Fix missing root ca in get_token call

CenterDevice · Apr 9, 2020 · 255c87f · 255c87f
1 parent d225b59
commit 255c87f
Show file tree

Hide file tree

Showing 4 changed files with 87 additions and 6 deletions.
diff --git a/examples/get_tokens_root_ca.rs b/examples/get_tokens_root_ca.rs
@@ -0,0 +1,75 @@
+use centerdevice::{
+    client::auth::{Code, CodeProvider},
+    errors::Result,
+    Certificate,
+    ClientBuilder,
+    ClientCredentials,
+};
+
+use reqwest::IntoUrl;
+use std::{
+    env,
+    io::{self, Write},
+};
+
+struct MyCodeProvider {}
+
+impl CodeProvider for MyCodeProvider {
+    fn get_code<T: IntoUrl>(&self, auth_url: T) -> Result<Code> {
+        let auth_url = auth_url.into_url().expect("Failed to parse auth url");
+
+        println!(
+            "Please authenticate at the following URL, wait for the redirect, enter the code into the terminal, and \
+             then press return ..."
+        );
+        println!("\n\t{}\n", auth_url);
+        print!("Authentication code: ");
+        let _ = std::io::stdout().flush();
+        let mut input = String::new();
+        let _ = io::stdin().read_line(&mut input);
+        let code = input.trim();
+
+        let code = Code::new(code.to_string());
+
+        Ok(code)
+    }
+}
+
+fn main() {
+    let client_id = env::var_os("CENTERDEVICE_CLIENT_ID")
+        .expect("Environment variable 'CENTERDEVICE_CLIENT_ID' is not set.")
+        .to_string_lossy()
+        .to_string();
+    let client_secret = env::var_os("CENTERDEVICE_CLIENT_SECRET")
+        .expect("Environment variable 'CENTERDEVICE_CLIENT_SECRET' is not set.")
+        .to_string_lossy()
+        .to_string();
+    let redirect_uri = env::var_os("CENTERDEVICE_REDIRECT_URI")
+        .expect("Environment variable 'CENTERDEVICE_REDIRECT_URI' is not set.")
+        .to_string_lossy()
+        .to_string();
+    let base_url = env::var_os("CENTERDEVICE_BASE_URL")
+        .expect("Environment variable 'CENTERDEVICE_BASE_URL' is not set.")
+        .to_string_lossy()
+        .to_string();
+    let root_ca_file = env::var_os("CENTERDEVICE_ROOT_CA_FILE")
+        .expect("Environment variable 'CENTERDEVICE_ROOT_CA_FILE' is not set.")
+        .to_string_lossy()
+        .to_string();
+
+    let pem = std::fs::read(root_ca_file).expect("Failed to read Root CA pem file");
+    let certificate = Certificate::from_pem(&pem).expect("Failed to parse Root CA");
+
+    let client_credentials = ClientCredentials::new(&client_id, &client_secret);
+    let code_provider = MyCodeProvider {};
+
+    let client = ClientBuilder::new(&base_url, client_credentials)
+        .add_root_certificate(certificate)
+        .build()
+        .authorize_with_code_flow(&redirect_uri, &code_provider)
+        .expect("API call failed.");
+
+    let result = client.token();
+
+    println!("Result: '{:#?}'", result);
+}
diff --git a/examples/root_ca.rs → examples/refresh_access_token_root_ca.rs b/examples/root_ca.rs → examples/refresh_access_token_root_ca.rs
diff --git a/src/client.rs b/src/client.rs
@@ -42,8 +42,13 @@ impl<'a, 'b: 'a> UnauthorizedClient<'b> {
             .into_url()
             .map_err(|e| e.context(ErrorKind::FailedToPrepareHttpRequest(redirect_uri.to_string())))?;
 
-        let token =
-            auth::authorization_code_flow(&self.client_credentials, self.base_url, &redirect_url, code_provider)?;
+        let token = auth::authorization_code_flow(
+            &self.client_credentials,
+            self.base_url,
+            &redirect_url,
+            code_provider,
+            &self.http_client,
+        )?;
 
         let authorized_client = AuthorizedClient {
             base_url: self.base_url,

diff --git a/src/client/auth.rs b/src/client/auth.rs
@@ -2,6 +2,7 @@ use crate::{
     client::{AuthorizedClient, GeneralErrHandler},
     errors::{ErrorKind, Result},
     ClientCredentials,
+    HttpClient,
 };
 
 use failure::Fail;
@@ -57,9 +58,10 @@ pub fn authorization_code_flow<T: CodeProvider>(
     base_url: &str,
     redirect_uri: &Url,
     code_provider: &T,
+    http_client: &HttpClient,
 ) -> Result<Token> {
-    let code = get_code(client_credentials, &base_url, redirect_uri, code_provider)?;
-    let token = exchange_code_for_token(&code, client_credentials, base_url, redirect_uri)?;
+    let code = get_code(client_credentials, base_url, redirect_uri, code_provider)?;
+    let token = exchange_code_for_token(&code, client_credentials, base_url, redirect_uri, http_client)?;
 
     Ok(token)
 }
@@ -87,6 +89,7 @@ pub fn exchange_code_for_token(
     client_credentials: &ClientCredentials,
     base_url: &str,
     redirect_uri: &Url,
+    http_client: &HttpClient,
 ) -> Result<Token> {
     let token_endpoint = format!("https://auth.{}/token", base_url);
     let params = [
@@ -95,8 +98,6 @@ pub fn exchange_code_for_token(
         ("code", code.code.as_str()),
     ];
 
-    let http_client = reqwest::blocking::Client::new();
-
     let request = http_client
         .post(&token_endpoint)
         .basic_auth(&client_credentials.client_id, Some(&client_credentials.client_secret))