about summary refs log tree commit diff
path: root/kittybox-rs/src/indieauth
diff options
context:
space:
mode:
Diffstat (limited to 'kittybox-rs/src/indieauth')
-rw-r--r--kittybox-rs/src/indieauth/mod.rs37
1 files changed, 21 insertions, 16 deletions
diff --git a/kittybox-rs/src/indieauth/mod.rs b/kittybox-rs/src/indieauth/mod.rs
index a86100d..0ad2702 100644
--- a/kittybox-rs/src/indieauth/mod.rs
+++ b/kittybox-rs/src/indieauth/mod.rs
@@ -73,20 +73,20 @@ impl axum::response::IntoResponse for IndieAuthResourceError {
 }
 
 #[async_trait::async_trait]
-impl <B: Send, A: AuthBackend> axum::extract::FromRequest<B> for User<A> {
+impl <S: Send + Sync, A: AuthBackend> axum::extract::FromRequestParts<S> for User<A> {
     type Rejection = IndieAuthResourceError;
 
-    async fn from_request(req: &mut axum::extract::RequestParts<B>) -> Result<Self, Self::Rejection> {
+    async fn from_request_parts(req: &mut axum::http::request::Parts, state: &S) -> Result<Self, Self::Rejection> {
         let TypedHeader(Authorization(token)) =
-            TypedHeader::<Authorization<Bearer>>::from_request(req)
+            TypedHeader::<Authorization<Bearer>>::from_request_parts(req, state)
             .await
             .map_err(|_| IndieAuthResourceError::Unauthorized)?;
 
-        let axum::Extension(auth) = axum::Extension::<A>::from_request(req)
+        let axum::Extension(auth) = axum::Extension::<A>::from_request_parts(req, state)
             .await
             .unwrap();
 
-        let Host(host) = Host::from_request(req)
+        let Host(host) = Host::from_request_parts(req, state)
             .await
             .map_err(|_| IndieAuthResourceError::InvalidRequest)?;
         
@@ -253,9 +253,9 @@ async fn verify_credential<A: AuthBackend>(
 #[tracing::instrument(skip(backend, confirmation))]
 async fn authorization_endpoint_confirm<A: AuthBackend>(
     Host(host): Host,
-    Json(confirmation): Json<AuthorizationConfirmation>,
     Extension(backend): Extension<A>,
     cookies: CookieJar,
+    Json(confirmation): Json<AuthorizationConfirmation>,
 ) -> Response {
     tracing::debug!("Received authorization confirmation from user");
     #[cfg(feature = "webauthn")]
@@ -318,11 +318,12 @@ async fn authorization_endpoint_confirm<A: AuthBackend>(
         .into_response()
 }
 
+#[tracing::instrument(skip(backend, db))]
 async fn authorization_endpoint_post<A: AuthBackend, D: Storage + 'static>(
     Host(host): Host,
-    Form(grant): Form<GrantRequest>,
     Extension(backend): Extension<A>,
-    Extension(db): Extension<D>
+    Extension(db): Extension<D>,
+    Form(grant): Form<GrantRequest>,
 ) -> Response {
     match grant {
         GrantRequest::AuthorizationCode {
@@ -373,9 +374,9 @@ async fn authorization_endpoint_post<A: AuthBackend, D: Storage + 'static>(
                     error_uri: None
                 }.into_response()
             }
-            let profile = if dbg!(request.scope.as_ref()
+            let profile = if request.scope.as_ref()
                                   .map(|s| s.has(&Scope::Profile))
-                                  .unwrap_or_default())
+                                  .unwrap_or_default()
             {
                 match get_profile(
                     db,
@@ -384,7 +385,10 @@ async fn authorization_endpoint_post<A: AuthBackend, D: Storage + 'static>(
                         .map(|s| s.has(&Scope::Email))
                         .unwrap_or_default()
                 ).await {
-                    Ok(profile) => dbg!(profile),
+                    Ok(profile) => {
+                        tracing::debug!("Retrieved profile: {:?}", profile);
+                        profile
+                    },
                     Err(err) => {
                         tracing::error!("Error retrieving profile from database: {}", err);
 
@@ -408,9 +412,9 @@ async fn authorization_endpoint_post<A: AuthBackend, D: Storage + 'static>(
 #[tracing::instrument(skip(backend, db))]
 async fn token_endpoint_post<A: AuthBackend, D: Storage + 'static>(
     Host(host): Host,
-    Form(grant): Form<GrantRequest>,
     Extension(backend): Extension<A>,
-    Extension(db): Extension<D>
+    Extension(db): Extension<D>,
+    Form(grant): Form<GrantRequest>,
 ) -> Response {
     #[inline]
     fn prepare_access_token(me: url::Url, client_id: url::Url, scope: Scopes) -> TokenData {
@@ -655,11 +659,12 @@ async fn token_endpoint_post<A: AuthBackend, D: Storage + 'static>(
     }
 }
 
+#[tracing::instrument(skip(backend, token_request))]
 async fn introspection_endpoint_post<A: AuthBackend>(
     Host(host): Host,
-    Form(token_request): Form<TokenIntrospectionRequest>,
     TypedHeader(Authorization(auth_token)): TypedHeader<Authorization<Bearer>>,
-    Extension(backend): Extension<A>
+    Extension(backend): Extension<A>,
+    Form(token_request): Form<TokenIntrospectionRequest>,
 ) -> Response {
     use serde_json::json;
 
@@ -693,8 +698,8 @@ async fn introspection_endpoint_post<A: AuthBackend>(
 
 async fn revocation_endpoint_post<A: AuthBackend>(
     Host(host): Host,
+    Extension(backend): Extension<A>,
     Form(revocation): Form<TokenRevocationRequest>,
-    Extension(backend): Extension<A>
 ) -> impl IntoResponse {
     let me: url::Url = format!("https://{}/", host).parse().unwrap();