[pmg-devel] [PATCH proxmox-perl-rs v2 2/7] move openid code from pve-rs to common

Markus Frank m.frank at proxmox.com
Tue May 7 10:47:40 CEST 2024


Change pve-rs functions to be wrapper functions for common
and add similar wrapper functions for pmg-rs.

Signed-off-by: Markus Frank <m.frank at proxmox.com>
---
 common/src/mod.rs        |  1 +
 common/src/openid/mod.rs | 63 ++++++++++++++++++++++++++++++++++++++++
 pmg-rs/Cargo.toml        |  1 +
 pmg-rs/src/lib.rs        |  1 +
 pmg-rs/src/openid/mod.rs | 47 ++++++++++++++++++++++++++++++
 pve-rs/src/openid/mod.rs | 32 +++++---------------
 6 files changed, 121 insertions(+), 24 deletions(-)
 create mode 100644 common/src/openid/mod.rs
 create mode 100644 pmg-rs/src/openid/mod.rs

diff --git a/common/src/mod.rs b/common/src/mod.rs
index c3574f4..8460439 100644
--- a/common/src/mod.rs
+++ b/common/src/mod.rs
@@ -3,3 +3,4 @@ mod calendar_event;
 pub mod logger;
 pub mod notify;
 mod subscription;
+pub mod openid;
diff --git a/common/src/openid/mod.rs b/common/src/openid/mod.rs
new file mode 100644
index 0000000..13bbaab
--- /dev/null
+++ b/common/src/openid/mod.rs
@@ -0,0 +1,63 @@
+#[perlmod::package(name = "Proxmox::RS::OpenId")]
+pub mod export {
+    use std::sync::Mutex;
+
+    use anyhow::Error;
+
+    use perlmod::{to_value, Value};
+
+    use proxmox_openid::{OpenIdAuthenticator, OpenIdConfig, PrivateAuthState};
+
+    perlmod::declare_magic!(Box<OpenId> : &OpenId as "Proxmox::RS::OpenId");
+
+    /// An OpenIdAuthenticator client instance.
+    pub struct OpenId {
+        inner: Mutex<OpenIdAuthenticator>,
+    }
+
+    /// Create a new OpenId client instance
+    #[export(raw_return)]
+    pub fn discover(
+        #[raw] class: Value,
+        config: OpenIdConfig,
+        redirect_url: &str,
+    ) -> Result<Value, Error> {
+        let open_id = OpenIdAuthenticator::discover(&config, redirect_url)?;
+        Ok(perlmod::instantiate_magic!(
+            &class,
+            MAGIC => Box::new(OpenId {
+                inner: Mutex::new(open_id),
+            })
+        ))
+    }
+
+    #[export]
+    pub fn authorize_url(
+        #[try_from_ref] this: &OpenId,
+        state_dir: &str,
+        realm: &str,
+    ) -> Result<String, Error> {
+        let open_id = this.inner.lock().unwrap();
+        open_id.authorize_url(state_dir, realm)
+    }
+
+    #[export]
+    pub fn verify_public_auth_state(
+        state_dir: &str,
+        state: &str,
+    ) -> Result<(String, PrivateAuthState), Error> {
+        OpenIdAuthenticator::verify_public_auth_state(state_dir, state)
+    }
+
+    #[export(raw_return)]
+    pub fn verify_authorization_code(
+        #[try_from_ref] this: &OpenId,
+        code: &str,
+        private_auth_state: PrivateAuthState,
+    ) -> Result<Value, Error> {
+        let open_id = this.inner.lock().unwrap();
+        let claims = open_id.verify_authorization_code_simple(code, &private_auth_state)?;
+
+        Ok(to_value(&claims)?)
+    }
+}
diff --git a/pmg-rs/Cargo.toml b/pmg-rs/Cargo.toml
index 0d01b59..6f3e3df 100644
--- a/pmg-rs/Cargo.toml
+++ b/pmg-rs/Cargo.toml
@@ -41,3 +41,4 @@ proxmox-subscription = "0.4"
 proxmox-sys = "0.5"
 proxmox-tfa = { version = "4.0.4", features = ["api"] }
 proxmox-time = "1.1.3"
+proxmox-openid =  "0.10.0"
diff --git a/pmg-rs/src/lib.rs b/pmg-rs/src/lib.rs
index 4a91632..1930423 100644
--- a/pmg-rs/src/lib.rs
+++ b/pmg-rs/src/lib.rs
@@ -5,6 +5,7 @@ pub mod acme;
 pub mod apt;
 pub mod csr;
 pub mod tfa;
+pub mod openid;
 
 #[perlmod::package(name = "Proxmox::Lib::PMG", lib = "pmg_rs")]
 mod export {
diff --git a/pmg-rs/src/openid/mod.rs b/pmg-rs/src/openid/mod.rs
new file mode 100644
index 0000000..c0988d6
--- /dev/null
+++ b/pmg-rs/src/openid/mod.rs
@@ -0,0 +1,47 @@
+#[perlmod::package(name = "PMG::RS::OpenId", lib = "pmg_rs")]
+mod export {
+    use anyhow::Error;
+
+    use perlmod::Value;
+
+    use proxmox_openid::{OpenIdConfig, PrivateAuthState};
+
+    use crate::common::openid::export as common;
+    use crate::common::openid::export::OpenId as OpenId;
+
+    /// Create a new OpenId client instance
+    #[export(raw_return)]
+    pub fn discover(
+        #[raw] class: Value,
+        config: OpenIdConfig,
+        redirect_url: &str,
+    ) -> Result<Value, Error> {
+        common::discover(class, config, redirect_url)
+    }
+
+    #[export]
+    pub fn authorize_url(
+        #[try_from_ref] this: &OpenId,
+        state_dir: &str,
+        realm: &str,
+    ) -> Result<String, Error> {
+        common::authorize_url(this, state_dir, realm)
+    }
+
+    #[export]
+    pub fn verify_public_auth_state(
+        state_dir: &str,
+        state: &str,
+    ) -> Result<(String, PrivateAuthState), Error> {
+        common::verify_public_auth_state(state_dir, state)
+    }
+
+    #[export(raw_return)]
+    pub fn verify_authorization_code(
+        #[try_from_ref] this: &OpenId,
+        code: &str,
+        private_auth_state: PrivateAuthState,
+    ) -> Result<Value, Error> {
+        common::verify_authorization_code(this, code, private_auth_state)
+    }
+}
diff --git a/pve-rs/src/openid/mod.rs b/pve-rs/src/openid/mod.rs
index 1fa7572..d3ad5a5 100644
--- a/pve-rs/src/openid/mod.rs
+++ b/pve-rs/src/openid/mod.rs
@@ -1,19 +1,13 @@
 #[perlmod::package(name = "PVE::RS::OpenId", lib = "pve_rs")]
 mod export {
-    use std::sync::Mutex;
-
     use anyhow::Error;
 
-    use perlmod::{to_value, Value};
-
-    use proxmox_openid::{OpenIdAuthenticator, OpenIdConfig, PrivateAuthState};
+    use perlmod::Value;
 
-    perlmod::declare_magic!(Box<OpenId> : &OpenId as "PVE::RS::OpenId");
+    use proxmox_openid::{OpenIdConfig, PrivateAuthState};
 
-    /// An OpenIdAuthenticator client instance.
-    pub struct OpenId {
-        inner: Mutex<OpenIdAuthenticator>,
-    }
+    use crate::common::openid::export as common;
+    use crate::common::openid::export::OpenId as OpenId;
 
     /// Create a new OpenId client instance
     #[export(raw_return)]
@@ -22,13 +16,7 @@ mod export {
         config: OpenIdConfig,
         redirect_url: &str,
     ) -> Result<Value, Error> {
-        let open_id = OpenIdAuthenticator::discover(&config, redirect_url)?;
-        Ok(perlmod::instantiate_magic!(
-            &class,
-            MAGIC => Box::new(OpenId {
-                inner: Mutex::new(open_id),
-            })
-        ))
+        common::discover(class, config, redirect_url)
     }
 
     #[export]
@@ -37,8 +25,7 @@ mod export {
         state_dir: &str,
         realm: &str,
     ) -> Result<String, Error> {
-        let open_id = this.inner.lock().unwrap();
-        open_id.authorize_url(state_dir, realm)
+        common::authorize_url(this, state_dir, realm)
     }
 
     #[export]
@@ -46,7 +33,7 @@ mod export {
         state_dir: &str,
         state: &str,
     ) -> Result<(String, PrivateAuthState), Error> {
-        OpenIdAuthenticator::verify_public_auth_state(state_dir, state)
+        common::verify_public_auth_state(state_dir, state)
     }
 
     #[export(raw_return)]
@@ -55,9 +42,6 @@ mod export {
         code: &str,
         private_auth_state: PrivateAuthState,
     ) -> Result<Value, Error> {
-        let open_id = this.inner.lock().unwrap();
-        let claims = open_id.verify_authorization_code_simple(code, &private_auth_state)?;
-
-        Ok(to_value(&claims)?)
+        common::verify_authorization_code(this, code, private_auth_state)
     }
 }
-- 
2.39.2





More information about the pmg-devel mailing list