ixpantia · cristhian-ixpantia · Aug 28, 2024 · Aug 27, 2024 · Aug 27, 2024
diff --git a/DESCRIPTION b/DESCRIPTION
@@ -28,6 +28,7 @@ Suggests:
     knitr,
     rmarkdown,
     shiny,
+    tower,
     testthat (>= 3.0.0)
 VignetteBuilder: 
     knitr

diff --git a/Makefile b/Makefile
@@ -0,0 +1,6 @@
+.PHONY: install
+
+install:
+	Rscript -e "devtools::install()"
+
+
diff --git a/NAMESPACE b/NAMESPACE
@@ -1,6 +1,9 @@
 # Generated by roxygen2: do not edit by hand
 
+S3method(internal_add_auth_layers,entra_id_config)
+S3method(internal_add_auth_layers,google_config)
 S3method(print,access_token)
+export(add_auth_layers)
 export(expires_at)
 export(expires_in)
 export(get_token_field)
@@ -10,6 +13,5 @@ export(new_auth0_config)
 export(new_entra_id_config)
 export(new_google_config)
 export(new_openid_config)
-export(sso_shiny_app)
 export(token)
 export(use_futures)
diff --git a/R/auth0.R b/R/auth0.R
@@ -105,14 +105,9 @@ get_client_id.auth0_config <- function(config) {
 
 #' @keywords internal
 #' @noRd
-shiny_app.auth0_config <- function(config, app) {
-  app_handler <- app$httpHandler
-  login_handler <- function(req) {
-
-    # If the user sends a POST request to /login, we'll get a code
-    # and exchange it for an access token. We'll then redirect the
-    # user to the root path, setting a cookie with the access token.
-    if (req$PATH_INFO == "/login") {
+internal_add_auth_layers.auth0_config <- function(config, tower) {
+  tower |>
+    tower::add_get_route("/login", \(req) {
       query <- shiny::parseQueryString(req$QUERY_STRING)
       token <- promises::future_promise({
         request_token(config, query[["code"]])
@@ -140,9 +135,8 @@ shiny_app.auth0_config <- function(config, app) {
           }
         )
       )
-    }
-
-    if (req$PATH_INFO == "/logout") {
+    }) |>
+    tower::add_get_route("/logout", \(req) {
       return(
         shiny::httpResponse(
           status = 302,
@@ -152,72 +146,61 @@ shiny_app.auth0_config <- function(config, app) {
           )
         )
       )
-    }
-
-    # Get eh HTTP cookies from the request
-    cookies <- parse_cookies(req$HTTP_COOKIE)
-
-    # If the user requests the root path, we'll check if they have
-    # an access token. If they don't, we'll redirect them to the
-    # login page.
-    if (req$PATH_INFO == "/") {
+    }) |>
+    tower::add_http_layer(\(req) {
+      # Get the HTTP cookies from the request
+      cookies <- parse_cookies(req$HTTP_COOKIE)
+      req$PARSED_COOKIES <- cookies
+
+      # If the user requests the root path, we'll check if they have
+      # an access token. If they don't, we'll redirect them to the
+      # login page.
+      if (req$PATH_INFO == "/") {
+        token <- tryCatch(
+          expr = access_token(config, remove_bearer(cookies$access_token)),
+          error = function(e) {
+            return(NULL)
+          }
+        )
+        if (is.null(token)) {
+          return(
+            shiny::httpResponse(
+              status = 302,
+              headers = list(
+                Location = get_login_url(config)
+              )
+            )
+          )
+        }
+      }
+    }) |>
+    tower::add_http_layer(function(req) {
+      # If the user requests any other path, we'll check if they have
+      # an access token. If they don't, we'll return a 403 Forbidden
+      # response.
       token <- tryCatch(
-        expr = access_token(config, remove_bearer(cookies$access_token)),
+        expr = access_token(
+          config,
+          remove_bearer(req$PARSED_COOKIES$access_token)
+        ),
         error = function(e) {
           return(NULL)
         }
       )
+
       if (is.null(token)) {
         return(
           shiny::httpResponse(
-            status = 302,
-            headers = list(
-              Location = get_login_url(config)
-            )
+            status = 403,
+            content_type = "text/plain",
+            content = "Forbidden"
           )
         )
       }
-    }
-
-    # If the user requests any other path, we'll check if they have
-    # an access token. If they don't, we'll return a 403 Forbidden
-    # response.
-    token <- tryCatch(
-      expr = access_token(config, remove_bearer(cookies$access_token)),
-      error = function(e) {
-        return(NULL)
-      }
-    )
-
-    if (is.null(token)) {
-      return(
-        shiny::httpResponse(
-          status = 403,
-          content_type = "text/plain",
-          content = "Forbidden"
-        )
-      )
-    }
-
-    # If we have reached this point, the user has a valid access
-    # token and therefore we can return NULL, which will cause the
-    # app handler to be called.
-    return(NULL)
-  }
-
-  handlers <- list(
-    login_handler,
-    app_handler
-  )
-
-  app$httpHandler <- function(req) {
-    for (handler in handlers) {
-      response <- handler(req)
-      if (!is.null(response)) {
-        return(response)
-      }
-    }
-  }
 
-  return(app)
+      # If we have reached this point, the user has a valid access
+      # token and therefore we can return NULL, which will cause the
+      # app handler to be called.
+      return(NULL)
+    })
 }
diff --git a/R/config.R b/R/config.R
@@ -79,6 +79,11 @@ request_token <- function(config, authorization_code) {
   UseMethod("request_token")
 }
 
+#' @keywords internal
+request_token_refresh <- function(config, refresh_token) {
+  UseMethod("request_token_refresh")
+}
+
 #' @title Decode a token
 #' @description Decodes a token
 #'
-Original file line number
+Diff line change
@@ Expand Up / @@ -28,6 +28,7 @@ Suggests: @@
         knitr,
         rmarkdown,
         shiny,
+        tower,
         testthat (>= 3.0.0)
     VignetteBuilder:
         knitr
@@ Expand Down @@