feat: Add args for project id

.github/workflows/ci.yml

@@ -1,41 +0,0 @@
-name: ci
-
-on: push
-
-env:
-  CARGO_TERM_COLOR: always
-  RUSTFLAGS: "-Dwarnings"
-
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    strategy:
-      matrix:
-       include:
-         - cargo_target: "x86_64-unknown-linux-gnu"
-         - cargo_target: "wasm32-unknown-unknown"
-    steps:
-      - name: Clone repo
-        uses: actions/checkout@v3
-      - name: Add targets
-        run: rustup target add wasm32-unknown-unknown
-      - uses: Swatinem/rust-cache@v2
-      - name: Docker Compose
-        run: docker-compose -f test/docker-compose.yml up -d redis
-
-      - name: Build
-        env:
-          CARGO_BUILD_TARGET: ${{ matrix.cargo_target }}
-        run: cargo build
-      - name: Clippy
-        env:
-          CARGO_BUILD_TARGET: ${{ matrix.cargo_target }}
-        run: cargo clippy
-      - name: Fmt
-        env:
-          CARGO_BUILD_TARGET: ${{ matrix.cargo_target }}
-        run: cargo fmt -- --check
-
-      - name: Test
-        if: matrix.cargo_target == 'x86_64-unknown-linux-gnu'
-        run: cargo test

.github/workflows/docker.yml

@@ -11,13 +11,23 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@master
+    - name: Install Docker
+      run: |
+        apt-get update
+        apt-get install curl -y
+        curl -fsSL https://get.docker.com | sh
+    - name: Install building tools
+      run: |
+        apt-get install build-essential python3 python3-pip -y
+
     - name: Build and push image
-      uses: elgohr/Publish-Docker-Github-Action@master
+      uses: elgohr/Publish-Docker-Github-Action@v5
       with:
-        name: spruceid/siwe_oidc
+        name: nathanwoodburn/eth-oidc
-        username: ${{ github.actor }}
+        username: nathanwoodburn
         password: ${{ secrets.DOCKERGIT_TOKEN }}
         registry: git.woodburn.au
         tag_names: true
         tag_semver: true
         snapshot: true
+        buildargs: PROJECT_ID=${{ secrets.PROJECT_ID }}

Dockerfile

@@ -14,7 +14,8 @@ COPY --from=dep_planner /siwe-oidc/recipe.json recipe.json
 RUN cargo chef cook --release --recipe-path recipe.json
 
 FROM node:16-alpine as node_builder
-ENV PROJECT_ID=""
+ARG PROJECT_ID
+ENV PROJECT_ID=${PROJECT_ID}
 ADD --chown=node:node ./static /siwe-oidc/static
 ADD --chown=node:node ./js/ui /siwe-oidc/js/ui
 WORKDIR /siwe-oidc/js/ui

src/oidc.rs

@@ -14,14 +14,7 @@ use openidconnect::{
         CoreJwsSigningAlgorithm, CoreProviderMetadata, CoreRegisterErrorResponseType,
         CoreResponseType, CoreRsaPrivateSigningKey, CoreSubjectIdentifierType, CoreTokenResponse,
         CoreTokenType, CoreUserInfoClaims, CoreUserInfoJsonWebToken,
-    },
+    }, registration::{EmptyAdditionalClientMetadata, EmptyAdditionalClientRegistrationResponse}, url::Url, AccessToken, Audience, AuthUrl, ClientConfigUrl, ClientId, ClientSecret, EmptyAdditionalClaims, EmptyAdditionalProviderMetadata, EmptyExtraTokenFields, EndUserEmail, EndUserPictureUrl, EndUserUsername, IssuerUrl, JsonWebKeyId, JsonWebKeySetUrl, LocalizedClaim, Nonce, OpPolicyUrl, OpTosUrl, PrivateSigningKey, RedirectUrl, RegistrationAccessToken, RegistrationUrl, RequestUrl, ResponseTypes, Scope, StandardClaims, SubjectIdentifier, TokenUrl, UserInfoUrl
-    registration::{EmptyAdditionalClientMetadata, EmptyAdditionalClientRegistrationResponse},
-    url::Url,
-    AccessToken, Audience, AuthUrl, ClientConfigUrl, ClientId, ClientSecret, EmptyAdditionalClaims,
-    EmptyAdditionalProviderMetadata, EmptyExtraTokenFields, EndUserPictureUrl, EndUserUsername,
-    IssuerUrl, JsonWebKeyId, JsonWebKeySetUrl, LocalizedClaim, Nonce, OpPolicyUrl, OpTosUrl,
-    PrivateSigningKey, RedirectUrl, RegistrationAccessToken, RegistrationUrl, RequestUrl,
-    ResponseTypes, Scope, StandardClaims, SubjectIdentifier, TokenUrl, UserInfoUrl,
 };
 use rand::{distributions::Alphanumeric, thread_rng, Rng};
 use rsa::{
@@ -42,9 +35,10 @@ use super::db::*;
 use siwe_oidc::db::*;
 
 lazy_static::lazy_static! {
-    static ref SCOPES: [Scope; 2] = [
+    static ref SCOPES: [Scope; 3] = [
         Scope::new("openid".to_string()),
         Scope::new("profile".to_string()),
+        Scope::new("email".to_string()),
     ];
 }
 const SIGNING_ALG: [CoreJwsSigningAlgorithm; 1] = [CoreJwsSigningAlgorithm::RsaSsaPkcs1V15Sha256];
@@ -146,6 +140,7 @@ pub fn metadata(base_url: Url) -> Result<CoreProviderMetadata, CustomError> {
         CoreClaimName::new("iss".to_string()),
         CoreClaimName::new("preferred_username".to_string()),
         CoreClaimName::new("picture".to_string()),
+        CoreClaimName::new("email".to_string()),
     ]))
     .set_registration_endpoint(Some(RegistrationUrl::from_url(
         base_url
@@ -238,6 +233,7 @@ async fn resolve_claims(
         Ok(n) => resolve_avatar(eth_provider.clone(), &n).await,
         Err(_) => None,
     };
+    let email = format!("{}@eth.woodburn.au", address);
     StandardClaims::new(subject_id)
         .set_preferred_username(Some(EndUserUsername::new(username)))
         .set_picture(avatar.map(|a| {
@@ -245,6 +241,7 @@ async fn resolve_claims(
             avatar_localized.insert(None, EndUserPictureUrl::new(a.to_string()));
             avatar_localized
         }))
+        .set_email(Some(EndUserEmail::new(email)))
 }
 
 #[derive(Serialize, Deserialize)]