matrix/authentication-service
1
0
Fork 0
mirror of https://github.com/matrix-org/matrix-authentication-service.git synced 2025-07-29 22:01:14 +03:00
Code Activity

More cleanups

Browse Source
This commit is contained in:
Quentin Gliech
2022-10-27 14:45:31 +02:00
parent 368a9282a1
commit 2d2127dcdb
12 changed files with 57 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
Cargo.lock generated
View File

@ -606,9 +606,9 @@ dependencies = [
[[package]]
name = "axum-macros"
version = "0.2.3"
version = "0.3.0-rc.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6293dae2ec708e679da6736e857cf8532886ef258e92930f38279c12641628b8"
checksum = "247a599903eb2e02abbaf2facc6396140df7af6dcc84e64ce3b71d117702fa22"
dependencies = [
"heck",
"proc-macro2",

7
crates/axum-utils/src/lib.rs
View File

@ -13,7 +13,12 @@
// limitations under the License.
#![forbid(unsafe_code)]
#![deny(clippy::all, clippy::str_to_string, rustdoc::broken_intra_doc_links)]
#![deny(
clippy::all,
clippy::str_to_string,
rustdoc::broken_intra_doc_links,
clippy::future_not_send
)]
#![warn(clippy::pedantic)]
#![allow(clippy::module_name_repetitions, clippy::missing_errors_doc)]

14
crates/axum-utils/src/user_authorization.rs
View File

@ -32,7 +32,7 @@ use mas_storage::{
PostgresqlBackend,
};
use serde::{de::DeserializeOwned, Deserialize};
use sqlx::{Acquire, Postgres};
use sqlx::PgConnection;
use thiserror::Error;
#[derive(Debug, Deserialize)]
@ -54,7 +54,7 @@ enum AccessToken {
impl AccessToken {
pub async fn fetch(
&self,
conn: impl Acquire<'_, Database = Postgres> + Send,
conn: &mut PgConnection,
) -> Result<
(
mas_data_model::AccessToken<PostgresqlBackend>,
@ -62,12 +62,12 @@ impl AccessToken {
),
AuthorizationVerificationError,
> {
let token = match &self {
let token = match self {
AccessToken::Form(t) | AccessToken::Header(t) => t,
AccessToken::None => return Err(AuthorizationVerificationError::MissingToken),
};
let (token, session) = lookup_active_access_token(conn, token).await?;
let (token, session) = lookup_active_access_token(conn, token.as_str()).await?;
Ok((token, session))
}
@ -79,11 +79,11 @@ pub struct UserAuthorization<F = ()> {
form: Option<F>,
}
impl<F> UserAuthorization<F> {
impl<F: Send> UserAuthorization<F> {
// TODO: take scopes to validate as parameter
pub async fn protected_form(
self,
conn: impl Acquire<'_, Database = Postgres> + Send,
conn: &mut PgConnection,
) -> Result<(Session<PostgresqlBackend>, F), AuthorizationVerificationError> {
let form = match self.form {
Some(f) => f,
@ -98,7 +98,7 @@ impl<F> UserAuthorization<F> {
// TODO: take scopes to validate as parameter
pub async fn protected(
self,
conn: impl Acquire<'_, Database = Postgres> + Send,
conn: &mut PgConnection,
) -> Result<Session<PostgresqlBackend>, AuthorizationVerificationError> {
let (_token, session) = self.access_token.fetch(conn).await?;

44
crates/data-model/src/traits.rs
View File

@ -18,26 +18,32 @@ use serde::{de::DeserializeOwned, Serialize};
pub trait StorageBackendMarker: StorageBackend {}
/// Marker trait of traits that should be implemented by primary keys
pub trait Data:
Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default + Sync + Send
{
}
impl<T: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default + Sync + Send> Data
for T
{
}
pub trait StorageBackend {
type UserData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default;
type UserEmailData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default;
type UserEmailVerificationData: Clone
+ Debug
+ PartialEq
+ Serialize
+ DeserializeOwned
+ Default;
type AuthenticationData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default;
type BrowserSessionData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default;
type ClientData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default;
type SessionData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default;
type AuthorizationGrantData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default;
type AccessTokenData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default;
type RefreshTokenData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default;
type CompatAccessTokenData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default;
type CompatRefreshTokenData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default;
type CompatSessionData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default;
type CompatSsoLoginData: Clone + Debug + PartialEq + Serialize + DeserializeOwned + Default;
type UserData: Data;
type UserEmailData: Data;
type UserEmailVerificationData: Data;
type AuthenticationData: Data;
type BrowserSessionData: Data;
type ClientData: Data;
type SessionData: Data;
type AuthorizationGrantData: Data;
type AccessTokenData: Data;
type RefreshTokenData: Data;
type CompatAccessTokenData: Data;
type CompatRefreshTokenData: Data;
type CompatSessionData: Data;
type CompatSsoLoginData: Data;
}
impl StorageBackend for () {

2
crates/handlers/Cargo.toml
View File

@ -21,7 +21,7 @@ hyper = { version = "0.14.22", features = ["full"] }
tower = "0.4.13"
tower-http = { version = "0.3.4", features = ["cors"] }
axum = "0.6.0-rc.2"
axum-macros = "0.2.3"
axum-macros = "0.3.0-rc.1"
axum-extra = { version = "0.4.0-rc.1", features = ["cookie-private"] }
# Emails

7
crates/handlers/src/lib.rs
View File

@ -13,7 +13,12 @@
// limitations under the License.
#![forbid(unsafe_code)]
#![deny(clippy::all, clippy::str_to_string, rustdoc::broken_intra_doc_links)]
#![deny(
clippy::all,
clippy::str_to_string,
rustdoc::broken_intra_doc_links,
clippy::future_not_send
)]
#![warn(clippy::pedantic)]
#![allow(
clippy::unused_async // Some axum handlers need that

2
crates/handlers/src/oauth2/authorization/callback.rs
View File

@ -108,7 +108,7 @@ impl CallbackDestination {
})
}
pub async fn go<T: Serialize>(
pub async fn go<T: Serialize + Send + Sync>(
self,
templates: &Templates,
params: T,

2
crates/handlers/src/oauth2/introspection.rs
View File

@ -153,7 +153,7 @@ const INACTIVE: IntrospectionResponse = IntrospectionResponse {
jti: None,
};
#[tracing::instrument(skip_all, err)]
#[allow(clippy::too_many_lines)]
pub(crate) async fn post(
State(pool): State<PgPool>,
State(encrypter): State<Encrypter>,

2
crates/handlers/src/oauth2/userinfo.rs
View File

@ -57,7 +57,7 @@ pub async fn get(
let (_clock, mut rng) = crate::rng_and_clock()?;
let mut conn = pool.acquire().await?;
let session = user_authorization.protected(&mut conn).await?;
let session = user_authorization.protected(&mut *conn).await?;
let user = session.browser_session.user;
let mut user_info = UserInfo {

2
crates/handlers/src/views/account/emails/mod.rs
View File

@ -74,7 +74,7 @@ pub(crate) async fn get(
}
async fn render(
rng: impl Rng,
rng: impl Rng + Send,
clock: &Clock,
templates: Templates,
session: BrowserSession<PostgresqlBackend>,

2
crates/handlers/src/views/account/password.rs
View File

@ -62,7 +62,7 @@ pub(crate) async fn get(
}
async fn render(
rng: impl Rng,
rng: impl Rng + Send,
clock: &Clock,
templates: Templates,
session: BrowserSession<PostgresqlBackend>,

14
crates/storage/src/oauth2/access_token.rs
View File

@ -16,7 +16,7 @@ use anyhow::Context;
use chrono::{DateTime, Duration, Utc};
use mas_data_model::{AccessToken, Authentication, BrowserSession, Session, User, UserEmail};
use rand::Rng;
use sqlx::{Acquire, PgExecutor, Postgres};
use sqlx::{PgConnection, PgExecutor};
use thiserror::Error;
use ulid::Ulid;
use uuid::Uuid;
@ -111,14 +111,10 @@ impl AccessTokenLookupError {
}
#[allow(clippy::too_many_lines)]
pub async fn lookup_active_access_token<'a, 'c, A>(
conn: A,
token: &'a str,
) -> Result<(AccessToken<PostgresqlBackend>, Session<PostgresqlBackend>), AccessTokenLookupError>
where
A: Acquire<'c, Database = Postgres> + Send + 'a,
{
let mut conn = conn.acquire().await?;
pub async fn lookup_active_access_token(
conn: &mut PgConnection,
token: &str,
) -> Result<(AccessToken<PostgresqlBackend>, Session<PostgresqlBackend>), AccessTokenLookupError> {
let res = sqlx::query_as!(
OAuth2AccessTokenLookup,
r#"