fix(http): status content type should be JSON (#3096)

examples/kanidm

@@ -6,8 +6,6 @@ uri = "https://idm.example.com"
 # TODO: document this
 # verify_ca = true
 
-# enable (default) or disable TLS certificate verification
-# verify_certificate = true
 # enable (default) or disable TLS certificate hostname verification
 # verify_hostnames = true
 
@@ -15,31 +13,31 @@ uri = "https://idm.example.com"
 # ca_path = "/etc/kanidm/cacert.pem"
 
 # when configuring the FreeRADIUS server, set the service account details here
-auth_token = "putyourtokenhere"
+# auth_token = "putyourtokenhere"
 
-radius_cert_path = "/certs/cert.pem" # the TLS certificate
+# radius_cert_path = "/certs/cert.pem" # the TLS certificate
-radius_key_path = "/certs/key.pem"   # the signing key for radius TLS
+# radius_key_path = "/certs/key.pem"   # the signing key for radius TLS
-radius_ca_path = "/certs/ca.pem"     # the CA certificate
+# radius_ca_path = "/certs/ca.pem"     # the CA certificate
-radius_dh_path = "/certs/dh.pem"     # the diffie-hellman output
+# radius_dh_path = "/certs/dh.pem"     # the diffie-hellman output
 
 # A list of groups, if a user is in them, they're approved for RADIUS authentication
-radius_required_groups = [
+# radius_required_groups = [
-    "radius_access_allowed",
+#     "radius_access_allowed",
-]
+# ]
 # A mapping between Kanidm groups and VLANS
-radius_groups = [
+# radius_groups = [
-    { spn = "radius_access_allowed", vlan = 10 },
+#     { spn = "radius_access_allowed", vlan = 10 },
-]
+# ]
 
 # The default VLAN if the user does not fit into another group
-radius_default_vlan = 1
+# radius_default_vlan = 1
 
 # A list of radius clients and their passwords, which are allowed to connect,
 # typically network devices like switches and access points.
-radius_clients = [
+# radius_clients = [
-    { name = "test", ipaddr = "127.0.0.1", secret  = "testing123" },
+#     { name = "test", ipaddr = "127.0.0.1", secret  = "testing123" },
-    { name = "docker" , ipaddr = "172.17.0.0/16", secret = "testing123" },
+#     { name = "docker" , ipaddr = "172.17.0.0/16", secret = "testing123" },
-]
+# ]
 
 # The client connection timeout, in seconds.
 connect_timeout = 30

libs/client/src/lib.rs

@@ -98,6 +98,9 @@ pub struct KanidmClientConfigInstance {
     ///
     /// Environment variable is `KANIDM_CA_PATH`.
     pub ca_path: Option<String>,
+
+    /// Connection Timeout for the client, in seconds.
+    pub connect_timeout: Option<u64>,
 }
 
 #[derive(Debug, Deserialize, Serialize)]
@@ -300,6 +303,7 @@ impl KanidmClientBuilder {
             Some(ca_path) => Some(Self::parse_certificate(&ca_path)?),
             None => ca,
         };
+        let connect_timeout = kcc.connect_timeout.or(connect_timeout);
 
         Ok(KanidmClientBuilder {
             address,

server/core/src/https/generic.rs

@@ -1,7 +1,7 @@
 use axum::extract::State;
 use axum::http::header::CONTENT_TYPE;
 use axum::response::IntoResponse;
-use axum::Extension;
+use axum::{Extension, Json};
 use kanidmd_lib::status::StatusRequestEvent;
 
 use super::middleware::KOpId;
@@ -11,7 +11,7 @@ use super::ServerState;
     get,
     path = "/status",
     responses(
-        (status = 200, description = "Ok"),
+        (status = 200, description = "Ok", content_type = "application/json"),
     ),
     tag = "system",
 
@@ -20,14 +20,14 @@ use super::ServerState;
 pub async fn status(
     State(state): State<ServerState>,
     Extension(kopid): Extension<KOpId>,
-) -> String {
+) -> Json<bool> {
-    let r = state
+    state
         .status_ref
         .handle_request(StatusRequestEvent {
             eventid: kopid.eventid,
         })
-        .await;
+        .await
-    format!("{}", r)
+        .into()
 }
 
 #[utoipa::path(