mirror of
https://codeberg.org/tyy/aspm
synced 2025-01-10 11:09:28 -07:00
Finish temp stuff?
This commit is contained in:
parent
1bea02e5f4
commit
d466eb0a14
1 changed files with 83 additions and 4 deletions
|
@ -2,14 +2,16 @@
|
||||||
mod entities;
|
mod entities;
|
||||||
mod extractors;
|
mod extractors;
|
||||||
|
|
||||||
use std::{fs, io, path::PathBuf};
|
use std::{fs, io, os::linux::raw::stat, path::PathBuf};
|
||||||
|
|
||||||
use actix_web::{
|
use actix_web::{
|
||||||
get, http::header, middleware::Logger, post, web, App, HttpResponse, HttpServer, Responder,
|
get, http::header, middleware::Logger, post, web, App, HttpResponse, HttpServer, Responder,
|
||||||
|
ResponseError,
|
||||||
};
|
};
|
||||||
use clap::Parser;
|
use clap::Parser;
|
||||||
use entities::{prelude::*, profiles};
|
use entities::{prelude::*, profiles};
|
||||||
use env_logger::Env;
|
use env_logger::Env;
|
||||||
|
use extractors::AspeRequestParseError;
|
||||||
use migrations::{Migrator, MigratorTrait as _};
|
use migrations::{Migrator, MigratorTrait as _};
|
||||||
use naja_lib::{
|
use naja_lib::{
|
||||||
aspe::requests::{AspeRequest, AspeRequestVariant},
|
aspe::requests::{AspeRequest, AspeRequestVariant},
|
||||||
|
@ -133,15 +135,92 @@ async fn post_request(
|
||||||
.body("Content type header was not set to \"application/asp+jwt; charset=UTF-8\"");
|
.body("Content type header was not set to \"application/asp+jwt; charset=UTF-8\"");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Validate ASPE URIs when applicable
|
||||||
if let AspeRequestVariant::Update { aspe_uri, .. } | AspeRequestVariant::Delete { aspe_uri } =
|
if let AspeRequestVariant::Update { aspe_uri, .. } | AspeRequestVariant::Delete { aspe_uri } =
|
||||||
&aspe_body.request.request
|
&aspe_body.request.request
|
||||||
{
|
{
|
||||||
if aspe_uri.domain().to_string() != state.domain || *aspe_uri.fingerprint() != aspe_body.key.fingerprint {
|
if aspe_uri.domain().to_string() != state.domain
|
||||||
|
|| *aspe_uri.fingerprint() != aspe_body.key.fingerprint
|
||||||
|
{
|
||||||
return HttpResponse::BadRequest().body("ASPE uri did not match key and domain");
|
return HttpResponse::BadRequest().body("ASPE uri did not match key and domain");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Validate new profiles when applicable
|
||||||
|
if let AspeRequestVariant::Create { profile_jws }
|
||||||
|
| AspeRequestVariant::Update { profile_jws, .. } = &aspe_body.request.request
|
||||||
|
{
|
||||||
|
match AriadneSignatureProfile::decode_and_verify(
|
||||||
|
&profile_jws,
|
||||||
|
Some(&aspe_body.key.fingerprint),
|
||||||
|
) {
|
||||||
|
Ok(_) => (),
|
||||||
|
Err(JwtDeserializationError::HeaderDecodeError) => {
|
||||||
|
return AspeRequestParseError::InvalidJwtHeader.error_response()
|
||||||
|
}
|
||||||
|
Err(JwtDeserializationError::JwkUsageError) => {
|
||||||
|
return AspeRequestParseError::VerificationError.error_response()
|
||||||
|
}
|
||||||
|
Err(JwtDeserializationError::JwtDecodeError) => {
|
||||||
|
return AspeRequestParseError::DecodeError.error_response()
|
||||||
|
}
|
||||||
|
Err(JwtDeserializationError::MalformedJwkError) => {
|
||||||
|
return AspeRequestParseError::KeyIdMismatch.error_response()
|
||||||
|
}
|
||||||
|
Err(JwtDeserializationError::WrongJwkError) => {
|
||||||
|
return AspeRequestParseError::UnknownParsingFailure.error_response()
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
match aspe_body.request.request {
|
||||||
todo!();
|
AspeRequestVariant::Create { profile_jws } => {
|
||||||
|
match Profiles::insert(profiles::ActiveModel {
|
||||||
|
fingerprint: ActiveValue::Set(aspe_body.key.fingerprint),
|
||||||
|
jwt: ActiveValue::Set(profile_jws),
|
||||||
|
})
|
||||||
|
.exec(&state.db)
|
||||||
|
.await
|
||||||
|
{
|
||||||
|
Ok(_) => HttpResponse::Created().finish(),
|
||||||
|
Err(e) => {
|
||||||
|
eprintln!("{e}");
|
||||||
|
HttpResponse::InternalServerError().finish()
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
AspeRequestVariant::Update {
|
||||||
|
profile_jws,
|
||||||
|
aspe_uri,
|
||||||
|
} => {
|
||||||
|
match Profiles::update(profiles::ActiveModel {
|
||||||
|
fingerprint: ActiveValue::Set(aspe_uri.fingerprint().to_string()),
|
||||||
|
jwt: ActiveValue::Set(profile_jws),
|
||||||
|
})
|
||||||
|
.exec(&state.db)
|
||||||
|
.await
|
||||||
|
{
|
||||||
|
Ok(_) => HttpResponse::Ok().finish(),
|
||||||
|
Err(DbErr::RecordNotUpdated) => {
|
||||||
|
HttpResponse::BadRequest().body("Profile does not already exist")
|
||||||
|
}
|
||||||
|
Err(e) => {
|
||||||
|
eprintln!("{e}");
|
||||||
|
HttpResponse::InternalServerError().finish()
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
AspeRequestVariant::Delete { aspe_uri } => {
|
||||||
|
match Profiles::delete_by_id(aspe_uri.fingerprint())
|
||||||
|
.exec(&state.db)
|
||||||
|
.await
|
||||||
|
{
|
||||||
|
Ok(_) => HttpResponse::Ok().finish(),
|
||||||
|
Err(DbErr::RecordNotFound(_)) => {
|
||||||
|
HttpResponse::NotFound().body("Profile does not exist")
|
||||||
|
}
|
||||||
|
Err(e) => HttpResponse::InternalServerError().finish(),
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue