You've already forked authentication-service
mirror of
https://github.com/matrix-org/matrix-authentication-service.git
synced 2025-07-31 09:24:31 +03:00
Dedicated HTTP server/client crate
Also have better names for the HTTP routes
This commit is contained in:
Quentin Gliech
@ -13,7 +13,10 @@
|
||||
// limitations under the License.
|
||||
|
||||
use hyper::header::CONTENT_TYPE;
|
||||
use mas_warp_utils::{errors::WrapError, filters::database::connection};
|
||||
use mas_warp_utils::{
|
||||
errors::WrapError,
|
||||
filters::{self, database::connection},
|
||||
};
|
||||
use mime::TEXT_PLAIN;
|
||||
use sqlx::{pool::PoolConnection, PgPool, Postgres};
|
||||
use tracing::{info_span, Instrument};
|
||||
@ -21,6 +24,7 @@ use warp::{filters::BoxedFilter, reply::with_header, Filter, Rejection, Reply};
|
||||
|
||||
pub fn filter(pool: &PgPool) -> BoxedFilter<(Box<dyn Reply>,)> {
|
||||
warp::path!("health")
|
||||
.and(filters::trace::name("GET /health"))
|
||||
.and(warp::get())
|
||||
.and(connection(pool))
|
||||
.and_then(get)
|
||||
|
||||
@ -26,6 +26,7 @@ use mas_email::Mailer;
|
||||
use mas_jose::StaticKeystore;
|
||||
use mas_static_files::filter as static_files;
|
||||
use mas_templates::Templates;
|
||||
use mas_warp_utils::filters;
|
||||
use sqlx::PgPool;
|
||||
use warp::{filters::BoxedFilter, Filter, Reply};
|
||||
|
||||
@ -61,7 +62,8 @@ pub fn root(
|
||||
&config.http,
|
||||
&config.csrf,
|
||||
);
|
||||
let static_files = static_files(config.http.web_root.clone());
|
||||
let static_files =
|
||||
static_files(config.http.web_root.clone()).and(filters::trace::name("GET static file"));
|
||||
|
||||
let filter = health.or(views).unify().or(static_files).unify().or(oauth2);
|
||||
|
||||
|
||||
@ -40,6 +40,7 @@ use mas_templates::{FormPostContext, Templates};
|
||||
use mas_warp_utils::{
|
||||
errors::WrapError,
|
||||
filters::{
|
||||
self,
|
||||
database::transaction,
|
||||
session::{optional_session, session},
|
||||
with_templates,
|
||||
@ -222,6 +223,7 @@ pub fn filter(
|
||||
let clients_config_2 = clients_config.clone();
|
||||
|
||||
let authorize = warp::path!("oauth2" / "authorize")
|
||||
.and(filters::trace::name("GET /oauth2/authorize"))
|
||||
.and(warp::get())
|
||||
.map(move || clients_config.clone())
|
||||
.and(warp::query())
|
||||
@ -230,6 +232,7 @@ pub fn filter(
|
||||
.and_then(get);
|
||||
|
||||
let step = warp::path!("oauth2" / "authorize" / "step")
|
||||
.and(filters::trace::name("GET /oauth2/authorize/step"))
|
||||
.and(warp::get())
|
||||
.and(warp::query())
|
||||
.and(session(pool, encrypter))
|
||||
|
||||
@ -23,7 +23,7 @@ use mas_iana::{
|
||||
},
|
||||
};
|
||||
use mas_jose::SigningKeystore;
|
||||
use mas_warp_utils::filters::url_builder::UrlBuilder;
|
||||
use mas_warp_utils::filters::{self, url_builder::UrlBuilder};
|
||||
use oauth2_types::{
|
||||
oidc::{ClaimType, Metadata, SubjectType},
|
||||
requests::{Display, GrantType, ResponseMode},
|
||||
@ -184,6 +184,7 @@ pub(super) fn filter(
|
||||
};
|
||||
|
||||
warp::path!(".well-known" / "openid-configuration")
|
||||
.and(filters::trace::name("GET /.well-known/configuration"))
|
||||
.and(warp::get())
|
||||
.map(move || {
|
||||
let ret: Box<dyn Reply> = Box::new(warp::reply::json(&metadata));
|
||||
|
||||
@ -20,7 +20,7 @@ use mas_storage::oauth2::{
|
||||
};
|
||||
use mas_warp_utils::{
|
||||
errors::WrapError,
|
||||
filters::{client::client_authentication, database::connection, url_builder::UrlBuilder},
|
||||
filters::{self, client::client_authentication, database::connection, url_builder::UrlBuilder},
|
||||
};
|
||||
use oauth2_types::requests::{IntrospectionRequest, IntrospectionResponse};
|
||||
use sqlx::{pool::PoolConnection, PgPool, Postgres};
|
||||
@ -37,6 +37,7 @@ pub fn filter(
|
||||
.to_string();
|
||||
|
||||
warp::path!("oauth2" / "introspect")
|
||||
.and(filters::trace::name("POST /oauth2/introspect"))
|
||||
.and(
|
||||
warp::post()
|
||||
.and(connection(pool))
|
||||
|
||||
@ -15,12 +15,13 @@
|
||||
use std::sync::Arc;
|
||||
|
||||
use mas_jose::{ExportJwks, StaticKeystore};
|
||||
use mas_warp_utils::errors::WrapError;
|
||||
use mas_warp_utils::{errors::WrapError, filters};
|
||||
use warp::{filters::BoxedFilter, Filter, Rejection, Reply};
|
||||
|
||||
pub(super) fn filter(key_store: &Arc<StaticKeystore>) -> BoxedFilter<(Box<dyn Reply>,)> {
|
||||
let key_store = key_store.clone();
|
||||
warp::path!("oauth2" / "keys.json")
|
||||
.and(filters::trace::name("GET /oauth2/keys.json"))
|
||||
.and(warp::get().map(move || key_store.clone()).and_then(get))
|
||||
.boxed()
|
||||
}
|
||||
|
||||
@ -37,7 +37,7 @@ use mas_storage::{
|
||||
};
|
||||
use mas_warp_utils::{
|
||||
errors::WrapError,
|
||||
filters::{client::client_authentication, database::connection, url_builder::UrlBuilder},
|
||||
filters::{self, client::client_authentication, database::connection, url_builder::UrlBuilder},
|
||||
reply::with_typed_header,
|
||||
};
|
||||
use oauth2_types::{
|
||||
@ -108,6 +108,7 @@ pub fn filter(
|
||||
let issuer = builder.oidc_issuer();
|
||||
|
||||
warp::path!("oauth2" / "token")
|
||||
.and(filters::trace::name("POST /oauth2/token"))
|
||||
.and(
|
||||
warp::post()
|
||||
.and(client_authentication(clients_config, audience))
|
||||
|
||||
@ -14,7 +14,10 @@
|
||||
|
||||
use mas_data_model::{AccessToken, Session};
|
||||
use mas_storage::PostgresqlBackend;
|
||||
use mas_warp_utils::filters::authenticate::{authentication, recover_unauthorized};
|
||||
use mas_warp_utils::filters::{
|
||||
self,
|
||||
authenticate::{authentication, recover_unauthorized},
|
||||
};
|
||||
use serde::Serialize;
|
||||
use sqlx::PgPool;
|
||||
use warp::{filters::BoxedFilter, Filter, Rejection, Reply};
|
||||
@ -27,6 +30,7 @@ struct UserInfo {
|
||||
|
||||
pub(super) fn filter(pool: &PgPool) -> BoxedFilter<(Box<dyn Reply>,)> {
|
||||
warp::path!("oauth2" / "userinfo")
|
||||
.and(filters::trace::name("GET /oauth2/userinfo"))
|
||||
.and(
|
||||
warp::get()
|
||||
.or(warp::post())
|
||||
|
||||
@ -27,6 +27,7 @@ use mas_templates::{AccountEmailsContext, EmailVerificationContext, TemplateCont
|
||||
use mas_warp_utils::{
|
||||
errors::WrapError,
|
||||
filters::{
|
||||
self,
|
||||
cookies::{encrypted_cookie_saver, EncryptedCookieSaver},
|
||||
csrf::{protected_form, updated_csrf_token},
|
||||
database::{connection, transaction},
|
||||
@ -52,6 +53,7 @@ pub(super) fn filter(
|
||||
let mailer = mailer.clone();
|
||||
|
||||
let get = with_templates(templates)
|
||||
.and(filters::trace::name("GET /account/emails"))
|
||||
.and(encrypted_cookie_saver(encrypter))
|
||||
.and(updated_csrf_token(encrypter, csrf_config))
|
||||
.and(session(pool, encrypter))
|
||||
@ -59,6 +61,7 @@ pub(super) fn filter(
|
||||
.and_then(get);
|
||||
|
||||
let post = with_templates(templates)
|
||||
.and(filters::trace::name("POST /account/emails"))
|
||||
.and(warp::any().map(move || mailer.clone()))
|
||||
.and(url_builder(http_config))
|
||||
.and(encrypted_cookie_saver(encrypter))
|
||||
|
||||
@ -26,6 +26,7 @@ use mas_templates::{AccountContext, TemplateContext, Templates};
|
||||
use mas_warp_utils::{
|
||||
errors::WrapError,
|
||||
filters::{
|
||||
self,
|
||||
cookies::{encrypted_cookie_saver, EncryptedCookieSaver},
|
||||
csrf::updated_csrf_token,
|
||||
database::connection,
|
||||
@ -47,6 +48,7 @@ pub(super) fn filter(
|
||||
csrf_config: &CsrfConfig,
|
||||
) -> BoxedFilter<(Box<dyn Reply>,)> {
|
||||
let get = warp::get()
|
||||
.and(filters::trace::name("GET /account"))
|
||||
.and(with_templates(templates))
|
||||
.and(encrypted_cookie_saver(encrypter))
|
||||
.and(updated_csrf_token(encrypter, csrf_config))
|
||||
|
||||
@ -23,6 +23,7 @@ use mas_templates::{EmptyContext, TemplateContext, Templates};
|
||||
use mas_warp_utils::{
|
||||
errors::WrapError,
|
||||
filters::{
|
||||
self,
|
||||
cookies::{encrypted_cookie_saver, EncryptedCookieSaver},
|
||||
csrf::{protected_form, updated_csrf_token},
|
||||
database::transaction,
|
||||
@ -54,8 +55,12 @@ pub(super) fn filter(
|
||||
.and(protected_form(encrypter))
|
||||
.and_then(post);
|
||||
|
||||
let get = warp::get().and(get);
|
||||
let post = warp::post().and(post);
|
||||
let get = warp::get()
|
||||
.and(get)
|
||||
.and(filters::trace::name("GET /account/passwords"));
|
||||
let post = warp::post()
|
||||
.and(post)
|
||||
.and(filters::trace::name("POST /account/passwords"));
|
||||
let filter = get.or(post).unify();
|
||||
|
||||
warp::path!("password").and(filter).boxed()
|
||||
|
||||
@ -17,6 +17,7 @@ use mas_data_model::BrowserSession;
|
||||
use mas_storage::PostgresqlBackend;
|
||||
use mas_templates::{IndexContext, TemplateContext, Templates};
|
||||
use mas_warp_utils::filters::{
|
||||
self,
|
||||
cookies::{encrypted_cookie_saver, EncryptedCookieSaver},
|
||||
csrf::updated_csrf_token,
|
||||
session::optional_session,
|
||||
@ -34,6 +35,7 @@ pub(super) fn filter(
|
||||
csrf_config: &CsrfConfig,
|
||||
) -> BoxedFilter<(Box<dyn Reply>,)> {
|
||||
warp::path::end()
|
||||
.and(filters::trace::name("GET /"))
|
||||
.and(warp::get())
|
||||
.and(url_builder(http_config))
|
||||
.and(with_templates(templates))
|
||||
|
||||
@ -22,6 +22,7 @@ use mas_templates::{LoginContext, LoginFormField, TemplateContext, Templates};
|
||||
use mas_warp_utils::{
|
||||
errors::WrapError,
|
||||
filters::{
|
||||
self,
|
||||
cookies::{encrypted_cookie_saver, EncryptedCookieSaver},
|
||||
csrf::{protected_form, updated_csrf_token},
|
||||
database::connection,
|
||||
@ -90,6 +91,7 @@ pub(super) fn filter(
|
||||
csrf_config: &CsrfConfig,
|
||||
) -> BoxedFilter<(Box<dyn Reply>,)> {
|
||||
let get = warp::get()
|
||||
.and(filters::trace::name("GET /login"))
|
||||
.and(with_templates(templates))
|
||||
.and(connection(pool))
|
||||
.and(encrypted_cookie_saver(encrypter))
|
||||
@ -99,6 +101,7 @@ pub(super) fn filter(
|
||||
.and_then(get);
|
||||
|
||||
let post = warp::post()
|
||||
.and(filters::trace::name("POST /login"))
|
||||
.and(with_templates(templates))
|
||||
.and(connection(pool))
|
||||
.and(encrypted_cookie_saver(encrypter))
|
||||
|
||||
@ -17,13 +17,14 @@ use mas_data_model::BrowserSession;
|
||||
use mas_storage::{user::end_session, PostgresqlBackend};
|
||||
use mas_warp_utils::{
|
||||
errors::WrapError,
|
||||
filters::{csrf::protected_form, database::transaction, session::session},
|
||||
filters::{self, csrf::protected_form, database::transaction, session::session},
|
||||
};
|
||||
use sqlx::{PgPool, Postgres, Transaction};
|
||||
use warp::{filters::BoxedFilter, hyper::Uri, Filter, Rejection, Reply};
|
||||
|
||||
pub(super) fn filter(pool: &PgPool, encrypter: &Encrypter) -> BoxedFilter<(Box<dyn Reply>,)> {
|
||||
warp::path!("logout")
|
||||
.and(filters::trace::name("POST /logout"))
|
||||
.and(warp::post())
|
||||
.and(session(pool, encrypter))
|
||||
.and(transaction(pool))
|
||||
|
||||
@ -20,6 +20,7 @@ use mas_templates::{ReauthContext, TemplateContext, Templates};
|
||||
use mas_warp_utils::{
|
||||
errors::WrapError,
|
||||
filters::{
|
||||
self,
|
||||
cookies::{encrypted_cookie_saver, EncryptedCookieSaver},
|
||||
csrf::{protected_form, updated_csrf_token},
|
||||
database::{connection, transaction},
|
||||
@ -87,6 +88,7 @@ pub(super) fn filter(
|
||||
csrf_config: &CsrfConfig,
|
||||
) -> BoxedFilter<(Box<dyn Reply>,)> {
|
||||
let get = warp::get()
|
||||
.and(filters::trace::name("GET /reauth"))
|
||||
.and(with_templates(templates))
|
||||
.and(connection(pool))
|
||||
.and(encrypted_cookie_saver(encrypter))
|
||||
@ -96,6 +98,7 @@ pub(super) fn filter(
|
||||
.and_then(get);
|
||||
|
||||
let post = warp::post()
|
||||
.and(filters::trace::name("POST /reauth"))
|
||||
.and(session(pool, encrypter))
|
||||
.and(transaction(pool))
|
||||
.and(protected_form(encrypter))
|
||||
|
||||
@ -26,6 +26,7 @@ use mas_templates::{RegisterContext, TemplateContext, Templates};
|
||||
use mas_warp_utils::{
|
||||
errors::WrapError,
|
||||
filters::{
|
||||
self,
|
||||
cookies::{encrypted_cookie_saver, EncryptedCookieSaver},
|
||||
csrf::{protected_form, updated_csrf_token},
|
||||
database::{connection, transaction},
|
||||
@ -96,6 +97,7 @@ pub(super) fn filter(
|
||||
csrf_config: &CsrfConfig,
|
||||
) -> BoxedFilter<(Box<dyn Reply>,)> {
|
||||
let get = warp::get()
|
||||
.and(filters::trace::name("GET /register"))
|
||||
.and(with_templates(templates))
|
||||
.and(connection(pool))
|
||||
.and(encrypted_cookie_saver(encrypter))
|
||||
@ -105,6 +107,7 @@ pub(super) fn filter(
|
||||
.and_then(get);
|
||||
|
||||
let post = warp::post()
|
||||
.and(filters::trace::name("POST /register"))
|
||||
.and(transaction(pool))
|
||||
.and(encrypted_cookie_saver(encrypter))
|
||||
.and(protected_form(encrypter))
|
||||
|
||||
@ -26,6 +26,7 @@ use mas_templates::{EmptyContext, TemplateContext, Templates};
|
||||
use mas_warp_utils::{
|
||||
errors::WrapError,
|
||||
filters::{
|
||||
self,
|
||||
cookies::{encrypted_cookie_saver, EncryptedCookieSaver},
|
||||
csrf::updated_csrf_token,
|
||||
database::transaction,
|
||||
@ -43,6 +44,7 @@ pub(super) fn filter(
|
||||
csrf_config: &CsrfConfig,
|
||||
) -> BoxedFilter<(Box<dyn Reply>,)> {
|
||||
warp::path!("verify" / String)
|
||||
.and(filters::trace::name("GET /verify"))
|
||||
.and(warp::get())
|
||||
.and(with_templates(templates))
|
||||
.and(encrypted_cookie_saver(encrypter))
|
||||
|
||||
Reference in New Issue
Block a user