maix/fft-manager
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

update: using akm

Browse source
This commit is contained in:
Maix0 2025-08-03 21:25:18 +02:00
parent 2714eb0585
commit 4b421ebe9e
3 changed files with 348 additions and 284 deletions
Download patch file Download diff file Expand all files Collapse all files

576
Cargo.lock generated
View file

File diff suppressed because it is too large Load diff

22
Cargo.toml
View file

@ -4,18 +4,18 @@ version = "0.1.0"
edition = "2021" edition = "2021"
[dependencies] [dependencies]
axum = { version = "0.8.1", features = ["multipart", "macros"] } axum = { version = "0.8.4", features = ["multipart", "macros"] }
axum-extra = { version = "0.10.0", features = ["cookie-private"] } axum-extra = { version = "0.10.1", features = ["cookie-private"] }
base64 = "0.22.1" base64 = "0.22.1"
color-eyre = "0.6.3" color-eyre = "0.6.5"
http = "1.2.0" http = "1.3.1"
pct-str = "2.0.0" pct-str = "2.0.0"
rand = "0.8.5" rand = "0.9.2"
reqwest = { version = "0.12.12", features = ["json", "default-tls"] } reqwest = { version = "0.12.22", features = ["json", "default-tls"] }
serde = { version = "1.0.217", features = ["derive"] } serde = { version = "1.0.219", features = ["derive"] }
serde_json = "1.0.135" serde_json = "1.0.142"
time = "0.3.37" time = "0.3.41"
tokio = { version = "1.43.0", features = ["full"] } tokio = { version = "1.47.1", features = ["full"] }
tower-http = { version = "0.6.2", features = ["trace"] } tower-http = { version = "0.6.6", features = ["trace"] }
tracing = "0.1.41" tracing = "0.1.41"
tracing-subscriber = "0.3.19" tracing-subscriber = "0.3.19"

20
src/main.rs
View file

@ -17,7 +17,7 @@ use axum::{
Router, Router,
}; };
use axum_extra::extract::{ use axum_extra::extract::{
cookie::{Cookie, Key, SameSite}, cookie::{Cookie, Key},
PrivateCookieJar, PrivateCookieJar,
}; };
use base64::Engine; use base64::Engine;
@ -67,9 +67,6 @@ async fn main() {
.with_max_level(tracing::Level::DEBUG) .with_max_level(tracing::Level::DEBUG)
.init(); .init();
let local = tokio::task::LocalSet::new(); let local = tokio::task::LocalSet::new();
local
.run_until(async {
// initialize tracing
let http = reqwest::ClientBuilder::new() let http = reqwest::ClientBuilder::new()
// Following redirects opens the client up to SSRF vulnerabilities. // Following redirects opens the client up to SSRF vulnerabilities.
.redirect(reqwest::redirect::Policy::none()) .redirect(reqwest::redirect::Policy::none())
@ -79,16 +76,25 @@ async fn main() {
.max_tls_version(Version::TLS_1_2) .max_tls_version(Version::TLS_1_2)
.build() .build()
.expect("Client should build"); .expect("Client should build");
let akm_endpoint = unwrap_env!("M42_AKM_ENDPOINT");
let akm_secret = unwrap_env!("M42_AKM_SECRET");
let client_id = unwrap_env!("M42_CLIENT_ID");
let cookie_secret = unwrap_env!("M42_COOKIE_SECRET"); let cookie_secret = unwrap_env!("M42_COOKIE_SECRET");
local
.run_until(async {
let res = http.put(akm_endpoint).body(akm_secret).send().await.expect("Failed to fetch secret");
let res_status = res.status();
let body = res.text().await.expect("Failed to fetch secret: .text()");
assert_eq!(res_status, reqwest::StatusCode::OK, "res.status != OK: {body}");
let base64_value = base64::engine::general_purpose::URL_SAFE let base64_value = base64::engine::general_purpose::URL_SAFE
.decode(cookie_secret) .decode(cookie_secret)
.unwrap(); .unwrap();
let key: Key = Key::from(&base64_value); let key: Key = Key::from(&base64_value);
let oauth = oauth2::OauthClient::new( let oauth = oauth2::OauthClient::new(
http.clone(), http.clone(),
unwrap_env!("M42_CLIENT_ID"), client_id,
unwrap_env!("M42_CLIENT_SECRET"), body,
"https://fft.maix.me/manager/auth/callback", "https://fft.maix.me/manager/auth/callback",
) )
.await .await