diff --git a/Cargo.lock b/Cargo.lock index 8a069ac..163882a 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -8,35 +8,6 @@ version = "0.11.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "fe438c63458706e03479442743baae6c88256498e6431708f6dfc520a26515d3" -[[package]] -name = "account_manager" -version = "0.1.0" -dependencies = [ - "bincode", - "bytes 1.6.0", - "channels", - "config", - "dotenv", - "fake", - "futures 0.3.30", - "gumdrop", - "json", - "kanidm_client", - "kanidm_proto", - "model", - "rauthy-client", - "rumqttc", - "serde", - "sqlx", - "sqlx-core 0.7.4", - "tarpc", - "testx", - "thiserror", - "tokio", - "tracing", - "uuid 1.9.0", -] - [[package]] name = "actix-codec" version = "0.5.2" @@ -401,7 +372,6 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "cd066d0b4ef8ecb03a55319dc13aa6910616d0f44008a045bb1835af830abff5" dependencies = [ "brotli", - "flate2", "futures-core", "memchr", "pin-project-lite", @@ -756,12 +726,6 @@ version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4c7f02d4ea65f2c1853089ffd8d2787bdbc63de2f0d29dedbcf8ccdfa0ccd4cf" -[[package]] -name = "base32" -version = "0.4.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "23ce669cd6c8588f79e15cf450314f9638f967fc5770ff1c7c1deb0925ea7cfa" - [[package]] name = "base64" version = "0.13.1" @@ -786,17 +750,6 @@ version = "1.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8c3c1a368f70d6cf7302d78f8f7093da241fb8e8807c05cc9e51a125895a6d5b" -[[package]] -name = "base64urlsafedata" -version = "0.5.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1a56894edf5cd1efa7068d7454adeb7ce0b3da4ffa5ab08cfc06165bbc62f0c7" -dependencies = [ - "base64 0.21.7", - "paste", - "serde", -] - [[package]] name = "bigdecimal" version = "0.3.1" @@ -912,7 +865,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c3ef8005764f53cd4dca619f5bf64cafd4664dada50ece25e4d81de54c80cc0b" dependencies = [ "once_cell", - "proc-macro-crate 3.1.0", + "proc-macro-crate", "proc-macro2", "quote", "syn 2.0.68", @@ -1262,22 +1215,6 @@ version = "0.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f3f6d59c71e7dc3af60f0af9db32364d96a16e9310f3f5db2b55ed642162dd35" -[[package]] -name = "compact_jwt" -version = "0.4.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d1aca09e6a9e9011c2a2fb13f26a0d2440a709ac0e68ccf02d168d54f4801b27" -dependencies = [ - "base64 0.21.7", - "base64urlsafedata", - "hex", - "serde", - "serde_json", - "tracing", - "url", - "uuid 1.9.0", -] - [[package]] name = "concurrent-queue" version = "2.5.0" @@ -1344,17 +1281,6 @@ dependencies = [ "version_check", ] -[[package]] -name = "cookie" -version = "0.17.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7efb37c3e1ccb1ff97164ad95ac1606e8ccd35b3fa0a7d99a304c7f4a428cc24" -dependencies = [ - "percent-encoding", - "time", - "version_check", -] - [[package]] name = "cookie" version = "0.18.1" @@ -1370,23 +1296,6 @@ dependencies = [ "version_check", ] -[[package]] -name = "cookie_store" -version = "0.20.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "387461abbc748185c3a6e1673d826918b450b87ff22639429c694619a83b6cf6" -dependencies = [ - "cookie 0.17.0", - "idna 0.3.0", - "log", - "publicsuffix", - "serde", - "serde_derive", - "serde_json", - "time", - "url", -] - [[package]] name = "core-foundation" version = "0.9.4" @@ -2703,16 +2612,6 @@ version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b9e0384b61958566e926dc50660321d12159025e767c18e043daf26b70104c39" -[[package]] -name = "idna" -version = "0.3.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e14ddfc70884202db2244c223200c204c2bda1bc6e0998d11b5e024d657209e6" -dependencies = [ - "unicode-bidi", - "unicode-normalization", -] - [[package]] name = "idna" version = "0.5.0" @@ -2723,6 +2622,33 @@ dependencies = [ "unicode-normalization", ] +[[package]] +name = "idp" +version = "0.1.0" +dependencies = [ + "bincode", + "bytes 1.6.0", + "channels", + "config", + "dotenv", + "fake", + "futures 0.1.31", + "gumdrop", + "json", + "model", + "rauthy-client", + "rumqttc", + "serde", + "sqlx", + "sqlx-core 0.6.3", + "tarpc", + "testx", + "thiserror", + "tokio", + "tracing", + "uuid 1.9.0", +] + [[package]] name = "image" version = "0.25.1" @@ -2742,7 +2668,6 @@ checksum = "bd070e393353796e801d209ad339e89596eb4c8d430d18ede6a1cced8fafbd99" dependencies = [ "autocfg", "hashbrown 0.12.3", - "serde", ] [[package]] @@ -2753,7 +2678,6 @@ checksum = "168fb715dda47215e360912c096649d23d58bf392ac62f73919e831745e40f26" dependencies = [ "equivalent", "hashbrown 0.14.5", - "serde", ] [[package]] @@ -2927,69 +2851,6 @@ dependencies = [ "signature", ] -[[package]] -name = "kanidm_client" -version = "1.2.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "096cddae6b5b1891c58ecf3056f45205be68f995e21278e006d32fed71910e7d" -dependencies = [ - "compact_jwt", - "hyper 0.14.29", - "kanidm_lib_file_permissions", - "kanidm_proto", - "reqwest 0.11.27", - "serde", - "serde_json", - "time", - "tokio", - "toml 0.5.11", - "tracing", - "url", - "uuid 1.9.0", - "webauthn-rs-proto", -] - -[[package]] -name = "kanidm_lib_file_permissions" -version = "1.2.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b1bb7525ce9007b0798a8eaf010708ef49da7f1b2516eebd3058f253df6db843" -dependencies = [ - "kanidm_utils_users", - "whoami", -] - -[[package]] -name = "kanidm_proto" -version = "1.2.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0ad03a5e96bf8a4fa981b864c3317950dce7d7ea6b0e8accd61329ec72ca1cd6" -dependencies = [ - "base32", - "base64urlsafedata", - "num_enum", - "scim_proto", - "serde", - "serde_json", - "serde_with", - "time", - "tracing", - "url", - "urlencoding", - "utoipa", - "uuid 1.9.0", - "webauthn-rs-proto", -] - -[[package]] -name = "kanidm_utils_users" -version = "1.2.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "89aa036a35fe4b2953c7c8ab8ad456db3ab8547aec1f1a762ab524d7480c243b" -dependencies = [ - "libc", -] - [[package]] name = "kv-log-macro" version = "1.0.7" @@ -3211,16 +3072,6 @@ version = "0.3.17" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6877bb514081ee2a7ff5ef9de3281f14a4dd4bceac4c09388074a6b5df8a139a" -[[package]] -name = "mime_guess" -version = "2.0.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4192263c238a5f0d0c6bfd21f336a313a4ce1c450542449ca191bb657b4642ef" -dependencies = [ - "mime", - "unicase", -] - [[package]] name = "minidom" version = "0.15.2" @@ -3401,36 +3252,6 @@ dependencies = [ "libc", ] -[[package]] -name = "num_enum" -version = "0.5.11" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1f646caf906c20226733ed5b1374287eb97e3c2a5c227ce668c1f2ce20ae57c9" -dependencies = [ - "num_enum_derive", -] - -[[package]] -name = "num_enum_derive" -version = "0.5.11" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dcbff9bc912032c62bf65ef1d5aea88983b420f4f839db1e9b0c281a25c9c799" -dependencies = [ - "proc-macro-crate 1.3.1", - "proc-macro2", - "quote", - "syn 1.0.109", -] - -[[package]] -name = "num_threads" -version = "0.1.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5c7398b9c8b70908f6371f47ed36737907c87c52af34c268fed0bf0ceb92ead9" -dependencies = [ - "libc", -] - [[package]] name = "object" version = "0.36.0" @@ -3834,33 +3655,6 @@ dependencies = [ "tracing", ] -[[package]] -name = "peg" -version = "0.8.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8a625d12ad770914cbf7eff6f9314c3ef803bfe364a1b20bc36ddf56673e71e5" -dependencies = [ - "peg-macros", - "peg-runtime", -] - -[[package]] -name = "peg-macros" -version = "0.8.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f241d42067ed3ab6a4fece1db720838e1418f36d868585a27931f95d6bc03582" -dependencies = [ - "peg-runtime", - "proc-macro2", - "quote", -] - -[[package]] -name = "peg-runtime" -version = "0.8.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e3aeb8f54c078314c2065ee649a7241f46b9d8e418e1a9581ba0546657d7aa3a" - [[package]] name = "pem-rfc7468" version = "0.7.0" @@ -4028,16 +3822,6 @@ dependencies = [ "elliptic-curve", ] -[[package]] -name = "proc-macro-crate" -version = "1.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7f4c021e1093a56626774e81216a4ce732a735e5bad4868a03f3ed65ca0c3919" -dependencies = [ - "once_cell", - "toml_edit 0.19.15", -] - [[package]] name = "proc-macro-crate" version = "3.1.0" @@ -4103,12 +3887,6 @@ dependencies = [ "syn 1.0.109", ] -[[package]] -name = "psl-types" -version = "2.0.11" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "33cb294fe86a74cbcf50d4445b37da762029549ebeea341421c7c70370f86cac" - [[package]] name = "ptr_meta" version = "0.1.4" @@ -4129,16 +3907,6 @@ dependencies = [ "syn 1.0.109", ] -[[package]] -name = "publicsuffix" -version = "2.2.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "96a8c1bda5ae1af7f99a2962e49df150414a43d62404644d98dd5c3a93d07457" -dependencies = [ - "idna 0.3.0", - "psl-types", -] - [[package]] name = "qrcode" version = "0.14.0" @@ -4513,11 +4281,8 @@ version = "0.11.27" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "dd67538700a17451e7cba03ac727fb961abb7607553461627b97de0b89cf4a62" dependencies = [ - "async-compression", "base64 0.21.7", "bytes 1.6.0", - "cookie 0.17.0", - "cookie_store", "encoding_rs", "futures-core", "futures-util", @@ -4530,7 +4295,6 @@ dependencies = [ "js-sys", "log", "mime", - "mime_guess", "native-tls", "once_cell", "percent-encoding", @@ -4956,23 +4720,6 @@ dependencies = [ "windows-sys 0.52.0", ] -[[package]] -name = "scim_proto" -version = "0.2.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "55fbcfbcbc11ff46228a2b7b6018e1f6f37499fff47851e20583862ba1d9ef3f" -dependencies = [ - "base64 0.22.1", - "peg", - "serde", - "serde_json", - "time", - "tracing", - "tracing-subscriber", - "url", - "uuid 1.9.0", -] - [[package]] name = "scopeguard" version = "1.2.0" @@ -5192,17 +4939,6 @@ dependencies = [ "serde_derive", ] -[[package]] -name = "serde-wasm-bindgen" -version = "0.4.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e3b4c031cd0d9014307d82b8abf653c0290fbdaeb4c02d00c63cf52f728628bf" -dependencies = [ - "js-sys", - "serde", - "wasm-bindgen", -] - [[package]] name = "serde_derive" version = "1.0.203" @@ -5278,36 +5014,6 @@ dependencies = [ "serde", ] -[[package]] -name = "serde_with" -version = "3.8.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0ad483d2ab0149d5a5ebcd9972a3852711e0153d863bf5a5d0391d28883c4a20" -dependencies = [ - "base64 0.22.1", - "chrono", - "hex", - "indexmap 1.9.3", - "indexmap 2.2.6", - "serde", - "serde_derive", - "serde_json", - "serde_with_macros", - "time", -] - -[[package]] -name = "serde_with_macros" -version = "3.8.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "65569b702f41443e8bc8bbb1c5779bd0450bbe723b56198980e80ec45780bce2" -dependencies = [ - "darling", - "proc-macro2", - "quote", - "syn 2.0.68", -] - [[package]] name = "sha1" version = "0.10.6" @@ -5879,9 +5585,7 @@ checksum = "5dfd88e563464686c916c7e46e623e520ddc6d79fa6641390f2e3fa86e83e885" dependencies = [ "deranged", "itoa", - "libc", "num-conv", - "num_threads", "powerfmt", "serde", "time-core", @@ -6054,15 +5758,6 @@ dependencies = [ "tokio", ] -[[package]] -name = "toml" -version = "0.5.11" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f4f7f0dd8d50a853a531c426359045b1998f04219d88799810762cd4ad314234" -dependencies = [ - "serde", -] - [[package]] name = "toml" version = "0.7.8" @@ -6376,15 +6071,6 @@ version = "1.17.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "42ff0bf0c66b8238c6f3b578df37d0b7848e55df8577b3f74f92a69acceeb825" -[[package]] -name = "unicase" -version = "2.7.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f7d2d4dafb69621809a81864c9c1b864479e1235c0dd4e199924b9742439ed89" -dependencies = [ - "version_check", -] - [[package]] name = "unicode-bidi" version = "0.3.15" @@ -6453,7 +6139,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "22784dbdf76fdde8af1aeda5622b546b422b6fc585325248a2bf9f5e41e94d6c" dependencies = [ "form_urlencoded", - "idna 0.5.0", + "idna", "percent-encoding", "serde", ] @@ -6473,30 +6159,6 @@ version = "2.1.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "daf8dba3b7eb870caf1ddeed7bc9d2a049f3cfdfae7cb521b087cc33ae4c49da" -[[package]] -name = "utoipa" -version = "4.2.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c5afb1a60e207dca502682537fefcfd9921e71d0b83e9576060f09abc6efab23" -dependencies = [ - "indexmap 2.2.6", - "serde", - "serde_json", - "utoipa-gen", -] - -[[package]] -name = "utoipa-gen" -version = "4.3.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7bf0e16c02bc4bf5322ab65f10ab1149bdbcaa782cba66dc7057370a3f8190be" -dependencies = [ - "proc-macro-error", - "proc-macro2", - "quote", - "syn 2.0.68", -] - [[package]] name = "uuid" version = "0.8.2" @@ -6525,7 +6187,7 @@ version = "0.18.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "db79c75af171630a3148bd3e6d7c4f42b6a9a014c2945bc5ed0020cbb8d9478e" dependencies = [ - "idna 0.5.0", + "idna", "once_cell", "regex", "serde", @@ -6613,8 +6275,6 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4be2531df63900aeb2bca0daaaddec08491ee64ceecbee5076636a3b026795a8" dependencies = [ "cfg-if", - "serde", - "serde_json", "wasm-bindgen-macro", ] @@ -6697,23 +6357,6 @@ dependencies = [ "wasm-bindgen", ] -[[package]] -name = "webauthn-rs-proto" -version = "0.5.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1f1c6dc254607f48eec3bdb35b86b377202436859ca1e4c9290afafd7349dcc3" -dependencies = [ - "base64 0.21.7", - "base64urlsafedata", - "js-sys", - "serde", - "serde-wasm-bindgen", - "serde_json", - "url", - "wasm-bindgen", - "web-sys", -] - [[package]] name = "webpki" version = "0.22.4" diff --git a/Cargo.toml b/Cargo.toml index e0cc4a3..06b0d28 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -7,7 +7,7 @@ members = [ "crates/testx", "crates/db-utils", # actors - "crates/account_manager", + "crates/idp", # "crates/cart_manager", # "crates/database_manager", # "crates/email_manager", diff --git a/crates/channels/src/accounts.rs b/crates/channels/src/accounts.rs index 84ddfe0..d096673 100644 --- a/crates/channels/src/accounts.rs +++ b/crates/channels/src/accounts.rs @@ -182,7 +182,7 @@ pub mod rpc { use tarpc::tokio_serde::formats::Bincode; let l = config.lock(); - let addr = l.account_manager().rpc_addr(); + let addr = l.idp().rpc_addr(); let transport = tarpc::serde_transport::tcp::connect(addr, Bincode::default); @@ -204,6 +204,6 @@ pub mod mqtt { use crate::AsyncClient; pub fn create_client(config: SharedAppConfig) -> (AsyncClient, EventLoop) { - crate::mqtt::create_client(CLIENT_NAME, config.lock().account_manager().mqtt_addr()) + crate::mqtt::create_client(CLIENT_NAME, config.lock().idp().mqtt_addr()) } } diff --git a/crates/channels/src/carts.rs b/crates/channels/src/carts.rs index f3425a6..4d34019 100644 --- a/crates/channels/src/carts.rs +++ b/crates/channels/src/carts.rs @@ -132,10 +132,7 @@ pub mod rpc { let addr = { let l = config.lock(); - ( - l.account_manager().rpc_bind.clone(), - l.account_manager().rpc_port, - ) + (l.idp().rpc_bind.clone(), l.idp().rpc_port) }; let transport = tarpc::serde_transport::tcp::connect(addr, Bincode::default); diff --git a/crates/config/src/lib.rs b/crates/config/src/lib.rs index 0b9d585..7f42f38 100644 --- a/crates/config/src/lib.rs +++ b/crates/config/src/lib.rs @@ -348,16 +348,18 @@ impl FilesConfig { } #[derive(Debug, Serialize, Deserialize)] -pub struct AccountManagerConfig { +pub struct IdpConfig { pub rpc_port: u16, pub rpc_bind: String, pub mqtt_port: u16, pub mqtt_bind: String, pub database_url: String, pub idm_url: String, + #[serde(default)] + pub secret: Option, } -impl Default for AccountManagerConfig { +impl Default for IdpConfig { fn default() -> Self { Self { rpc_port: 19329, @@ -366,13 +368,14 @@ impl Default for AccountManagerConfig { mqtt_bind: "0.0.0.0".into(), database_url: "postgres://postgres@localhost/myco_accounts".into(), idm_url: "https://localhost:8443".into(), + secret: Some("CHANGE ME".into()), } } } -impl Example for AccountManagerConfig {} +impl Example for IdpConfig {} -impl AccountManagerConfig { +impl IdpConfig { pub fn rpc_addr(&self) -> (&str, u16) { (&self.rpc_bind, self.rpc_port) } @@ -384,6 +387,10 @@ impl AccountManagerConfig { pub fn idm_url(&self) -> &str { &self.idm_url } + + pub fn secret(&self) -> Option<&String> { + self.secret.as_ref() + } } #[derive(Debug, Serialize, Deserialize)] @@ -668,7 +675,7 @@ impl TokensConfig { #[derive(Serialize, Deserialize)] pub struct AppConfig { #[serde(default)] - account_manager: AccountManagerConfig, + idp: IdpConfig, #[serde(default)] cart_manager: CartManagerConfig, #[serde(skip)] @@ -705,7 +712,7 @@ impl Example for AppConfig { database: DatabaseConfig::example(), search: SearchConfig::example(), files: FilesConfig::example(), - account_manager: AccountManagerConfig::example(), + idp: IdpConfig::example(), cart_manager: CartManagerConfig::example(), email_sender: EmailSenderConfig::example(), stocks: StocksConfig::example(), @@ -718,8 +725,8 @@ impl Example for AppConfig { } impl AppConfig { - pub fn account_manager(&self) -> &AccountManagerConfig { - &self.account_manager + pub fn idp(&self) -> &IdpConfig { + &self.idp } pub fn cart_manager(&self) -> &CartManagerConfig { @@ -800,7 +807,7 @@ impl Default for AppConfig { database: DatabaseConfig::default(), search: SearchConfig::default(), files: FilesConfig::default(), - account_manager: AccountManagerConfig::default(), + idp: IdpConfig::default(), cart_manager: CartManagerConfig::default(), email_sender: EmailSenderConfig::default(), stocks: StocksConfig::default(), diff --git a/crates/account_manager/Cargo.toml b/crates/idp/Cargo.toml similarity index 91% rename from crates/account_manager/Cargo.toml rename to crates/idp/Cargo.toml index dbd48ef..1822532 100644 --- a/crates/account_manager/Cargo.toml +++ b/crates/idp/Cargo.toml @@ -1,10 +1,10 @@ [package] -name = "account_manager" +name = "idp" version = "0.1.0" edition = "2021" [[bin]] -name = "account-manager" +name = "idp" path = "src/main.rs" [dependencies] @@ -16,8 +16,6 @@ dotenv = { version = "0" } futures = { version = "0" } gumdrop = { version = "0" } json = { version = "0" } -kanidm_client = "1.2.2" -kanidm_proto = "1.2.2" model = { path = "../model", features = ['db'] } rauthy-client = { version = "0.4.0", features = ["actix-web", "qrcode"] } rumqttc = { version = "*" } diff --git a/crates/account_manager/migrations/202204131841_init.sql b/crates/idp/migrations/202204131841_init.sql similarity index 100% rename from crates/account_manager/migrations/202204131841_init.sql rename to crates/idp/migrations/202204131841_init.sql diff --git a/crates/account_manager/migrations/202204131842_addresses.sql b/crates/idp/migrations/202204131842_addresses.sql similarity index 100% rename from crates/account_manager/migrations/202204131842_addresses.sql rename to crates/idp/migrations/202204131842_addresses.sql diff --git a/crates/account_manager/src/actions.rs b/crates/idp/src/actions.rs similarity index 100% rename from crates/account_manager/src/actions.rs rename to crates/idp/src/actions.rs diff --git a/crates/account_manager/src/bin/account-client.rs b/crates/idp/src/bin/account-client.rs similarity index 100% rename from crates/account_manager/src/bin/account-client.rs rename to crates/idp/src/bin/account-client.rs diff --git a/crates/account_manager/src/db/accounts.rs b/crates/idp/src/db/accounts.rs similarity index 100% rename from crates/account_manager/src/db/accounts.rs rename to crates/idp/src/db/accounts.rs diff --git a/crates/account_manager/src/db/addresses.rs b/crates/idp/src/db/addresses.rs similarity index 100% rename from crates/account_manager/src/db/addresses.rs rename to crates/idp/src/db/addresses.rs diff --git a/crates/account_manager/src/db/mod.rs b/crates/idp/src/db/mod.rs similarity index 90% rename from crates/account_manager/src/db/mod.rs rename to crates/idp/src/db/mod.rs index d00f7b5..8c8fed4 100644 --- a/crates/account_manager/src/db/mod.rs +++ b/crates/idp/src/db/mod.rs @@ -14,7 +14,7 @@ pub struct Database { impl Database { pub async fn build(config: SharedAppConfig) -> Self { - let url = config.lock().account_manager().database_url.clone(); + let url = config.lock().idp().database_url.clone(); let pool = sqlx::PgPool::connect(&url).await.unwrap_or_else(|e| { tracing::error!("Failed to connect to database. {e:?}"); std::process::exit(1); diff --git a/crates/account_manager/src/idp.rs b/crates/idp/src/idp.rs similarity index 59% rename from crates/account_manager/src/idp.rs rename to crates/idp/src/idp.rs index e3b6c55..6c9441b 100644 --- a/crates/account_manager/src/idp.rs +++ b/crates/idp/src/idp.rs @@ -1,15 +1,52 @@ -use kanidm_client::{ClientError, KanidmClient}; -use kanidm_proto::internal::CUStatus; -use kanidm_proto::v1::Entry; +use config::SharedAppConfig; + +pub async fn init(config: SharedAppConfig) { + let (secret, web) = { + let c = config.lock(); + (c.idp().secret(), c.web().host()) + }; + rauthy_client::init_with(None, RauthyHttpsOnly::No, DangerAcceptInvalidCerts::Yes).await?; + + let config = RauthyConfig { + // Sets the .is_admin field for the principal based on the `ClaimMapping`. + admin_claim: ClaimMapping::Or(vec![JwtClaim { + typ: JwtClaimTyp::Roles, + value: "admin".to_string(), + }]), + // Sets the .is_user field for the principal based on the `ClaimMapping`. + // Without this claim, a user would not have access to this app. This is + // used, because usually you never want to just have all your OIDC users to + // have access to a certain application. + user_claim: ClaimMapping::Or(vec![JwtClaim { + typ: JwtClaimTyp::Groups, + value: "user".to_string(), + }]), + // In almost all cases, this should just match the `client_id` + allowed_audiences: HashSet::from(["idp".to_string()]), + client_id: "idp".to_string(), + // If set to 'false', tokens with a non-verified email address will be rejected. + email_verified: !cfg!(debug_assertions), + // The issuer URL from your Rauthy deployment + iss: format!("{host}/auth/v1"), + // The scopes you want to request. The only mandatory which always needs to exist is + // `openid`, the rest is optional and depending on your needs. + scope: vec![ + "openid".to_string(), + "email".to_string(), + "profile".to_string(), + "groups".to_string(), + ], + // If set to None, the client will be treated as a public client and not provide any + // secret to the /token endpoint after the callback. Set a secret for confidential clients. + secret: secret.map(String::from), + // secret: Some("secretCopiedFromTheRauthyUiIfIsConfidentialClient".to_string(),), + }; + // The redirect_uri here must match the URI of this application, where we accept + // and handle the callback after a successful login. + OidcProvider::setup_from_config(config, format!("{host}/callback")).await?; +} pub async fn refresh_token(kanidm: &KanidmClient) -> Result<(), ClientError> { - kanidm - .auth_simple_password( - "idm_admin", - &std::env::var("KANIDM_IDM_ADMIN_PASS") - .expect("idm_admin password is requied, please set KANIDM_IDM_ADMIN_PASS"), - ) - .await?; Ok(()) } diff --git a/crates/account_manager/src/main.rs b/crates/idp/src/main.rs similarity index 95% rename from crates/account_manager/src/main.rs rename to crates/idp/src/main.rs index 905af98..68454f8 100644 --- a/crates/account_manager/src/main.rs +++ b/crates/idp/src/main.rs @@ -40,7 +40,7 @@ async fn main() { let db = db::Database::build(config.clone()).await; let kanidm = kanidm_client::KanidmClientBuilder::new() - .address(config.lock().account_manager().idm_url().to_owned()) + .address(config.lock().idp().idm_url().to_owned()) .danger_accept_invalid_certs(cfg!(debug_assertions)) .connect_timeout(2) .build() diff --git a/crates/account_manager/src/mqtt.rs b/crates/idp/src/mqtt.rs similarity index 100% rename from crates/account_manager/src/mqtt.rs rename to crates/idp/src/mqtt.rs diff --git a/crates/account_manager/src/rpc.rs b/crates/idp/src/rpc.rs similarity index 97% rename from crates/account_manager/src/rpc.rs rename to crates/idp/src/rpc.rs index c7bb512..1fb946d 100644 --- a/crates/account_manager/src/rpc.rs +++ b/crates/idp/src/rpc.rs @@ -72,7 +72,7 @@ impl Accounts for AccountsServer { } pub async fn start(config: SharedAppConfig, db: Database, mqtt_client: AsyncClient) { - let port = { config.lock().account_manager().rpc_port }; + let port = { config.lock().idp().rpc_port }; channels::rpc::start("accounts", port, || { AccountsServer { diff --git a/myco.toml b/myco.toml index b362304..9ffaf81 100644 --- a/myco.toml +++ b/myco.toml @@ -1,4 +1,4 @@ -[account_manager] +[idp] rpc_port = 19329 rpc_bind = "0.0.0.0" mqtt_port = 1883