http-signature-normalization/actix/examples/server.rs

105 lines
2.7 KiB
Rust
Raw Normal View History

2021-09-18 01:04:04 +00:00
use actix_web::{http::StatusCode, web, App, HttpRequest, HttpResponse, HttpServer, ResponseError};
2023-08-04 23:01:41 +00:00
use http_signature_normalization_actix::{digest::ring::Sha256, prelude::*};
2021-09-18 01:04:04 +00:00
use std::future::{ready, Ready};
use tracing::info;
use tracing_actix_web::TracingLogger;
use tracing_error::ErrorLayer;
use tracing_subscriber::{layer::SubscriberExt, EnvFilter};
2019-09-11 23:06:36 +00:00
#[derive(Clone, Debug)]
struct MyVerify;
2019-09-11 23:06:36 +00:00
impl SignatureVerify for MyVerify {
type Error = MyError;
type Future = Ready<Result<bool, Self::Error>>;
fn signature_verify(
&mut self,
algorithm: Option<Algorithm>,
key_id: String,
signature: String,
signing_string: String,
) -> Self::Future {
match algorithm {
Some(Algorithm::Hs2019) => (),
2021-09-18 01:04:04 +00:00
_ => return ready(Err(MyError::Algorithm)),
};
2019-09-13 23:12:12 +00:00
if key_id != "my-key-id" {
2021-09-18 01:04:04 +00:00
return ready(Err(MyError::Key));
2019-09-13 23:12:12 +00:00
}
let decoded = match base64::decode(&signature) {
Ok(decoded) => decoded,
2021-09-18 01:04:04 +00:00
Err(_) => return ready(Err(MyError::Decode)),
};
2019-09-11 23:06:36 +00:00
2021-09-18 01:04:04 +00:00
info!("Signing String\n{}", signing_string);
2021-09-18 01:04:04 +00:00
ready(Ok(decoded == signing_string.as_bytes()))
2019-09-11 23:06:36 +00:00
}
}
async fn index(
_: DigestVerified,
sig_verified: SignatureVerified,
req: HttpRequest,
2020-03-25 16:00:37 +00:00
_body: web::Bytes,
) -> &'static str {
info!("Verified request for {}", sig_verified.key_id());
info!("{:?}", req);
"Eyyyyup"
}
#[actix_rt::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
2021-09-18 01:04:04 +00:00
let env_filter = EnvFilter::try_from_default_env().unwrap_or_else(|_| EnvFilter::new("info"));
let subscriber = tracing_subscriber::Registry::default()
.with(env_filter)
.with(ErrorLayer::default())
.with(tracing_subscriber::fmt::layer());
tracing::subscriber::set_global_default(subscriber)?;
let config = Config::new().require_header("accept").require_digest();
2019-09-11 23:06:36 +00:00
HttpServer::new(move || {
App::new()
.wrap(VerifyDigest::new(Sha256::new()).optional())
.wrap(VerifySignature::new(MyVerify, config.clone()))
.wrap(TracingLogger::default())
2019-09-13 01:12:35 +00:00
.route("/", web::post().to(index))
2019-09-11 23:06:36 +00:00
})
.bind("127.0.0.1:8010")?
.run()
.await?;
2019-09-11 23:06:36 +00:00
Ok(())
}
#[derive(Debug, thiserror::Error)]
2019-09-11 23:06:36 +00:00
enum MyError {
#[error("Failed to verify, {0}")]
Verify(#[from] PrepareVerifyError),
2019-09-11 23:06:36 +00:00
#[error("Unsupported algorithm")]
2019-09-13 01:29:24 +00:00
Algorithm,
#[error("Couldn't decode signature")]
Decode,
2019-09-13 23:12:12 +00:00
#[error("Invalid key")]
2019-09-13 23:12:12 +00:00
Key,
2019-09-11 23:06:36 +00:00
}
impl ResponseError for MyError {
fn status_code(&self) -> StatusCode {
StatusCode::BAD_REQUEST
}
fn error_response(&self) -> HttpResponse {
HttpResponse::BadRequest().finish()
2019-09-11 23:06:36 +00:00
}
}