chore(auth): actually use user-auth config for determining auth plugins to load

2024-03-03 06:16:53 +01:00 · 2024-03-03 06:16:53 +01:00 · bb03d28b7d
commit bb03d28b7d
parent 2196e89208
1 changed files with 22 additions and 11 deletions
--- a/src/Application.hs
+++ b/src/Application.hs
@ -60,7 +60,6 @@ import System.Directory
 import Jobs

 import qualified Data.Text.Encoding as Text
-import qualified Data.Text as Text

 import Yesod.Auth.OAuth2.AzureADv2 (oauth2AzureADv2Scoped)
 import Yesod.Auth.Util.PasswordStore
@ -344,21 +343,33 @@ makeFoundation appSettings''@AppSettings{..} = do
      appAuthKey <- clusterSetting (Proxy :: Proxy 'ClusterAuthKey) `customRunSqlPool` sqlPool
      appPersonalisedSheetFilesSeedKey <- clusterSetting (Proxy :: Proxy 'ClusterPersonalisedSheetFilesSeedKey) `customRunSqlPool` sqlPool

-
-      mAzureTenantID <- liftIO $ (fmap Text.pack) <$> (return $ Just "123") -- lookupEnv "AZURE_ADV2_TENANT_ID"
+      -- TODO: either migrate these to Foundation.Instances, or migrate additions in Foundation.Instances here
+      -- TODO: use scopes from Settings
+#ifdef DEVELOPMENT
+      oauth2Plugins <- liftIO $ sequence
+        [ (azureMockServer . fromJust) <$> lookupEnv "OAUTH2_SERVER_PORT"
+        , return $ oauth2AzureADv2Scoped ["openid", "profile", "offline_access"] "42" "42" "shhh"
+        ]
+#else
      let -- Auth Plugins
-        tenantID = fromMaybe (error "Tenant ID mising") mAzureTenantID
        loadPlugin p prefix = do -- Loads given YesodAuthPlugin
-          mID <- (fmap Text.pack) <$> (return $ Just "UWX") -- (lookupEnv $ prefix ++ "_CLIENT_ID")
-          mSecret <- (fmap Text.pack) <$> (return $ Just prefix) -- (lookupEnv $ prefix ++ "_CLIENT_SECRET")
+          mID <- fmap Text.pack <$> appUserAuthConf ^? _UserAuthConfSingleSource . _AuthSourceConfAzure . _azureConfClientId
+          mSecret <- fmap Text.pack <$> appUserAuthConf ^? _UserAuthConfSingleSource . _AuthSourceConfAzure . _azureConfClientSecret
          let mArgs = (,) <$> mID <*> mSecret
          guard $ isJust mArgs
          return . uncurry p $ fromJust mArgs
-
-      appAuthPlugins <- liftIO $ sequence [
-          (azureMockServer . fromJust) <$> lookupEnv "OAUTH2_SERVER_PORT"
-        , loadPlugin (oauth2AzureADv2Scoped ["openid", "profile", "offline_access"] tenantID) "AZURE_ADV2"
-        ]
+        tenantID = case appUserAuthConf of
+          UserAuthConfSingleSource (AuthSourceConfAzure AzureConf{..})
+            -> Text.pack azureConfTenantId
+          _other
+            -> error "Tenant ID missing!"
+        oauth2Plugins
+          | UserAuthConfSingleSource (AuthSourceConfAzure AzureConf{..}) appUserAuthConf
+            -> singleton $ oauth2AzureADv2Scoped (Set.toList azureConfScopes) azureConfTenantId azureConfClientId azureConfClientSecret
+          | otherwise
+            -> mempty
+#endif
+      let appAuthPlugins = oauth2Plugins


      let appVolatileClusterSettingsCacheTime' = Clock.fromNanoSecs ns