preparation for config reloading

author: metamuffin <metamuffin@disroot.org> 2025-11-14 20:11:18 +0100
committer: metamuffin <metamuffin@disroot.org> 2025-11-14 20:11:18 +0100
commit: 2e2807f022294d424f06206b8311bd3ad7b16f14 (patch)
tree: 93411244c5cd105a28ccb19d80d1f22c7864c6b9 /src/modules/auth
parent: 06e736c7947e3ae43779d8035542896a78227fa0 (diff)
download: gnix-2e2807f022294d424f06206b8311bd3ad7b16f14.tar
gnix-2e2807f022294d424f06206b8311bd3ad7b16f14.tar.bz2
gnix-2e2807f022294d424f06206b8311bd3ad7b16f14.tar.zst
3 files changed, 50 insertions, 29 deletions
diff --git a/src/modules/auth/basic.rs b/src/modules/auth/basic.rs
index 4b10a47..b8b3e52 100644
--- a/src/modules/auth/basic.rs
+++ b/src/modules/auth/basic.rs
@@ -4,10 +4,11 @@
     Copyright (C) 2025 metamuffin <metamuffin.org>
 */
 use crate::{
-    config::DynNode,
+    config::{DynNode, DynNodeConfig},
     error::ServiceError,
-    modules::{Node, NodeContext, NodeKind, NodeRequest, NodeResponse},
+    modules::{InstContext, Node, NodeContext, NodeKind, NodeRequest, NodeResponse},
 };
+use anyhow::Result;
 use base64::Engine;
 use futures::Future;
 use http_body_util::{combinators::BoxBody, BodyExt};
@@ -17,7 +18,6 @@ use hyper::{
 };
 use log::debug;
 use serde::Deserialize;
-use serde_yml::Value;
 use std::{pin::Pin, sync::Arc};
 
 use super::Credentials;
@@ -27,19 +27,24 @@ impl NodeKind for HttpBasicAuthKind {
     fn name(&self) -> &'static str {
         "http_basic_auth"
     }
-    fn instanciate(&self, config: Value) -> anyhow::Result<Arc<dyn Node>> {
-        Ok(Arc::new(serde_yml::from_value::<HttpBasicAuth>(config)?))
+    fn instanciate(&self, ic: InstContext) -> Result<DynNode> {
+        let config: HttpBasicAuth<DynNodeConfig> = ic.config().parse()?;
+        Ok(Arc::new(HttpBasicAuth {
+            next: ic.instanciate_child(config.next)?,
+            realm: config.realm,
+            users: config.users,
+        }))
     }
 }
 
 #[derive(Deserialize)]
-pub struct HttpBasicAuth {
+pub struct HttpBasicAuth<N> {
     realm: String,
     users: Credentials,
-    next: DynNode,
+    next: N,
 }
 
-impl Node for HttpBasicAuth {
+impl Node for HttpBasicAuth<DynNode> {
     fn handle<'a>(
         &'a self,
         context: &'a mut NodeContext,
diff --git a/src/modules/auth/cookie.rs b/src/modules/auth/cookie.rs
index c0935f7..81fc50a 100644
--- a/src/modules/auth/cookie.rs
+++ b/src/modules/auth/cookie.rs
@@ -3,15 +3,17 @@
     which is licensed under the GNU Affero General Public License (version 3); see /COPYING.
     Copyright (C) 2025 metamuffin <metamuffin.org>
 */
+use super::Credentials;
 use crate::{
-    config::{return_true, DynNode},
+    config::{return_true, DynNode, DynNodeConfig},
     error::ServiceError,
-    modules::{Node, NodeContext, NodeKind, NodeRequest, NodeResponse},
+    modules::{InstContext, Node, NodeContext, NodeKind, NodeRequest, NodeResponse},
 };
 use aes_gcm_siv::{
     aead::{Aead, Payload},
     Nonce,
 };
+use anyhow::Result;
 use base64::Engine;
 use bytes::Bytes;
 use futures::Future;
@@ -25,33 +27,37 @@ use log::debug;
 use percent_encoding::{percent_decode_str, percent_encode, NON_ALPHANUMERIC};
 use rand::random;
 use serde::Deserialize;
-use serde_yml::Value;
 use std::fmt::Write;
 use std::{pin::Pin, sync::Arc, time::SystemTime};
 
-use super::Credentials;
-
 pub struct CookieAuthKind;
 impl NodeKind for CookieAuthKind {
     fn name(&self) -> &'static str {
         "cookie_auth"
     }
-    fn instanciate(&self, config: Value) -> anyhow::Result<Arc<dyn Node>> {
-        Ok(Arc::new(serde_yml::from_value::<CookieAuth>(config)?))
+    fn instanciate(&self, ic: InstContext) -> Result<Arc<dyn Node>> {
+        let config: CookieAuth<DynNodeConfig> = ic.config().parse()?;
+        Ok(Arc::new(CookieAuth {
+            expire: config.expire,
+            secure: config.secure,
+            users: config.users,
+            fail: ic.instanciate_child(config.fail)?,
+            next: ic.instanciate_child(config.next)?,
+        }))
     }
 }
 
 #[derive(Deserialize)]
-pub struct CookieAuth {
+pub struct CookieAuth<N> {
     users: Credentials,
     expire: Option<u64>,
     #[serde(default = "return_true")]
     secure: bool,
-    next: DynNode,
-    fail: DynNode,
+    next: N,
+    fail: N,
 }
 
-impl Node for CookieAuth {
+impl Node for CookieAuth<DynNode> {
     fn handle<'a>(
         &'a self,
         context: &'a mut NodeContext,
@@ -160,7 +166,7 @@ impl Node for CookieAuth {
 
 fn apply_login_success_headers(
     context: &mut NodeContext,
-    node: &CookieAuth,
+    node: &CookieAuth<DynNode>,
     username: &str,
     r: &mut Response<BoxBody<Bytes, ServiceError>>,
 ) {
@@ -205,7 +211,7 @@ fn apply_login_success_headers(
 
 fn login_success_response(
     context: &mut NodeContext,
-    node: &CookieAuth,
+    node: &CookieAuth<DynNode>,
     referrer: Option<HeaderValue>,
     username: &str,
 ) -> Response<BoxBody<Bytes, ServiceError>> {
diff --git a/src/modules/auth/openid.rs b/src/modules/auth/openid.rs
index 0b5aea7..175fa22 100644
--- a/src/modules/auth/openid.rs
+++ b/src/modules/auth/openid.rs
@@ -4,14 +4,15 @@
     Copyright (C) 2025 metamuffin <metamuffin.org>
 */
 use crate::{
-    config::DynNode,
+    config::{DynNode, DynNodeConfig},
     error::ServiceError,
-    modules::{Node, NodeContext, NodeKind, NodeRequest, NodeResponse},
+    modules::{InstContext, Node, NodeContext, NodeKind, NodeRequest, NodeResponse},
 };
 use aes_gcm_siv::{
     aead::{Aead, Payload},
     Nonce,
 };
+use anyhow::Result;
 use base64::{prelude::BASE64_URL_SAFE_NO_PAD, Engine};
 use bytes::Buf;
 use futures::Future;
@@ -31,7 +32,6 @@ use percent_encoding::{
 use rand::random;
 use rustls::{pki_types::ServerName, RootCertStore};
 use serde::Deserialize;
-use serde_yml::Value;
 use sha2::{Digest, Sha256};
 use std::{collections::HashSet, io::Read, pin::Pin, str::FromStr, sync::Arc, time::SystemTime};
 use tokio::net::TcpStream;
@@ -41,13 +41,23 @@ impl NodeKind for OpenIDAuthKind {
     fn name(&self) -> &'static str {
         "openid_auth"
     }
-    fn instanciate(&self, config: Value) -> anyhow::Result<Arc<dyn Node>> {
-        Ok(Arc::new(serde_yml::from_value::<OpenIDAuth>(config)?))
+    fn instanciate(&self, ic: InstContext) -> Result<DynNode> {
+        let config: OpenIDAuth<DynNodeConfig> = ic.config().parse()?;
+        Ok(Arc::new(OpenIDAuth {
+            authorize_endpoint: config.authorize_endpoint,
+            authorized_emails: config.authorized_emails,
+            client_id: config.client_id,
+            client_secret: config.client_secret,
+            next: ic.instanciate_child(config.next)?,
+            salt: config.salt,
+            scope: config.scope,
+            token_endpoint: config.token_endpoint,
+        }))
     }
 }
 
 #[derive(Deserialize)]
-pub struct OpenIDAuth {
+pub struct OpenIDAuth<N> {
     salt: String,
     client_id: String,
     client_secret: String,
@@ -55,10 +65,10 @@ pub struct OpenIDAuth {
     token_endpoint: String,
     scope: String,
     authorized_emails: HashSet<String>,
-    next: DynNode,
+    next: N,
 }
 
-impl Node for OpenIDAuth {
+impl Node for OpenIDAuth<DynNode> {
     fn handle<'a>(
         &'a self,
         context: &'a mut NodeContext,
author	metamuffin <metamuffin@disroot.org>	2025-11-14 20:11:18 +0100
committer	metamuffin <metamuffin@disroot.org>	2025-11-14 20:11:18 +0100
commit	2e2807f022294d424f06206b8311bd3ad7b16f14 (patch)
tree	93411244c5cd105a28ccb19d80d1f22c7864c6b9 /src/modules/auth
parent	06e736c7947e3ae43779d8035542896a78227fa0 (diff)
download	gnix-2e2807f022294d424f06206b8311bd3ad7b16f14.tar gnix-2e2807f022294d424f06206b8311bd3ad7b16f14.tar.bz2 gnix-2e2807f022294d424f06206b8311bd3ad7b16f14.tar.zst