From 7b5f7af4ff05ca6e33d8a48be08fb8e0df7ab9a5 Mon Sep 17 00:00:00 2001 From: Warren Parad Date: Sun, 24 Dec 2023 19:23:31 +0100 Subject: [PATCH] Support logout method. fix #7 --- examples/server/server.rs | 2 +- src/lib.rs | 2 +- src/server/mod.rs | 28 ++++++++++++++++++++++++++++ 3 files changed, 30 insertions(+), 2 deletions(-) diff --git a/examples/server/server.rs b/examples/server/server.rs index 2bcfad5..ac48c3b 100644 --- a/examples/server/server.rs +++ b/examples/server/server.rs @@ -444,7 +444,7 @@ impl Api for Server where C: Has + Send + Sync async fn request_token(&self, host: &str, context: &C) -> Result { let signature_key_db = self.databases.signature_key.lock().unwrap(); let result = self.authentication_controller.get_token(host, signature_key_db.to_owned()); - info!("authenticate({host})- X-Span-ID: {:?}", context.get().0.clone()); + info!("request_token({host})- X-Span-ID: {:?}", context.get().0.clone()); return Ok(RequestTokenResponse::Success(serde_json::to_string(&result).unwrap())); } diff --git a/src/lib.rs b/src/lib.rs index e6c0bd6..e27dea2 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -5,7 +5,7 @@ #![allow(clippy::derive_partial_eq_without_eq, clippy::disallowed_names)] use async_trait::async_trait; -use authentication::{LoginResponse, RequestTokenResponse, OpenIdConfigurationResponse, JwksResponse, AuthenticationResponse, AuthenticationRequest}; +use authentication::*; use authress::models::*; use futures::Stream; use log::*; diff --git a/src/server/mod.rs b/src/server/mod.rs index c3d074d..ac50124 100644 --- a/src/server/mod.rs +++ b/src/server/mod.rs @@ -3393,6 +3393,34 @@ impl hyper::service::Service<(Request, C)> for Service where Ok(response) }, + // Logout GET / + hyper::Method::GET if regex::Regex::new(r"^/logout$")?.is_match(uri.path()) => { + let query_params = form_urlencoded::parse(uri.query().unwrap_or_default().as_bytes()).collect::>(); + let redirect_uri = query_params.iter().filter(|e| e.0 == "redirect_uri").map(|e| e.1.clone()) + .next(); + let redirect_uri = match redirect_uri { + Some(redirect_uri) => { + let redirect_uri = + ::from_str + (&redirect_uri); + match redirect_uri { + Ok(redirect_uri) => Some(redirect_uri), + Err(e) => return Ok(Response::builder() + .status(StatusCode::BAD_REQUEST) + .body(Body::from(format!("Couldn't parse query parameter redirect_uri - doesn't match schema: {}", e))) + .expect("Unable to create Bad Request response for invalid query parameter redirect_uri")), + } + }, + None => None, + }; + + return Ok(Response::builder() + .status(StatusCode::TEMPORARY_REDIRECT) + .header("location", redirect_uri.unwrap()) + .body(Body::from("")) + .expect("Unable to create redirect for logout.")); + }, + // Authenticate - POST /api/authentication hyper::Method::POST if regex::Regex::new(r"^/api/authentication$")?.is_match(uri.path()) => { // Body parameters (note that non-required body parameters will ignore garbage