User Auth Early
parent: tbd commit: 8069fba
1 | use ; |
2 | |
3 | use ; |
4 | use ; |
5 | use ; |
6 | use Table; |
7 | |
8 | use crate:: |
9 | |
10 | |
11 | AuthenticationTokenRequest, AuthenticationTokenResponse, TokenExtensionRequest, |
12 | TokenExtensionResponse, |
13 | , |
14 | InstanceAuthenticated, |
15 | , |
16 | , |
17 | ; |
18 | |
19 | |
20 | |
21 | pub user: User, |
22 | pub generated_for: Instance, |
23 | exp: u64, |
24 | |
25 | |
26 | |
27 | pub config: Table, |
28 | |
29 | |
30 | |
31 | pub async |
32 | &mut self, |
33 | raw_request: , |
34 | |
35 | let request = raw_request.inner .await; |
36 | |
37 | info!; |
38 | raw_request |
39 | .validate |
40 | url: String from, |
41 | |
42 | .await |
43 | .unwrap; |
44 | |
45 | let secret_key = self.config |
46 | .as_str |
47 | .unwrap; |
48 | let private_key = |
49 | let mut file = open |
50 | .await |
51 | .unwrap; |
52 | |
53 | let mut key = vec!; |
54 | file.read_to_end .await.unwrap; |
55 | |
56 | key |
57 | ; |
58 | |
59 | if request.secret_key != secret_key |
60 | error!; |
61 | |
62 | panic! |
63 | |
64 | |
65 | let encoding_key = from_rsa_pem .unwrap; |
66 | |
67 | let claims = UserTokenMetadata |
68 | user: User |
69 | username: String from, |
70 | instance: Instance |
71 | url: String from, |
72 | , |
73 | , |
74 | generated_for: Instance |
75 | url: String from, |
76 | , |
77 | exp: |
78 | + from_secs |
79 | .as_secs, |
80 | ; |
81 | |
82 | let token = encode |
83 | & new, |
84 | &claims, |
85 | &encoding_key, |
86 | |
87 | .unwrap; |
88 | |
89 | Ok |
90 | |
91 | |
92 | pub async |
93 | &mut self, |
94 | raw_request: , |
95 | |
96 | let request = raw_request.inner .await; |
97 | |
98 | // let server_public_key = { |
99 | // let mut file = File::open(self.config["keys"]["public"].as_str().unwrap()) |
100 | // .await |
101 | // .unwrap(); |
102 | |
103 | // let mut key = String::default(); |
104 | // file.read_to_string(&mut key).await.unwrap(); |
105 | |
106 | // key |
107 | // }; |
108 | |
109 | let server_public_key = public_key |
110 | url: String from, |
111 | |
112 | .await |
113 | .unwrap; |
114 | |
115 | let verification_key = from_rsa_pem .unwrap; |
116 | |
117 | let data: = decode |
118 | &request.token, |
119 | &verification_key, |
120 | & new, |
121 | |
122 | .unwrap; |
123 | |
124 | info!; |
125 | |
126 | let secret_key = self.config |
127 | .as_str |
128 | .unwrap; |
129 | |
130 | if request.secret_key != secret_key |
131 | error!; |
132 | |
133 | panic! |
134 | |
135 | // Validate request |
136 | raw_request |
137 | .validate |
138 | .await |
139 | .unwrap; |
140 | info!; |
141 | |
142 | let private_key = |
143 | let mut file = open |
144 | .await |
145 | .unwrap; |
146 | |
147 | let mut key = vec!; |
148 | file.read_to_end .await.unwrap; |
149 | |
150 | key |
151 | ; |
152 | |
153 | let encoding_key = from_rsa_pem .unwrap; |
154 | |
155 | let claims = UserTokenMetadata |
156 | // TODO: Probably exploitable |
157 | user: data.claims.user, |
158 | generated_for: data.claims.generated_for, |
159 | exp: |
160 | + from_secs |
161 | .as_secs, |
162 | ; |
163 | |
164 | let token = encode |
165 | & new, |
166 | &claims, |
167 | &encoding_key, |
168 | |
169 | .unwrap; |
170 | |
171 | Ok |
172 | new_token: Some, |
173 | |
174 | |
175 | |
176 | |
177 | async |
178 | let key = get |
179 | .await? |
180 | .text |
181 | .await?; |
182 | |
183 | Ok |
184 | |
185 |