From e2bbf451ad2eb6f21f8ec55aafaafa6aa7bd25f4 Mon Sep 17 00:00:00 2001 From: Vika Date: Fri, 22 Jul 2022 06:02:46 +0300 Subject: kittybox-indieauth: axum helpers for responses Some responses need to set Cache-Control and Pragma: no-cache headers according to RFC 6749. --- kittybox-rs/indieauth/src/lib.rs | 40 ++++++++++++++++++++++++++++++++++++++++ kittybox-rs/src/indieauth/mod.rs | 26 +++++++++++++------------- 2 files changed, 53 insertions(+), 13 deletions(-) diff --git a/kittybox-rs/indieauth/src/lib.rs b/kittybox-rs/indieauth/src/lib.rs index cb99146..5896ebb 100644 --- a/kittybox-rs/indieauth/src/lib.rs +++ b/kittybox-rs/indieauth/src/lib.rs @@ -85,6 +85,18 @@ pub struct Profile { pub email: Option } +#[cfg(feature = "axum")] +impl axum_core::response::IntoResponse for Profile { + fn into_response(self) -> axum_core::response::Response { + use http::StatusCode; + + (StatusCode::OK, + [("Content-Type", "application/json")], + serde_json::to_vec(&self).unwrap()) + .into_response() + } +} + #[derive(Clone, Debug, PartialEq, Eq, Deserialize, Serialize)] pub struct State(String); impl State { @@ -157,6 +169,21 @@ pub enum GrantResponse { } } +#[cfg(feature = "axum")] +impl axum_core::response::IntoResponse for GrantResponse { + fn into_response(self) -> axum_core::response::Response { + use http::StatusCode; + + (StatusCode::OK, + [("Content-Type", "application/json"), + ("Cache-Control", "no-store"), + ("Pragma", "no-cache") + ], + serde_json::to_vec(&self).unwrap()) + .into_response() + } +} + /// Describes requests that the authorization endpoint might want to handle. /// /// This type mostly exists for ease-of-use with serde. @@ -257,6 +284,19 @@ impl From for Option { } } +#[cfg(feature = "axum")] +impl axum_core::response::IntoResponse for TokenIntrospectionResponse { + fn into_response(self) -> axum_core::response::Response { + use http::StatusCode; + + (StatusCode::OK, + [("Content-Type", "application/json")], + serde_json::to_vec(&self).unwrap()) + .into_response() + } +} + + #[derive(Debug, Serialize, Deserialize)] pub struct TokenRevocationRequest { pub token: String diff --git a/kittybox-rs/src/indieauth/mod.rs b/kittybox-rs/src/indieauth/mod.rs index 12c9bab..70b909a 100644 --- a/kittybox-rs/src/indieauth/mod.rs +++ b/kittybox-rs/src/indieauth/mod.rs @@ -85,7 +85,7 @@ async fn authorization_endpoint_post( Ok(code) => code, Err(err) => { tracing::error!("Error creating authorization code: {}", err); - return IntoResponse::into_response(StatusCode::INTERNAL_SERVER_ERROR); + return StatusCode::INTERNAL_SERVER_ERROR.into_response(); } }; @@ -101,10 +101,10 @@ async fn authorization_endpoint_post( uri }; - IntoResponse::into_response(( - StatusCode::FOUND, - [("Location", redirect_uri.as_str())] - )) + (StatusCode::FOUND, + [("Location", redirect_uri.as_str())] + ) + .into_response() }, Grant(grant) => match grant { GrantRequest::AuthorizationCode { code, client_id, redirect_uri, code_verifier } => { @@ -152,7 +152,7 @@ async fn authorization_endpoint_post( }; let me = format!("https://{}/", host).parse().unwrap(); - Json(GrantResponse::ProfileUrl { me, profile }).into_response() + GrantResponse::ProfileUrl { me, profile }.into_response() }, _ => Error { kind: ErrorKind::InvalidGrant, @@ -277,13 +277,13 @@ async fn token_endpoint_post( } }; - Json(GrantResponse::AccessToken { + GrantResponse::AccessToken { me, profile, access_token, expires_in: Some(ACCESS_TOKEN_VALIDITY), refresh_token: Some(refresh_token) - }).into_response() + }.into_response() }, GrantRequest::RefreshToken { refresh_token, client_id, scope } => { let data = match backend.get_refresh_token(&refresh_token).await { @@ -354,13 +354,13 @@ async fn token_endpoint_post( return StatusCode::INTERNAL_SERVER_ERROR.into_response(); } - Json(GrantResponse::AccessToken { + GrantResponse::AccessToken { me: data.me, profile, access_token, expires_in: Some(ACCESS_TOKEN_VALIDITY), refresh_token: Some(refresh_token) - }).into_response() + }.into_response() } } } @@ -379,7 +379,7 @@ async fn introspection_endpoint_post( } }; - Json(response).into_response() + response.into_response() } async fn revocation_endpoint_post( @@ -404,12 +404,12 @@ async fn userinfo_endpoint_get( TypedHeader(Authorization(auth_token)): TypedHeader>, Extension(backend): Extension ) -> Response { - Json(Profile { + Profile { name: todo!(), url: todo!(), photo: todo!(), email: Some(todo!()) - }).into_response() + }.into_response() } pub fn router(backend: A) -> axum::Router { -- cgit 1.4.1