This commit adds two path operations, *GET /login* and *GET
/oidc-callback*, which initiate and complete the OpenID connect login
flow, respectively. Only the *Authorization Code* flow is supported,
since this is the only flow implemented by Authelia.
There is quite a bit of boilerplate required to fully implement an OIDC
relying party, especially in Rust. The documentation for
`openidconnect` is decent, but it still took quite a bit of trial and
error to get everything working.
After successfully finishing the OIDC login, the client will receive a
cookie containing a JWT that can be used for further communication with
the server. We're not using the OIDC tokens themselves for
authorization.
For development and testing, Dex is a simple and convenient OIDC IdP.
The only caveat is its configuration file must contain list the TCP port
clients will use to connect to it, meaning we cannot use Podman dynamic
port allocation like we do for Meilisearch. Ultimately, this just means
the integration tests will fail if there is another process already
listening on 5556.
Refactoring the code a bit here to make the `Rocket` instance available
to the integration tests. To do this, we have to convert to a library
crate (`lib.rs`) with an executable entry point (`main.rs`). This
allows the tests, which are separate crates, to import types and
functions from the library.
Besides splitting the `rocket` function into two parts (one in `lib.rs`
that creates the `Rocket<Build>` and another in `main.rs` that becomes
the process entry point), I have reworked the initialization process to
make better use of Rocket's "fairings" feature. We don't want to call
`process::exit()` in a test, so if there is a problem reading the
configuration or initializing the context, we need to report it to
Rocket instead.
We'll use a JWT in the `Authorization` request header to identify the
user saving a page. The token will need to be set in the _authorization
token_ field in the SingleFile configuration so it will be included when
uploading.
