Implement the device consent logic

2025-08-09 04:22:45 +03:00 · 2023-12-08 14:23:34 +01:00
parent 50654d2e40
commit 67ab42155c
12 changed files with 482 additions and 27 deletions
--- a/crates/router/src/endpoints.rs
+++ b/crates/router/src/endpoints.rs
@@ -24,6 +24,9 @@ pub enum PostAuthAction {
    ContinueAuthorizationGrant {
        id: Ulid,
    },
+    ContinueDeviceCodeGrant {
+        id: Ulid,
+    },
    ContinueCompatSsoLogin {
        id: Ulid,
    },
@@ -43,6 +46,11 @@ impl PostAuthAction {
        PostAuthAction::ContinueAuthorizationGrant { id }
    }

+    #[must_use]
+    pub const fn continue_device_code_grant(id: Ulid) -> Self {
+        PostAuthAction::ContinueDeviceCodeGrant { id }
+    }
+
    #[must_use]
    pub const fn continue_compat_sso_login(id: Ulid) -> Self {
        PostAuthAction::ContinueCompatSsoLogin { id }
@@ -63,6 +71,9 @@ impl PostAuthAction {
            Self::ContinueAuthorizationGrant { id } => {
                url_builder.redirect(&ContinueAuthorizationGrant(*id))
            }
+            Self::ContinueDeviceCodeGrant { id } => {
+                url_builder.redirect(&DeviceCodeConsent::new(*id))
+            }
            Self::ContinueCompatSsoLogin { id } => {
                url_builder.redirect(&CompatLoginSsoComplete::new(*id, None))
            }
@@ -203,6 +214,13 @@ impl Login {
        }
    }

+    #[must_use]
+    pub const fn and_continue_device_code_grant(id: Ulid) -> Self {
+        Self {
+            post_auth_action: Some(PostAuthAction::continue_device_code_grant(id)),
+        }
+    }
+
    #[must_use]
    pub const fn and_continue_compat_sso_login(id: Ulid) -> Self {
        Self {
@@ -266,6 +284,13 @@ impl Reauth {
        }
    }

+    #[must_use]
+    pub fn and_continue_device_code_grant(data: Ulid) -> Self {
+        Self {
+            post_auth_action: Some(PostAuthAction::continue_device_code_grant(data)),
+        }
+    }
+
    /// Get a reference to the reauth's post auth action.
    #[must_use]
    pub fn post_auth_action(&self) -> Option<&PostAuthAction> {
@@ -713,6 +738,30 @@ impl Route for DeviceCodeLink {
    }
 }

+/// `GET|POST /link/:device_code_id`
+#[derive(Default, Serialize, Deserialize, Debug, Clone)]
+pub struct DeviceCodeConsent {
+    id: Ulid,
+}
+
+impl Route for DeviceCodeConsent {
+    type Query = ();
+    fn route() -> &'static str {
+        "/link/:device_code_id"
+    }
+
+    fn path(&self) -> std::borrow::Cow<'static, str> {
+        format!("/link/{}", self.id).into()
+    }
+}
+
+impl DeviceCodeConsent {
+    #[must_use]
+    pub fn new(id: Ulid) -> Self {
+        Self { id }
+    }
+}
+
 /// `POST /oauth2/device`
 #[derive(Default, Serialize, Deserialize, Debug, Clone)]
 pub struct OAuth2DeviceAuthorizationEndpoint;
--- a/crates/router/src/traits.rs
+++ b/crates/router/src/traits.rs
@@ -32,7 +32,12 @@ pub trait Route {
        let path = self.path();
        if let Some(query) = self.query() {
            let query = serde_urlencoded::to_string(query).unwrap();
-            format!("{path}?{query}").into()
+
+            if query.is_empty() {
+                path
+            } else {
+                format!("{path}?{query}").into()
+            }
        } else {
            path
        }