Merge pull request #83 from OneLiteFeatherNET/feat/expose-more-options

Randoooom · web-flow · commit c946ee9de296 · 2024-07-11T19:17:59.000+02:00
Feat/expose more options
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "feedback-fusion"
-version = "0.1.4"
+version = "0.2.0"
 edition = "2021"
 license = "MIT"
 
@@ -50,7 +50,7 @@ tonic-health = "0.11.0"
 tonic-reflection = "0.11.0"
 tonic-web = "0.11.0"
 tokio = { version = "1.37.0", features = ["full"] }
-tower = "0.4.13"
+tower = { version = "0.4.13", feature = ["limit"] }
 tokio-retry = "0.3"
 tower-http = { version = "=0.4.4", features = ["trace", "validate-request"] }
 tracing = "0.1.39"
diff --git a/charts/feedback-fusion/Chart.yaml b/charts/feedback-fusion/Chart.yaml
@@ -15,10 +15,10 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.1.7
+version: 0.2.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "0.1.4"
+appVersion: "0.2.0"
diff --git a/charts/feedback-fusion/values.yaml b/charts/feedback-fusion/values.yaml
@@ -120,7 +120,6 @@ feedbackFusion:
   config: 
     secret: feedback-fusion-config
     # RUST_LOG: INFO
-    # GLOBAL_RATE_LIMIT: 10
     # OIDC_AUDIENCE: ""
     # OIDC_PROVIDER: ""
     #
diff --git a/docs/docs/configuration.md b/docs/docs/configuration.md
@@ -6,7 +6,6 @@ You can set the following environment variables:
 
 | Environment Variable    | Type              | Default Value              | Description                                                                 |
 |-------------------------|-------------------|----------------------------|-----------------------------------------------------------------------------|
-| `GLOBAL_RATE_LIMIT`     | `u64`             | `10`                       | The global rate limit for requests.                                         |
 | `OIDC_PROVIDER`         | `String`          | N/A                        | The OIDC provider URL.                                                      |
 | `OIDC_AUDIENCE`         | `String`          | `"feedback-fusion"`        | The audience for the OIDC tokens.                                           |
 | `OIDC_ISSUER`           | `Option<String>`  | `None`                     | The optional issuer URL for the OIDC tokens.                                |
@@ -15,6 +14,21 @@ You can set the following environment variables:
 | `OTLP_ENDPOINT`         | `Option<String>`  | `None`                     | The gRPC OTLP endpoint to send the trace spans to                           |
 | `SERVICE_NAME`          | `String`          | `"feedback-fusion"`        | Service name used in tracing context                                        |
 
+## Scope Configuration
+
+| Environment Variable              | Description                        |
+|-----------------------------------|------------------------------------|
+| `OIDC_SCOPE_API`                  | Scope for API access               |
+| `OIDC_SCOPE_WRITE`                | Scope for write access             |
+| `OIDC_SCOPE_READ`                 | Scope for read access              |
+| `OIDC_SCOPE_WRITE_TARGET`         | Scope for writing targets          |
+| `OIDC_SCOPE_READ_TARGET`          | Scope for reading targets          |
+| `OIDC_SCOPE_WRITE_PROMPT`         | Scope for writing prompts          |
+| `OIDC_SCOPE_READ_PROMPT`          | Scope for reading prompts          |
+| `OIDC_SCOPE_WRITE_FIELD`          | Scope for writing fields           |
+| `OIDC_SCOPE_READ_FIELD`           | Scope for reading fields           |
+| `OIDC_SCOPE_READ_RESPONSE`        | Scope for reading responses        |
+
 ## Database Configuration
 
 The Backend supports mutliple database backends. The backend will choose the database based on your provided configuration values.
diff --git a/src/config.rs b/src/config.rs
@@ -34,35 +34,61 @@ lazy_static! {
         DatabaseConfiguration::extract().unwrap();
 }
 
-#[derive(Deserialize, Debug, Clone, Getters)]
-#[get = "pub"]
-pub struct Config {
-    #[serde(default = "default_global_rate_limit")]
-    global_rate_limit: u64,
-    oidc_provider: String,
-    #[serde(default = "default_oidc_audience")]
-    oidc_audience: String,
-    oidc_issuer: Option<String>,
-    config_path: Option<String>,
-    otlp_endpoint: Option<String>,
-    #[serde(default = "default_service_name")]
-    service_name: String
-}
+macro_rules! config {
+    (($($ident:ident: $type:ty $(,)? )*),  ($($dident:ident: $dtype:ty = $default:expr $(,)?)*)) => {
+        paste! {
+            #[derive(Deserialize, Debug, Clone, Getters)]
+            #[get = "pub"]
+            pub struct Config {
+                $(
+                    $ident: $type,
+                )*
+                
+                $(
+                    #[serde(default = "default_" $dident)]
+                    $dident: $dtype,
+                )*
+            }
 
-#[inline]
-fn default_global_rate_limit() -> u64 {
-    10
-}
 
-#[inline]
-fn default_oidc_audience() -> String {
-    "feedback-fusion".to_owned()
+            $(
+                #[inline]
+                fn [<default_ $dident>]() -> $dtype {
+                    $default.to_owned()
+                }
+            )*
+        }
+    };
 }
 
-#[inline]
-fn default_service_name() -> String {
-    "feedback-fusion".to_owned()
-}
+config!(
+    (
+        oidc_provider: String,
+        oidc_issuer: Option<String>,
+        config_path: Option<String>,
+        otlp_endpoint: Option<String>,
+    ),
+
+    (
+        service_name: String = "feedback-fusion"
+        oidc_audience: String = "feedback-fusion",
+
+        oidc_scope_api: String = "api:feedback-fusion",
+        oidc_scope_write: String = "feedback-fusion:write",
+        oidc_scope_read: String = "feedback-fusion:read",
+        
+        oidc_scope_write_target: String = "feedback-fusion:writeTarget",
+        oidc_scope_read_target: String = "feedback-fusion:readTarget"
+
+        oidc_scope_write_prompt: String = "feedback-fusion:writePrompt",
+        oidc_scope_read_prompt: String = "feedback-fusion:readPrompt"
+
+        oidc_scope_write_field: String = "feedback-fusion:writeField",
+        oidc_scope_read_field: String = "feedback-fusion:readField"
+
+        oidc_scope_read_response: String = "feedback-fusion:readResponse"
+    )
+);
 
 #[derive(Debug, Clone, Deserialize, Serialize, PartialEq)]
 pub struct InstanceConfig {
diff --git a/src/services/oidc.rs b/src/services/oidc.rs
@@ -97,15 +97,16 @@ pub async fn authority() -> Result<Authority> {
 #[derive(Debug, Clone, Deserialize)]
 pub struct OIDCClaims {
     iss: jwt::Issuer,
+    iat: UnixTime,
     aud: jwt::Audiences,
-    nbf: UnixTime,
+    nbf: Option<UnixTime>,
     exp: UnixTime,
     scope: Scope,
 }
 
 impl jwt::CoreClaims for OIDCClaims {
     fn nbf(&self) -> Option<UnixTime> {
-        Some(self.nbf)
+        Some(self.nbf.unwrap_or(self.iat))
     }
     fn exp(&self) -> Option<UnixTime> {
         Some(self.exp)
diff --git a/src/services/v1/mod.rs b/src/services/v1/mod.rs

Original file line number	Diff line number	Diff line change
`@@ -120,7 +120,6 @@ feedbackFusion:`
`120`	`120`	`config:`
`121`	`121`	`secret: feedback-fusion-config`
`122`	`122`	`# RUST_LOG: INFO`
`123`		`- # GLOBAL_RATE_LIMIT: 10`
`124`	`123`	`# OIDC_AUDIENCE: ""`
`125`	`124`	`# OIDC_PROVIDER: ""`
`126`	`125`	`#`