hai 11 meses · bc4f8eb1e0
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -2356,7 +2356,7 @@ checksum = "ed646292ffc8188ef8ea4d1e0e0150fb15a5c2e12ad9b8fc191ae7a8a7f3c4b9"
 
				 
			
 
				 [[package]]
			
 
				 name = "uidc"
			
 
				-version = "0.0.1"
			
 
				+version = "0.0.2"
			
 
				 dependencies = [
			
 
				  "base32",
			
 
				  "base64 0.13.1",
			
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,6 +1,6 @@
 
				 [package]
			
 
				 name = "uidc"
			
 
				-version = "0.0.1"
			
 
				+version = "0.0.2"
			
 
				 edition = "2021"
			
 
				 
			
 
				 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
			
--- a/simple-setup.sh
+++ b/simple-setup.sh
@@ -11,7 +11,9 @@ base_url = "http://localhost:2114"
 
				 EOF
			
 
				 
			
 
				 $UIDC key generate ed25519
			
 
				+$UIDC key generate rsa2048
			
 
				 $UIDC client create testclient ed25519
			
 
				+$UIDC client create testclient-rsa rsa2048
			
 
				 $UIDC user create kestrel
			
 
				 echo "please enter password for user 'kestrel'"
			
 
				 $UIDC user update-auth -p kestrel
			
--- a/src/server/oidc.rs
+++ b/src/server/oidc.rs
@@ -9,6 +9,11 @@ mod api;
 
				 
			
 
				 type Request = tide::Request<super::ServerStateWrapper>;
			
 
				 
			
 
				+const AUTHORIZE_PATH: &'static str = "oidc/authorize";
			
 
				+const TOKEN_PATH: &'static str = "oidc/token";
			
 
				+const JWKS_PATH: &'static str = "oidc/jwks";
			
 
				+const DISCOVERY_PATH: &'static str = ".well-known/openid-configuration";
			
 
				+
			
 
				 #[derive(serde::Serialize)]
			
 
				 pub enum OIDCErrorType {
			
 
				     InvalidRequest,
			
@@ -297,7 +302,7 @@ async fn do_token<'l>(mut request: Request) -> Result<tide::Response, OIDCError<
 
				         let now = std::time::SystemTime::now();
			
 
				         if code.expiry < now {
			
 
				             return Err(OIDCError(
			
 
				-                OIDCErrorType::InvalidRequest,
			
 
				+                OIDCErrorType::AccessDenied,
			
 
				                 "expired authorization code".into(),
			
 
				                 None,
			
 
				             ));
			
@@ -359,10 +364,6 @@ async fn token(request: Request) -> tide::Result<tide::Response> {
 
				     }
			
 
				 }
			
 
				 
			
 
				-const AUTHORIZE_PATH: &'static str = "oidc/authorize";
			
 
				-const TOKEN_PATH: &'static str = "oidc/token";
			
 
				-const JWKS_PATH: &'static str = "oidc/jwks";
			
 
				-
			
 
				 async fn jwks(request: Request) -> tide::Result<tide::Response> {
			
 
				     let shelper = SessionHelper::new(&request);
			
 
				     let realm = shelper.get_realm()?;
			
@@ -434,7 +435,5 @@ pub(super) fn oidc_server(mut route: tide::Route<super::ServerStateWrapper>) {
 
				     route.at(AUTHORIZE_PATH).get(authorize).post(authorize);
			
 
				     route.at(TOKEN_PATH).post(token);
			
 
				     route.at(JWKS_PATH).get(jwks);
			
 
				-    route
			
 
				-        .at(".well-known/openid-configuration")
			
 
				-        .get(discovery_config);
			
 
				+    route.at(DISCOVERY_PATH).get(discovery_config);
			
 
				 }