AppBuilder: Add trustpub_providers() fn

Author: Turbo87

src/app.rs

@@ -12,7 +12,8 @@ use crate::storage::{Storage, StorageConfig};
 use axum::extract::{FromRef, FromRequestParts, State};
 use bon::Builder;
 use crates_io_github::GitHubClient;
-use crates_io_trustpub::keystore::OidcKeyStore;
+use crates_io_trustpub::github::GITHUB_ISSUER_URL;
+use crates_io_trustpub::keystore::{OidcKeyStore, RealOidcKeyStore};
 use deadpool_diesel::Runtime;
 use derive_more::Deref;
 use diesel_async::AsyncPgConnection;
@@ -94,6 +95,36 @@ impl<S: app_builder::State> AppBuilder<S> {
         self.github_oauth(github_oauth)
     }
 
+    /// Set the "Trusted Publishing" providers supported by the application.
+    ///
+    /// This method configures the OIDC key stores for the specified providers
+    /// and expects a list of provider names as input.
+    ///
+    /// Currently, only "github" is supported as a provider.
+    pub fn trustpub_providers(
+        self,
+        providers: &[String],
+    ) -> AppBuilder<app_builder::SetOidcKeyStores<S>>
+    where
+        S::OidcKeyStores: app_builder::IsUnset,
+    {
+        let mut key_stores: HashMap<String, Box<dyn OidcKeyStore>> = HashMap::new();
+
+        for provider in providers {
+            match provider.as_str() {
+                "github" => {
+                    let key_store = RealOidcKeyStore::new(GITHUB_ISSUER_URL.into());
+                    key_stores.insert(GITHUB_ISSUER_URL.into(), Box::new(key_store));
+                }
+                provider => {
+                    warn!("Unknown Trusted Publishing provider: {provider}");
+                }
+            }
+        }
+
+        self.oidc_key_stores(key_stores)
+    }
+
     pub fn databases_from_config(
         self,
         config: &config::DatabasePools,