diff --git a/src/endpoints.rs b/src/endpoints.rs index 9eff84d..0e4d2a9 100644 --- a/src/endpoints.rs +++ b/src/endpoints.rs @@ -8,6 +8,7 @@ use axum::{ Json, }; use futures::future::join_all; +use http::HeaderMap; use indexmap::IndexMap; use serde::Serialize; use tower_sessions::Session; @@ -193,11 +194,18 @@ pub struct Region { pub async fn get_region( session: Session, + headers: HeaderMap, State(server_state): State, OriginalUri(original_uri): OriginalUri, Path(github_login): Path, ) -> Result, Error> { - let sheets_client = sheets_client(&session, server_state.clone(), original_uri.clone()).await?; + let sheets_client = sheets_client( + &session, + server_state.clone(), + headers, + original_uri.clone(), + ) + .await?; let trainees = get_trainees( sheets_client, &server_state.config.github_email_mapping_sheet_id, @@ -222,11 +230,18 @@ pub struct AttendanceResponse { pub async fn fetch_attendance( session: Session, + headers: HeaderMap, State(server_state): State, OriginalUri(original_uri): OriginalUri, ) -> Result, Error> { let all_courses = &server_state.config.courses; - let sheets_client = sheets_client(&session, server_state.clone(), original_uri.clone()).await?; + let sheets_client = sheets_client( + &session, + server_state.clone(), + headers, + original_uri.clone(), + ) + .await?; let mut courses: CourseAttendance = BTreeMap::new(); let mut register_futures = Vec::new(); diff --git a/src/frontend.rs b/src/frontend.rs index 4d87fb0..8681d8e 100644 --- a/src/frontend.rs +++ b/src/frontend.rs @@ -7,7 +7,7 @@ use axum::{ response::{Html, IntoResponse, Response}, }; use futures::future::join_all; -use http::{header::CONTENT_TYPE, StatusCode, Uri}; +use http::{header::CONTENT_TYPE, HeaderMap, StatusCode, Uri}; use serde::Deserialize; use tower_sessions::Session; @@ -95,11 +95,18 @@ struct CourseScheduleWithBatchMetadata { pub async fn get_trainee_batch( session: Session, + headers: HeaderMap, State(server_state): State, OriginalUri(original_uri): OriginalUri, Path((course, batch_github_slug)): Path<(String, String)>, ) -> Result, Error> { - let sheets_client = sheets_client(&session, server_state.clone(), original_uri.clone()).await?; + let sheets_client = sheets_client( + &session, + server_state.clone(), + headers, + original_uri.clone(), + ) + .await?; let github_org = &server_state.config.github_org; let course_schedule = server_state .config @@ -182,11 +189,18 @@ impl TraineeBatchTemplate { pub async fn get_reviewers( session: Session, + headers: HeaderMap, State(server_state): State, OriginalUri(original_uri): OriginalUri, Path(course): Path, ) -> Result, Error> { - let sheets_client = sheets_client(&session, server_state.clone(), original_uri.clone()).await?; + let sheets_client = sheets_client( + &session, + server_state.clone(), + headers, + original_uri.clone(), + ) + .await?; let mut is_staff = true; let mut staff_details = get_reviewer_staff_info( sheets_client, diff --git a/src/sheets.rs b/src/sheets.rs index 7f13ddd..e52ae37 100644 --- a/src/sheets.rs +++ b/src/sheets.rs @@ -1,5 +1,5 @@ use anyhow::Context; -use http::Uri; +use http::{HeaderMap, Uri}; use sheets::{spreadsheets::Spreadsheets, types::CellData}; use tower_sessions::Session; @@ -35,12 +35,27 @@ pub(crate) fn cell_date(cell: &CellData) -> Result Result { - let maybe_token: Option = session - .get(GoogleScope::Sheets.token_session_key()) - .await - .context("Session load error")?; + const AUTHORIZATION_HEADER: &str = "x-authorization-google"; + let maybe_token = if let Some(auth_header) = headers.get(AUTHORIZATION_HEADER) { + let token = match auth_header.to_str() { + Ok(s) => Some(s.to_string()), + Err(e) => { + return Err(Error::UserFacing(format!( + "Invalid {} header: {}", + AUTHORIZATION_HEADER, e + ))) + } + }; + token + } else { + session + .get(GoogleScope::Sheets.token_session_key()) + .await + .context("Session load error")? + }; let redirect_endpoint = redirect_endpoint(&server_state);