Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Cleanup #69

Merged
merged 7 commits into from
Mar 27, 2022
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .github/workflows/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ jobs:
runs-on: ubuntu-latest

strategy:
fail-fast: false
matrix:
rust:
- 1.45.0
Expand Down
10 changes: 8 additions & 2 deletions Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,10 @@ nightly = []
[dependencies]
base64 = "0.13"
# Disable 'time' dependency since it triggers RUSTSEC-2020-0071 and we don't need it.
chrono = { version = "0.4", default-features = false, features = ["clock", "std"] }
chrono = { version = "0.4", default-features = false, features = [
"clock",
"std",
] }
thiserror = "1.0"
http = "0.2"
itertools = "0.9"
Expand All @@ -48,6 +51,9 @@ num-bigint = "0.4.3"
color-backtrace = { version = "0.4" }
env_logger = "0.7"
pretty_assertions = "0.6"
reqwest_ = { package = "reqwest", features = ["blocking", "rustls-tls"], version = "0.11", default-features = false }
reqwest_ = { package = "reqwest", features = [
"blocking",
"rustls-tls",
], version = "0.11", default-features = false }
retry = "1.0"
anyhow = "1.0"
189 changes: 91 additions & 98 deletions examples/gitlab.rs
Original file line number Diff line number Diff line change
Expand Up @@ -100,106 +100,99 @@ fn main() {
.add_scope(Scope::new("profile".to_string()))
.url();

println!(
"Open this URL in your browser:\n{}\n",
authorize_url.to_string()
);
println!("Open this URL in your browser:\n{}\n", authorize_url);

// A very naive implementation of the redirect server.
let listener = TcpListener::bind("127.0.0.1:8080").unwrap();
for stream in listener.incoming() {
if let Ok(mut stream) = stream {
let code;
let state;
{
let mut reader = BufReader::new(&stream);

let mut request_line = String::new();
reader.read_line(&mut request_line).unwrap();

let redirect_url = request_line.split_whitespace().nth(1).unwrap();
let url = Url::parse(&("http://localhost".to_string() + redirect_url)).unwrap();

let code_pair = url
.query_pairs()
.find(|pair| {
let &(ref key, _) = pair;
key == "code"
})
.unwrap();

let (_, value) = code_pair;
code = AuthorizationCode::new(value.into_owned());

let state_pair = url
.query_pairs()
.find(|pair| {
let &(ref key, _) = pair;
key == "state"
})
.unwrap();

let (_, value) = state_pair;
state = CsrfToken::new(value.into_owned());
}

let message = "Go back to your terminal :)";
let response = format!(
"HTTP/1.1 200 OK\r\ncontent-length: {}\r\n\r\n{}",
message.len(),
message
);
stream.write_all(response.as_bytes()).unwrap();

println!("GitLab returned the following code:\n{}\n", code.secret());
println!(
"GitLab returned the following state:\n{} (expected `{}`)\n",
state.secret(),
csrf_state.secret()
);

// Exchange the code with a token.
let token_response = client
.exchange_code(code)
.request(http_client)
.unwrap_or_else(|err| {
handle_error(&err, "Failed to contact token endpoint");
unreachable!();
});

println!(
"GitLab returned access token:\n{}\n",
token_response.access_token().secret()
);
println!("GitLab returned scopes: {:?}", token_response.scopes());

let id_token_verifier: CoreIdTokenVerifier = client.id_token_verifier();
let id_token_claims: &CoreIdTokenClaims = token_response
.extra_fields()
.id_token()
.expect("Server did not return an ID token")
.claims(&id_token_verifier, &nonce)
.unwrap_or_else(|err| {
handle_error(&err, "Failed to verify ID token");
unreachable!();
});
println!("GitLab returned ID token: {:?}\n", id_token_claims);

let userinfo_claims: UserInfoClaims<GitLabClaims, CoreGenderClaim> = client
.user_info(token_response.access_token().to_owned(), None)
.unwrap_or_else(|err| {
handle_error(&err, "No user info endpoint");
unreachable!();
})
.request(http_client)
.unwrap_or_else(|err| {
handle_error(&err, "Failed requesting user info");
unreachable!();
});
println!("GitLab returned UserInfo: {:?}", userinfo_claims);

// The server will terminate itself
break;
}

// Accept one connection
let (mut stream, _) = listener.accept().unwrap();
let code;
let state;
{
let mut reader = BufReader::new(&stream);

let mut request_line = String::new();
reader.read_line(&mut request_line).unwrap();

let redirect_url = request_line.split_whitespace().nth(1).unwrap();
let url = Url::parse(&("http://localhost".to_string() + redirect_url)).unwrap();

let code_pair = url
.query_pairs()
.find(|pair| {
let &(ref key, _) = pair;
key == "code"
})
.unwrap();

let (_, value) = code_pair;
code = AuthorizationCode::new(value.into_owned());

let state_pair = url
.query_pairs()
.find(|pair| {
let &(ref key, _) = pair;
key == "state"
})
.unwrap();

let (_, value) = state_pair;
state = CsrfToken::new(value.into_owned());
}

let message = "Go back to your terminal :)";
let response = format!(
"HTTP/1.1 200 OK\r\ncontent-length: {}\r\n\r\n{}",
message.len(),
message
);
stream.write_all(response.as_bytes()).unwrap();

println!("GitLab returned the following code:\n{}\n", code.secret());
println!(
"GitLab returned the following state:\n{} (expected `{}`)\n",
state.secret(),
csrf_state.secret()
);

// Exchange the code with a token.
let token_response = client
.exchange_code(code)
.request(http_client)
.unwrap_or_else(|err| {
handle_error(&err, "Failed to contact token endpoint");
unreachable!();
});

println!(
"GitLab returned access token:\n{}\n",
token_response.access_token().secret()
);
println!("GitLab returned scopes: {:?}", token_response.scopes());

let id_token_verifier: CoreIdTokenVerifier = client.id_token_verifier();
let id_token_claims: &CoreIdTokenClaims = token_response
.extra_fields()
.id_token()
.expect("Server did not return an ID token")
.claims(&id_token_verifier, &nonce)
.unwrap_or_else(|err| {
handle_error(&err, "Failed to verify ID token");
unreachable!();
});
println!("GitLab returned ID token: {:?}\n", id_token_claims);

let userinfo_claims: UserInfoClaims<GitLabClaims, CoreGenderClaim> = client
.user_info(token_response.access_token().to_owned(), None)
.unwrap_or_else(|err| {
handle_error(&err, "No user info endpoint");
unreachable!();
})
.request(http_client)
.unwrap_or_else(|err| {
handle_error(&err, "Failed requesting user info");
unreachable!();
});
println!("GitLab returned UserInfo: {:?}", userinfo_claims);
}
Loading