Use Url crate for URL option

DefGuard · Nov 12, 2024 · 81ab97d · 81ab97d
1 parent c2cc10b
commit 81ab97d
Show file tree

Hide file tree

Showing 5 changed files with 52 additions and 37 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -38,7 +38,7 @@ anyhow = "1.0"
 clap = { version = "4.5", features = ["derive", "env", "cargo"] }
 # other utils
 dotenvy = "0.15"
-url = "2.5"
+url = { version = "2.5", features = ["serde"] }
 tower_governor = "0.4"
 # UI embedding
 rust-embed = { version = "8.5", features = ["include-exclude"] }

diff --git a/src/config.rs b/src/config.rs
@@ -3,6 +3,7 @@ use std::{fs::read_to_string, path::PathBuf};
 use clap::Parser;
 use log::LevelFilter;
 use serde::Deserialize;
+use url::Url;
 
 #[derive(Parser, Debug, Deserialize)]
 #[command(version)]
@@ -38,9 +39,10 @@ pub struct Config {
     #[arg(
         long,
         env = "DEFGUARD_PROXY_URL",
+        value_parser = Url::parse,
         default_value = "http://localhost:8080"
     )]
-    pub url: String,
+    pub url: Url,
 
     /// Configuration file path
     #[arg(long = "config", short)]

diff --git a/src/handlers/openid_login.rs b/src/handlers/openid_login.rs
@@ -47,9 +47,9 @@ async fn auth_info(
 ) -> Result<(PrivateCookieJar, Json<AuthInfo>), ApiError> {
     debug!("Getting auth info for OAuth2/OpenID login");
 
-    let mut redirect_url = state.url.clone();
-    redirect_url.push_str("/openid/callback");
-    let request = AuthInfoRequest { redirect_url };
+    let request = AuthInfoRequest {
+        redirect_url: state.callback_url().to_string(),
+    };
 
     let rx = state
         .grpc_server
@@ -115,12 +115,10 @@ async fn auth_callback(
         .remove(Cookie::from(NONCE_COOKIE_NAME))
         .remove(Cookie::from(CSRF_COOKIE_NAME));
 
-    let mut callback_url = state.url.clone();
-    callback_url.push_str("/openid/callback");
     let request = AuthCallbackRequest {
         id_token: payload.id_token,
         nonce,
-        callback_url,
+        callback_url: state.callback_url().to_string(),
     };
 
     let rx = state

diff --git a/src/http.rs b/src/http.rs
@@ -23,6 +23,7 @@ use tower_governor::{
 };
 use tower_http::trace::{self, TraceLayer};
 use tracing::{info_span, Level};
+use url::Url;
 
 use crate::{
     assets::{index, svg, web_asset},
@@ -41,7 +42,20 @@ const RATE_LIMITER_CLEANUP_PERIOD: Duration = Duration::from_secs(60);
 pub(crate) struct AppState {
     pub(crate) grpc_server: ProxyServer,
     key: Key,
-    pub(crate) url: String,
+    url: Url,
+}
+
+impl AppState {
+    /// Returns configured URL with "auth/callback" appended to the path.
+    #[must_use]
+    pub(crate) fn callback_url(&self) -> Url {
+        let mut url = self.url.clone();
+        // Append "/api/v1/openid/callback" to the URL.
+        if let Ok(mut path_segments) = url.path_segments_mut() {
+            path_segments.extend(&["api", "v1", "openid", "callback"]);
+        }
+        url
+    }
 }
 
 impl FromRef<AppState> for Key {