diff options
| author | Cara Salter <cara@devcara.com> | 2022-06-28 14:10:15 -0400 |
|---|---|---|
| committer | Cara Salter <cara@devcara.com> | 2022-06-28 14:11:28 -0400 |
| commit | 57a59a25f623302e674432049e2f2c13d6fea322 (patch) | |
| tree | ecb64352133d8ead7ad5f4177ba4a88b3f81df80 | |
| parent | a684e1bab093b9007f51bd34e4e087b1a9eecdfb (diff) | |
| download | solard-57a59a25f623302e674432049e2f2c13d6fea322.tar.gz solard-57a59a25f623302e674432049e2f2c13d6fea322.zip | |
auth: Finished PASETO auth
Closes #4
| -rw-r--r-- | Cargo.lock | 7 | ||||
| -rw-r--r-- | Cargo.toml | 1 | ||||
| -rw-r--r-- | src/errors.rs | 7 | ||||
| -rw-r--r-- | src/handlers/auth.rs | 49 |
4 files changed, 39 insertions, 25 deletions
@@ -499,12 +499,6 @@ dependencies = [ ] [[package]] -name = "hex" -version = "0.4.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70" - -[[package]] name = "http" version = "0.2.6" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -1329,7 +1323,6 @@ dependencies = [ "chrono", "color-eyre", "eyre", - "hex", "hyper", "kankyo", "paseto", @@ -23,7 +23,6 @@ axum-macros = "0.2" paseto = "2" ring = "0.16" -hex = "0.4" rand = "0.8" diff --git a/src/errors.rs b/src/errors.rs index e32c6d5..a243c12 100644 --- a/src/errors.rs +++ b/src/errors.rs @@ -1,4 +1,3 @@ -use hex::FromHexError; use ring::error::KeyRejected; use thiserror::Error; @@ -36,12 +35,6 @@ pub enum ServiceError { PasetoInvalid(#[from] KeyRejected), } -impl From<FromHexError> for ServiceError { - fn from(_: FromHexError) -> Self { - ServiceError::Generic(String::from("Could not convert from hex")) - } -} - impl From<RingUnspecified> for ServiceError { fn from(_: RingUnspecified) -> Self { ServiceError::Generic("Unspecified RNG error".to_string()) diff --git a/src/handlers/auth.rs b/src/handlers/auth.rs index cafaeb8..56b38f2 100644 --- a/src/handlers/auth.rs +++ b/src/handlers/auth.rs @@ -1,7 +1,7 @@ use std::{ collections::HashMap, fs::{self, File}, - sync::Arc, + sync::Arc, io::Read, }; use axum::{extract::Query, middleware::Next, response::Response, Extension}; @@ -9,6 +9,7 @@ use axum_macros::debug_handler; use chrono::{Datelike, TimeZone, Utc}; use hyper::Request; use ring::{rand::SystemRandom, signature::Ed25519KeyPair}; +use tracing::debug; use uuid::Uuid; use std::io::Write; @@ -69,24 +70,52 @@ pub async fn requires_auth<B>(req: Request<B>, next: Next<B>) -> Result<Response .and_then(|h| h.to_str().ok()); match auth_header { - Some(h) => Ok(next.run(req).await), + Some(h) => { + debug!("Header: {}", h); + let kp = load_or_gen_keypair()?; + debug!("KP: {:?}", kp); + match paseto::tokens::validate_public_token(h, None, &paseto::tokens::PasetoPublicKey::ED25519KeyPair(&kp), &paseto::tokens::TimeBackend::Chrono) { + Ok(_) => Ok(next.run(req).await), + Err(_) => Err(ServiceError::NotAuthorized) + } + } None => Err(ServiceError::NotAuthorized), } } fn load_or_gen_keypair() -> Result<Ed25519KeyPair, ServiceError> { let kp: Ed25519KeyPair; - if let Ok(c) = fs::read_to_string(".keypair") { - kp = Ed25519KeyPair::from_pkcs8(&hex::decode(c)?)?; - } else { - let srand = SystemRandom::new(); - let pkcs8 = Ed25519KeyPair::generate_pkcs8(&srand)?; - let mut file = match File::open(".keypair") { Ok(f) => f, - Err(_) => File::create(".keypair").unwrap(), + Err(_) => { + debug!("File does not exist, creating at .keypair"); + File::create(".keypair").unwrap() + } }; - file.write(pkcs8.as_ref()); + if let Ok(c) = fs::read(".keypair") { + if c.len() == 0 { + debug!("No keypair found. Generating..."); + + + let srand = SystemRandom::new(); + let pkcs8 = Ed25519KeyPair::generate_pkcs8(&srand)?; + + fs::write(".keypair", pkcs8.as_ref()).unwrap(); + debug!("Written keypair {:?} to .keypair", pkcs8.as_ref()); + + kp = Ed25519KeyPair::from_pkcs8(pkcs8.as_ref())?; + } else { + + debug!("Found keypair file, contents: {:?}", c); + kp = Ed25519KeyPair::from_pkcs8(&c)?; + debug!("Loaded keypair from file"); + } + } else { + debug!("Generating new keypair"); + let srand = SystemRandom::new(); + let pkcs8 = Ed25519KeyPair::generate_pkcs8(&srand)?; + fs::write(".keypair", pkcs8.as_ref()).unwrap(); + debug!("Written keypair {:?} to .keypair", pkcs8.as_ref()); kp = Ed25519KeyPair::from_pkcs8(pkcs8.as_ref())?; } |