Google access token (#30)

For google authorization token can be accepted via header in GET
request, if token is not found there user will be redirected to manual
authorization as before

Author: AnnaFYZ

src/endpoints.rs

@@ -8,6 +8,7 @@ use axum::{
     Json,
 };
 use futures::future::join_all;
+use http::HeaderMap;
 use indexmap::IndexMap;
 use serde::Serialize;
 use tower_sessions::Session;
@@ -193,11 +194,18 @@ pub struct Region {
 
 pub async fn get_region(
     session: Session,
+    headers: HeaderMap,
     State(server_state): State<ServerState>,
     OriginalUri(original_uri): OriginalUri,
     Path(github_login): Path<String>,
 ) -> Result<Json<Region>, Error> {
-    let sheets_client = sheets_client(&session, server_state.clone(), original_uri.clone()).await?;
+    let sheets_client = sheets_client(
+        &session,
+        server_state.clone(),
+        headers,
+        original_uri.clone(),
+    )
+    .await?;
     let trainees = get_trainees(
         sheets_client,
         &server_state.config.github_email_mapping_sheet_id,
@@ -222,11 +230,18 @@ pub struct AttendanceResponse {
 
 pub async fn fetch_attendance(
     session: Session,
+    headers: HeaderMap,
     State(server_state): State<ServerState>,
     OriginalUri(original_uri): OriginalUri,
 ) -> Result<Json<AttendanceResponse>, Error> {
     let all_courses = &server_state.config.courses;
-    let sheets_client = sheets_client(&session, server_state.clone(), original_uri.clone()).await?;
+    let sheets_client = sheets_client(
+        &session,
+        server_state.clone(),
+        headers,
+        original_uri.clone(),
+    )
+    .await?;
 
     let mut courses: CourseAttendance = BTreeMap::new();
     let mut register_futures = Vec::new();

src/frontend.rs

@@ -7,7 +7,7 @@ use axum::{
     response::{Html, IntoResponse, Response},
 };
 use futures::future::join_all;
-use http::{header::CONTENT_TYPE, StatusCode, Uri};
+use http::{header::CONTENT_TYPE, HeaderMap, StatusCode, Uri};
 use serde::Deserialize;
 use tower_sessions::Session;
 
@@ -95,11 +95,18 @@ struct CourseScheduleWithBatchMetadata {
 
 pub async fn get_trainee_batch(
     session: Session,
+    headers: HeaderMap,
     State(server_state): State<ServerState>,
     OriginalUri(original_uri): OriginalUri,
     Path((course, batch_github_slug)): Path<(String, String)>,
 ) -> Result<Html<String>, Error> {
-    let sheets_client = sheets_client(&session, server_state.clone(), original_uri.clone()).await?;
+    let sheets_client = sheets_client(
+        &session,
+        server_state.clone(),
+        headers,
+        original_uri.clone(),
+    )
+    .await?;
     let github_org = &server_state.config.github_org;
     let course_schedule = server_state
         .config
@@ -182,11 +189,18 @@ impl TraineeBatchTemplate {
 
 pub async fn get_reviewers(
     session: Session,
+    headers: HeaderMap,
     State(server_state): State<ServerState>,
     OriginalUri(original_uri): OriginalUri,
     Path(course): Path<String>,
 ) -> Result<Html<String>, Error> {
-    let sheets_client = sheets_client(&session, server_state.clone(), original_uri.clone()).await?;
+    let sheets_client = sheets_client(
+        &session,
+        server_state.clone(),
+        headers,
+        original_uri.clone(),
+    )
+    .await?;
     let mut is_staff = true;
     let mut staff_details = get_reviewer_staff_info(
         sheets_client,

src/sheets.rs

@@ -1,5 +1,5 @@
 use anyhow::Context;
-use http::Uri;
+use http::{HeaderMap, Uri};
 use sheets::{spreadsheets::Spreadsheets, types::CellData};
 use tower_sessions::Session;
 
@@ -35,12 +35,27 @@ pub(crate) fn cell_date(cell: &CellData) -> Result<chrono::NaiveDate, anyhow::Er
 pub(crate) async fn sheets_client(
     session: &Session,
     server_state: ServerState,
+    headers: HeaderMap,
     original_uri: Uri,
 ) -> Result<SheetsClient, Error> {
-    let maybe_token: Option<String> = session
-        .get(GoogleScope::Sheets.token_session_key())
-        .await
-        .context("Session load error")?;
+    const AUTHORIZATION_HEADER: &str = "x-authorization-google";
+    let maybe_token = if let Some(auth_header) = headers.get(AUTHORIZATION_HEADER) {
+        let token = match auth_header.to_str() {
+            Ok(s) => Some(s.to_string()),
+            Err(e) => {
+                return Err(Error::UserFacing(format!(
+                    "Invalid {} header: {}",
+                    AUTHORIZATION_HEADER, e
+                )))
+            }
+        };
+        token
+    } else {
+        session
+            .get(GoogleScope::Sheets.token_session_key())
+            .await
+            .context("Session load error")?
+    };
 
     let redirect_endpoint = redirect_endpoint(&server_state);