handlers: box the rng and clock, and extract it from the state

2025-11-20 12:02:22 +03:00 · 2023-01-18 17:32:54 +01:00
parent 8c585b20f0
commit 9005931e2a
52 changed files with 291 additions and 193 deletions
--- a/crates/handlers/src/upstream_oauth2/authorize.rs
+++ b/crates/handlers/src/upstream_oauth2/authorize.rs
@@ -24,7 +24,7 @@ use mas_oidc_client::requests::authorization_code::AuthorizationRequestData;
 use mas_router::UrlBuilder;
 use mas_storage::{
    upstream_oauth2::{UpstreamOAuthProviderRepository, UpstreamOAuthSessionRepository},
-    Clock, Repository,
+    BoxClock, BoxRng, Repository,
 };
 use mas_storage_pg::PgRepository;
 use sqlx::PgPool;
@@ -43,7 +43,6 @@ pub(crate) enum RouteError {
    Internal(Box<dyn std::error::Error>),
 }

-impl_from_error_for_route!(sqlx::Error);
 impl_from_error_for_route!(mas_http::ClientInitError);
 impl_from_error_for_route!(mas_oidc_client::error::DiscoveryError);
 impl_from_error_for_route!(mas_oidc_client::error::AuthorizationError);
@@ -59,6 +58,8 @@ impl IntoResponse for RouteError {
 }

 pub(crate) async fn get(
+    mut rng: BoxRng,
+    clock: BoxClock,
    State(http_client_factory): State<HttpClientFactory>,
    State(pool): State<PgPool>,
    State(url_builder): State<UrlBuilder>,
@@ -66,8 +67,6 @@ pub(crate) async fn get(
    Path(provider_id): Path<Ulid>,
    Query(query): Query<OptionalPostAuthAction>,
 ) -> Result<impl IntoResponse, RouteError> {
-    let (clock, mut rng) = crate::clock_and_rng();
-
    let mut repo = PgRepository::from_pool(&pool).await?;

    let provider = repo
@@ -115,7 +114,7 @@ pub(crate) async fn get(

    let cookie_jar = UpstreamSessionsCookie::load(&cookie_jar)
        .add(session.id, provider.id, data.state, query.post_auth_action)
-        .save(cookie_jar, clock.now());
+        .save(cookie_jar, &clock);

    repo.save().await?;

--- a/crates/handlers/src/upstream_oauth2/callback.rs
+++ b/crates/handlers/src/upstream_oauth2/callback.rs
@@ -30,7 +30,7 @@ use mas_storage::{
        UpstreamOAuthLinkRepository, UpstreamOAuthProviderRepository,
        UpstreamOAuthSessionRepository,
    },
-    Clock, Repository,
+    BoxClock, BoxRng, Clock, Repository,
 };
 use mas_storage_pg::PgRepository;
 use oauth2_types::errors::ClientErrorCode;
@@ -102,7 +102,6 @@ pub(crate) enum RouteError {

 impl_from_error_for_route!(mas_storage_pg::DatabaseError);
 impl_from_error_for_route!(mas_http::ClientInitError);
-impl_from_error_for_route!(sqlx::Error);
 impl_from_error_for_route!(mas_oidc_client::error::DiscoveryError);
 impl_from_error_for_route!(mas_oidc_client::error::JwksError);
 impl_from_error_for_route!(mas_oidc_client::error::TokenAuthorizationCodeError);
@@ -122,6 +121,8 @@ impl IntoResponse for RouteError {

 #[allow(clippy::too_many_lines, clippy::too_many_arguments)]
 pub(crate) async fn get(
+    mut rng: BoxRng,
+    clock: BoxClock,
    State(http_client_factory): State<HttpClientFactory>,
    State(pool): State<PgPool>,
    State(url_builder): State<UrlBuilder>,
@@ -131,8 +132,6 @@ pub(crate) async fn get(
    Path(provider_id): Path<Ulid>,
    Query(params): Query<QueryParams>,
 ) -> Result<impl IntoResponse, RouteError> {
-    let (clock, mut rng) = crate::clock_and_rng();
-
    let mut repo = PgRepository::from_pool(&pool).await?;

    let provider = repo
@@ -268,7 +267,7 @@ pub(crate) async fn get(

    let cookie_jar = sessions_cookie
        .add_link_to_session(session.id, link.id)?
-        .save(cookie_jar, clock.now());
+        .save(cookie_jar, &clock);

    repo.save().await?;

--- a/crates/handlers/src/upstream_oauth2/cookie.rs
+++ b/crates/handlers/src/upstream_oauth2/cookie.rs
@@ -18,6 +18,7 @@ use axum_extra::extract::{cookie::Cookie, PrivateCookieJar};
 use chrono::{DateTime, Duration, NaiveDateTime, Utc};
 use mas_axum_utils::CookieExt;
 use mas_router::PostAuthAction;
+use mas_storage::Clock;
 use serde::{Deserialize, Serialize};
 use thiserror::Error;
 use time::OffsetDateTime;
@@ -65,11 +66,11 @@ impl UpstreamSessions {
    }

    /// Save the upstreams sessions to the cookie jar
-    pub fn save<K>(
-        self,
-        cookie_jar: PrivateCookieJar<K>,
-        now: DateTime<Utc>,
-    ) -> PrivateCookieJar<K> {
+    pub fn save<K, C>(self, cookie_jar: PrivateCookieJar<K>, clock: &C) -> PrivateCookieJar<K>
+    where
+        C: Clock,
+    {
+        let now = clock.now();
        let this = self.expire(now);
        let mut cookie = Cookie::named(COOKIE_NAME).encode(&this);
        cookie.set_path("/");
--- a/crates/handlers/src/upstream_oauth2/link.rs
+++ b/crates/handlers/src/upstream_oauth2/link.rs
@@ -27,7 +27,7 @@ use mas_keystore::Encrypter;
 use mas_storage::{
    upstream_oauth2::{UpstreamOAuthLinkRepository, UpstreamOAuthSessionRepository},
    user::{BrowserSessionRepository, UserRepository},
-    Clock, Repository,
+    BoxClock, BoxRng, Repository,
 };
 use mas_storage_pg::PgRepository;
 use mas_templates::{
@@ -70,7 +70,6 @@ pub(crate) enum RouteError {
    Internal(Box<dyn std::error::Error>),
 }

-impl_from_error_for_route!(sqlx::Error);
 impl_from_error_for_route!(mas_templates::TemplateError);
 impl_from_error_for_route!(mas_axum_utils::csrf::CsrfError);
 impl_from_error_for_route!(super::cookie::UpstreamSessionNotFound);
@@ -95,14 +94,14 @@ pub(crate) enum FormData {
 }

 pub(crate) async fn get(
+    mut rng: BoxRng,
+    clock: BoxClock,
    State(pool): State<PgPool>,
    State(templates): State<Templates>,
    cookie_jar: PrivateCookieJar<Encrypter>,
    Path(link_id): Path<Ulid>,
 ) -> Result<impl IntoResponse, RouteError> {
    let mut repo = PgRepository::from_pool(&pool).await?;
-    let (clock, mut rng) = crate::clock_and_rng();
-
    let sessions_cookie = UpstreamSessionsCookie::load(&cookie_jar);
    let (session_id, _post_auth_action) = sessions_cookie
        .lookup_link(link_id)
@@ -131,7 +130,7 @@ pub(crate) async fn get(
    }

    let (user_session_info, cookie_jar) = cookie_jar.session_info();
-    let (csrf_token, mut cookie_jar) = cookie_jar.csrf_token(clock.now(), &mut rng);
+    let (csrf_token, mut cookie_jar) = cookie_jar.csrf_token(&clock, &mut rng);
    let maybe_user_session = user_session_info.load_session(&mut repo).await?;

    let render = match (maybe_user_session, link.user_id) {
@@ -212,14 +211,15 @@ pub(crate) async fn get(
 }

 pub(crate) async fn post(
+    mut rng: BoxRng,
+    clock: BoxClock,
    State(pool): State<PgPool>,
    cookie_jar: PrivateCookieJar<Encrypter>,
    Path(link_id): Path<Ulid>,
    Form(form): Form<ProtectedForm<FormData>>,
 ) -> Result<impl IntoResponse, RouteError> {
-    let (clock, mut rng) = crate::clock_and_rng();
    let mut repo = PgRepository::from_pool(&pool).await?;
-    let form = cookie_jar.verify_form(clock.now(), form)?;
+    let form = cookie_jar.verify_form(&clock, form)?;

    let sessions_cookie = UpstreamSessionsCookie::load(&cookie_jar);
    let (session_id, post_auth_action) = sessions_cookie
@@ -297,7 +297,7 @@ pub(crate) async fn post(

    let cookie_jar = sessions_cookie
        .consume_link(link_id)?
-        .save(cookie_jar, clock.now());
+        .save(cookie_jar, &clock);
    let cookie_jar = cookie_jar.set_session(&session);

    repo.save().await?;