2021-09-18 01:04:04 +00:00
|
|
|
use actix_web::{http::StatusCode, web, App, HttpRequest, HttpResponse, HttpServer, ResponseError};
|
2023-08-04 23:01:41 +00:00
|
|
|
use http_signature_normalization_actix::{digest::ring::Sha256, prelude::*};
|
2021-09-18 01:04:04 +00:00
|
|
|
use std::future::{ready, Ready};
|
|
|
|
use tracing::info;
|
|
|
|
use tracing_actix_web::TracingLogger;
|
|
|
|
use tracing_error::ErrorLayer;
|
|
|
|
use tracing_subscriber::{layer::SubscriberExt, EnvFilter};
|
2019-09-11 23:06:36 +00:00
|
|
|
|
2019-09-13 22:55:51 +00:00
|
|
|
#[derive(Clone, Debug)]
|
|
|
|
struct MyVerify;
|
2019-09-11 23:06:36 +00:00
|
|
|
|
2019-09-13 22:55:51 +00:00
|
|
|
impl SignatureVerify for MyVerify {
|
|
|
|
type Error = MyError;
|
2020-03-16 00:29:47 +00:00
|
|
|
type Future = Ready<Result<bool, Self::Error>>;
|
2019-09-13 22:55:51 +00:00
|
|
|
|
|
|
|
fn signature_verify(
|
|
|
|
&mut self,
|
|
|
|
algorithm: Option<Algorithm>,
|
2020-04-22 22:15:32 +00:00
|
|
|
key_id: String,
|
|
|
|
signature: String,
|
|
|
|
signing_string: String,
|
2019-09-13 22:55:51 +00:00
|
|
|
) -> Self::Future {
|
|
|
|
match algorithm {
|
|
|
|
Some(Algorithm::Hs2019) => (),
|
2021-09-18 01:04:04 +00:00
|
|
|
_ => return ready(Err(MyError::Algorithm)),
|
2019-09-13 22:55:51 +00:00
|
|
|
};
|
|
|
|
|
2019-09-13 23:12:12 +00:00
|
|
|
if key_id != "my-key-id" {
|
2021-09-18 01:04:04 +00:00
|
|
|
return ready(Err(MyError::Key));
|
2019-09-13 23:12:12 +00:00
|
|
|
}
|
|
|
|
|
2020-04-22 22:15:32 +00:00
|
|
|
let decoded = match base64::decode(&signature) {
|
2020-03-16 00:29:47 +00:00
|
|
|
Ok(decoded) => decoded,
|
2021-09-18 01:04:04 +00:00
|
|
|
Err(_) => return ready(Err(MyError::Decode)),
|
2020-03-16 00:29:47 +00:00
|
|
|
};
|
2019-09-11 23:06:36 +00:00
|
|
|
|
2021-09-18 01:04:04 +00:00
|
|
|
info!("Signing String\n{}", signing_string);
|
2020-03-17 23:54:00 +00:00
|
|
|
|
2021-09-18 01:04:04 +00:00
|
|
|
ready(Ok(decoded == signing_string.as_bytes()))
|
2019-09-11 23:06:36 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-03-17 19:47:00 +00:00
|
|
|
async fn index(
|
2022-12-19 17:12:35 +00:00
|
|
|
_: DigestVerified,
|
|
|
|
sig_verified: SignatureVerified,
|
2020-03-17 19:47:00 +00:00
|
|
|
req: HttpRequest,
|
2020-03-25 16:00:37 +00:00
|
|
|
_body: web::Bytes,
|
2020-03-17 19:47:00 +00:00
|
|
|
) -> &'static str {
|
|
|
|
info!("Verified request for {}", sig_verified.key_id());
|
|
|
|
info!("{:?}", req);
|
2019-09-13 22:55:51 +00:00
|
|
|
"Eyyyyup"
|
|
|
|
}
|
|
|
|
|
2020-03-16 00:29:47 +00:00
|
|
|
#[actix_rt::main]
|
|
|
|
async fn main() -> Result<(), Box<dyn std::error::Error>> {
|
2021-09-18 01:04:04 +00:00
|
|
|
let env_filter = EnvFilter::try_from_default_env().unwrap_or_else(|_| EnvFilter::new("info"));
|
|
|
|
|
|
|
|
let subscriber = tracing_subscriber::Registry::default()
|
|
|
|
.with(env_filter)
|
|
|
|
.with(ErrorLayer::default())
|
|
|
|
.with(tracing_subscriber::fmt::layer());
|
|
|
|
|
|
|
|
tracing::subscriber::set_global_default(subscriber)?;
|
2020-03-17 19:27:38 +00:00
|
|
|
|
2023-07-27 17:15:42 +00:00
|
|
|
let config = Config::new().require_header("accept").require_digest();
|
2019-09-13 22:55:51 +00:00
|
|
|
|
2019-09-11 23:06:36 +00:00
|
|
|
HttpServer::new(move || {
|
|
|
|
App::new()
|
2019-09-13 23:27:04 +00:00
|
|
|
.wrap(VerifyDigest::new(Sha256::new()).optional())
|
2022-12-19 17:12:35 +00:00
|
|
|
.wrap(VerifySignature::new(MyVerify, config.clone()))
|
2021-09-21 15:43:06 +00:00
|
|
|
.wrap(TracingLogger::default())
|
2019-09-13 01:12:35 +00:00
|
|
|
.route("/", web::post().to(index))
|
2019-09-11 23:06:36 +00:00
|
|
|
})
|
|
|
|
.bind("127.0.0.1:8010")?
|
2020-03-16 00:29:47 +00:00
|
|
|
.run()
|
|
|
|
.await?;
|
2019-09-11 23:06:36 +00:00
|
|
|
|
|
|
|
Ok(())
|
|
|
|
}
|
|
|
|
|
2020-03-16 00:29:47 +00:00
|
|
|
#[derive(Debug, thiserror::Error)]
|
2019-09-11 23:06:36 +00:00
|
|
|
enum MyError {
|
2020-04-23 17:54:56 +00:00
|
|
|
#[error("Failed to verify, {0}")]
|
2020-03-16 00:29:47 +00:00
|
|
|
Verify(#[from] PrepareVerifyError),
|
2019-09-11 23:06:36 +00:00
|
|
|
|
2020-03-16 00:29:47 +00:00
|
|
|
#[error("Unsupported algorithm")]
|
2019-09-13 01:29:24 +00:00
|
|
|
Algorithm,
|
2019-09-13 22:55:51 +00:00
|
|
|
|
2020-03-16 00:29:47 +00:00
|
|
|
#[error("Couldn't decode signature")]
|
2019-09-13 22:55:51 +00:00
|
|
|
Decode,
|
2019-09-13 23:12:12 +00:00
|
|
|
|
2020-03-16 00:29:47 +00:00
|
|
|
#[error("Invalid key")]
|
2019-09-13 23:12:12 +00:00
|
|
|
Key,
|
2019-09-11 23:06:36 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
impl ResponseError for MyError {
|
2020-03-16 00:29:47 +00:00
|
|
|
fn status_code(&self) -> StatusCode {
|
|
|
|
StatusCode::BAD_REQUEST
|
2019-09-13 22:55:51 +00:00
|
|
|
}
|
|
|
|
|
2020-03-16 00:29:47 +00:00
|
|
|
fn error_response(&self) -> HttpResponse {
|
|
|
|
HttpResponse::BadRequest().finish()
|
2019-09-11 23:06:36 +00:00
|
|
|
}
|
|
|
|
}
|