diff --git a/Cargo.lock b/Cargo.lock index b5c2ed41..2827ba85 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -606,9 +606,9 @@ dependencies = [ [[package]] name = "axum-macros" -version = "0.2.3" +version = "0.3.0-rc.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6293dae2ec708e679da6736e857cf8532886ef258e92930f38279c12641628b8" +checksum = "247a599903eb2e02abbaf2facc6396140df7af6dcc84e64ce3b71d117702fa22" dependencies = [ "heck", "proc-macro2", diff --git a/crates/axum-utils/src/lib.rs b/crates/axum-utils/src/lib.rs index fca100e6..4897e0ba 100644 --- a/crates/axum-utils/src/lib.rs +++ b/crates/axum-utils/src/lib.rs @@ -13,7 +13,12 @@ // limitations under the License. #![forbid(unsafe_code)] -#![deny(clippy::all, clippy::str_to_string, rustdoc::broken_intra_doc_links)] +#![deny( + clippy::all, + clippy::str_to_string, + rustdoc::broken_intra_doc_links, + clippy::future_not_send +)] #![warn(clippy::pedantic)] #![allow(clippy::module_name_repetitions, clippy::missing_errors_doc)] diff --git a/crates/axum-utils/src/user_authorization.rs b/crates/axum-utils/src/user_authorization.rs index 9e253f6f..4a74c0f1 100644 --- a/crates/axum-utils/src/user_authorization.rs +++ b/crates/axum-utils/src/user_authorization.rs @@ -32,7 +32,7 @@ use mas_storage::{ PostgresqlBackend, }; use serde::{de::DeserializeOwned, Deserialize}; -use sqlx::{Acquire, Postgres}; +use sqlx::PgConnection; use thiserror::Error; #[derive(Debug, Deserialize)] @@ -54,7 +54,7 @@ enum AccessToken { impl AccessToken { pub async fn fetch( &self, - conn: impl Acquire<'_, Database = Postgres> + Send, + conn: &mut PgConnection, ) -> Result< ( mas_data_model::AccessToken, @@ -62,12 +62,12 @@ impl AccessToken { ), AuthorizationVerificationError, > { - let token = match &self { + let token = match self { AccessToken::Form(t) | AccessToken::Header(t) => t, AccessToken::None => return Err(AuthorizationVerificationError::MissingToken), }; - let (token, session) = lookup_active_access_token(conn, token).await?; + let (token, session) = lookup_active_access_token(conn, token.as_str()).await?; Ok((token, session)) } @@ -79,11 +79,11 @@ pub struct UserAuthorization { form: Option, } -impl UserAuthorization { +impl UserAuthorization { // TODO: take scopes to validate as parameter pub async fn protected_form( self, - conn: impl Acquire<'_, Database = Postgres> + Send, + conn: &mut PgConnection, ) -> Result<(Session, F), AuthorizationVerificationError> { let form = match self.form { Some(f) => f, @@ -98,7 +98,7 @@ impl UserAuthorization { // TODO: take scopes to validate as parameter pub async fn protected( self, - conn: impl Acquire<'_, Database = Postgres> + Send, + conn: &mut PgConnection, ) -> Result, AuthorizationVerificationError> { let (_token, session) = self.access_token.fetch(conn).await?; diff --git a/crates/data-model/src/traits.rs b/crates/data-model/src/traits.rs index 53209262..1486f18f 100644 --- a/crates/data-model/src/traits.rs +++ b/crates/data-model/src/traits.rs @@ -18,26 +18,32 @@ use serde::{de::DeserializeOwned, Serialize}; pub trait StorageBackendMarker: StorageBackend {} +/// Marker trait of traits that should be implemented by primary keys +pub trait Data: + Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default + Sync + Send +{ +} + +impl Data + for T +{ +} + pub trait StorageBackend { - type UserData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default; - type UserEmailData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default; - type UserEmailVerificationData: Clone - + Debug - + PartialEq - + Serialize - + DeserializeOwned - + Default; - type AuthenticationData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default; - type BrowserSessionData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default; - type ClientData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default; - type SessionData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default; - type AuthorizationGrantData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default; - type AccessTokenData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default; - type RefreshTokenData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default; - type CompatAccessTokenData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default; - type CompatRefreshTokenData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default; - type CompatSessionData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default; - type CompatSsoLoginData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default; + type UserData: Data; + type UserEmailData: Data; + type UserEmailVerificationData: Data; + type AuthenticationData: Data; + type BrowserSessionData: Data; + type ClientData: Data; + type SessionData: Data; + type AuthorizationGrantData: Data; + type AccessTokenData: Data; + type RefreshTokenData: Data; + type CompatAccessTokenData: Data; + type CompatRefreshTokenData: Data; + type CompatSessionData: Data; + type CompatSsoLoginData: Data; } impl StorageBackend for () { diff --git a/crates/handlers/Cargo.toml b/crates/handlers/Cargo.toml index 43c736f2..d5648c70 100644 --- a/crates/handlers/Cargo.toml +++ b/crates/handlers/Cargo.toml @@ -21,7 +21,7 @@ hyper = { version = "0.14.22", features = ["full"] } tower = "0.4.13" tower-http = { version = "0.3.4", features = ["cors"] } axum = "0.6.0-rc.2" -axum-macros = "0.2.3" +axum-macros = "0.3.0-rc.1" axum-extra = { version = "0.4.0-rc.1", features = ["cookie-private"] } # Emails diff --git a/crates/handlers/src/lib.rs b/crates/handlers/src/lib.rs index 730055f6..a50a502e 100644 --- a/crates/handlers/src/lib.rs +++ b/crates/handlers/src/lib.rs @@ -13,7 +13,12 @@ // limitations under the License. #![forbid(unsafe_code)] -#![deny(clippy::all, clippy::str_to_string, rustdoc::broken_intra_doc_links)] +#![deny( + clippy::all, + clippy::str_to_string, + rustdoc::broken_intra_doc_links, + clippy::future_not_send +)] #![warn(clippy::pedantic)] #![allow( clippy::unused_async // Some axum handlers need that diff --git a/crates/handlers/src/oauth2/authorization/callback.rs b/crates/handlers/src/oauth2/authorization/callback.rs index 5b32a671..cf51ba81 100644 --- a/crates/handlers/src/oauth2/authorization/callback.rs +++ b/crates/handlers/src/oauth2/authorization/callback.rs @@ -108,7 +108,7 @@ impl CallbackDestination { }) } - pub async fn go( + pub async fn go( self, templates: &Templates, params: T, diff --git a/crates/handlers/src/oauth2/introspection.rs b/crates/handlers/src/oauth2/introspection.rs index c35b9532..504562be 100644 --- a/crates/handlers/src/oauth2/introspection.rs +++ b/crates/handlers/src/oauth2/introspection.rs @@ -153,7 +153,7 @@ const INACTIVE: IntrospectionResponse = IntrospectionResponse { jti: None, }; -#[tracing::instrument(skip_all, err)] +#[allow(clippy::too_many_lines)] pub(crate) async fn post( State(pool): State, State(encrypter): State, diff --git a/crates/handlers/src/oauth2/userinfo.rs b/crates/handlers/src/oauth2/userinfo.rs index 3c47bcb4..fa58284e 100644 --- a/crates/handlers/src/oauth2/userinfo.rs +++ b/crates/handlers/src/oauth2/userinfo.rs @@ -57,7 +57,7 @@ pub async fn get( let (_clock, mut rng) = crate::rng_and_clock()?; let mut conn = pool.acquire().await?; - let session = user_authorization.protected(&mut conn).await?; + let session = user_authorization.protected(&mut *conn).await?; let user = session.browser_session.user; let mut user_info = UserInfo { diff --git a/crates/handlers/src/views/account/emails/mod.rs b/crates/handlers/src/views/account/emails/mod.rs index cefb244a..57741100 100644 --- a/crates/handlers/src/views/account/emails/mod.rs +++ b/crates/handlers/src/views/account/emails/mod.rs @@ -74,7 +74,7 @@ pub(crate) async fn get( } async fn render( - rng: impl Rng, + rng: impl Rng + Send, clock: &Clock, templates: Templates, session: BrowserSession, diff --git a/crates/handlers/src/views/account/password.rs b/crates/handlers/src/views/account/password.rs index 35414c7d..661c3bf6 100644 --- a/crates/handlers/src/views/account/password.rs +++ b/crates/handlers/src/views/account/password.rs @@ -62,7 +62,7 @@ pub(crate) async fn get( } async fn render( - rng: impl Rng, + rng: impl Rng + Send, clock: &Clock, templates: Templates, session: BrowserSession, diff --git a/crates/storage/src/oauth2/access_token.rs b/crates/storage/src/oauth2/access_token.rs index 1d9f8e40..2f42c654 100644 --- a/crates/storage/src/oauth2/access_token.rs +++ b/crates/storage/src/oauth2/access_token.rs @@ -16,7 +16,7 @@ use anyhow::Context; use chrono::{DateTime, Duration, Utc}; use mas_data_model::{AccessToken, Authentication, BrowserSession, Session, User, UserEmail}; use rand::Rng; -use sqlx::{Acquire, PgExecutor, Postgres}; +use sqlx::{PgConnection, PgExecutor}; use thiserror::Error; use ulid::Ulid; use uuid::Uuid; @@ -111,14 +111,10 @@ impl AccessTokenLookupError { } #[allow(clippy::too_many_lines)] -pub async fn lookup_active_access_token<'a, 'c, A>( - conn: A, - token: &'a str, -) -> Result<(AccessToken, Session), AccessTokenLookupError> -where - A: Acquire<'c, Database = Postgres> + Send + 'a, -{ - let mut conn = conn.acquire().await?; +pub async fn lookup_active_access_token( + conn: &mut PgConnection, + token: &str, +) -> Result<(AccessToken, Session), AccessTokenLookupError> { let res = sqlx::query_as!( OAuth2AccessTokenLookup, r#"