From d941d472ada2b5943142751cf2c7e01b66f1d17a Mon Sep 17 00:00:00 2001 From: Bryan Newbold Date: Wed, 7 Sep 2022 19:49:40 -0700 Subject: use upstream version of 'macaroon' crate The code changes are pretty minor: using default() instead of new(), and (safely) parsing bytes out of predicates instead of getting String directly. The validate() function is now run automatically as part of deserialization, so don't need that function call. This reduces duplication in the dependency tree, and gets us on sounder footing for maintainability, which is great! --- Cargo.lock | 230 ++++++++++++++++++-------------------------------- fatcat-cli/Cargo.toml | 2 +- fatcat-cli/src/lib.rs | 29 +++---- 3 files changed, 96 insertions(+), 165 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 95ee111..cdc6554 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -73,6 +73,12 @@ dependencies = [ "safemem", ] +[[package]] +name = "base64" +version = "0.12.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3441f0f7b02788e948e47f457ca01f1d7e6d92c693bc132c22b087d3141c03ff" + [[package]] name = "base64" version = "0.13.0" @@ -133,8 +139,8 @@ checksum = "670ad68c9088c2a963aaa298cb369688cf3f9465ce5e2d4ca10e6e0098a1ce73" dependencies = [ "libc", "num-integer", - "num-traits 0.2.14", - "serde 1.0.130", + "num-traits", + "serde", "time", "winapi", ] @@ -172,8 +178,8 @@ dependencies = [ "ansi_term 0.12.1", "atty", "libc", - "serde 1.0.130", - "serde_json 1.0.68", + "serde", + "serde_json", ] [[package]] @@ -232,10 +238,13 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3ee2393c4a91429dffb4bedf19f4d6abf27d8a732c8ce4980305d782e5426d57" [[package]] -name = "dtoa" -version = "0.4.8" +name = "ed25519" +version = "1.5.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "56899898ce76aaf4a0f24d914c97ea6ed976d42fec6ad33fcbb0a1103e07b2b0" +checksum = "1e9c280362032ea4203659fc489832d0204ef09f247a0506f170dafcac08c369" +dependencies = [ + "signature", +] [[package]] name = "either" @@ -266,7 +275,7 @@ checksum = "0b2cf0344971ee6c64c31be0d530793fba457d322dfec2810c453d0ef228f9c3" dependencies = [ "atty", "humantime", - "log 0.4.14", + "log", "regex", "termcolor", ] @@ -286,12 +295,12 @@ dependencies = [ "hyper", "indicatif", "lazy_static", - "log 0.4.14", + "log", "macaroon", "regex", "reqwest", - "serde 1.0.130", - "serde_json 1.0.68", + "serde", + "serde_json", "sha1", "structopt", "swagger", @@ -321,15 +330,15 @@ dependencies = [ "hyper-openssl", "hyper-tls", "lazy_static", - "log 0.4.14", + "log", "mime", "native-tls", "openssl", "percent-encoding 2.1.0", "regex", - "serde 1.0.130", + "serde", "serde_ignored", - "serde_json 1.0.68", + "serde_json", "swagger", "tokio", "tokio-openssl", @@ -687,7 +696,7 @@ dependencies = [ "bytes 0.4.12", "httparse", "language-tags", - "log 0.4.14", + "log", "mime", "percent-encoding 1.0.1", "time", @@ -782,12 +791,6 @@ dependencies = [ "either", ] -[[package]] -name = "itoa" -version = "0.3.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8324a32baf01e2ae060e9de58ed0bc2320c9a2833491ee36cd3b4c414de4db8c" - [[package]] name = "itoa" version = "0.4.8" @@ -829,12 +832,14 @@ checksum = "04c3b4822ccebfa39c02fc03d1534441b22ead323fa0f48bb7ddd8e6ba076a40" [[package]] name = "libsodium-sys" -version = "0.0.13" +version = "0.2.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8e92532ef19ec2da77f5a89ae63a5c3dbb5136e8dada4e2c278107c1e1c773d8" +checksum = "6b779387cd56adfbc02ea4a668e704f729be8d6a6abd2c27ca5ee537849a92fd" dependencies = [ + "cc", "libc", "pkg-config", + "walkdir", ] [[package]] @@ -862,15 +867,6 @@ dependencies = [ "scopeguard", ] -[[package]] -name = "log" -version = "0.3.9" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e19e8d5c34a3e0e2223db8e060f9e8264aeeb5c5fc64a4ee9965c062211c024b" -dependencies = [ - "log 0.4.14", -] - [[package]] name = "log" version = "0.4.14" @@ -882,14 +878,14 @@ dependencies = [ [[package]] name = "macaroon" -version = "0.1.1" -source = "git+https://github.com/bnewbold/libmacaroon-rs?branch=bnewbold-broken#346b4bb21c79958dde301501083bfdaa7aa83f73" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b47698e93166a6eade8b34dd6e21c33bae4ceae6283f0695462f28c71d280a70" dependencies = [ - "log 0.3.9", - "rustc-serialize", - "serde 0.9.15", - "serde_derive 0.9.15", - "serde_json 0.9.10", + "base64 0.12.3", + "log", + "serde", + "serde_json", "sodiumoxide", ] @@ -918,7 +914,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "57ee1c23c7c63b0c9250c339ffdc69255f110b298b901b9f6c82547b7b87caaf" dependencies = [ "libc", - "log 0.4.14", + "log", "wasi 0.11.0+wasi-snapshot-preview1", "windows-sys", ] @@ -931,7 +927,7 @@ checksum = "48ba9f7719b5a0f42f338907614285fb5fd70e53858141f69898a1fb7203b24d" dependencies = [ "lazy_static", "libc", - "log 0.4.14", + "log", "openssl", "openssl-probe", "openssl-sys", @@ -948,16 +944,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d2cc698a63b549a70bc047073d2949cce27cd1c7b0a4a862d08a8031bc2801db" dependencies = [ "autocfg", - "num-traits 0.2.14", -] - -[[package]] -name = "num-traits" -version = "0.1.43" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "92e5113e9fd4cc14ded8e499429f396a20f98c772a47cc8622a736e1ec843c31" -dependencies = [ - "num-traits 0.2.14", + "num-traits", ] [[package]] @@ -1137,12 +1124,6 @@ dependencies = [ "unicode-xid 0.2.2", ] -[[package]] -name = "quote" -version = "0.3.15" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7a6e920b65c65f10b2ae65c831a81a073a89edd28c7cce89475bff467ab4167a" - [[package]] name = "quote" version = "0.6.13" @@ -1255,13 +1236,13 @@ dependencies = [ "ipnet", "js-sys", "lazy_static", - "log 0.4.14", + "log", "mime", "native-tls", "percent-encoding 2.1.0", "pin-project-lite", - "serde 1.0.130", - "serde_json 1.0.68", + "serde", + "serde_json", "serde_urlencoded", "tokio", "tokio-native-tls", @@ -1273,12 +1254,6 @@ dependencies = [ "winreg", ] -[[package]] -name = "rustc-serialize" -version = "0.3.24" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dcf128d1287d2ea9d80910b5f1120d0b8eede3fbf1abe91c40d39ea7d51e6fda" - [[package]] name = "ryu" version = "1.0.5" @@ -1291,6 +1266,15 @@ version = "0.3.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ef703b7cb59335eae2eb93ceb664c0eb7ea6bf567079d843e09420219668e072" +[[package]] +name = "same-file" +version = "1.0.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "93fc1dc3aaa9bfed95e02e6eadabb4baf7e3078b0bd1b4d7b6b0b68378900502" +dependencies = [ + "winapi-util", +] + [[package]] name = "schannel" version = "0.1.19" @@ -1330,45 +1314,13 @@ dependencies = [ "libc", ] -[[package]] -name = "serde" -version = "0.8.23" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9dad3f759919b92c3068c696c15c3d17238234498bbdcc80f2c469606f948ac8" - -[[package]] -name = "serde" -version = "0.9.15" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "34b623917345a631dc9608d5194cc206b3fe6c3554cd1c75b937e55e285254af" - [[package]] name = "serde" version = "1.0.130" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f12d06de37cf59146fbdecab66aa99f9fe4f78722e3607577a5375d66bd0c913" dependencies = [ - "serde_derive 1.0.130", -] - -[[package]] -name = "serde_codegen_internals" -version = "0.14.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bc888bd283bd2420b16ad0d860e35ad8acb21941180a83a189bb2046f9d00400" -dependencies = [ - "syn 0.11.11", -] - -[[package]] -name = "serde_derive" -version = "0.9.15" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "978fd866f4d4872084a81ccc35e275158351d3b9fe620074e7d7504b816b74ba" -dependencies = [ - "quote 0.3.15", - "serde_codegen_internals", - "syn 0.11.11", + "serde_derive", ] [[package]] @@ -1388,19 +1340,7 @@ version = "0.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1c2c7d39d14f2f2ea82239de71594782f186fd03501ac81f0ce08e674819ff2f" dependencies = [ - "serde 1.0.130", -] - -[[package]] -name = "serde_json" -version = "0.9.10" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ad8bcf487be7d2e15d3d543f04312de991d631cfe1b43ea0ade69e6a8a5b16a1" -dependencies = [ - "dtoa", - "itoa 0.3.4", - "num-traits 0.1.43", - "serde 0.9.15", + "serde", ] [[package]] @@ -1411,7 +1351,7 @@ checksum = "0f690853975602e1bfe1ccbf50504d67174e3bcf340f23b5ea9992e0587a52d8" dependencies = [ "itoa 0.4.8", "ryu", - "serde 1.0.130", + "serde", ] [[package]] @@ -1423,7 +1363,7 @@ dependencies = [ "form_urlencoded", "itoa 1.0.3", "ryu", - "serde 1.0.130", + "serde", ] [[package]] @@ -1441,6 +1381,12 @@ dependencies = [ "libc", ] +[[package]] +name = "signature" +version = "1.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f0ea32af43239f0d353a7dd75a22d94c329c8cdaafdcb4c1c1335aa10c298a4a" + [[package]] name = "slab" version = "0.4.5" @@ -1471,13 +1417,14 @@ dependencies = [ [[package]] name = "sodiumoxide" -version = "0.0.13" +version = "0.2.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1fa64a17d98ec77bc7251c59a486e555b3813e32fb53ed608880f82e24ef6bd0" +checksum = "e26be3acb6c2d9a7aac28482586a7856436af4cfe7100031d219de2d2ecb0028" dependencies = [ + "ed25519", "libc", "libsodium-sys", - "serde 0.8.23", + "serde", ] [[package]] @@ -1524,23 +1471,12 @@ dependencies = [ "hyper-tls", "native-tls", "openssl", - "serde 1.0.130", - "serde_json 1.0.68", + "serde", + "serde_json", "slog", "uuid", ] -[[package]] -name = "syn" -version = "0.11.11" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d3b891b9015c88c576343b9b3e41c2c11a51c219ef067b264bd9c8aa9b441dad" -dependencies = [ - "quote 0.3.15", - "synom", - "unicode-xid 0.0.4", -] - [[package]] name = "syn" version = "0.15.44" @@ -1563,15 +1499,6 @@ dependencies = [ "unicode-xid 0.2.2", ] -[[package]] -name = "synom" -version = "0.11.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a393066ed9010ebaed60b9eafa373d4b1baac186dd7e008555b0f702b51945b6" -dependencies = [ - "unicode-xid 0.0.4", -] - [[package]] name = "tabwriter" version = "1.2.1" @@ -1722,7 +1649,7 @@ version = "0.5.8" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a31142970826733df8241ef35dc040ef98c679ab14d7c3e54d827099b3acecaa" dependencies = [ - "serde 1.0.130", + "serde", ] [[package]] @@ -1799,12 +1726,6 @@ version = "0.1.9" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3ed742d4ea2bd1176e236172c8429aaf54486e7ac098db29ffe6529e0ce50973" -[[package]] -name = "unicode-xid" -version = "0.0.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8c1f860d7d29cf02cb2f3f359fd35991af3d30bac52c57d265a3c461074cb4dc" - [[package]] name = "unicode-xid" version = "0.1.0" @@ -1836,7 +1757,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bc5cf98d8186244414c848017f0e2676b3fcb46807f6668a97dfe67359a3c4b7" dependencies = [ "getrandom", - "serde 1.0.130", + "serde", ] [[package]] @@ -1857,13 +1778,24 @@ version = "0.9.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5fecdca9a5291cc2b8dcf7dc02453fee791a280f3743cb0905f8822ae463b3fe" +[[package]] +name = "walkdir" +version = "2.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "808cf2735cd4b6866113f648b791c6adc5714537bc222d9347bb203386ffda56" +dependencies = [ + "same-file", + "winapi", + "winapi-util", +] + [[package]] name = "want" version = "0.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1ce8a968cb1cd110d136ff8b819a556d6fb6d919363c61534f6860c7eb172ba0" dependencies = [ - "log 0.4.14", + "log", "try-lock", ] @@ -1897,7 +1829,7 @@ checksum = "a317bf8f9fba2476b4b2c85ef4c4af8ff39c3c7f0cdfeed4f82c34a880aa837b" dependencies = [ "bumpalo", "lazy_static", - "log 0.4.14", + "log", "proc-macro2 1.0.30", "quote 1.0.10", "syn 1.0.80", diff --git a/fatcat-cli/Cargo.toml b/fatcat-cli/Cargo.toml index c2b258a..6e24c7c 100644 --- a/fatcat-cli/Cargo.toml +++ b/fatcat-cli/Cargo.toml @@ -16,7 +16,7 @@ categories = ["command-line-utilities"] [dependencies] data-encoding = "2.1" fatcat-openapi = { version = "*", path = "../fatcat-openapi", default-features = false, features = ["client"] } -macaroon = { git = "https://github.com/bnewbold/libmacaroon-rs", branch = "bnewbold-broken" } +macaroon = "0.2" toml = "0.5" termcolor = "1" colored_json = "*" diff --git a/fatcat-cli/src/lib.rs b/fatcat-cli/src/lib.rs index ab63ec7..6c1f449 100644 --- a/fatcat-cli/src/lib.rs +++ b/fatcat-cli/src/lib.rs @@ -1,6 +1,6 @@ use anyhow::{anyhow, Context, Result}; use data_encoding::BASE64; -use macaroon::{Macaroon, Verifier}; +use macaroon::{Caveat, Macaroon, Verifier}; use std::path::PathBuf; use std::str::FromStr; @@ -87,28 +87,27 @@ pub fn parse_macaroon_editor_id(s: &str) -> Result { .context("macaroon parsing failed")?; let mac = Macaroon::deserialize(&raw) .map_err(|err| anyhow!("macaroon deserialization failed: {:?}", err))?; - let mac = mac - .validate() - .map_err(|err| anyhow!("macaroon validation failed: {:?}", err))?; - let mut verifier = Verifier::new(); + let mut verifier = Verifier::default(); let mut editor_id: Option = None; for caveat in mac.first_party_caveats() { - if caveat.predicate().starts_with("editor_id = ") { - editor_id = Some( - caveat - .predicate() - .get(12..) - .context("parsing macaroon")? - .to_string(), - ); - break; + if let Caveat::FirstParty(fp) = caveat { + let predicate_str = String::from_utf8(fp.predicate().as_ref().to_vec())?; + if predicate_str.starts_with("editor_id = ") { + editor_id = Some( + predicate_str + .get(12..) + .context("parsing macaroon")? + .to_string(), + ); + break; + } } } let editor_id = match editor_id { Some(id) => id, None => return Err(anyhow!("expected an editor_id caveat in macaroon token")), }; - verifier.satisfy_exact(&format!("editor_id = {}", editor_id)); + verifier.satisfy_exact(format!("editor_id = {}", editor_id).into()); Ok(editor_id) } -- cgit v1.2.3