rust/src/entra_id.rs
@@ -14,7 +14,7 @@ use std::sync::{Arc, Mutex};
 
 use crate::{OAuth2Client, OAuth2Error, OAuth2Response};
 
-const JWKS_URL: &'static str = "https://login.microsoftonline.com/common/discovery/keys";
+const JWKS_URL: &str = "https://login.microsoftonline.com/common/discovery/keys";
 
 #[derive(Debug, Deserialize, Serialize, Clone)]
 struct AzureADTokenResponseExtra {
@@ -43,18 +43,17 @@ pub struct AzureADOAuth2Client {
     client_id: String,
     jwks: Arc<Mutex<JwkSet>>,
     use_refresh_token: bool,
-    tenant_id: String, // Add tenant ID
+    _tenant_id: String,
 }
 
 impl AzureADOAuth2Client {
     fn get_jwk(&self, kid: &str) -> Option<jsonwebtoken::jwk::Jwk> {
         let jwks = self.jwks.lock().expect("mutex should not be poissoned");
-        jwks.find(&kid).cloned()
+        jwks.find(kid).cloned()
     }
 }
 
 async fn fetch_jwks(reqwest_client: &reqwest::Client) -> Result<JwkSet, OAuth2Error> {
-    eprintln!("Refreshing JwkSet");
     let jwks = reqwest_client
         .get(JWKS_URL)
         .send()
@@ -148,7 +147,7 @@ pub async fn build_oauth2_state_azure_ad(
         jwks,
         client_id: client_id.to_string(),
         use_refresh_token,
-        tenant_id: tenant_id.to_string(), // Store tenant ID
+        _tenant_id: tenant_id.to_string(), // Store tenant ID
     })
 }
 
diff --git a/src/rust/src/google.rs b/src/rust/src/google.rs
@@ -11,13 +11,12 @@ use oauth2::{
 use serde::{Deserialize, Serialize};
 use std::error::Error;
 use std::sync::{Arc, Mutex};
-use tokio::sync::RwLock;
 
 use crate::{OAuth2Client, OAuth2Error, OAuth2Response};
 
-const AUTH_BASE_URL: &'static str = "https://accounts.google.com/o/oauth2/v2/auth";
-const TOKEN_URL: &'static str = "https://oauth2.googleapis.com/token";
-const JWKS_URL: &'static str = "https://www.googleapis.com/oauth2/v3/certs";
+const AUTH_BASE_URL: &str = "https://accounts.google.com/o/oauth2/v2/auth";
+const TOKEN_URL: &str = "https://oauth2.googleapis.com/token";
+const JWKS_URL: &str = "https://www.googleapis.com/oauth2/v3/certs";
 
 #[derive(Debug, Deserialize, Serialize, Clone)]
 struct GoogleTokenResponseExtra {
@@ -56,12 +55,11 @@ pub struct GoogleOAuth2Client {
 impl GoogleOAuth2Client {
     fn get_jwk(&self, kid: &str) -> Option<jsonwebtoken::jwk::Jwk> {
         let jwks = self.jwks.lock().expect("mutex should not be poissoned");
-        jwks.find(&kid).cloned()
+        jwks.find(kid).cloned()
     }
 }
 
 async fn fetch_jwks(reqwest_client: &reqwest::Client) -> Result<JwkSet, OAuth2Error> {
-    eprintln!("Refreshing JwkSet");
     let jwks = reqwest_client
         .get(JWKS_URL)
         .send()
@@ -165,7 +163,7 @@ impl OAuth2Client for GoogleOAuth2Client {
             .map_err(|e| e.to_string())?;
 
         let access_token = token_result.extra_fields().id_token.clone();
-        let mut response = decode_token_and_maybe_refresh_jwks(&self, access_token).await?;
+        let mut response = decode_token_and_maybe_refresh_jwks(self, access_token).await?;
         if self.use_refresh_token {
             response.refresh_token = Some(
                 token_result
@@ -188,7 +186,7 @@ impl OAuth2Client for GoogleOAuth2Client {
             .map_err(|e| e.to_string())?;
 
         let access_token = token_result.extra_fields().id_token.clone();
-        let mut response = decode_token_and_maybe_refresh_jwks(&self, access_token).await?;
+        let mut response = decode_token_and_maybe_refresh_jwks(self, access_token).await?;
 
         if self.use_refresh_token {
             response.refresh_token = token_result.refresh_token().map(|rt| rt.secret().clone());
diff --git a/src/rust/src/lib.rs b/src/rust/src/lib.rs
@@ -5,6 +5,7 @@ use extendr_api::prelude::*;
 use std::sync::Arc;
 use tokio::sync::oneshot::{self, error::TryRecvError};
 
+#[extendr]
 enum FutureResult {
     Error(Robj),
     Ready(Robj),
@@ -142,6 +143,7 @@ impl From<reqwest::Error> for OAuth2Error {
     }
 }
 
+#[extendr]
 struct AsyncFuture {
     rx: oneshot::Receiver<std::result::Result<OAuth2Response, OAuth2Error>>,
 }
@@ -175,6 +177,7 @@ pub(crate) trait OAuth2Client: Send + Sync {
     fn get_authorization_url(&self) -> String;
 }
 
+#[extendr]
 struct OAuth2Runtime {
     runtime: tokio::runtime::Runtime,
     client: Arc<dyn OAuth2Client>,
diff --git a/src/rust/vendor.tar.xz b/src/rust/vendor.tar.xz
diff --git a/vignettes/flow.png b/vignettes/flow.png
