move oauth2_client to AppState

devsoc-unsw · Dec 30, 2024 · 6ee51b2 · 6ee51b2
1 parent 877c388
commit 6ee51b2
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 10 deletions.
diff --git a/backend/server/src/handler/auth.rs b/backend/server/src/handler/auth.rs
@@ -5,8 +5,6 @@ use crate::service::auth::create_or_get_user_id;
 use crate::service::jwt::encode_auth_token;
 use axum::extract::{Query, State};
 use axum::response::IntoResponse;
-use axum::Extension;
-use oauth2::basic::BasicClient;
 use oauth2::reqwest::async_http_client;
 use oauth2::{AuthorizationCode, TokenResponse};
 
@@ -16,9 +14,8 @@ use oauth2::{AuthorizationCode, TokenResponse};
 pub async fn google_callback(
     State(state): State<AppState>,
     Query(query): Query<AuthRequest>,
-    Extension(oauth_client): Extension<BasicClient>,
 ) -> Result<impl IntoResponse, ChaosError> {
-    let token = oauth_client
+    let token = state.oauth2_client
         .exchange_code(AuthorizationCode::new(query.code))
         .request_async(async_http_client)
         .await?;
@@ -30,16 +27,15 @@ pub async fn google_callback(
         .send()
         .await?;
 
-    let profile = profile.json::<GoogleUserProfile>().await.unwrap();
+    let profile = profile.json::<GoogleUserProfile>().await?;
 
     let user_id = create_or_get_user_id(
         profile.email.clone(),
         profile.name,
         state.db,
         state.snowflake_generator,
     )
-    .await
-    .unwrap();
+    .await?;
 
     // TODO: Return JWT as set-cookie header.
     let token = encode_auth_token(

diff --git a/backend/server/src/models/app.rs b/backend/server/src/models/app.rs
@@ -20,11 +20,14 @@ use snowflake::SnowflakeIdGenerator;
 use sqlx::postgres::PgPoolOptions;
 use sqlx::{Pool, Postgres};
 use std::env;
+use oauth2::basic::BasicClient;
+use crate::service::oauth2::build_oauth_client;
 
 #[derive(Clone)]
 pub struct AppState {
     pub db: Pool<Postgres>,
     pub ctx: ReqwestClient,
+    pub oauth2_client: BasicClient,
     pub decoding_key: DecodingKey,
     pub encoding_key: EncodingKey,
     pub jwt_header: Header,
@@ -59,6 +62,15 @@ pub async fn app() -> Result<Router, ChaosError> {
     // Initialise reqwest client
     let ctx = reqwest::Client::new();
 
+    // Initialise oauth2 client
+    let client_id = env::var("GOOGLE_CLIENT_ID")
+        .expect("Error getting GOOGLE_CLIENT_ID")
+        .to_string();
+    let client_secret = env::var("GOOGLE_CLIENT_SECRET")
+        .expect("Error getting GOOGLE_CLIENT_SECRET")
+        .to_string();
+    let oauth2_client = build_oauth_client(client_id, client_secret);
+
     // Initialise Snowflake Generator
     let snowflake_generator = SnowflakeIdGenerator::new(1, 1);
 
@@ -69,6 +81,7 @@ pub async fn app() -> Result<Router, ChaosError> {
     let state = AppState {
         db: pool,
         ctx,
+        oauth2_client,
         encoding_key,
         decoding_key,
         jwt_header,

diff --git a/backend/server/src/service/oauth2.rs b/backend/server/src/service/oauth2.rs
@@ -7,9 +7,7 @@ use std::env;
 /// Client follows OAuth2 Standard (https://oauth.net/2/) to get user's email
 /// using OpenID Connect (https://openid.net/developers/how-connect-works/).
 pub fn build_oauth_client(client_id: String, client_secret: String) -> BasicClient {
-    let hostname = env::var("CHAOS_HOSTNAME").expect("Could not read CHAOS hostname");
-
-    let redirect_url = format!("{}/api/auth/callback/google", hostname);
+    let redirect_url = env::var("GOOGLE_REDIRECT_URI").expect("Could not read GOOGLE_REDIRECT_URI");
 
     let auth_url = AuthUrl::new("https://accounts.google.com/o/oauth2/v2/auth".to_string())
         .expect("Invalid authorization endpoint URL");