Merge d837f3b6d6 into e62aba722c

2024-11-21 19:12:49 +01:00 · 2024-06-08 20:45:34 +00:00
4 changed files with 12 additions and 17 deletions
--- a/README.md
+++ b/README.md
@ -1,5 +1,5 @@
 This Library allows using [OpenID Connect](https://openid.net/developers/how-connect-works/) with [axum](https://github.com/tokio-rs/axum). 
-It authenticates the user with the OpenID Connect Issuer and provides Extractors.
+It authenticates the user with the OpenID Conenct Issuer and provides Extractors.

 # Usage
 The `OidcAuthLayer` must be loaded on any handler that might use the extractors.
@ -22,7 +22,7 @@ Take a look at the `examples` folder for examples.

 # Older Versions
 All versions on [crates.io](https://crates.io) are available as git tags.
-Additional all minor versions have their own branch (format `vX.Y` where `X` is the major and `Y` is the minor version) where bug fixes are implemented.
+Additonal all minor versions have their own branch (format `vX.Y` where `X` is the major and `Y` is the minor version) where bug fixes are implemented.
 Examples for each version can be found there in the previously mentioned `examples` folder.

 # Contributing
--- a/src/error.rs
+++ b/src/error.rs
@ -11,12 +11,11 @@ pub enum ExtractorError {
    #[error("unauthorized")]
    Unauthorized,

-    #[error("rp initiated logout not supported by issuer")]
-    RpInitiatedLogoutNotSupported,
+    #[error("rp initiated logout information not found")]
+    RpInitiatedLogoutInformationNotFound,

    #[error("could not build rp initiated logout uri")]
    FailedToCreateRpInitiatedLogoutUri,
-
 }

 #[derive(Debug, Error)]
@ -89,7 +88,7 @@ impl IntoResponse for ExtractorError {
    fn into_response(self) -> axum_core::response::Response {
        match self {
            Self::Unauthorized => (StatusCode::UNAUTHORIZED, "unauthorized").into_response(),
-            Self::RpInitiatedLogoutNotSupported => {
+            Self::RpInitiatedLogoutInformationNotFound => {
                (StatusCode::INTERNAL_SERVER_ERROR, "intenal server error").into_response()
            }
            Self::FailedToCreateRpInitiatedLogoutUri => {
--- a/src/extractor.rs
+++ b/src/extractor.rs
@ -155,14 +155,11 @@ where
    type Rejection = ExtractorError;

    async fn from_request_parts(parts: &mut Parts, _: &S) -> Result<Self, Self::Rejection> {
-        match parts
+        parts
            .extensions
-            .get::<Option<Self>>()
+            .get::<Self>()
            .cloned()
-            .ok_or(ExtractorError::Unauthorized)?{
-            Some(this) => Ok(this),
-            None => Err(ExtractorError::RpInitiatedLogoutNotSupported),
-            }
+            .ok_or(ExtractorError::Unauthorized)
    }
 }

--- a/src/middleware.rs
+++ b/src/middleware.rs
@ -416,16 +416,15 @@ fn insert_extensions<AC: AdditionalClaims>(
    parts.extensions.insert(OidcAccessToken(
        authenticated_session.access_token.secret().to_string(),
    ));
-    let rp_initiated_logout = client.end_session_endpoint.as_ref().map(|end_session_endpoint|
-OidcRpInitiatedLogout {
+    if let Some(end_session_endpoint) = &client.end_session_endpoint {
+        parts.extensions.insert(OidcRpInitiatedLogout {
            end_session_endpoint: end_session_endpoint.clone(),
            id_token_hint: authenticated_session.id_token.to_string(),
            client_id: client.client_id.clone(),
            post_logout_redirect_uri: None,
            state: None,
+        });
    }
-    );
-        parts.extensions.insert(rp_initiated_logout);
 }

 /// Verify the access token hash to ensure that the access token hasn't been substituted for