Cleanup, nicer flow

2025-06-29 20:16:17 +02:00 · 2025-06-29 20:16:17 +02:00 · 0b64ea1622
commit 0b64ea1622
parent 465723fedf
15 changed files with 184 additions and 179 deletions
--- a/API/Controllers/OidcControlller.cs
+++ b/API/Controllers/OidcControlller.cs
@ -1,6 +1,7 @@
 using System.Threading.Tasks;
 using API.Data;
 using API.DTOs.Settings;
+using AutoMapper;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.Extensions.Logging;
@ -8,16 +9,14 @@ using Microsoft.Extensions.Logging;
 namespace API.Controllers;

 [AllowAnonymous]
-public class OidcController(ILogger<OidcController> logger, IUnitOfWork unitOfWork): BaseApiController
+public class OidcController(ILogger<OidcController> logger, IUnitOfWork unitOfWork, IMapper mapper): BaseApiController
 {

-    // TODO: Decide what we want to expose here, not really anything useful in it. But the discussion is needed
-    //      Public endpoint
    [HttpGet("config")]
-    public async Task<ActionResult<OidcConfigDto>> GetOidcConfig()
+    public async Task<ActionResult<OidcPublicConfigDto>> GetOidcConfig()
    {
        var settings = await unitOfWork.SettingsRepository.GetSettingsDtoAsync();
-        return Ok(settings.OidcConfig);
+        return Ok(mapper.Map<OidcPublicConfigDto>(settings.OidcConfig));
    }

 }
--- a/API/DTOs/Settings/OidcPublicConfigDto.cs
+++ b/API/DTOs/Settings/OidcPublicConfigDto.cs
@ -0,0 +1,12 @@
+#nullable enable
+namespace API.DTOs.Settings;
+
+public sealed record OidcPublicConfigDto
+{
+    /// <inheritdoc cref="OidcConfigDto.Authority"/>
+    public string? Authority { get; set; }
+    /// <inheritdoc cref="OidcConfigDto.ClientId"/>
+    public string? ClientId { get; set; }
+    /// <inheritdoc cref="OidcConfigDto.AutoLogin"/>
+    public bool AutoLogin { get; set; }
+}
--- a/API/Extensions/IdentityServiceExtensions.cs
+++ b/API/Extensions/IdentityServiceExtensions.cs
@ -123,7 +123,7 @@ public static class IdentityServiceExtensions
                options.Events = new JwtBearerEvents
                {
                    OnMessageReceived = SetTokenFromQuery,
-                    OnTokenValidated = OidcClaimsPrincipalConverter
+                    OnTokenValidated = OidcClaimsPrincipalConverter,
                };
            });
        }
--- a/API/Helpers/AutoMapperProfiles.cs
+++ b/API/Helpers/AutoMapperProfiles.cs
@ -386,7 +386,6 @@ public class AutoMapperProfiles : Profile
            .ForMember(dest => dest.Overrides, opt => opt.MapFrom(src => src.Overrides ?? new List<MetadataSettingField>()))
            .ForMember(dest => dest.AgeRatingMappings, opt => opt.MapFrom(src => src.AgeRatingMappings ?? new Dictionary<string, AgeRating>()));

-
-
+        CreateMap<OidcConfigDto, OidcPublicConfigDto>();
    }
 }
--- a/API/Services/OidcService.cs
+++ b/API/Services/OidcService.cs
@ -41,21 +41,21 @@ public class OidcService(ILogger<OidcService> logger, UserManager<AppUser> userM

        var externalId = principal.FindFirstValue(ClaimTypes.NameIdentifier);
        if (string.IsNullOrEmpty(externalId))
-            throw new KavitaException("oidc.errors.missing-external-id");
+            throw new KavitaException("errors.oidc.missing-external-id");

        var user = await unitOfWork.UserRepository.GetByExternalId(externalId, AppUserIncludes.UserPreferences);
        if (user != null)
        {
-            // await ProvisionUserSettings(settings, principal, user);
+            //await SyncUserSettings(settings, principal, user);
            return user;
        }

        var email = principal.FindFirstValue(ClaimTypes.Email);
        if (string.IsNullOrEmpty(email))
-            throw new KavitaException("oidc.errors.missing-email");
+            throw new KavitaException("errors.oidc.missing-email");

        if (settings.RequireVerifiedEmail && !principal.HasVerifiedEmail())
-            throw new KavitaException("oidc.errors.email-not-verified");
+            throw new KavitaException("errors.oidc.email-not-verified");


        user = await unitOfWork.UserRepository.GetUserByEmailAsync(email, AppUserIncludes.UserPreferences)
@ -64,11 +64,11 @@ public class OidcService(ILogger<OidcService> logger, UserManager<AppUser> userM

        user.ExternalId = externalId;

-        // await ProvisionUserSettings(settings, principal, user);
+        //await SyncUserSettings(settings, principal, user);

        var roles = await userManager.GetRolesAsync(user);
        if (roles.Count > 0 && !roles.Contains(PolicyConstants.LoginRole))
-            throw new KavitaException("oidc.errors.disabled-account");
+            throw new KavitaException("errors.oidc.disabled-account");

        return user;
    }
@ -101,7 +101,7 @@ public class OidcService(ILogger<OidcService> logger, UserManager<AppUser> userM
        {
            logger.LogError("Failed to create new user from OIDC: {Errors}",
                res.Errors.Select(x => x.Description).ToString());
-            throw new KavitaException("oidc.errors.creating-user");
+            throw new KavitaException("errors.oidc.creating-user");
        }

        AddDefaultStreamsToUser(user, mapper);
@ -151,7 +151,7 @@ public class OidcService(ILogger<OidcService> logger, UserManager<AppUser> userM
        if (roles.Count == 0) return;

        var errors = await accountService.UpdateRolesForUser(user, roles);
-        if (errors.Any()) throw new KavitaException("oidc.errors.syncing-user");
+        if (errors.Any()) throw new KavitaException("errors.oidc.syncing-user");
    }

    private async Task SyncLibraries(ClaimsPrincipal claimsPrincipal, AppUser user)