Dustin C. Hatch
3d2772cfc8
This commit adds two path operations, *GET /login* and *GET /oidc-callback*, which initiate and complete the OpenID connect login flow, respectively. Only the *Authorization Code* flow is supported, since this is the only flow implemented by Authelia. There is quite a bit of boilerplate required to fully implement an OIDC relying party, especially in Rust. The documentation for `openidconnect` is decent, but it still took quite a bit of trial and error to get everything working. After successfully finishing the OIDC login, the client will receive a cookie containing a JWT that can be used for further communication with the server. We're not using the OIDC tokens themselves for authorization. For development and testing, Dex is a simple and convenient OIDC IdP. The only caveat is its configuration file must contain list the TCP port clients will use to connect to it, meaning we cannot use Podman dynamic port allocation like we do for Meilisearch. Ultimately, this just means the integration tests will fail if there is another process already listening on 5556.
23 lines
453 B
Rust
23 lines
453 B
Rust
mod auth;
|
|
mod page;
|
|
|
|
use std::sync::LazyLock;
|
|
|
|
static SETUP: LazyLock<()> = LazyLock::new(|| {
|
|
tracing_subscriber::fmt()
|
|
.with_env_filter(tracing_subscriber::EnvFilter::new(
|
|
concat!(
|
|
env!("CARGO_PKG_NAME"),
|
|
"=trace,",
|
|
"seensite=trace,",
|
|
"debug",
|
|
)
|
|
))
|
|
.with_test_writer()
|
|
.init();
|
|
});
|
|
|
|
fn setup() {
|
|
LazyLock::force(&SETUP);
|
|
}
|