refactor: upgrade tauri 2.0

2025-05-20 07:26:58 -04:00 · 2024-12-26 21:35:55 +08:00
parent 0f67be465b
commit 8f8ad466f4
73 changed files with 7232 additions and 5026 deletions
--- a/apps/gpauth/src/cli.rs
+++ b/apps/gpauth/src/cli.rs
@@ -1,21 +1,17 @@
-use std::{env::temp_dir, fs, os::unix::fs::PermissionsExt};
+use std::borrow::Cow;

+use auth::{auth_prelogin, Authenticator, BrowserAuthenticator};
 use clap::Parser;
 use gpapi::{
  auth::{SamlAuthData, SamlAuthResult},
-  clap::args::Os,
+  clap::{args::Os, handle_error, Args},
  gp_params::{ClientOs, GpParams},
-  process::browser_authenticator::BrowserAuthenticator,
  utils::{normalize_server, openssl},
  GP_USER_AGENT,
 };
 use log::{info, LevelFilter};
 use serde_json::json;
-use tauri::{App, AppHandle, RunEvent};
 use tempfile::NamedTempFile;
-use tokio::{io::AsyncReadExt, net::TcpListener};
-
-use crate::auth_window::{portal_prelogin, AuthWindow};

 const VERSION: &str = concat!(env!("CARGO_PKG_VERSION"), " (", compile_time::date_str!(), ")");

@@ -37,7 +33,7 @@ const VERSION: &str = concat!(env!("CARGO_PKG_VERSION"), " (", compile_time::dat
 See 'gpauth -h' for more information.
 "
 )]
-struct Cli {
+pub(crate) struct Cli {
  #[arg(help = "The portal server to authenticate")]
  server: String,

@@ -56,18 +52,13 @@ struct Cli {
  #[arg(long)]
  os_version: Option<String>,

-  #[arg(long, help = "The HiDPI mode, useful for high-resolution screens")]
-  hidpi: bool,
-
  #[arg(long, help = "Get around the OpenSSL `unsafe legacy renegotiation` error")]
  fix_openssl: bool,

  #[arg(long, help = "Ignore TLS errors")]
  ignore_tls_errors: bool,

-  #[arg(long, help = "Clean the cache of the embedded browser")]
-  clean: bool,
-
+  #[cfg(feature = "webview-auth")]
  #[arg(long, help = "Use the default browser for authentication")]
  default_browser: bool,

@@ -76,76 +67,30 @@ struct Cli {
    help = "The browser to use for authentication, e.g., `default`, `firefox`, `chrome`, `chromium`, or the path to the browser executable"
  )]
  browser: Option<String>,
+
+  #[cfg(feature = "webview-auth")]
+  #[arg(long, help = "The HiDPI mode, useful for high-resolution screens")]
+  hidpi: bool,
+
+  #[cfg(feature = "webview-auth")]
+  #[arg(long, help = "Clean the cache of the embedded browser")]
+  pub clean: bool,
+}
+
+impl Args for Cli {
+  fn fix_openssl(&self) -> bool {
+    self.fix_openssl
+  }
+
+  fn ignore_tls_errors(&self) -> bool {
+    self.ignore_tls_errors
+  }
 }

 impl Cli {
-  async fn run(&mut self) -> anyhow::Result<()> {
-    if self.ignore_tls_errors {
-      info!("TLS errors will be ignored");
-    }
-
-    let mut openssl_conf = self.prepare_env()?;
-
-    self.server = normalize_server(&self.server)?;
-    let gp_params = self.build_gp_params();
-
-    // Get the initial SAML request
-    let saml_request = match self.saml_request {
-      Some(ref saml_request) => saml_request.clone(),
-      None => portal_prelogin(&self.server, &gp_params).await?,
-    };
-
-    let browser_auth = if let Some(browser) = &self.browser {
-      Some(BrowserAuthenticator::new_with_browser(&saml_request, browser))
-    } else if self.default_browser {
-      Some(BrowserAuthenticator::new(&saml_request))
-    } else {
-      None
-    };
-
-    if let Some(browser_auth) = browser_auth {
-      browser_auth.authenticate()?;
-
-      info!("Please continue the authentication process in the default browser");
-
-      let auth_result = match wait_auth_data().await {
-        Ok(auth_data) => SamlAuthResult::Success(auth_data),
-        Err(err) => SamlAuthResult::Failure(format!("{}", err)),
-      };
-
-      info!("Authentication completed");
-
-      println!("{}", json!(auth_result));
-
-      return Ok(());
-    }
-
-    self.saml_request.replace(saml_request);
-
-    let app = create_app(self.clone())?;
-
-    app.run(move |_app_handle, event| {
-      if let RunEvent::Exit = event {
-        if let Some(file) = openssl_conf.take() {
-          if let Err(err) = file.close() {
-            info!("Error closing OpenSSL config file: {}", err);
-          }
-        }
-      }
-    });
-
-    Ok(())
-  }
-
  fn prepare_env(&self) -> anyhow::Result<Option<NamedTempFile>> {
-    std::env::set_var("WEBKIT_DISABLE_COMPOSITING_MODE", "1");
-
-    if self.hidpi {
-      info!("Setting GDK_SCALE=2 and GDK_DPI_SCALE=0.5");
-
-      std::env::set_var("GDK_SCALE", "2");
-      std::env::set_var("GDK_DPI_SCALE", "0.5");
-    }
+    #[cfg(feature = "webview-auth")]
+    gpapi::utils::env_utils::patch_gui_runtime_env(self.hidpi);

    if self.fix_openssl {
      info!("Fixing OpenSSL environment");
@@ -157,6 +102,49 @@ impl Cli {
    Ok(None)
  }

+  async fn run(&self) -> anyhow::Result<()> {
+    if self.ignore_tls_errors {
+      info!("TLS errors will be ignored");
+    }
+
+    let openssl_conf = self.prepare_env()?;
+
+    let server = normalize_server(&self.server)?;
+    let server: &'static str = Box::leak(server.into_boxed_str());
+    let gp_params: &'static GpParams = Box::leak(Box::new(self.build_gp_params()));
+
+    let auth_request = match self.saml_request.as_deref() {
+      Some(auth_request) => Cow::Borrowed(auth_request),
+      None => Cow::Owned(auth_prelogin(server, gp_params).await?),
+    };
+
+    let auth_request: &'static str = Box::leak(auth_request.into_owned().into_boxed_str());
+    let authenticator = Authenticator::new(&server, gp_params).with_auth_request(&auth_request);
+
+    #[cfg(feature = "webview-auth")]
+    let browser = self
+      .browser
+      .as_deref()
+      .or_else(|| self.default_browser.then_some("default"));
+
+    #[cfg(not(feature = "webview-auth"))]
+    let browser = self.browser.as_deref().or(Some("default"));
+
+    if browser.is_some() {
+      let auth_result = authenticator.browser_authenticate(browser).await;
+      print_auth_result(auth_result);
+
+      // explicitly drop openssl_conf to avoid the unused variable warning
+      drop(openssl_conf);
+      return Ok(());
+    }
+
+    #[cfg(feature = "webview-auth")]
+    crate::webview_auth::authenticate(&self, authenticator, openssl_conf)?;
+
+    Ok(())
+  }
+
  fn build_gp_params(&self) -> GpParams {
    let gp_params = GpParams::builder()
      .user_agent(&self.user_agent)
@@ -168,37 +156,6 @@ impl Cli {

    gp_params
  }
-
-  async fn saml_auth(&self, app_handle: AppHandle) -> anyhow::Result<SamlAuthData> {
-    let auth_window = AuthWindow::new(app_handle)
-      .server(&self.server)
-      .user_agent(&self.user_agent)
-      .gp_params(self.build_gp_params())
-      .saml_request(self.saml_request.as_ref().unwrap())
-      .clean(self.clean);
-
-    auth_window.open().await
-  }
-}
-
-fn create_app(cli: Cli) -> anyhow::Result<App> {
-  let app = tauri::Builder::default()
-    .setup(|app| {
-      let app_handle = app.handle();
-
-      tauri::async_runtime::spawn(async move {
-        let auth_result = match cli.saml_auth(app_handle.clone()).await {
-          Ok(auth_data) => SamlAuthResult::Success(auth_data),
-          Err(err) => SamlAuthResult::Failure(format!("{}", err)),
-        };
-
-        println!("{}", json!(auth_result));
-      });
-      Ok(())
-    })
-    .build(tauri::generate_context!())?;
-
-  Ok(app)
 }

 fn init_logger() {
@@ -206,53 +163,22 @@ fn init_logger() {
 }

 pub async fn run() {
-  let mut cli = Cli::parse();
+  let cli = Cli::parse();

  init_logger();
  info!("gpauth started: {}", VERSION);

  if let Err(err) = cli.run().await {
-    eprintln!("\nError: {}", err);
-
-    if err.to_string().contains("unsafe legacy renegotiation") && !cli.fix_openssl {
-      eprintln!("\nRe-run it with the `--fix-openssl` option to work around this issue, e.g.:\n");
-      // Print the command
-      let args = std::env::args().collect::<Vec<_>>();
-      eprintln!("{} --fix-openssl {}\n", args[0], args[1..].join(" "));
-    }
-
+    handle_error(err, &cli);
    std::process::exit(1);
  }
 }

-async fn wait_auth_data() -> anyhow::Result<SamlAuthData> {
-  // Start a local server to receive the browser authentication data
-  let listener = TcpListener::bind("127.0.0.1:0").await?;
-  let port = listener.local_addr()?.port();
-  let port_file = temp_dir().join("gpcallback.port");
+pub fn print_auth_result(auth_result: anyhow::Result<SamlAuthData>) {
+  let auth_result = match auth_result {
+    Ok(auth_data) => SamlAuthResult::Success(auth_data),
+    Err(err) => SamlAuthResult::Failure(format!("{}", err)),
+  };

-  // Write the port to a file
-  fs::write(&port_file, port.to_string())?;
-  fs::set_permissions(&port_file, fs::Permissions::from_mode(0o600))?;
-
-  // Remove the previous log file
-  let callback_log = temp_dir().join("gpcallback.log");
-  let _ = fs::remove_file(&callback_log);
-
-  info!("Listening authentication data on port {}", port);
-  info!(
-    "If it hangs, please check the logs at `{}` for more information",
-    callback_log.display()
-  );
-  let (mut socket, _) = listener.accept().await?;
-
-  info!("Received the browser authentication data from the socket");
-  let mut data = String::new();
-  socket.read_to_string(&mut data).await?;
-
-  // Remove the port file
-  fs::remove_file(&port_file)?;
-
-  let auth_data = SamlAuthData::from_gpcallback(&data)?;
-  Ok(auth_data)
+  println!("{}", json!(auth_result));
 }