diff options
| -rw-r--r-- | src/auth.rs | 25 | ||||
| -rw-r--r-- | src/handlers.rs | 4 | ||||
| -rw-r--r-- | src/routes.rs | 12 |
3 files changed, 26 insertions, 15 deletions
diff --git a/src/auth.rs b/src/auth.rs index e22262c..95f2378 100644 --- a/src/auth.rs +++ b/src/auth.rs | |||
| @@ -1,12 +1,14 @@ | |||
| 1 | use crate::error::Error; | 1 | use crate::error::Error; |
| 2 | use crate::schema::{Db, Transaction}; | 2 | use crate::schema::{Db, Transaction}; |
| 3 | use anyhow::{anyhow, Context, Result}; | ||
| 3 | use jsonwebtoken::{decode, Algorithm, DecodingKey, Validation}; | 4 | use jsonwebtoken::{decode, Algorithm, DecodingKey, Validation}; |
| 4 | use serde::{Deserialize, Serialize}; | 5 | use serde::{Deserialize, Serialize}; |
| 6 | use thiserror::Error; | ||
| 5 | use warp::header::headers_cloned; | 7 | use warp::header::headers_cloned; |
| 6 | use warp::http::header::{HeaderMap, HeaderValue, AUTHORIZATION}; | 8 | use warp::http::header::{HeaderMap, HeaderValue, AUTHORIZATION}; |
| 7 | use warp::{reject, Filter, Rejection}; | 9 | use warp::reject; |
| 8 | use thiserror::Error; | 10 | use warp::reject::Reject; |
| 9 | use anyhow::*; | 11 | use warp::{Filter, Rejection}; |
| 10 | 12 | ||
| 11 | const BEARER: &str = "Bearer "; | 13 | const BEARER: &str = "Bearer "; |
| 12 | const PUBLIC_KEY_PEM: &str = "-----BEGIN PUBLIC KEY----- | 14 | const PUBLIC_KEY_PEM: &str = "-----BEGIN PUBLIC KEY----- |
| @@ -65,6 +67,18 @@ struct Claims { | |||
| 65 | // found: String, | 67 | // found: String, |
| 66 | // }, | 68 | // }, |
| 67 | // } | 69 | // } |
| 70 | // impl warp::reject::Reject for Nope {} | ||
| 71 | |||
| 72 | #[derive(Debug)] | ||
| 73 | struct LessThanTenError {} | ||
| 74 | |||
| 75 | impl Reject for LessThanTenError {} | ||
| 76 | |||
| 77 | // impl From<LessThanTenError> for Rejection { | ||
| 78 | // fn from(other: LessThanTenError) -> Self { | ||
| 79 | // warp::reject::custom(other) | ||
| 80 | // } | ||
| 81 | // } | ||
| 68 | 82 | ||
| 69 | pub fn with_auth( | 83 | pub fn with_auth( |
| 70 | db: Db, | 84 | db: Db, |
| @@ -75,8 +89,6 @@ pub fn with_auth( | |||
| 75 | .and_then(authorize) | 89 | .and_then(authorize) |
| 76 | } | 90 | } |
| 77 | 91 | ||
| 78 | impl warp::reject::Reject for Nope {} | ||
| 79 | |||
| 80 | async fn authorize((db, headers): (Db, HeaderMap<HeaderValue>)) -> Result<String, Error> { | 92 | async fn authorize((db, headers): (Db, HeaderMap<HeaderValue>)) -> Result<String, Error> { |
| 81 | match jwt_from_header(&headers) { | 93 | match jwt_from_header(&headers) { |
| 82 | Ok(jwt) => { | 94 | Ok(jwt) => { |
| @@ -92,7 +104,8 @@ async fn authorize((db, headers): (Db, HeaderMap<HeaderValue>)) -> Result<String | |||
| 92 | 104 | ||
| 93 | Ok(decoded.claims.puk) | 105 | Ok(decoded.claims.puk) |
| 94 | } | 106 | } |
| 95 | Err(e) => return Err(anyhow!("missing!")); | 107 | Err(e) => return Err(anyhow!("missing!")), |
| 108 | // warp error | ||
| 96 | } | 109 | } |
| 97 | } | 110 | } |
| 98 | 111 | ||
diff --git a/src/handlers.rs b/src/handlers.rs index 256e72a..89905a3 100644 --- a/src/handlers.rs +++ b/src/handlers.rs | |||
| @@ -61,10 +61,12 @@ pub async fn propose_transaction( | |||
| 61 | /// POST /transaction, authenticated | 61 | /// POST /transaction, authenticated |
| 62 | /// The transaction arrived in this method has been authored by the public key in the source | 62 | /// The transaction arrived in this method has been authored by the public key in the source |
| 63 | pub async fn propose_authenticated_transaction( | 63 | pub async fn propose_authenticated_transaction( |
| 64 | pubkey: String, | 64 | header: HeaderMap<HeaderName, HeaderValue>, |
| 65 | new_transaction: Transaction, | 65 | new_transaction: Transaction, |
| 66 | db: Db, | 66 | db: Db, |
| 67 | ) -> Result<impl warp::Reply, warp::Rejection> { | 67 | ) -> Result<impl warp::Reply, warp::Rejection> { |
| 68 | |||
| 69 | // auth logic | ||
| 68 | debug!("new transaction request {:?}", new_transaction); | 70 | debug!("new transaction request {:?}", new_transaction); |
| 69 | 71 | ||
| 70 | // let mut transactions = db.lock().await; | 72 | // let mut transactions = db.lock().await; |
diff --git a/src/routes.rs b/src/routes.rs index 499ba35..b48fdb2 100644 --- a/src/routes.rs +++ b/src/routes.rs | |||
| @@ -47,14 +47,10 @@ pub fn authenticated_transaction_propose( | |||
| 47 | warp::path("transaction") | 47 | warp::path("transaction") |
| 48 | .and(warp::path::end()) | 48 | .and(warp::path::end()) |
| 49 | .and(warp::post()) | 49 | .and(warp::post()) |
| 50 | .and(custom_filters::transaction_json_body()) | 50 | .and(custom_filters::transaction_json_body()) // returns transaction |
| 51 | .map(|t: Transaction| { | 51 | .and(custom_filters::transaction_header()) // returns Transaction |
| 52 | with_auth(db.clone(), t) | 52 | .and(custom_filters::with_db(db)) // wraps db |
| 53 | }) | 53 | .and_then(handlers::propose_authenticated_transaction) // uses db, transaction and authenticated |
| 54 | .untuple_one() | ||
| 55 | .and(custom_filters::transaction_json_body()) | ||
| 56 | .and(custom_filters::with_db(db)) | ||
| 57 | .and_then(handlers::propose_authenticated_transaction) | ||
| 58 | 54 | ||
| 59 | // .and(custom_filters::transaction_json_body()) | 55 | // .and(custom_filters::transaction_json_body()) |
| 60 | // // TODO: you might have to restore this | 56 | // // TODO: you might have to restore this |