···

       
469
       
 
       
 "axum",

     

       
470
       
 
       
 "axum-core",

     

       
471
       
 
       
 "bytes",

     

       
0
       
 
       

     

       
472
       
 
       
 "futures-util",

     

       
473
       
 
       
 "headers",

     

       
474
       
 
       
 "http",

     
···

       
918
       
 
       
 "tower-http",

     

       
919
       
 
       
 "tungstenite 0.26.2",

     

       
920
       
 
       
 "zstd",

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
921
       
 
       
]

     

       
922
       
 
       


     

       
923
       
 
       
[[package]]

     
···

       
4851
       
 
       
 "atrium-identity",

     

       
4852
       
 
       
 "atrium-oauth",

     

       
4853
       
 
       
 "axum",

     

       
0
       
 
       

     

       
4854
       
 
       
 "clap",

     

       
4855
       
 
       
 "hickory-resolver",

     

       
4856
       
 
       
 "metrics",

     

···

       
469
       
 
       
 "axum",

     

       
470
       
 
       
 "axum-core",

     

       
471
       
 
       
 "bytes",

     

       
472
       
+
       
 "cookie",

     

       
473
       
 
       
 "futures-util",

     

       
474
       
 
       
 "headers",

     

       
475
       
 
       
 "http",

     
···

       
919
       
 
       
 "tower-http",

     

       
920
       
 
       
 "tungstenite 0.26.2",

     

       
921
       
 
       
 "zstd",

     

       
922
       
+
       
]

     

       
923
       
+
       


     

       
924
       
+
       
[[package]]

     

       
925
       
+
       
name = "cookie"

     

       
926
       
+
       
version = "0.18.1"

     

       
927
       
+
       
source = "registry+https://github.com/rust-lang/crates.io-index"

     

       
928
       
+
       
checksum = "4ddef33a339a91ea89fb53151bd0a4689cfce27055c291dfa69945475d22c747"

     

       
929
       
+
       
dependencies = [

     

       
930
       
+
       
 "base64 0.22.1",

     

       
931
       
+
       
 "hmac",

     

       
932
       
+
       
 "percent-encoding",

     

       
933
       
+
       
 "rand 0.8.5",

     

       
934
       
+
       
 "sha2",

     

       
935
       
+
       
 "subtle",

     

       
936
       
+
       
 "time",

     

       
937
       
+
       
 "version_check",

     

       
938
       
 
       
]

     

       
939
       
 
       


     

       
940
       
 
       
[[package]]

     
···

       
4868
       
 
       
 "atrium-identity",

     

       
4869
       
 
       
 "atrium-oauth",

     

       
4870
       
 
       
 "axum",

     

       
4871
       
+
       
 "axum-extra",

     

       
4872
       
 
       
 "clap",

     

       
4873
       
 
       
 "hickory-resolver",

     

       
4874
       
 
       
 "metrics",

     

···

       
8
       
 
       
atrium-identity = "0.1.5"

     

       
9
       
 
       
atrium-oauth = "0.1.3"

     

       
10
       
 
       
axum = "0.8.4"

     

       
0
       
 
       

     

       
11
       
 
       
clap = { version = "4.5.40", features = ["derive"] }

     

       
12
       
 
       
hickory-resolver = "0.25.2"

     

       
13
       
 
       
metrics = "0.24.2"

     

···

       
8
       
 
       
atrium-identity = "0.1.5"

     

       
9
       
 
       
atrium-oauth = "0.1.3"

     

       
10
       
 
       
axum = "0.8.4"

     

       
11
       
+
       
axum-extra = { version = "0.10.1", features = ["cookie-signed", "typed-header"] }

     

       
12
       
 
       
clap = { version = "4.5.40", features = ["derive"] }

     

       
13
       
 
       
hickory-resolver = "0.25.2"

     

       
14
       
 
       
metrics = "0.24.2"

     

···

       
2
       
 
       
use atrium_oauth::CallbackParams;

     

       
3
       
 
       
use axum::{

     

       
4
       
 
       
    Router,

     

       
5
       
-
       
    extract::{Query, State},

     

       
6
       
 
       
    response::{Html, Redirect},

     

       
7
       
 
       
    routing::get,

     

       
8
       
 
       
};

     

       
0
       
 
       

     

       
9
       
 
       


     

       
10
       
 
       
use serde::Deserialize;

     

       
11
       
 
       
use std::sync::Arc;

     
···

       
14
       
 
       


     

       
15
       
 
       
use crate::{Client, authorize, client};

     

       
16
       
 
       


     

       
0
       
 
       

     

       
17
       
 
       
const INDEX_HTML: &str = include_str!("../static/index.html");

     

       
18
       
-
       
const FAVICON: &[u8] = include_bytes!("../static/favicon.ico");

     

       
19
       
 
       


     

       
20
       
 
       
pub async fn serve(shutdown: CancellationToken) {

     

       
21
       
 
       
    let state = AppState {

     

       
0
       
 
       

     

       
22
       
 
       
        client: Arc::new(client()),

     

       
23
       
 
       
    };

     

       
24
       
 
       


     

       
25
       
 
       
    let app = Router::new()

     

       
26
       
 
       
        .route("/", get(|| async { Html(INDEX_HTML) }))

     

       
27
       
 
       
        .route("/favicon.ico", get(|| async { FAVICON })) // todo MIME

     

       
0
       
 
       

     

       
28
       
 
       
        .route("/auth", get(start_oauth))

     

       
29
       
 
       
        .route("/authorized", get(complete_oauth))

     

       
30
       
 
       
        .with_state(state);

     
···

       
41
       
 
       


     

       
42
       
 
       
#[derive(Clone)]

     

       
43
       
 
       
struct AppState {

     

       
0
       
 
       

     

       
44
       
 
       
    pub client: Arc<Client>,

     

       
45
       
 
       
}

     

       
46
       
 
       


     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
47
       
 
       
#[derive(Debug, Deserialize)]

     

       
48
       
 
       
struct BeginOauthParams {

     

       
49
       
 
       
    handle: String,

     
···

       
51
       
 
       
async fn start_oauth(

     

       
52
       
 
       
    State(state): State<AppState>,

     

       
53
       
 
       
    Query(params): Query<BeginOauthParams>,

     

       
54
       
-
       
) -> Redirect {

     

       
55
       
-
       
    let AppState { client } = state;

     

       
56
       
-
       
    let BeginOauthParams { handle } = params;

     

       
57
       
-
       
    let auth_url = authorize(&client, &handle).await;

     

       
58
       
-
       
    Redirect::to(&auth_url)

     

       
0
       
 
       

     

       
0
       
 
       

     

       
59
       
 
       
}

     

       
60
       
 
       


     

       
61
       
 
       
async fn complete_oauth(

     

       
62
       
 
       
    State(state): State<AppState>,

     

       
63
       
 
       
    Query(params): Query<CallbackParams>,

     

       
64
       
-
       
) -> Html<String> {

     

       
65
       
-
       
    let AppState { client } = state;

     

       
66
       
-
       
    let Ok((oauth_session, _)) = client.callback(params).await else {

     

       
67
       
 
       
        panic!("failed to do client callback");

     

       
68
       
 
       
    };

     

       
69
       
 
       
    let did = oauth_session.did().await.expect("a did to be present");

     

       
70
       
-
       
    Html(format!("sup: {did:?}"))

     

       
0
       
 
       

     

       
71
       
 
       
}

     

···

       
2
       
 
       
use atrium_oauth::CallbackParams;

     

       
3
       
 
       
use axum::{

     

       
4
       
 
       
    Router,

     

       
5
       
+
       
    extract::{FromRef, Query, State},

     

       
6
       
 
       
    response::{Html, Redirect},

     

       
7
       
 
       
    routing::get,

     

       
8
       
 
       
};

     

       
9
       
+
       
use axum_extra::extract::cookie::{Cookie, Key, SignedCookieJar};

     

       
10
       
 
       


     

       
11
       
 
       
use serde::Deserialize;

     

       
12
       
 
       
use std::sync::Arc;

     
···

       
15
       
 
       


     

       
16
       
 
       
use crate::{Client, authorize, client};

     

       
17
       
 
       


     

       
18
       
+
       
const FAVICON: &[u8] = include_bytes!("../static/favicon.ico");

     

       
19
       
 
       
const INDEX_HTML: &str = include_str!("../static/index.html");

     

       
20
       
+
       
const LOGIN_HTML: &str = include_str!("../static/login.html");

     

       
21
       
 
       


     

       
22
       
 
       
pub async fn serve(shutdown: CancellationToken) {

     

       
23
       
 
       
    let state = AppState {

     

       
24
       
+
       
        key: Key::generate(), // TODO: via config

     

       
25
       
 
       
        client: Arc::new(client()),

     

       
26
       
 
       
    };

     

       
27
       
 
       


     

       
28
       
 
       
    let app = Router::new()

     

       
29
       
 
       
        .route("/", get(|| async { Html(INDEX_HTML) }))

     

       
30
       
 
       
        .route("/favicon.ico", get(|| async { FAVICON })) // todo MIME

     

       
31
       
+
       
        .route("/prompt", get(prompt))

     

       
32
       
 
       
        .route("/auth", get(start_oauth))

     

       
33
       
 
       
        .route("/authorized", get(complete_oauth))

     

       
34
       
 
       
        .with_state(state);

     
···

       
45
       
 
       


     

       
46
       
 
       
#[derive(Clone)]

     

       
47
       
 
       
struct AppState {

     

       
48
       
+
       
    pub key: Key,

     

       
49
       
 
       
    pub client: Arc<Client>,

     

       
50
       
 
       
}

     

       
51
       
 
       


     

       
52
       
+
       
impl FromRef<AppState> for Key {

     

       
53
       
+
       
    fn from_ref(state: &AppState) -> Self {

     

       
54
       
+
       
        state.key.clone()

     

       
55
       
+
       
    }

     

       
56
       
+
       
}

     

       
57
       
+
       


     

       
58
       
+
       
async fn prompt(jar: SignedCookieJar) -> (SignedCookieJar, Html<String>) {

     

       
59
       
+
       
    let m = if let Some(did) = jar.get("did") {

     

       
60
       
+
       
        format!("oh i know you: {did}")

     

       
61
       
+
       
    } else {

     

       
62
       
+
       
        LOGIN_HTML.into()

     

       
63
       
+
       
    };

     

       
64
       
+
       
    (jar, Html(m))

     

       
65
       
+
       
}

     

       
66
       
+
       


     

       
67
       
 
       
#[derive(Debug, Deserialize)]

     

       
68
       
 
       
struct BeginOauthParams {

     

       
69
       
 
       
    handle: String,

     
···

       
71
       
 
       
async fn start_oauth(

     

       
72
       
 
       
    State(state): State<AppState>,

     

       
73
       
 
       
    Query(params): Query<BeginOauthParams>,

     

       
74
       
+
       
    jar: SignedCookieJar,

     

       
75
       
+
       
) -> (SignedCookieJar, Redirect) {

     

       
76
       
+
       
    // if any existing session was active, clear it first

     

       
77
       
+
       
    let jar = jar.remove("did");

     

       
78
       
+
       


     

       
79
       
+
       
    let auth_url = authorize(&state.client, &params.handle).await;

     

       
80
       
+
       
    (jar, Redirect::to(&auth_url))

     

       
81
       
 
       
}

     

       
82
       
 
       


     

       
83
       
 
       
async fn complete_oauth(

     

       
84
       
 
       
    State(state): State<AppState>,

     

       
85
       
 
       
    Query(params): Query<CallbackParams>,

     

       
86
       
+
       
    jar: SignedCookieJar,

     

       
87
       
+
       
) -> (SignedCookieJar, Html<String>) {

     

       
88
       
+
       
    let Ok((oauth_session, _)) = state.client.callback(params).await else {

     

       
89
       
 
       
        panic!("failed to do client callback");

     

       
90
       
 
       
    };

     

       
91
       
 
       
    let did = oauth_session.did().await.expect("a did to be present");

     

       
92
       
+
       
    let jar = jar.add(Cookie::new("did", did.to_string()));

     

       
93
       
+
       
    (jar, Html(format!("sup: {did:?}")))

     

       
94
       
 
       
}

     

···

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

       
0
       
 
       

     

···

       
1
       
+
       
<!doctype html>

     

       
2
       
+
       
<html lang="en">

     

       
3
       
+
       
  <head>

     

       
4
       
+
       
    <meta charset="utf-8" />

     

       
5
       
+
       
    <title>Who-am-i</title>

     

       
6
       
+
       
    <meta name="viewport" content="width=device-width, initial-scale=1" />

     

       
7
       
+
       
    <meta name="description" content="Log in" />

     

       
8
       
+
       
  </head>

     

       
9
       
+
       
  <body>

     

       
10
       
+
       
    <form action="/auth" method="GET">

     

       
11
       
+
       
      <label>

     

       
12
       
+
       
        @<input name="handle" placeholder="example.bsky.social" />

     

       
13
       
+
       
      </label>

     

       
14
       
+
       
      <button type="submit">log in</button>

     

       
15
       
+
       
    </form>

     

       
16
       
+
       
  </body>

     

       
17
       
+
       
</html>