headless_lms_server/controllers/main_frontend/oauth/
authorized_clients.rs

1use crate::prelude::*;
2use actix_web::{HttpResponse, web};
3use models::oauth_user_client_scopes::{AuthorizedClientInfo, OAuthUserClientScopes};
4use sqlx::PgPool;
5use utoipa::OpenApi;
6use uuid::Uuid;
7
8#[derive(OpenApi)]
9#[openapi(paths(get_authorized_clients, delete_authorized_client))]
10#[allow(dead_code)]
11pub(crate) struct MainFrontendOauthAuthorizedClientsApiDoc;
12
13#[instrument(skip(pool, auth_user))]
14#[utoipa::path(
15    get,
16    path = "/authorized-clients",
17    operation_id = "getOauthAuthorizedClients",
18    tag = "oauth",
19    responses(
20        (status = 200, description = "Authorized OAuth clients", body = [AuthorizedClientInfo])
21    )
22)]
23pub async fn get_authorized_clients(
24    pool: web::Data<PgPool>,
25    auth_user: AuthUser,
26) -> ControllerResult<HttpResponse> {
27    let mut conn = pool.acquire().await?;
28    let token = skip_authorize();
29
30    let rows: Vec<AuthorizedClientInfo> =
31        OAuthUserClientScopes::list_authorized_clients_for_user(&mut conn, auth_user.id).await?;
32
33    token.authorized_ok(HttpResponse::Ok().json(rows))
34}
35
36#[instrument(skip(pool, auth_user))]
37#[utoipa::path(
38    delete,
39    path = "/authorized-clients/{client_id}",
40    operation_id = "deleteOauthAuthorizedClient",
41    tag = "oauth",
42    params(
43        ("client_id" = Uuid, Path, description = "OAuth client id")
44    ),
45    responses(
46        (status = 204, description = "Authorized client revoked")
47    )
48)]
49pub async fn delete_authorized_client(
50    pool: web::Data<PgPool>,
51    auth_user: AuthUser,
52    path: web::Path<Uuid>, // client_id (DB uuid)
53) -> ControllerResult<HttpResponse> {
54    let client_id = path.into_inner();
55    let mut conn = pool.acquire().await?;
56    let token = skip_authorize();
57
58    OAuthUserClientScopes::revoke_user_client_everything(&mut conn, auth_user.id, client_id)
59        .await?;
60
61    token.authorized_ok(HttpResponse::NoContent().finish())
62}
63
64pub fn _add_routes(cfg: &mut web::ServiceConfig) {
65    cfg.route("/authorized-clients", web::get().to(get_authorized_clients))
66        .route(
67            "/authorized-clients/{client_id}",
68            web::delete().to(delete_authorized_client),
69        );
70}