You've already forked authentication-service
mirror of
https://github.com/matrix-org/matrix-authentication-service.git
synced 2025-07-29 22:01:14 +03:00
More cleanups
This commit is contained in:
@ -13,7 +13,12 @@
|
||||
// limitations under the License.
|
||||
|
||||
#![forbid(unsafe_code)]
|
||||
#![deny(clippy::all, clippy::str_to_string, rustdoc::broken_intra_doc_links)]
|
||||
#![deny(
|
||||
clippy::all,
|
||||
clippy::str_to_string,
|
||||
rustdoc::broken_intra_doc_links,
|
||||
clippy::future_not_send
|
||||
)]
|
||||
#![warn(clippy::pedantic)]
|
||||
#![allow(clippy::module_name_repetitions, clippy::missing_errors_doc)]
|
||||
|
||||
|
@ -32,7 +32,7 @@ use mas_storage::{
|
||||
PostgresqlBackend,
|
||||
};
|
||||
use serde::{de::DeserializeOwned, Deserialize};
|
||||
use sqlx::{Acquire, Postgres};
|
||||
use sqlx::PgConnection;
|
||||
use thiserror::Error;
|
||||
|
||||
#[derive(Debug, Deserialize)]
|
||||
@ -54,7 +54,7 @@ enum AccessToken {
|
||||
impl AccessToken {
|
||||
pub async fn fetch(
|
||||
&self,
|
||||
conn: impl Acquire<'_, Database = Postgres> + Send,
|
||||
conn: &mut PgConnection,
|
||||
) -> Result<
|
||||
(
|
||||
mas_data_model::AccessToken<PostgresqlBackend>,
|
||||
@ -62,12 +62,12 @@ impl AccessToken {
|
||||
),
|
||||
AuthorizationVerificationError,
|
||||
> {
|
||||
let token = match &self {
|
||||
let token = match self {
|
||||
AccessToken::Form(t) | AccessToken::Header(t) => t,
|
||||
AccessToken::None => return Err(AuthorizationVerificationError::MissingToken),
|
||||
};
|
||||
|
||||
let (token, session) = lookup_active_access_token(conn, token).await?;
|
||||
let (token, session) = lookup_active_access_token(conn, token.as_str()).await?;
|
||||
|
||||
Ok((token, session))
|
||||
}
|
||||
@ -79,11 +79,11 @@ pub struct UserAuthorization<F = ()> {
|
||||
form: Option<F>,
|
||||
}
|
||||
|
||||
impl<F> UserAuthorization<F> {
|
||||
impl<F: Send> UserAuthorization<F> {
|
||||
// TODO: take scopes to validate as parameter
|
||||
pub async fn protected_form(
|
||||
self,
|
||||
conn: impl Acquire<'_, Database = Postgres> + Send,
|
||||
conn: &mut PgConnection,
|
||||
) -> Result<(Session<PostgresqlBackend>, F), AuthorizationVerificationError> {
|
||||
let form = match self.form {
|
||||
Some(f) => f,
|
||||
@ -98,7 +98,7 @@ impl<F> UserAuthorization<F> {
|
||||
// TODO: take scopes to validate as parameter
|
||||
pub async fn protected(
|
||||
self,
|
||||
conn: impl Acquire<'_, Database = Postgres> + Send,
|
||||
conn: &mut PgConnection,
|
||||
) -> Result<Session<PostgresqlBackend>, AuthorizationVerificationError> {
|
||||
let (_token, session) = self.access_token.fetch(conn).await?;
|
||||
|
||||
|
@ -18,26 +18,32 @@ use serde::{de::DeserializeOwned, Serialize};
|
||||
|
||||
pub trait StorageBackendMarker: StorageBackend {}
|
||||
|
||||
/// Marker trait of traits that should be implemented by primary keys
|
||||
pub trait Data:
|
||||
Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default + Sync + Send
|
||||
{
|
||||
}
|
||||
|
||||
impl<T: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default + Sync + Send> Data
|
||||
for T
|
||||
{
|
||||
}
|
||||
|
||||
pub trait StorageBackend {
|
||||
type UserData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default;
|
||||
type UserEmailData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default;
|
||||
type UserEmailVerificationData: Clone
|
||||
+ Debug
|
||||
+ PartialEq
|
||||
+ Serialize
|
||||
+ DeserializeOwned
|
||||
+ Default;
|
||||
type AuthenticationData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default;
|
||||
type BrowserSessionData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default;
|
||||
type ClientData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default;
|
||||
type SessionData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default;
|
||||
type AuthorizationGrantData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default;
|
||||
type AccessTokenData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default;
|
||||
type RefreshTokenData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default;
|
||||
type CompatAccessTokenData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default;
|
||||
type CompatRefreshTokenData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default;
|
||||
type CompatSessionData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default;
|
||||
type CompatSsoLoginData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default;
|
||||
type UserData: Data;
|
||||
type UserEmailData: Data;
|
||||
type UserEmailVerificationData: Data;
|
||||
type AuthenticationData: Data;
|
||||
type BrowserSessionData: Data;
|
||||
type ClientData: Data;
|
||||
type SessionData: Data;
|
||||
type AuthorizationGrantData: Data;
|
||||
type AccessTokenData: Data;
|
||||
type RefreshTokenData: Data;
|
||||
type CompatAccessTokenData: Data;
|
||||
type CompatRefreshTokenData: Data;
|
||||
type CompatSessionData: Data;
|
||||
type CompatSsoLoginData: Data;
|
||||
}
|
||||
|
||||
impl StorageBackend for () {
|
||||
|
@ -21,7 +21,7 @@ hyper = { version = "0.14.22", features = ["full"] }
|
||||
tower = "0.4.13"
|
||||
tower-http = { version = "0.3.4", features = ["cors"] }
|
||||
axum = "0.6.0-rc.2"
|
||||
axum-macros = "0.2.3"
|
||||
axum-macros = "0.3.0-rc.1"
|
||||
axum-extra = { version = "0.4.0-rc.1", features = ["cookie-private"] }
|
||||
|
||||
# Emails
|
||||
|
@ -13,7 +13,12 @@
|
||||
// limitations under the License.
|
||||
|
||||
#![forbid(unsafe_code)]
|
||||
#![deny(clippy::all, clippy::str_to_string, rustdoc::broken_intra_doc_links)]
|
||||
#![deny(
|
||||
clippy::all,
|
||||
clippy::str_to_string,
|
||||
rustdoc::broken_intra_doc_links,
|
||||
clippy::future_not_send
|
||||
)]
|
||||
#![warn(clippy::pedantic)]
|
||||
#![allow(
|
||||
clippy::unused_async // Some axum handlers need that
|
||||
|
@ -108,7 +108,7 @@ impl CallbackDestination {
|
||||
})
|
||||
}
|
||||
|
||||
pub async fn go<T: Serialize>(
|
||||
pub async fn go<T: Serialize + Send + Sync>(
|
||||
self,
|
||||
templates: &Templates,
|
||||
params: T,
|
||||
|
@ -153,7 +153,7 @@ const INACTIVE: IntrospectionResponse = IntrospectionResponse {
|
||||
jti: None,
|
||||
};
|
||||
|
||||
#[tracing::instrument(skip_all, err)]
|
||||
#[allow(clippy::too_many_lines)]
|
||||
pub(crate) async fn post(
|
||||
State(pool): State<PgPool>,
|
||||
State(encrypter): State<Encrypter>,
|
||||
|
@ -57,7 +57,7 @@ pub async fn get(
|
||||
let (_clock, mut rng) = crate::rng_and_clock()?;
|
||||
let mut conn = pool.acquire().await?;
|
||||
|
||||
let session = user_authorization.protected(&mut conn).await?;
|
||||
let session = user_authorization.protected(&mut *conn).await?;
|
||||
|
||||
let user = session.browser_session.user;
|
||||
let mut user_info = UserInfo {
|
||||
|
@ -74,7 +74,7 @@ pub(crate) async fn get(
|
||||
}
|
||||
|
||||
async fn render(
|
||||
rng: impl Rng,
|
||||
rng: impl Rng + Send,
|
||||
clock: &Clock,
|
||||
templates: Templates,
|
||||
session: BrowserSession<PostgresqlBackend>,
|
||||
|
@ -62,7 +62,7 @@ pub(crate) async fn get(
|
||||
}
|
||||
|
||||
async fn render(
|
||||
rng: impl Rng,
|
||||
rng: impl Rng + Send,
|
||||
clock: &Clock,
|
||||
templates: Templates,
|
||||
session: BrowserSession<PostgresqlBackend>,
|
||||
|
@ -16,7 +16,7 @@ use anyhow::Context;
|
||||
use chrono::{DateTime, Duration, Utc};
|
||||
use mas_data_model::{AccessToken, Authentication, BrowserSession, Session, User, UserEmail};
|
||||
use rand::Rng;
|
||||
use sqlx::{Acquire, PgExecutor, Postgres};
|
||||
use sqlx::{PgConnection, PgExecutor};
|
||||
use thiserror::Error;
|
||||
use ulid::Ulid;
|
||||
use uuid::Uuid;
|
||||
@ -111,14 +111,10 @@ impl AccessTokenLookupError {
|
||||
}
|
||||
|
||||
#[allow(clippy::too_many_lines)]
|
||||
pub async fn lookup_active_access_token<'a, 'c, A>(
|
||||
conn: A,
|
||||
token: &'a str,
|
||||
) -> Result<(AccessToken<PostgresqlBackend>, Session<PostgresqlBackend>), AccessTokenLookupError>
|
||||
where
|
||||
A: Acquire<'c, Database = Postgres> + Send + 'a,
|
||||
{
|
||||
let mut conn = conn.acquire().await?;
|
||||
pub async fn lookup_active_access_token(
|
||||
conn: &mut PgConnection,
|
||||
token: &str,
|
||||
) -> Result<(AccessToken<PostgresqlBackend>, Session<PostgresqlBackend>), AccessTokenLookupError> {
|
||||
let res = sqlx::query_as!(
|
||||
OAuth2AccessTokenLookup,
|
||||
r#"
|
||||
|
Reference in New Issue
Block a user