feat(secrets): updated as recommended in ashauthentication docs

2025-06-20 08:54:11 +02:00 · 2025-06-20 08:54:11 +02:00 · 565aaddd94
commit 565aaddd94
parent 7bfde5e230
3 changed files with 35 additions and 10 deletions
--- a/lib/accounts/user.ex
+++ b/lib/accounts/user.ex
@ -32,15 +32,12 @@ defmodule Mv.Accounts.User do

    strategies do
      oidc :rauthy do
-        client_id "mv"
-        base_url "http://localhost:8080/auth/v1"
-        redirect_uri "http://localhost:4000/auth/user/rauthy/callback"
+        client_id Mv.Secrets
+        base_url Mv.Secrets
+        redirect_uri Mv.Secrets
+        client_secret Mv.Secrets
        auth_method :client_secret_jwt
        code_verifier true
-
-        client_secret fn _, _ ->
-          Application.fetch_env(:mv, :oicd_client_secret)
-        end
      end

      password :password do
--- a/lib/mv/secrets.ex
+++ b/lib/mv/secrets.ex
@ -0,0 +1,26 @@
+defmodule Mv.Secrets do
+  use AshAuthentication.Secret
+
+  def secret_for([:authentication, :strategies, :rauthy, :client_id], Mv.Accounts.User, _opts, _meth) do
+    get_config(:client_id)
+  end
+
+  def secret_for([:authentication, :strategies, :rauthy, :redirect_uri], Mv.Accounts.User, _opts, _meth) do
+    get_config(:redirect_uri)
+  end
+
+  def secret_for([:authentication, :strategies, :rauthy, :client_secret], Mv.Accounts.User, _opts, _meth) do
+    get_config(:client_secret)
+  end
+
+  def secret_for([:authentication, :strategies, :rauthy, :base_url], Mv.Accounts.User, _opts, _meth) do
+    get_config(:base_url)
+  end
+
+  defp get_config(key) do
+    :mv
+    |> Application.fetch_env!(:rauthy)
+    |> Keyword.fetch!(key)
+    |> then(&{:ok, &1})
+  end
+end