haste_server/auth_n/oidc/hardcoded_clients/
admin_app.rs1use haste_config::Config;
2use haste_fhir_model::r4::generated::{
3 resources::ClientApplication,
4 terminology::{ClientapplicationGrantType, ClientapplicationResponseTypes},
5 types::FHIRString,
6};
7use haste_jwt::{ProjectId, TenantId};
8
9use crate::ServerEnvironmentVariables;
10
11pub fn get_admin_app(config: &dyn Config<ServerEnvironmentVariables>) -> Option<ClientApplication> {
12 let redirect_uri = config.get(ServerEnvironmentVariables::AdminAppRedirectURI);
13
14 if let Ok(redirect_uri) = redirect_uri {
15 Some(ClientApplication {
16 id: Some("admin-app".to_string()),
17 name: Box::new(FHIRString {
18 value: Some("Admin Application".to_string()),
19 ..Default::default()
20 }),
21 responseTypes: Box::new(ClientapplicationResponseTypes::Code(None)),
22 scope: Some(Box::new(FHIRString {
23 value: Some("offline_access openid email profile fhirUser system/*.*".to_string()),
24 ..Default::default()
25 })),
26 grantType: vec![
27 Box::new(ClientapplicationGrantType::Authorization_code(None)),
28 Box::new(ClientapplicationGrantType::Refresh_token(None)),
29 ],
30 redirectUri: Some(vec![Box::new(FHIRString {
31 value: Some(redirect_uri),
32 ..Default::default()
33 })]),
34 ..Default::default()
35 })
36 } else {
37 None
38 }
39}
40
41pub fn redirect_url(
43 config: &dyn Config<ServerEnvironmentVariables>,
44 tenant_id: &TenantId,
45 project_id: &ProjectId,
46) -> Option<String> {
47 let admin_app = get_admin_app(config);
48
49 if let Some(app) = admin_app {
50 app.redirectUri
51 .as_ref()
52 .and_then(|uris| uris.get(0))
53 .and_then(|uri| uri.value.as_ref())
54 .map(|uri| {
55 uri.replace(
56 "*",
57 &(tenant_id.as_ref().to_string() + "_" + project_id.as_ref()),
58 )
59 })
60 } else {
61 None
62 }
63}