aboutsummaryrefslogtreecommitdiffstats
path: root/rust/src
diff options
context:
space:
mode:
Diffstat (limited to 'rust/src')
-rw-r--r--rust/src/auth.rs26
1 files changed, 9 insertions, 17 deletions
diff --git a/rust/src/auth.rs b/rust/src/auth.rs
index 3a6271e5..13c0126f 100644
--- a/rust/src/auth.rs
+++ b/rust/src/auth.rs
@@ -183,17 +183,13 @@ pub struct AuthConfectionary {
}
fn parse_macaroon_key(key_base64: &str) -> Result<MacaroonKey> {
- // instead of creating a [u8; 32], we decode into an arbitrary Vec (after checking the input
- // length first), because the MacaroonKey 'From' trait is implemented differently for [u8] and
- // [u8; 32] (sigh).
if key_base64.len() != 44 {
bail!("bad base64-padded-encoded key for macaroons");
}
let key_bytes = BASE64
.decode(key_base64.as_bytes())
.expect("base64 key decode");
- let bytes_ref: &[u8] = key_bytes.as_ref();
- let key = MacaroonKey::from(bytes_ref);
+ let key = MacaroonKey::generate(&key_bytes);
Ok(key)
}
@@ -255,8 +251,7 @@ impl AuthConfectionary {
.into(),
);
};
- let raw = mac.serialize(Format::V2).expect("macaroon serialization");
- Ok(BASE64.encode(&raw))
+ Ok(mac.serialize(Format::V2).expect("macaroon serialization"))
}
/// Takes a macaroon as a base64-encoded string, deserializes it
@@ -266,8 +261,7 @@ impl AuthConfectionary {
s: &str,
endpoint: Option<&str>,
) -> Result<EditorRow> {
- let raw = BASE64.decode(s.as_bytes())?;
- let mac = match Macaroon::deserialize(&raw) {
+ let mac = match Macaroon::deserialize(s) {
Ok(m) => m,
Err(e) => {
// TODO: should be "chaining" here
@@ -401,17 +395,15 @@ impl AuthConfectionary {
};
match verifier.verify(&mac, verify_key, Default::default()) {
Ok(()) => (),
- Err(MacaroonError::InvalidMacaroon(em)) => {
- return Err(FatcatError::InvalidCredentials(format!(
- "auth token (macaroon) not valid (signature and/or caveats failed): {}",
- em
- ))
+ Err(MacaroonError::CaveatNotSatisfied(_)) | Err(MacaroonError::InvalidSignature) => {
+ return Err(FatcatError::InvalidCredentials(
+ "auth token (macaroon) not valid (signature and/or caveats failed)".to_string(),
+ )
.into());
}
Err(e) => {
- // TODO: chain
return Err(FatcatError::InvalidCredentials(format!(
- "token parsing failed: {:?}",
+ "auth token (macaroon) parsing failed: {:?}",
e
))
.into());
@@ -574,7 +566,7 @@ fn test_macaroon_keys() {
.unwrap();
assert_eq!(old_key.len(), 32);
assert_eq!(old_key, key_bytes);
- let old_macaroon_key: MacaroonKey = old_key.as_slice().into();
+ let old_macaroon_key = MacaroonKey::generate(&old_key);
// new (2022) way of parsing keys
let key = parse_macaroon_key("5555555555555555555555555555555555555555xms=").unwrap();