diff --git a/crates/naja-server/src/main.rs b/crates/naja-server/src/main.rs index 2ab51a0..e04e00f 100644 --- a/crates/naja-server/src/main.rs +++ b/crates/naja-server/src/main.rs @@ -2,14 +2,16 @@ mod entities; mod extractors; -use std::{fs, io, path::PathBuf}; +use std::{fs, io, os::linux::raw::stat, path::PathBuf}; use actix_web::{ get, http::header, middleware::Logger, post, web, App, HttpResponse, HttpServer, Responder, + ResponseError, }; use clap::Parser; use entities::{prelude::*, profiles}; use env_logger::Env; +use extractors::AspeRequestParseError; use migrations::{Migrator, MigratorTrait as _}; use naja_lib::{ aspe::requests::{AspeRequest, AspeRequestVariant}, @@ -133,15 +135,92 @@ async fn post_request( .body("Content type header was not set to \"application/asp+jwt; charset=UTF-8\""); } + // Validate ASPE URIs when applicable if let AspeRequestVariant::Update { aspe_uri, .. } | AspeRequestVariant::Delete { aspe_uri } = &aspe_body.request.request { - if aspe_uri.domain().to_string() != state.domain || *aspe_uri.fingerprint() != aspe_body.key.fingerprint { + if aspe_uri.domain().to_string() != state.domain + || *aspe_uri.fingerprint() != aspe_body.key.fingerprint + { return HttpResponse::BadRequest().body("ASPE uri did not match key and domain"); } } - + // Validate new profiles when applicable + if let AspeRequestVariant::Create { profile_jws } + | AspeRequestVariant::Update { profile_jws, .. } = &aspe_body.request.request + { + match AriadneSignatureProfile::decode_and_verify( + &profile_jws, + Some(&aspe_body.key.fingerprint), + ) { + Ok(_) => (), + Err(JwtDeserializationError::HeaderDecodeError) => { + return AspeRequestParseError::InvalidJwtHeader.error_response() + } + Err(JwtDeserializationError::JwkUsageError) => { + return AspeRequestParseError::VerificationError.error_response() + } + Err(JwtDeserializationError::JwtDecodeError) => { + return AspeRequestParseError::DecodeError.error_response() + } + Err(JwtDeserializationError::MalformedJwkError) => { + return AspeRequestParseError::KeyIdMismatch.error_response() + } + Err(JwtDeserializationError::WrongJwkError) => { + return AspeRequestParseError::UnknownParsingFailure.error_response() + } + } + } - todo!(); + match aspe_body.request.request { + AspeRequestVariant::Create { profile_jws } => { + match Profiles::insert(profiles::ActiveModel { + fingerprint: ActiveValue::Set(aspe_body.key.fingerprint), + jwt: ActiveValue::Set(profile_jws), + }) + .exec(&state.db) + .await + { + Ok(_) => HttpResponse::Created().finish(), + Err(e) => { + eprintln!("{e}"); + HttpResponse::InternalServerError().finish() + } + } + } + AspeRequestVariant::Update { + profile_jws, + aspe_uri, + } => { + match Profiles::update(profiles::ActiveModel { + fingerprint: ActiveValue::Set(aspe_uri.fingerprint().to_string()), + jwt: ActiveValue::Set(profile_jws), + }) + .exec(&state.db) + .await + { + Ok(_) => HttpResponse::Ok().finish(), + Err(DbErr::RecordNotUpdated) => { + HttpResponse::BadRequest().body("Profile does not already exist") + } + Err(e) => { + eprintln!("{e}"); + HttpResponse::InternalServerError().finish() + } + } + } + AspeRequestVariant::Delete { aspe_uri } => { + match Profiles::delete_by_id(aspe_uri.fingerprint()) + .exec(&state.db) + .await + { + Ok(_) => HttpResponse::Ok().finish(), + Err(DbErr::RecordNotFound(_)) => { + HttpResponse::NotFound().body("Profile does not exist") + } + Err(e) => HttpResponse::InternalServerError().finish(), + } + } + } }