cmackenzie1 · cmackenzie1 · Feb 17, 2025 · Feb 17, 2025
diff --git a/torii-auth-email/src/lib.rs b/torii-auth-email/src/lib.rs
@@ -253,8 +253,14 @@ mod tests {
         let mut manager = PluginManager::new(user_storage.clone(), session_storage.clone());
         manager.register(EmailPasswordPlugin::new(storage));
 
-        user_storage.migrate().await?;
-        session_storage.migrate().await?;
+        user_storage
+            .migrate()
+            .await
+            .map_err(|_| Error::Storage("Failed to migrate user storage".to_string()))?;
+        session_storage
+            .migrate()
+            .await
+            .map_err(|_| Error::Storage("Failed to migrate session storage".to_string()))?;
 
         Ok((manager,))
     }

diff --git a/torii-auth-oauth/src/lib.rs b/torii-auth-oauth/src/lib.rs
@@ -5,8 +5,8 @@
     AuthorizationCode, ClientId, ClientSecret, CsrfToken, IssuerUrl, Nonce, RedirectUrl, Scope,
     TokenResponse,
 };
+use torii_core::storage::OAuthStorage;
 use torii_core::{storage::Storage, Error, NewUser, Plugin, Session, SessionStorage, User, UserId};
-use torii_storage_sqlite::{OAuthAccount, OAuthStorage};
 use uuid::Uuid;
 
 /// The core oauth plugin struct, responsible for handling oauth authentication flow.
@@ -18,14 +18,16 @@
 /// # Examples
 /// ```rust
 /// // Using the builder pattern
-/// let plugin = oauthPlugin::builder("google")
+/// use std::env;
+/// use torii_auth_oauth::OAuthPlugin;
+/// let plugin = OAuthPlugin::builder("google")
 ///     .client_id(env::var("GOOGLE_CLIENT_ID")?)
 ///     .client_secret(env::var("GOOGLE_CLIENT_SECRET")?)
 ///     .redirect_uri("http://localhost:8080/callback")
 ///     .build();
 ///
 /// // Using preset for Google
-/// let plugin = oauthPlugin::google(
+/// let plugin = OAuthPlugin::google(
 ///     env::var("GOOGLE_CLIENT_ID")?,
 ///     env::var("GOOGLE_CLIENT_SECRET")?,
 ///     "http://localhost:8080/callback".to_string(),
@@ -280,7 +282,7 @@
                 .get_user(&oauth_account.user_id)
                 .await
                 .map_err(|_| Error::InternalServerError)?
-                .ok_or_else(|| Error::UserNotFound)?;
+                .ok_or(Error::UserNotFound)?;
 
             return Ok(user);
         }
@@ -301,13 +303,7 @@
         // Create link between user and provider
         storage
             .user_storage()
-            .create_oauth_account(&OAuthAccount {
-                user_id: user.id.clone(),
-                provider: self.provider.clone(),
-                subject: subject.clone(),
-                created_at: Utc::now(),
-                updated_at: Utc::now(),
-            })
+            .create_oauth_account(&self.provider, &subject, &user.id)
             .await
             .map_err(|_| Error::InternalServerError)?;
 
@@ -389,9 +385,7 @@
         tracing::info!("Successfully exchanged code for token response");
 
         // Get id token from token response
-        let id_token = token_response
-            .id_token()
-            .ok_or_else(|| Error::InvalidCredentials)?;
+        let id_token = token_response.id_token().ok_or(Error::InvalidCredentials)?;
 
         tracing::info!("Successfully got id token from token response");
 
@@ -420,15 +414,12 @@
         tracing::info!(claims = ?claims, "Verified id token");
 
         let subject = claims.subject().to_string();
-        let email = claims
-            .email()
-            .ok_or_else(|| Error::InvalidCredentials)?
-            .to_string();
+        let email = claims.email().ok_or(Error::InvalidCredentials)?.to_string();
         let name = claims
             .name()
-            .ok_or_else(|| Error::InvalidCredentials)?
+            .ok_or(Error::InvalidCredentials)?
             .get(None)
-            .ok_or_else(|| Error::InvalidCredentials)?
+            .ok_or(Error::InvalidCredentials)?
             .to_string();
 
         tracing::info!(

diff --git a/torii-core/Cargo.toml b/torii-core/Cargo.toml
@@ -13,7 +13,6 @@ derive_builder.workspace = true
 downcast-rs = "2.0.1"
 futures.workspace = true
 serde.workspace = true
-sqlx.workspace = true
 thiserror.workspace = true
 tracing.workspace = true
 uuid.workspace = true

diff --git a/torii-core/src/error.rs b/torii-core/src/error.rs
@@ -2,10 +2,6 @@ use thiserror::Error;
 
 #[derive(Debug, Error)]
 pub enum Error {
-    // Database errors
-    #[error("Database error: {0}")]
-    Database(#[from] sqlx::Error),
-
     // Plugin errors
     #[error("Plugin error: {0}")]
     Plugin(String),

diff --git a/torii-core/src/lib.rs b/torii-core/src/lib.rs
@@ -19,4 +19,4 @@ pub use error::Error;
 pub use plugin::{Plugin, PluginManager};
 pub use session::Session;
 pub use storage::{NewUser, SessionStorage, UserStorage};
-pub use user::{User, UserId};
+pub use user::{OAuthAccount, User, UserId};
diff --git a/torii-core/src/session.rs b/torii-core/src/session.rs
@@ -19,8 +19,7 @@ use derive_builder::Builder;
 use serde::{Deserialize, Serialize};
 use uuid::Uuid;
 
-#[derive(Debug, Clone, PartialEq, Eq, Hash, Serialize, Deserialize, sqlx::Type)]
-#[sqlx(transparent)]
+#[derive(Debug, Clone, PartialEq, Eq, Hash, Serialize, Deserialize)]
 pub struct SessionId(String);
 
 impl SessionId {
@@ -67,7 +66,7 @@ impl std::fmt::Display for SessionId {
     }
 }
 
-#[derive(Debug, Clone, Serialize, Deserialize, sqlx::FromRow, Builder)]
+#[derive(Debug, Clone, Serialize, Deserialize, Builder)]
 pub struct Session {
     /// The unique identifier for the session.
     #[builder(default = "SessionId::new_random()")]

diff --git a/torii-core/src/storage.rs b/torii-core/src/storage.rs
@@ -5,7 +5,7 @@ use chrono::{DateTime, Utc};
 use derive_builder::Builder;
 use serde::{Deserialize, Serialize};
 
-use crate::{session::SessionId, Error, Session, User, UserId};
+use crate::{session::SessionId, Error, OAuthAccount, Session, User, UserId};
 
 #[async_trait]
 pub trait StoragePlugin: Send + Sync + 'static {
@@ -54,18 +54,39 @@ pub trait EmailPasswordStorage: UserStorage {
 /// Storage methods specific to OAuth authentication
 #[async_trait]
 pub trait OAuthStorage: UserStorage {
+    async fn create_oauth_account(
+        &self,
+        provider: &str,
+        subject: &str,
+        user_id: &UserId,
+    ) -> Result<OAuthAccount, Self::Error>;
+
+    async fn get_user_by_provider_and_subject(
+        &self,
+        provider: &str,
+        subject: &str,
+    ) -> Result<Option<User>, Self::Error>;
+
+    async fn get_oauth_account_by_provider_and_subject(
+        &self,
+        provider: &str,
+        subject: &str,
+    ) -> Result<Option<OAuthAccount>, Self::Error>;
+
     async fn link_oauth_account(
         &self,
         user_id: &UserId,
         provider: &str,
-        provider_user_id: &str,
+        subject: &str,
     ) -> Result<(), Self::Error>;
 
-    async fn get_user_by_oauth(
+    async fn get_nonce(&self, id: &str) -> Result<Option<String>, Self::Error>;
+    async fn save_nonce(
         &self,
-        provider: &str,
-        provider_user_id: &str,
-    ) -> Result<Option<User>, Self::Error>;
+        id: &str,
+        value: &str,
+        expires_at: &DateTime<Utc>,
+    ) -> Result<(), Self::Error>;
 }
 
 #[derive(Debug, Clone)]

diff --git a/torii-core/src/user.rs b/torii-core/src/user.rs
@@ -18,8 +18,7 @@ use serde::{Deserialize, Serialize};
 use uuid::Uuid;
 
 /// A unique, stable identifier for a specific user
-#[derive(Debug, Clone, PartialEq, Eq, sqlx::Type, Serialize, Deserialize, Hash)]
-#[sqlx(transparent)]
+#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize, Hash)]
 pub struct UserId(String);
 
 impl UserId {
@@ -70,7 +69,7 @@ impl std::fmt::Display for UserId {
 ///
 /// Many of these fields are optional, as they may not be available from the authentication provider,
 /// or may not be known at the time of authentication.
-#[derive(Debug, Clone, Serialize, Deserialize, sqlx::FromRow, Builder)]
+#[derive(Debug, Clone, Serialize, Deserialize, Builder)]
 pub struct User {
     // The unique identifier for the user.
     #[builder(default = "UserId::new_random()")]
@@ -101,6 +100,21 @@ impl User {
     }
 }
 
+#[derive(Debug, Clone, Serialize, Deserialize, Builder)]
+pub struct OAuthAccount {
+    pub user_id: UserId,
+    pub provider: String,
+    pub subject: String,
+    pub created_at: DateTime<Utc>,
+    pub updated_at: DateTime<Utc>,
+}
+
+impl OAuthAccount {
+    pub fn builder() -> OAuthAccountBuilder {
+        OAuthAccountBuilder::default()
+    }
+}
+
 #[cfg(test)]
 mod tests {
     use super::*;