http-signature-normalization/src/create.rs

//! Types and logic for creating signature and authorization headers
use crate::{
    unix_timestamp, ALGORITHM_FIELD, ALGORITHM_VALUE, CREATED_FIELD, EXPIRES_FIELD, HEADERS_FIELD,
    KEY_ID_FIELD, SIGNATURE_FIELD,
};
use std::time::SystemTime;

#[derive(Debug)]
/// The signed stage of creating a signature
///
/// From here, the Signature or Authorization headers can be generated as string
pub struct Signed {
    signature: String,
    sig_headers: Vec<String>,
    created: Option<SystemTime>,
    expires: Option<SystemTime>,
    key_id: String,
}

#[derive(Debug)]
/// The Unsigned stage of creating a signature
///
/// From here, the `sign` method can be used to sign the signing_string, producing a [`Signed`]
/// type.
pub struct Unsigned {
    pub(crate) signing_string: String,
    pub(crate) sig_headers: Vec<String>,
    pub(crate) created: Option<SystemTime>,
    pub(crate) expires: Option<SystemTime>,
}

impl Signed {
    /// Turn the Signed type into a String that can be used as the Signature Header
    ///
    /// Done manually, it would look like `format!("Signature: {}", signed.signature_header())`
    pub fn signature_header(self) -> String {
        self.into_header()
    }

    /// Turn the Signed type into a String that can be used as the Authorization Header
    ///
    /// Done manually, it would look like `format!("Authorization: {}", signed.authorization_header())`
    pub fn authorization_header(self) -> String {
        format!("Signature {}", self.into_header())
    }

    fn into_header(self) -> String {
        let mapped = self.created.and_then(|c| self.expires.map(|e| (c, e)));
        let header_parts = if let Some((created, expires)) = mapped {
            vec![
                (KEY_ID_FIELD, self.key_id),
                (ALGORITHM_FIELD, ALGORITHM_VALUE.to_owned()),
                (CREATED_FIELD, unix_timestamp(created).to_string()),
                (EXPIRES_FIELD, unix_timestamp(expires).to_string()),
                (HEADERS_FIELD, self.sig_headers.join(" ")),
                (SIGNATURE_FIELD, self.signature),
            ]
        } else {
            vec![
                (KEY_ID_FIELD, self.key_id),
                (ALGORITHM_FIELD, ALGORITHM_VALUE.to_owned()),
                (HEADERS_FIELD, self.sig_headers.join(" ")),
                (SIGNATURE_FIELD, self.signature),
            ]
        };

        header_parts
            .iter()
            .map(|(k, v)| format!("{}=\"{}\"", k, v))
            .collect::<Vec<_>>()
            .join(",")
    }
}

impl Unsigned {
    /// Sign the signing string, producing a String that can be used in an HTTP Header
    ///
    /// When using RSA or HMAC to sign the string, be sure to base64-encode the result to produce a
    /// String.
    pub fn sign<F, E>(self, key_id: String, f: F) -> Result<Signed, E>
    where
        F: FnOnce(&str) -> Result<String, E>,
    {
        (f)(&self.signing_string).map(|signature| Signed {
            signature,
            sig_headers: self.sig_headers,
            created: self.created,
            expires: self.expires,
            key_id,
        })
    }
}
Prepare for release 2019-09-21 16:26:11 +00:00			`//! Types and logic for creating signature and authorization headers`
Initial commit 2019-09-11 05:17:30 +00:00			`use crate::{`
Remove chrono, thiserror 2022-01-17 22:49:01 +00:00			`unix_timestamp, ALGORITHM_FIELD, ALGORITHM_VALUE, CREATED_FIELD, EXPIRES_FIELD, HEADERS_FIELD,`
			`KEY_ID_FIELD, SIGNATURE_FIELD,`
Initial commit 2019-09-11 05:17:30 +00:00			`};`
Remove chrono, thiserror 2022-01-17 22:49:01 +00:00			`use std::time::SystemTime;`
Initial commit 2019-09-11 05:17:30 +00:00
Test round trip 2019-09-11 06:24:51 +00:00			`#[derive(Debug)]`
Prepare for release 2019-09-21 16:26:11 +00:00			`/// The signed stage of creating a signature`
			`///`
			`/// From here, the Signature or Authorization headers can be generated as string`
Initial commit 2019-09-11 05:17:30 +00:00			`pub struct Signed {`
			`signature: String,`
			`sig_headers: Vec<String>,`
Remove chrono, thiserror 2022-01-17 22:49:01 +00:00			`created: Option<SystemTime>,`
			`expires: Option<SystemTime>,`
Initial commit 2019-09-11 05:17:30 +00:00			`key_id: String,`
			`}`

Test round trip 2019-09-11 06:24:51 +00:00			`#[derive(Debug)]`
Prepare for release 2019-09-21 16:26:11 +00:00			`/// The Unsigned stage of creating a signature`
			`///`
			/// From here, the `sign` method can be used to sign the signing_string, producing a [`Signed`]
			`/// type.`
Initial commit 2019-09-11 05:17:30 +00:00			`pub struct Unsigned {`
			`pub(crate) signing_string: String,`
			`pub(crate) sig_headers: Vec<String>,`
Remove chrono, thiserror 2022-01-17 22:49:01 +00:00			`pub(crate) created: Option<SystemTime>,`
			`pub(crate) expires: Option<SystemTime>,`
Initial commit 2019-09-11 05:17:30 +00:00			`}`

			`impl Signed {`
Prepare for release 2019-09-21 16:26:11 +00:00			`/// Turn the Signed type into a String that can be used as the Signature Header`
			`///`
			/// Done manually, it would look like `format!("Signature: {}", signed.signature_header())`
Remove dependency on http 2019-09-11 05:24:04 +00:00			`pub fn signature_header(self) -> String {`
Fix header strings 2020-01-18 00:35:30 +00:00			`self.into_header()`
Initial commit 2019-09-11 05:17:30 +00:00			`}`

Prepare for release 2019-09-21 16:26:11 +00:00			`/// Turn the Signed type into a String that can be used as the Authorization Header`
			`///`
			/// Done manually, it would look like `format!("Authorization: {}", signed.authorization_header())`
Remove dependency on http 2019-09-11 05:24:04 +00:00			`pub fn authorization_header(self) -> String {`
Fix header strings 2020-01-18 00:35:30 +00:00			`format!("Signature {}", self.into_header())`
Initial commit 2019-09-11 05:17:30 +00:00			`}`

			`fn into_header(self) -> String {`
Allow for generating requests without created field 2020-03-17 23:54:00 +00:00			`let mapped = self.created.and_then(\|c\| self.expires.map(\|e\| (c, e)));`
			`let header_parts = if let Some((created, expires)) = mapped {`
			`vec![`
			`(KEY_ID_FIELD, self.key_id),`
			`(ALGORITHM_FIELD, ALGORITHM_VALUE.to_owned()),`
Remove chrono, thiserror 2022-01-17 22:49:01 +00:00			`(CREATED_FIELD, unix_timestamp(created).to_string()),`
			`(EXPIRES_FIELD, unix_timestamp(expires).to_string()),`
Allow for generating requests without created field 2020-03-17 23:54:00 +00:00			`(HEADERS_FIELD, self.sig_headers.join(" ")),`
			`(SIGNATURE_FIELD, self.signature),`
			`]`
			`} else {`
			`vec![`
			`(KEY_ID_FIELD, self.key_id),`
			`(ALGORITHM_FIELD, ALGORITHM_VALUE.to_owned()),`
			`(HEADERS_FIELD, self.sig_headers.join(" ")),`
			`(SIGNATURE_FIELD, self.signature),`
			`]`
			`};`
Initial commit 2019-09-11 05:17:30 +00:00
			`header_parts`
			`.iter()`
			`.map(\|(k, v)\| format!("{}=\"{}\"", k, v))`
			`.collect::<Vec<_>>()`
			`.join(",")`
			`}`
			`}`

			`impl Unsigned {`
Prepare for release 2019-09-21 16:26:11 +00:00			`/// Sign the signing string, producing a String that can be used in an HTTP Header`
			`///`
			`/// When using RSA or HMAC to sign the string, be sure to base64-encode the result to produce a`
			`/// String.`
Initial commit 2019-09-11 05:17:30 +00:00			`pub fn sign<F, E>(self, key_id: String, f: F) -> Result<Signed, E>`
			`where`
Add Http Signature verification middleware and... Move base64 out of base lib 2019-09-13 22:55:51 +00:00			`F: FnOnce(&str) -> Result<String, E>,`
Initial commit 2019-09-11 05:17:30 +00:00			`{`
Add Http Signature verification middleware and... Move base64 out of base lib 2019-09-13 22:55:51 +00:00			`(f)(&self.signing_string).map(\|signature\| Signed {`
			`signature,`
Initial commit 2019-09-11 05:17:30 +00:00			`sig_headers: self.sig_headers,`
			`created: self.created,`
			`expires: self.expires,`
			`key_id,`
			`})`
			`}`
			`}`