1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
|
//! Editor bearer token authentication
use swagger::auth::{AuthData, Authorization, Scopes};
//use macaroon::{Macaroon, Verifier};
use std::collections::BTreeSet;
//use database_models::*;
//use database_schema::*;
use api_helpers::*;
use chrono;
//use diesel;
use iron;
//use diesel::prelude::*;
use errors::*;
//use serde_json;
//use std::str::FromStr;
//use uuid::Uuid;
#[derive(Debug)]
pub struct OpenAuthMiddleware;
impl OpenAuthMiddleware {
/// Create a middleware that authorizes with the configured subject.
pub fn new() -> OpenAuthMiddleware {
OpenAuthMiddleware
}
}
impl iron::middleware::BeforeMiddleware for OpenAuthMiddleware {
fn before(&self, req: &mut iron::Request) -> iron::IronResult<()> {
req.extensions.insert::<Authorization>(Authorization {
subject: "undefined".to_string(),
scopes: Scopes::All,
issuer: None,
});
Ok(())
}
}
#[derive(Debug)]
pub struct MacaroonAuthMiddleware;
impl MacaroonAuthMiddleware {
pub fn new() -> MacaroonAuthMiddleware {
MacaroonAuthMiddleware
}
}
impl iron::middleware::BeforeMiddleware for MacaroonAuthMiddleware {
fn before(&self, req: &mut iron::Request) -> iron::IronResult<()> {
let res: Option<(String, Vec<String>)> = match req.extensions.get::<AuthData>() {
Some(AuthData::ApiKey(header)) => {
let header: Vec<String> = header.split_whitespace().map(|s| s.to_string()).collect();
// TODO: error types
assert!(header.len() == 2);
assert!(header[0] == "Bearer");
parse_macaroon_token(&header[1]).expect("valid macaroon")
},
None => None,
_ => panic!("valid auth header, or none")
};
if let Some((editor_id, scopes)) = res {
let mut scope_set = BTreeSet::new();
for s in scopes {
scope_set.insert(s);
}
req.extensions.insert::<Authorization>(Authorization {
subject: editor_id,
scopes: Scopes::Some(scope_set),
issuer: None,
});
};
Ok(())
}
}
// DUMMY: parse macaroon
pub fn parse_macaroon_token(s: &str) -> Result<Option<(String,Vec<String>)>> {
Ok(Some(("some_editor_id".to_string(), vec![])))
}
pub fn print_editors() -> Result<()>{
unimplemented!();
// iterate over all editors. format id, print flags, auth_epoch
}
pub fn create_editor(username: String, is_admin: bool, is_bot: bool) -> Result<()> { // TODO: EditorRow or something
unimplemented!();
}
pub fn create_token(editor_id: FatCatId, expires: Option<chrono::NaiveDateTime>) -> Result<String> {
unimplemented!();
}
pub fn inspect_token(token: &str) -> Result<()> {
unimplemented!();
}
pub fn revoke_tokens(editor_id: FatCatId) -> Result<()>{
unimplemented!();
}
pub fn revoke_tokens_everyone() -> Result<u64> {
unimplemented!();
}
|
