add deserialize trait to AuthConfig (#474)

## Description There are no user-facing changes in this PR. It just adds the `Deserialize` trait to `AuthConfig` and makes some changes to internal functions to avoid clones. --------- Co-authored-by: Samir Talwar <samir.talwar@hasura.io> V3_GIT_ORIGIN_REV_ID: 2e8956bdd3827715693eb14239c808baf737d588
2024-12-15 01:12:56 +03:00 · 2024-04-18 12:39:04 +05:30 · 2024-04-18 12:39:04 +05:30 · 9ffe298d01
commit 9ffe298d01
parent 010a313988
4 changed files with 13 additions and 13 deletions
--- a/v3/crates/engine/bin/engine/main.rs
+++ b/v3/crates/engine/bin/engine/main.rs
@ -355,7 +355,7 @@ where
                                    &engine_state.http_context.client,
                                    webhook_config,
                                    &headers_map,
-                                    auth_config.allow_role_emulation_by.clone(),
+                                    auth_config.allow_role_emulation_by.as_ref(),
                                )
                                .await
                                .map_err(AuthError::from)
@ -364,7 +364,7 @@ where
                                jwt_auth::authenticate_request(
                                    &engine_state.http_context.client,
                                    *jwt_secret_config.clone(),
-                                    auth_config.allow_role_emulation_by.clone(),
+                                    auth_config.allow_role_emulation_by.as_ref(),
                                    &headers_map,
                                )
                                .await
--- a/v3/crates/engine/src/authentication.rs
+++ b/v3/crates/engine/src/authentication.rs
@ -13,7 +13,7 @@ pub enum AuthModeConfig {
    Jwt(Box<jwt::JWTConfig>),
 }

-#[derive(Serialize, Debug, Clone, JsonSchema, PartialEq, opendds_derive::OpenDd)]
+#[derive(Serialize, Debug, Clone, JsonSchema, PartialEq, opendds_derive::OpenDd, Deserialize)]
 #[serde(tag = "version", content = "definition")]
 #[serde(rename_all = "camelCase")]
 #[serde(deny_unknown_fields)]
@ -24,7 +24,7 @@ pub enum AuthConfig {
    V1(AuthConfigV1),
 }

-#[derive(Serialize, Debug, Clone, JsonSchema, PartialEq, opendds_derive::OpenDd)]
+#[derive(Serialize, Debug, Clone, JsonSchema, PartialEq, opendds_derive::OpenDd, Deserialize)]
 #[serde(rename_all = "camelCase")]
 #[serde(deny_unknown_fields)]
 #[schemars(title = "AuthConfigV1")]
--- a/v3/crates/hasura-authn-jwt/src/auth.rs
+++ b/v3/crates/hasura-authn-jwt/src/auth.rs
@ -36,7 +36,7 @@ fn build_allowed_roles(
 pub async fn authenticate_request(
    http_client: &reqwest::Client,
    jwt_config: JWTConfig,
-    allow_role_emulation_for: Option<Role>,
+    allow_role_emulation_for: Option<&Role>,
    headers: &HeaderMap,
 ) -> Result<Identity, Error> {
    let tracer = tracing_util::global_tracer();
@ -82,7 +82,7 @@ pub async fn authenticate_request(
                                    // `allow_role_emulation_for`, otherwise
                                    // return the specific identity.
                                    Some(role) => {
-                                        if role == emulation_role {
+                                        if role == *emulation_role {
                                            Identity::RoleEmulationEnabled(role)
                                        } else {
                                            Identity::Specific {
@ -206,7 +206,7 @@ mod tests {
        let authenticated_identity = authenticate_request(
            &http_client,
            jwt_config,
-            Some(Role::new("admin")),
+            Some(&Role::new("admin")),
            &header_map,
        )
        .await
@ -305,7 +305,7 @@ mod tests {
        let authenticated_identity = authenticate_request(
            &http_client,
            jwt_config,
-            Some(Role::new("admin")),
+            Some(&Role::new("admin")),
            &header_map,
        )
        .await
--- a/v3/crates/hasura-authn-webhook/src/webhook.rs
+++ b/v3/crates/hasura-authn-webhook/src/webhook.rs
@ -164,7 +164,7 @@ async fn make_auth_hook_request(
    http_client: &reqwest::Client,
    auth_hook_config: &AuthHookConfig,
    client_headers: &HeaderMap,
-    allow_role_emulation_for: Option<Role>,
+    allow_role_emulation_for: Option<&Role>,
 ) -> Result<auth_base::Identity, Error> {
    let tracer = tracing_util::global_tracer();
    let http_request_builder = match auth_hook_config.method {
@ -259,7 +259,7 @@ async fn make_auth_hook_request(

            Ok(match allow_role_emulation_for {
                Some(emulation_role) => {
-                    if role == emulation_role {
+                    if role == *emulation_role {
                        Identity::RoleEmulationEnabled(role)
                    } else {
                        Identity::Specific {
@ -286,7 +286,7 @@ pub async fn authenticate_request(
    http_client: &reqwest::Client,
    auth_hook_config: &AuthHookConfig,
    client_headers: &HeaderMap,
-    allow_role_emulation_for: Option<Role>,
+    allow_role_emulation_for: Option<&Role>,
 ) -> Result<auth_base::Identity, Error> {
    let tracer = tracing_util::global_tracer();
    tracer
@ -568,7 +568,7 @@ mod tests {
            &http_client,
            &auth_hook_config,
            &client_headers,
-            Some(Role::new("test-admin-role")),
+            Some(&Role::new("test-admin-role")),
        )
        .await
        .unwrap();
@ -617,7 +617,7 @@ mod tests {
            &http_client,
            &auth_hook_config,
            &client_headers,
-            Some(Role::new("test-admin-role")),
+            Some(&Role::new("test-admin-role")),
        )
        .await
        .unwrap();