matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-07-29 22:01:14 +03:00
Code Activity

More cleanups

Browse Source
This commit is contained in:
Quentin Gliech
2022-10-27 14:45:31 +02:00
parent 368a9282a1
commit 2d2127dcdb
12 changed files with 57 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
Cargo.lock generated
View File

@ -606,9 +606,9 @@ dependencies = [
[[package]] [[package]]
name = "axum-macros" name = "axum-macros"
version = "0.2.3" version = "0.3.0-rc.1"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6293dae2ec708e679da6736e857cf8532886ef258e92930f38279c12641628b8" checksum = "247a599903eb2e02abbaf2facc6396140df7af6dcc84e64ce3b71d117702fa22"
dependencies = [ dependencies = [
"heck", "heck",
"proc-macro2", "proc-macro2",

7
crates/axum-utils/src/lib.rs
View File

@ -13,7 +13,12 @@
// limitations under the License. // limitations under the License.
#![forbid(unsafe_code)] #![forbid(unsafe_code)]
#![deny(clippy::all, clippy::str_to_string, rustdoc::broken_intra_doc_links)] #![deny(
clippy::all,
clippy::str_to_string,
rustdoc::broken_intra_doc_links,
clippy::future_not_send
)]
#![warn(clippy::pedantic)] #![warn(clippy::pedantic)]
#![allow(clippy::module_name_repetitions, clippy::missing_errors_doc)] #![allow(clippy::module_name_repetitions, clippy::missing_errors_doc)]

14
crates/axum-utils/src/user_authorization.rs
View File

@ -32,7 +32,7 @@ use mas_storage::{
PostgresqlBackend, PostgresqlBackend,
}; };
use serde::{de::DeserializeOwned, Deserialize}; use serde::{de::DeserializeOwned, Deserialize};
use sqlx::{Acquire, Postgres}; use sqlx::PgConnection;
use thiserror::Error; use thiserror::Error;
#[derive(Debug, Deserialize)] #[derive(Debug, Deserialize)]
@ -54,7 +54,7 @@ enum AccessToken {
impl AccessToken { impl AccessToken {
pub async fn fetch( pub async fn fetch(
&self, &self,
conn: impl Acquire<'_, Database = Postgres> + Send, conn: &mut PgConnection,
) -> Result< ) -> Result<
( (
mas_data_model::AccessToken<PostgresqlBackend>, mas_data_model::AccessToken<PostgresqlBackend>,
@ -62,12 +62,12 @@ impl AccessToken {
), ),
AuthorizationVerificationError, AuthorizationVerificationError,
> { > {
let token = match &self { let token = match self {
AccessToken::Form(t) | AccessToken::Header(t) => t, AccessToken::Form(t) | AccessToken::Header(t) => t,
AccessToken::None => return Err(AuthorizationVerificationError::MissingToken), AccessToken::None => return Err(AuthorizationVerificationError::MissingToken),
}; };
let (token, session) = lookup_active_access_token(conn, token).await?; let (token, session) = lookup_active_access_token(conn, token.as_str()).await?;
Ok((token, session)) Ok((token, session))
} }
@ -79,11 +79,11 @@ pub struct UserAuthorization<F = ()> {
form: Option<F>, form: Option<F>,
} }
impl<F> UserAuthorization<F> { impl<F: Send> UserAuthorization<F> {
// TODO: take scopes to validate as parameter // TODO: take scopes to validate as parameter
pub async fn protected_form( pub async fn protected_form(
self, self,
conn: impl Acquire<'_, Database = Postgres> + Send, conn: &mut PgConnection,
) -> Result<(Session<PostgresqlBackend>, F), AuthorizationVerificationError> { ) -> Result<(Session<PostgresqlBackend>, F), AuthorizationVerificationError> {
let form = match self.form { let form = match self.form {
Some(f) => f, Some(f) => f,
@ -98,7 +98,7 @@ impl<F> UserAuthorization<F> {
// TODO: take scopes to validate as parameter // TODO: take scopes to validate as parameter
pub async fn protected( pub async fn protected(
self, self,
conn: impl Acquire<'_, Database = Postgres> + Send, conn: &mut PgConnection,
) -> Result<Session<PostgresqlBackend>, AuthorizationVerificationError> { ) -> Result<Session<PostgresqlBackend>, AuthorizationVerificationError> {
let (_token, session) = self.access_token.fetch(conn).await?; let (_token, session) = self.access_token.fetch(conn).await?;

44
crates/data-model/src/traits.rs
View File

@ -18,26 +18,32 @@ use serde::{de::DeserializeOwned, Serialize};
pub trait StorageBackendMarker: StorageBackend {} pub trait StorageBackendMarker: StorageBackend {}
/// Marker trait of traits that should be implemented by primary keys
pub trait Data:
Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default + Sync + Send
{
}
impl<T: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default + Sync + Send> Data
for T
{
}
pub trait StorageBackend { pub trait StorageBackend {
type UserData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default; type UserData: Data;
type UserEmailData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default; type UserEmailData: Data;
type UserEmailVerificationData: Clone type UserEmailVerificationData: Data;
+ Debug type AuthenticationData: Data;
+ PartialEq type BrowserSessionData: Data;
+ Serialize type ClientData: Data;
+ DeserializeOwned type SessionData: Data;
+ Default; type AuthorizationGrantData: Data;
type AuthenticationData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default; type AccessTokenData: Data;
type BrowserSessionData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default; type RefreshTokenData: Data;
type ClientData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default; type CompatAccessTokenData: Data;
type SessionData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default; type CompatRefreshTokenData: Data;
type AuthorizationGrantData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default; type CompatSessionData: Data;
type AccessTokenData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default; type CompatSsoLoginData: Data;
type RefreshTokenData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default;
type CompatAccessTokenData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default;
type CompatRefreshTokenData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default;
type CompatSessionData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default;
type CompatSsoLoginData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default;
} }
impl StorageBackend for () { impl StorageBackend for () {

2
crates/handlers/Cargo.toml
View File

@ -21,7 +21,7 @@ hyper = { version = "0.14.22", features = ["full"] }
tower = "0.4.13" tower = "0.4.13"
tower-http = { version = "0.3.4", features = ["cors"] } tower-http = { version = "0.3.4", features = ["cors"] }
axum = "0.6.0-rc.2" axum = "0.6.0-rc.2"
axum-macros = "0.2.3" axum-macros = "0.3.0-rc.1"
axum-extra = { version = "0.4.0-rc.1", features = ["cookie-private"] } axum-extra = { version = "0.4.0-rc.1", features = ["cookie-private"] }
# Emails # Emails

7
crates/handlers/src/lib.rs
View File

@ -13,7 +13,12 @@
// limitations under the License. // limitations under the License.
#![forbid(unsafe_code)] #![forbid(unsafe_code)]
#![deny(clippy::all, clippy::str_to_string, rustdoc::broken_intra_doc_links)] #![deny(
clippy::all,
clippy::str_to_string,
rustdoc::broken_intra_doc_links,
clippy::future_not_send
)]
#![warn(clippy::pedantic)] #![warn(clippy::pedantic)]
#![allow( #![allow(
clippy::unused_async // Some axum handlers need that clippy::unused_async // Some axum handlers need that

2
crates/handlers/src/oauth2/authorization/callback.rs
View File

@ -108,7 +108,7 @@ impl CallbackDestination {
}) })
} }
pub async fn go<T: Serialize>( pub async fn go<T: Serialize + Send + Sync>(
self, self,
templates: &Templates, templates: &Templates,
params: T, params: T,

2
crates/handlers/src/oauth2/introspection.rs
View File

@ -153,7 +153,7 @@ const INACTIVE: IntrospectionResponse = IntrospectionResponse {
jti: None, jti: None,
}; };
#[tracing::instrument(skip_all, err)] #[allow(clippy::too_many_lines)]
pub(crate) async fn post( pub(crate) async fn post(
State(pool): State<PgPool>, State(pool): State<PgPool>,
State(encrypter): State<Encrypter>, State(encrypter): State<Encrypter>,

2
crates/handlers/src/oauth2/userinfo.rs
View File

@ -57,7 +57,7 @@ pub async fn get(
let (_clock, mut rng) = crate::rng_and_clock()?; let (_clock, mut rng) = crate::rng_and_clock()?;
let mut conn = pool.acquire().await?; let mut conn = pool.acquire().await?;
let session = user_authorization.protected(&mut conn).await?; let session = user_authorization.protected(&mut *conn).await?;
let user = session.browser_session.user; let user = session.browser_session.user;
let mut user_info = UserInfo { let mut user_info = UserInfo {

2
crates/handlers/src/views/account/emails/mod.rs
View File

@ -74,7 +74,7 @@ pub(crate) async fn get(
} }
async fn render( async fn render(
rng: impl Rng, rng: impl Rng + Send,
clock: &Clock, clock: &Clock,
templates: Templates, templates: Templates,
session: BrowserSession<PostgresqlBackend>, session: BrowserSession<PostgresqlBackend>,

2
crates/handlers/src/views/account/password.rs
View File

@ -62,7 +62,7 @@ pub(crate) async fn get(
} }
async fn render( async fn render(
rng: impl Rng, rng: impl Rng + Send,
clock: &Clock, clock: &Clock,
templates: Templates, templates: Templates,
session: BrowserSession<PostgresqlBackend>, session: BrowserSession<PostgresqlBackend>,

14
crates/storage/src/oauth2/access_token.rs
View File

@ -16,7 +16,7 @@ use anyhow::Context;
use chrono::{DateTime, Duration, Utc}; use chrono::{DateTime, Duration, Utc};
use mas_data_model::{AccessToken, Authentication, BrowserSession, Session, User, UserEmail}; use mas_data_model::{AccessToken, Authentication, BrowserSession, Session, User, UserEmail};
use rand::Rng; use rand::Rng;
use sqlx::{Acquire, PgExecutor, Postgres}; use sqlx::{PgConnection, PgExecutor};
use thiserror::Error; use thiserror::Error;
use ulid::Ulid; use ulid::Ulid;
use uuid::Uuid; use uuid::Uuid;
@ -111,14 +111,10 @@ impl AccessTokenLookupError {
} }
#[allow(clippy::too_many_lines)] #[allow(clippy::too_many_lines)]
pub async fn lookup_active_access_token<'a, 'c, A>( pub async fn lookup_active_access_token(
conn: A, conn: &mut PgConnection,
token: &'a str, token: &str,
) -> Result<(AccessToken<PostgresqlBackend>, Session<PostgresqlBackend>), AccessTokenLookupError> ) -> Result<(AccessToken<PostgresqlBackend>, Session<PostgresqlBackend>), AccessTokenLookupError> {
where
A: Acquire<'c, Database = Postgres> + Send + 'a,
{
let mut conn = conn.acquire().await?;
let res = sqlx::query_as!( let res = sqlx::query_as!(
OAuth2AccessTokenLookup, OAuth2AccessTokenLookup,
r#" r#"