updates

Author: fiji-flo

Cargo.lock

@@ -1,6 +1,6 @@
 [package]
 name = "dino-park-whoami"
-version = "0.1.0"
+version = "0.2.0"
 authors = ["Florian Merz <flomerz@gmail.com>"]
 edition = "2018"
 
@@ -10,22 +10,22 @@ localuserscope = ["dino_park_gate/localuserscope"]
 
 
 [dependencies]
-dino_park_gate = { git = "https://github.com/mozilla-iam/dino-park-gate", tag = "0.3.1", version = "0.3.1" }
-cis_client = { git = "https://github.com/mozilla-iam/cis_client-rust", branch = "0.4.0", version = "0.4.0", features = ["sync"] }
-cis_profile = { git = "https://github.com/mozilla-iam/cis_profile-rust", branch = "0.3.1", version = "0.3.1" }
+dino_park_gate = { git = "https://github.com/mozilla-iam/dino-park-gate", tag = "0.5.1", version = "0.5.1" }
+cis_client = { git = "https://github.com/mozilla-iam/cis_client-rust", tag = "0.5.0", version = "0.5.0", features = ["sync"] }
+cis_profile = { git = "https://github.com/mozilla-iam/cis_profile-rust", tag = "0.3.2", version = "0.3.2" }
+shared-expiry-get = "0.1.0"
 actix-web = "2.0"
 actix-rt = "1.0"
 actix-cors = "0.2"
 futures = "0.3"
-oauth2 = "2.0"
-url = "1.7"
+oauth2 = { version = "3.0.0-alpha.9", features = ["futures-03", "reqwest-010"], default-features = false }
+url = "2.1"
 base64 = "0.11"
 rand = "0.7"
 actix-session = "0.3"
 failure = "0.1"
 config = "0.10"
-serde = "1.0.80"
-serde_derive = "1.0.80"
+serde = { version = "1.0", features = ["derive"] }
 serde_json = "1.0.32"
 chrono = "0.4"
 env_logger = "0.7"

Cargo.toml

@@ -15,7 +15,6 @@ use cis_client::AsyncCisClientTrait;
 use dino_park_gate::scope::ScopeAndUser;
 use log::info;
 use oauth2::basic::BasicClient;
-use oauth2::prelude::*;
 use oauth2::AuthUrl;
 use oauth2::ClientId;
 use oauth2::ClientSecret;
@@ -24,8 +23,8 @@ use oauth2::RedirectUrl;
 use oauth2::Scope;
 use oauth2::TokenUrl;
 use reqwest::Client;
+use serde::Deserialize;
 use std::sync::Arc;
-use url::Url;
 
 const AUTH_PATH: &str = "/oauth/authorize";
 const TOKEN_PATH: &str = "/oauth/access_token";
@@ -45,7 +44,10 @@ pub struct BugZillaUser {
 }
 
 async fn redirect(client: web::Data<Arc<BasicClient>>, session: Session) -> impl Responder {
-    let (authorize_url, csrf_state) = client.authorize_url(CsrfToken::new_random);
+    let (authorize_url, csrf_state) = client
+        .authorize_url(CsrfToken::new_random)
+        .add_scope(Scope::new("user:read".to_string()))
+        .url();
     info!("settting: {}", csrf_state.secret());
     session
         .set("csrf_state", csrf_state.secret().clone())
@@ -121,14 +123,12 @@ pub fn bugzilla_app<T: AsyncCisClientTrait + 'static>(
 ) -> impl HttpServiceFactory {
     let bugzilla_client_id = ClientId::new(bugzilla.client_id.clone());
     let bugzilla_client_secret = ClientSecret::new(bugzilla.client_secret.clone());
-    let auth_url = AuthUrl::new(
-        Url::parse(&format!("{}{}", &bugzilla.base_url, AUTH_PATH))
-            .expect("Invalid authorization endpoint URL"),
-    );
-    let token_url = TokenUrl::new(
-        Url::parse(&format!("{}{}", &bugzilla.base_url, TOKEN_PATH))
-            .expect("Invalid token endpoint URL"),
-    );
+    let auth_url = AuthUrl::new(format!("{}{}", &bugzilla.base_url, AUTH_PATH))
+        .expect("Invalid authorization endpoint URL");
+    let token_url = TokenUrl::new(format!("{}{}", &bugzilla.base_url, TOKEN_PATH))
+        .expect("Invalid token endpoint URL");
+    let redirect_url = RedirectUrl::new(format!("https://{}/whoami/bugzilla/auth", whoami.domain))
+        .expect("Invalid redirect URL");
 
     let client = Arc::new(
         BasicClient::new(
@@ -137,11 +137,7 @@ pub fn bugzilla_app<T: AsyncCisClientTrait + 'static>(
             auth_url,
             Some(token_url),
         )
-        .add_scope(Scope::new("user:read".to_string()))
-        .set_redirect_url(RedirectUrl::new(
-            Url::parse(&format!("https://{}/whoami/bugzilla/auth", whoami.domain))
-                .expect("Invalid redirect URL"),
-        )),
+        .set_redirect_url(redirect_url),
     );
 
     web::scope("/bugzilla/")

src/bugzilla/app.rs

@@ -16,7 +16,8 @@ use dino_park_gate::scope::ScopeAndUser;
 use failure::Error;
 use log::info;
 use oauth2::basic::BasicClient;
-use oauth2::prelude::*;
+use oauth2::reqwest::async_http_client;
+use oauth2::AsyncCodeTokenRequest;
 use oauth2::AuthUrl;
 use oauth2::AuthorizationCode;
 use oauth2::ClientId;
@@ -26,11 +27,12 @@ use oauth2::RedirectUrl;
 use oauth2::TokenResponse;
 use oauth2::TokenUrl;
 use reqwest::Client;
+use serde::Deserialize;
+use serde::Serialize;
 use std::sync::Arc;
 use std::sync::RwLock;
 use std::time::Duration;
 use ttl_cache::TtlCache;
-use url::Url;
 
 const AUTH_URL: &str = "https://github.com/login/oauth/authorize";
 const TOKEN_URL: &str = "https://github.com/login/oauth/access_token";
@@ -59,7 +61,7 @@ pub struct GitHubUser {
 
 async fn id_to_username(
     id: web::Path<String>,
-    gtihub_auth_params: web::Data<GitHub>,
+    github_auth_params: web::Data<GitHub>,
     cache: web::Data<Arc<RwLock<TtlCache<String, String>>>>,
 ) -> Result<HttpResponse, Error> {
     if let Some(username) = cache.read().ok().and_then(|c| c.get(&*id).cloned()) {
@@ -71,8 +73,8 @@ async fn id_to_username(
         let res = Client::default()
             .get(&format!("{}/{}", USER_URL, id))
             .basic_auth(
-                &gtihub_auth_params.client_id,
-                Some(&gtihub_auth_params.client_secret),
+                &github_auth_params.client_id,
+                Some(&github_auth_params.client_secret),
             )
             .header(http::header::USER_AGENT, "whoami")
             .send()
@@ -90,7 +92,7 @@ async fn id_to_username(
 }
 
 async fn redirect(client: web::Data<Arc<BasicClient>>, session: Session) -> impl Responder {
-    let (authorize_url, csrf_state) = client.authorize_url(CsrfToken::new_random);
+    let (authorize_url, csrf_state) = client.authorize_url(CsrfToken::new_random).url();
     info!("settting: {}", csrf_state.secret());
     session
         .set("csrf_state", csrf_state.secret().clone())
@@ -123,7 +125,10 @@ async fn auth<T: AsyncCisClientTrait + 'static>(
             .header(http::header::LOCATION, "/e?identityAdded=error")
             .finish());
     }
-    let token_res = client.exchange_code(code);
+    let token_res = client
+        .exchange_code(code)
+        .request_async(async_http_client)
+        .await;
 
     if let Ok(token) = token_res {
         let get = cis_client.clone();
@@ -167,8 +172,10 @@ pub fn github_app<T: AsyncCisClientTrait + 'static>(
 ) -> impl HttpServiceFactory {
     let github_client_id = ClientId::new(github.client_id.clone());
     let github_client_secret = ClientSecret::new(github.client_secret.clone());
-    let auth_url = AuthUrl::new(Url::parse(AUTH_URL).expect("Invalid authorization endpoint URL"));
-    let token_url = TokenUrl::new(Url::parse(TOKEN_URL).expect("Invalid token endpoint URL"));
+    let auth_url = AuthUrl::new(AUTH_URL.to_string()).expect("Invalid authorization endpoint URL");
+    let token_url = TokenUrl::new(TOKEN_URL.to_string()).expect("Invalid token endpoint URL");
+    let redirect_url = RedirectUrl::new(format!("https://{}/whoami/github/auth", whoami.domain))
+        .expect("Invalid redirect URL");
 
     let client = Arc::new(
         BasicClient::new(
@@ -177,10 +184,7 @@ pub fn github_app<T: AsyncCisClientTrait + 'static>(
             auth_url,
             Some(token_url),
         )
-        .set_redirect_url(RedirectUrl::new(
-            Url::parse(&format!("https://{}/whoami/github/auth", whoami.domain))
-                .expect("Invalid redirect URL"),
-        )),
+        .set_redirect_url(redirect_url),
     );
 
     web::scope("/github/")

src/github/app.rs

@@ -1,6 +1,3 @@
-#[macro_use]
-extern crate serde_derive;
-
 mod bugzilla;
 mod github;
 mod healthz;
@@ -40,6 +37,7 @@ async fn main() -> std::io::Result<()> {
     let provider = Provider::from_issuer("https://auth.mozilla.auth0.com/")
         .map_err(map_io_err)
         .await?;
+
     HttpServer::new(move || {
         let scope_middleware = ScopeAndUserAuth {
             checker: provider.clone(),

src/main.rs

@@ -1,5 +1,6 @@
 use cis_client::settings::CisSettings;
 use config::{Config, ConfigError, Environment, File};
+use serde::Deserialize;
 use std::env;
 
 #[derive(Debug, Deserialize, Clone)]