From bf1d96fc23551a873ac2d8f570c590ad2f9b0b64 Mon Sep 17 00:00:00 2001 From: Quentin Gliech Date: Thu, 12 May 2022 15:06:37 +0200 Subject: [PATCH] Add password change discovery See https://web.dev/change-password-url/ --- crates/handlers/src/lib.rs | 4 ++++ crates/handlers/src/views/account/password.rs | 4 ++-- crates/handlers/src/views/shared.rs | 3 ++- crates/router/src/endpoints.rs | 9 +++++++++ crates/templates/src/context.rs | 5 ++++- 5 files changed, 21 insertions(+), 4 deletions(-) diff --git a/crates/handlers/src/lib.rs b/crates/handlers/src/lib.rs index 9be667ab..5be5ad1b 100644 --- a/crates/handlers/src/lib.rs +++ b/crates/handlers/src/lib.rs @@ -60,6 +60,10 @@ where { // All those routes are API-like, with a common CORS layer let api_router = Router::new() + .route( + mas_router::ChangePasswordDiscovery::route(), + get(|| async { mas_router::AccountPassword.go() }), + ) .route( mas_router::OidcConfiguration::route(), get(self::oauth2::discovery::get), diff --git a/crates/handlers/src/views/account/password.rs b/crates/handlers/src/views/account/password.rs index 127c9631..91a51d28 100644 --- a/crates/handlers/src/views/account/password.rs +++ b/crates/handlers/src/views/account/password.rs @@ -54,7 +54,7 @@ pub(crate) async fn get( if let Some(session) = maybe_session { render(templates, session, cookie_jar).await } else { - let login = mas_router::Login::default(); + let login = mas_router::Login::and_then(mas_router::PostAuthAction::ChangePassword); Ok((cookie_jar, login.go()).into_response()) } } @@ -92,7 +92,7 @@ pub(crate) async fn post( let mut session = if let Some(session) = maybe_session { session } else { - let login = mas_router::Login::default(); + let login = mas_router::Login::and_then(mas_router::PostAuthAction::ChangePassword); return Ok((cookie_jar, login.go()).into_response()); }; diff --git a/crates/handlers/src/views/shared.rs b/crates/handlers/src/views/shared.rs index 62659b61..694a831c 100644 --- a/crates/handlers/src/views/shared.rs +++ b/crates/handlers/src/views/shared.rs @@ -38,9 +38,10 @@ impl OptionalPostAuthAction { match &self.post_auth_action { Some(PostAuthAction::ContinueAuthorizationGrant { data }) => { let grant = get_grant_by_id(conn, *data).await?; - let grant = grant.into(); + let grant = Box::new(grant.into()); Ok(Some(PostAuthContext::ContinueAuthorizationGrant { grant })) } + Some(PostAuthAction::ChangePassword) => Ok(Some(PostAuthContext::ChangePassword)), None => Ok(None), } } diff --git a/crates/router/src/endpoints.rs b/crates/router/src/endpoints.rs index 72540039..d5f1bcf5 100644 --- a/crates/router/src/endpoints.rs +++ b/crates/router/src/endpoints.rs @@ -23,6 +23,7 @@ pub enum PostAuthAction { #[serde(deserialize_with = "serde_with::rust::display_fromstr::deserialize")] data: i64, }, + ChangePassword, } impl PostAuthAction { @@ -35,6 +36,7 @@ impl PostAuthAction { pub fn go_next(&self) -> axum::response::Redirect { match self { Self::ContinueAuthorizationGrant { data } => ContinueAuthorizationGrant(*data).go(), + Self::ChangePassword => AccountPassword.go(), } } } @@ -55,6 +57,13 @@ impl SimpleRoute for Webfinger { const PATH: &'static str = "/.well-known/webfinger"; } +/// `GET /.well-known/change-password` +pub struct ChangePasswordDiscovery; + +impl SimpleRoute for ChangePasswordDiscovery { + const PATH: &'static str = "/.well-known/change-password"; +} + /// `GET /oauth2/keys.json` #[derive(Debug, Clone)] pub struct OAuth2Keys; diff --git a/crates/templates/src/context.rs b/crates/templates/src/context.rs index 744c2885..a35d54fb 100644 --- a/crates/templates/src/context.rs +++ b/crates/templates/src/context.rs @@ -245,8 +245,11 @@ pub enum PostAuthContext { /// Continue an authorization grant ContinueAuthorizationGrant { /// The authorization grant that will be continued after authentication - grant: AuthorizationGrant<()>, + grant: Box>, }, + + /// Change the account password + ChangePassword, } /// Context used by the `login.html` template