1
0
Fork 0
mirror of https://codeberg.org/tyy/aspm synced 2025-01-10 11:09:28 -07:00

Finish temp stuff?

This commit is contained in:
Tyler Beckman 2024-08-28 01:27:24 -06:00
parent 1bea02e5f4
commit d466eb0a14
Signed by: Ty
GPG key ID: 2813440C772555A4

View file

@ -2,14 +2,16 @@
mod entities; mod entities;
mod extractors; mod extractors;
use std::{fs, io, path::PathBuf}; use std::{fs, io, os::linux::raw::stat, path::PathBuf};
use actix_web::{ use actix_web::{
get, http::header, middleware::Logger, post, web, App, HttpResponse, HttpServer, Responder, get, http::header, middleware::Logger, post, web, App, HttpResponse, HttpServer, Responder,
ResponseError,
}; };
use clap::Parser; use clap::Parser;
use entities::{prelude::*, profiles}; use entities::{prelude::*, profiles};
use env_logger::Env; use env_logger::Env;
use extractors::AspeRequestParseError;
use migrations::{Migrator, MigratorTrait as _}; use migrations::{Migrator, MigratorTrait as _};
use naja_lib::{ use naja_lib::{
aspe::requests::{AspeRequest, AspeRequestVariant}, aspe::requests::{AspeRequest, AspeRequestVariant},
@ -133,15 +135,92 @@ async fn post_request(
.body("Content type header was not set to \"application/asp+jwt; charset=UTF-8\""); .body("Content type header was not set to \"application/asp+jwt; charset=UTF-8\"");
} }
// Validate ASPE URIs when applicable
if let AspeRequestVariant::Update { aspe_uri, .. } | AspeRequestVariant::Delete { aspe_uri } = if let AspeRequestVariant::Update { aspe_uri, .. } | AspeRequestVariant::Delete { aspe_uri } =
&aspe_body.request.request &aspe_body.request.request
{ {
if aspe_uri.domain().to_string() != state.domain || *aspe_uri.fingerprint() != aspe_body.key.fingerprint { if aspe_uri.domain().to_string() != state.domain
|| *aspe_uri.fingerprint() != aspe_body.key.fingerprint
{
return HttpResponse::BadRequest().body("ASPE uri did not match key and domain"); return HttpResponse::BadRequest().body("ASPE uri did not match key and domain");
} }
} }
// Validate new profiles when applicable
if let AspeRequestVariant::Create { profile_jws }
| AspeRequestVariant::Update { profile_jws, .. } = &aspe_body.request.request
{
match AriadneSignatureProfile::decode_and_verify(
&profile_jws,
Some(&aspe_body.key.fingerprint),
) {
Ok(_) => (),
Err(JwtDeserializationError::HeaderDecodeError) => {
return AspeRequestParseError::InvalidJwtHeader.error_response()
}
Err(JwtDeserializationError::JwkUsageError) => {
return AspeRequestParseError::VerificationError.error_response()
}
Err(JwtDeserializationError::JwtDecodeError) => {
return AspeRequestParseError::DecodeError.error_response()
}
Err(JwtDeserializationError::MalformedJwkError) => {
return AspeRequestParseError::KeyIdMismatch.error_response()
}
Err(JwtDeserializationError::WrongJwkError) => {
return AspeRequestParseError::UnknownParsingFailure.error_response()
}
}
}
match aspe_body.request.request {
todo!(); AspeRequestVariant::Create { profile_jws } => {
match Profiles::insert(profiles::ActiveModel {
fingerprint: ActiveValue::Set(aspe_body.key.fingerprint),
jwt: ActiveValue::Set(profile_jws),
})
.exec(&state.db)
.await
{
Ok(_) => HttpResponse::Created().finish(),
Err(e) => {
eprintln!("{e}");
HttpResponse::InternalServerError().finish()
}
}
}
AspeRequestVariant::Update {
profile_jws,
aspe_uri,
} => {
match Profiles::update(profiles::ActiveModel {
fingerprint: ActiveValue::Set(aspe_uri.fingerprint().to_string()),
jwt: ActiveValue::Set(profile_jws),
})
.exec(&state.db)
.await
{
Ok(_) => HttpResponse::Ok().finish(),
Err(DbErr::RecordNotUpdated) => {
HttpResponse::BadRequest().body("Profile does not already exist")
}
Err(e) => {
eprintln!("{e}");
HttpResponse::InternalServerError().finish()
}
}
}
AspeRequestVariant::Delete { aspe_uri } => {
match Profiles::delete_by_id(aspe_uri.fingerprint())
.exec(&state.db)
.await
{
Ok(_) => HttpResponse::Ok().finish(),
Err(DbErr::RecordNotFound(_)) => {
HttpResponse::NotFound().body("Profile does not exist")
}
Err(e) => HttpResponse::InternalServerError().finish(),
}
}
}
} }