Shield OIDC: Add builder

RustForWeb · Dec 29, 2024 · 9f439fb · 9f439fb
1 parent e88d542
commit 9f439fb
Show file tree

Hide file tree

Showing 9 changed files with 91 additions and 85 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -17,6 +17,7 @@ actix-web = "4.9.0"
 async-std = "1.13.0"
 async-trait = "0.1.83"
 axum = "0.7.9"
+bon = "3.3.2"
 chrono = "0.4.39"
 console_error_panic_hook = "0.1.2"
 futures = "0.3.31"
@@ -38,5 +39,5 @@ tower-sessions = "0.13.0"
 tracing = "0.1.41"
 tracing-subscriber = "0.3.19"
 uuid = "1.11.0"
-wasm-bindgen = "0.2.97"
+wasm-bindgen = "0.2.99"
 wasm-tracing = "1.0.1"
diff --git a/examples/leptos-actix/src/main.rs b/examples/leptos-actix/src/main.rs
@@ -12,7 +12,7 @@ async fn main() -> std::io::Result<()> {
     use shield_examples_leptos_actix::app::*;
     use shield_leptos_actix::{provide_actix_integration, ShieldMiddleware};
     use shield_memory::{MemoryStorage, User};
-    use shield_oidc::{KeycloakBuilder, OidcProvider};
+    use shield_oidc::{Keycloak, OidcProvider};
     use tracing::{info, level_filters::LevelFilter};
 
     // Initialize tracing
@@ -44,7 +44,7 @@ async fn main() -> std::io::Result<()> {
         let shield = Shield::new(
             shield_storage.clone(),
             vec![Arc::new(
-                OidcProvider::new(shield_storage).with_subproviders([KeycloakBuilder::new(
+                OidcProvider::new(shield_storage).with_subproviders([Keycloak::builder(
                     "keycloak",
                     "http://localhost:18080/realms/Shield",
                     "client1",

diff --git a/examples/leptos-axum/src/main.rs b/examples/leptos-axum/src/main.rs
@@ -11,7 +11,7 @@ async fn main() {
     use shield_examples_leptos_axum::app::*;
     use shield_leptos_axum::{auth_router, provide_axum_integration, ShieldLayer};
     use shield_memory::{MemoryStorage, User};
-    use shield_oidc::{KeycloakBuilder, OidcProvider};
+    use shield_oidc::{Keycloak, OidcProvider};
     use time::Duration;
     use tokio::net::TcpListener;
     use tower_sessions::{Expiry, MemoryStore, SessionManagerLayer};
@@ -39,7 +39,7 @@ async fn main() {
     let shield = Shield::new(
         storage.clone(),
         vec![Arc::new(
-            OidcProvider::new(storage).with_subproviders([KeycloakBuilder::new(
+            OidcProvider::new(storage).with_subproviders([Keycloak::builder(
                 "keycloak",
                 "http://localhost:18080/realms/Shield",
                 "client1",

diff --git a/packages/providers/shield-oidc/Cargo.toml b/packages/providers/shield-oidc/Cargo.toml
@@ -10,6 +10,7 @@ version.workspace = true
 
 [dependencies]
 async-trait.workspace = true
+bon.workspace = true
 chrono.workspace = true
 oauth2 = { version = "4.4.2", features = ["pkce-plain"] }
 openidconnect = "3.5.0"

diff --git a/packages/providers/shield-oidc/src/builders.rs b/packages/providers/shield-oidc/src/builders.rs
@@ -1,3 +1,5 @@
+mod google;
 mod keycloak;
 
+pub use google::*;
 pub use keycloak::*;
diff --git a/packages/providers/shield-oidc/src/builders/google.rs b/packages/providers/shield-oidc/src/builders/google.rs
@@ -0,0 +1,19 @@
+use crate::subprovider::{
+    oidc_subprovider_builder::{SetClientId, SetDiscoveryUrl, SetId, SetName},
+    OidcSubprovider, OidcSubproviderBuilder,
+};
+
+pub struct Google {}
+
+impl Google {
+    pub fn builder(
+        id: &str,
+        client_id: &str,
+    ) -> OidcSubproviderBuilder<SetDiscoveryUrl<SetClientId<SetName<SetId>>>> {
+        OidcSubprovider::builder()
+            .id(id)
+            .name("Google")
+            .client_id(client_id)
+            .discovery_url("https://accounts.google.com")
+    }
+}
diff --git a/packages/providers/shield-oidc/src/builders/keycloak.rs b/packages/providers/shield-oidc/src/builders/keycloak.rs
@@ -1,66 +1,20 @@
-use crate::subprovider::{OidcProviderPkceCodeChallenge, OidcProviderVisibility, OidcSubprovider};
+use crate::subprovider::{
+    oidc_subprovider_builder::{SetClientId, SetDiscoveryUrl, SetId, SetName},
+    OidcSubprovider, OidcSubproviderBuilder,
+};
 
-#[derive(Debug)]
-pub struct KeycloakBuilder {
-    id: String,
-    name: String,
-    discovery_url: String,
-    client_id: String,
-    client_secret: Option<String>,
-    redirect_url: Option<String>,
-}
-
-impl KeycloakBuilder {
-    pub fn new(id: &str, discovery_url: &str, client_id: &str) -> Self {
-        Self {
-            id: id.to_owned(),
-            name: "Keycloak".to_owned(),
-            discovery_url: discovery_url.to_owned(),
-            client_id: client_id.to_owned(),
-            client_secret: None,
-            redirect_url: None,
-        }
-    }
-
-    pub fn name(mut self, name: &str) -> Self {
-        self.name = name.to_owned();
-        self
-    }
-
-    pub fn client_secret(mut self, client_secret: &str) -> Self {
-        self.client_secret = Some(client_secret.to_owned());
-        self
-    }
-
-    pub fn redirect_url(mut self, redirect_url: &str) -> Self {
-        self.redirect_url = Some(redirect_url.to_owned());
-        self
-    }
+pub struct Keycloak {}
 
-    pub fn build(self) -> OidcSubprovider {
-        OidcSubprovider {
-            id: self.id,
-            name: self.name,
-            slug: None,
-            visibility: OidcProviderVisibility::Public,
-            client_id: self.client_id,
-            client_secret: self.client_secret,
-            scopes: None,
-            redirect_url: self.redirect_url,
-            discovery_url: Some(self.discovery_url),
-            issuer_url: None,
-            authorization_url: None,
-            authorization_url_params: None,
-            token_url: None,
-            token_url_params: None,
-            introspection_url: None,
-            introspection_url_params: None,
-            revocation_url: None,
-            revocation_url_params: None,
-            user_info_url: None,
-            json_web_key_set_url: None,
-            json_web_key_set: None,
-            pkce_code_challenge: OidcProviderPkceCodeChallenge::S256,
-        }
+impl Keycloak {
+    pub fn builder(
+        id: &str,
+        discovery_url: &str,
+        client_id: &str,
+    ) -> OidcSubproviderBuilder<SetDiscoveryUrl<SetClientId<SetName<SetId>>>> {
+        OidcSubprovider::builder()
+            .id(id)
+            .name("Keycloak")
+            .client_id(client_id)
+            .discovery_url(discovery_url)
     }
 }
diff --git a/packages/providers/shield-oidc/src/subprovider.rs b/packages/providers/shield-oidc/src/subprovider.rs
@@ -1,3 +1,4 @@
+use bon::Builder;
 use openidconnect::{
     core::{
         CoreClient, CoreJsonWebKey, CoreJsonWebKeyType, CoreJsonWebKeyUse, CoreJwsSigningAlgorithm,
@@ -23,11 +24,13 @@ pub enum OidcProviderPkceCodeChallenge {
     S256,
 }
 
-#[derive(Clone, Debug)]
+#[derive(Builder, Clone, Debug)]
+#[builder(on(String, into), state_mod(vis = "pub(crate)"))]
 pub struct OidcSubprovider {
     pub id: String,
     pub name: String,
     pub slug: Option<String>,
+    #[builder(default = OidcProviderVisibility::Public)]
     pub visibility: OidcProviderVisibility,
     pub client_id: String,
     pub client_secret: Option<String>,
@@ -53,6 +56,7 @@ pub struct OidcSubprovider {
             CoreJsonWebKey,
         >,
     >,
+    #[builder(default = OidcProviderPkceCodeChallenge::S256)]
     pub pkce_code_challenge: OidcProviderPkceCodeChallenge,
 }