Skip to content

Commit 8aedf5e

Browse files
parmesantparmesant
committed
fix: bugfix for logout, oncecell for sse
logout flow incorrectly assumed the oidc client to always be present shifted sse handler from lazy to oncecell
1 parent cab9fc0 commit 8aedf5e

File tree

5 files changed

+28
-29
lines changed

5 files changed

+28
-29
lines changed

src/alerts/mod.rs

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -634,8 +634,9 @@ impl AlertConfig {
634634
}),
635635
})
636636
&& !broadcast_to.is_empty()
637+
&& let Some(handler) = SSE_HANDLER.get()
637638
{
638-
SSE_HANDLER.broadcast(msg, Some(&broadcast_to)).await;
639+
handler.broadcast(msg, Some(&broadcast_to)).await;
639640
}
640641

641642
Ok(())

src/handlers/http/middleware.rs

Lines changed: 4 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -182,14 +182,7 @@ where
182182

183183
// if session is expired, refresh token
184184
if sessions().is_session_expired(&key) {
185-
let oidc_client = if let Some(client) = OIDC_CLIENT.get()
186-
&& let Some(client) = client
187-
{
188-
let guard = client.read().await;
189-
Some(guard.client().clone())
190-
} else {
191-
None
192-
};
185+
let oidc_client = OIDC_CLIENT.get();
193186

194187
if let Some(client) = oidc_client
195188
&& let Ok(userid) = userid
@@ -209,6 +202,9 @@ where
209202

210203
if let Some(oauth_data) = bearer_to_refresh {
211204
let refreshed_token = match client
205+
.read()
206+
.await
207+
.client()
212208
.refresh_token(&oauth_data, Some(PARSEABLE.options.scope.as_str()))
213209
.await
214210
{

src/handlers/http/modal/mod.rs

Lines changed: 2 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -60,7 +60,7 @@ pub mod utils;
6060

6161
pub type OpenIdClient = Arc<openid::Client<Discovered, Claims>>;
6262

63-
pub static OIDC_CLIENT: OnceCell<Option<Arc<RwLock<GlobalClient>>>> = OnceCell::new();
63+
pub static OIDC_CLIENT: OnceCell<Arc<RwLock<GlobalClient>>> = OnceCell::new();
6464

6565
#[derive(Debug)]
6666
pub struct GlobalClient {
@@ -117,9 +117,7 @@ pub trait ParseableServer {
117117
let client = config
118118
.connect(&format!("{API_BASE_PATH}/{API_VERSION}/o/code"))
119119
.await?;
120-
OIDC_CLIENT.get_or_init(|| Some(Arc::new(RwLock::new(GlobalClient::new(client)))));
121-
} else {
122-
OIDC_CLIENT.get_or_init(|| None);
120+
OIDC_CLIENT.get_or_init(|| Arc::new(RwLock::new(GlobalClient::new(client))));
123121
}
124122

125123
// get the ssl stuff

src/handlers/http/oidc.rs

Lines changed: 14 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -80,10 +80,7 @@ pub async fn login(
8080
));
8181
}
8282

83-
let oidc_client = match OIDC_CLIENT.get() {
84-
Some(c) => c.as_ref().cloned(),
85-
None => None,
86-
};
83+
let oidc_client = OIDC_CLIENT.get();
8784

8885
let session_key = extract_session_key_from_req(&req).ok();
8986
let (session_key, oidc_client) = match (session_key, oidc_client) {
@@ -149,17 +146,23 @@ pub async fn login(
149146
}
150147

151148
pub async fn logout(req: HttpRequest, query: web::Query<RedirectAfterLogin>) -> HttpResponse {
152-
let oidc_client = match OIDC_CLIENT.get() {
153-
Some(c) => Some(c.as_ref().unwrap().read().await.client().clone()),
154-
None => None,
155-
};
149+
let oidc_client = OIDC_CLIENT.get();
156150

157151
let Some(session) = extract_session_key_from_req(&req).ok() else {
158152
return redirect_to_client(query.redirect.as_str(), None);
159153
};
160154
let user = Users.remove_session(&session);
161-
let logout_endpoint =
162-
oidc_client.and_then(|client| client.config().end_session_endpoint.clone());
155+
let logout_endpoint = if let Some(client) = oidc_client {
156+
client
157+
.read()
158+
.await
159+
.client()
160+
.config()
161+
.end_session_endpoint
162+
.clone()
163+
} else {
164+
None
165+
};
163166

164167
match (user, logout_endpoint) {
165168
(Some(username), Some(logout_endpoint))
@@ -174,9 +177,7 @@ pub async fn logout(req: HttpRequest, query: web::Query<RedirectAfterLogin>) ->
174177
/// Handler for code callback
175178
/// User should be redirected to page they were trying to access with cookie
176179
pub async fn reply_login(login_query: web::Query<Login>) -> Result<HttpResponse, OIDCError> {
177-
let oidc_client = if let Some(oidc_client) = OIDC_CLIENT.get()
178-
&& let Some(oidc_client) = oidc_client
179-
{
180+
let oidc_client = if let Some(oidc_client) = OIDC_CLIENT.get() {
180181
oidc_client
181182
} else {
182183
return Err(OIDCError::Unauthorized);

src/sse/mod.rs

Lines changed: 6 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,7 @@ use actix_web_lab::{
2626
use futures_util::future;
2727

2828
use itertools::Itertools;
29-
use once_cell::sync::Lazy;
29+
use once_cell::sync::OnceCell;
3030
use serde::{Deserialize, Serialize};
3131
use tokio::sync::{RwLock, mpsc};
3232
use tokio_stream::wrappers::ReceiverStream;
@@ -36,7 +36,7 @@ use crate::{
3636
alerts::AlertState, rbac::map::SessionKey, utils::actix::extract_session_key_from_req,
3737
};
3838

39-
pub static SSE_HANDLER: Lazy<Arc<Broadcaster>> = Lazy::new(Broadcaster::create);
39+
pub static SSE_HANDLER: OnceCell<Arc<Broadcaster>> = OnceCell::new();
4040

4141
pub struct Broadcaster {
4242
inner: RwLock<BroadcasterInner>,
@@ -174,7 +174,10 @@ pub async fn register_sse_client(
174174
));
175175
}
176176
};
177-
Ok(SSE_HANDLER.new_client(&sessionid).await)
177+
Ok(SSE_HANDLER
178+
.get_or_init(Broadcaster::create)
179+
.new_client(&sessionid)
180+
.await)
178181
}
179182

180183
/// Struct to define the messages being sent using SSE

0 commit comments

Comments
 (0)