mirror of
https://git.asonix.dog/asonix/http-signature-normalization.git
synced 2024-11-22 01:11:00 +00:00
Add method to retrieve key_id from request data
This commit is contained in:
parent
aaf8e16db4
commit
760dedaade
5 changed files with 28 additions and 10 deletions
|
@ -1,7 +1,7 @@
|
||||||
[package]
|
[package]
|
||||||
name = "http-signature-normalization-actix"
|
name = "http-signature-normalization-actix"
|
||||||
description = "An HTTP Signatures library that leaves the signing to you"
|
description = "An HTTP Signatures library that leaves the signing to you"
|
||||||
version = "0.3.0-alpha.2"
|
version = "0.3.0-alpha.3"
|
||||||
authors = ["asonix <asonix@asonix.dog>"]
|
authors = ["asonix <asonix@asonix.dog>"]
|
||||||
license-file = "LICENSE"
|
license-file = "LICENSE"
|
||||||
readme = "README.md"
|
readme = "README.md"
|
||||||
|
|
|
@ -16,7 +16,7 @@ This crate provides extensions the ClientRequest type from Actix Web, and provid
|
||||||
actix = "0.10.0-alpha.1"
|
actix = "0.10.0-alpha.1"
|
||||||
actix-web = "3.0.0-alpha.1"
|
actix-web = "3.0.0-alpha.1"
|
||||||
thiserror = "0.1"
|
thiserror = "0.1"
|
||||||
http-signature-normalization-actix = { version = "0.3.0-alpha.2", default-features = false, features = ["sha-2"] }
|
http-signature-normalization-actix = { version = "0.3.0-alpha.3", default-features = false, features = ["sha-2"] }
|
||||||
sha2 = "0.8"
|
sha2 = "0.8"
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -110,7 +110,8 @@ impl SignatureVerify for MyVerify {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
async fn index(_: (DigestVerified, SignatureVerified)) -> &'static str {
|
async fn index((_, sig_verified): (DigestVerified, SignatureVerified)) -> &'static str {
|
||||||
|
println!("Signature verified for {}", sig_verified.key_id());
|
||||||
"Eyyyyup"
|
"Eyyyyup"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
use actix_web::{http::StatusCode, web, App, HttpResponse, HttpServer, ResponseError};
|
use actix_web::{http::StatusCode, web, App, HttpRequest, HttpResponse, HttpServer, ResponseError};
|
||||||
use futures::future::{err, ok, Ready};
|
use futures::future::{err, ok, Ready};
|
||||||
use http_signature_normalization_actix::prelude::*;
|
use http_signature_normalization_actix::prelude::*;
|
||||||
|
use log::info;
|
||||||
use sha2::{Digest, Sha256};
|
use sha2::{Digest, Sha256};
|
||||||
|
|
||||||
#[derive(Clone, Debug)]
|
#[derive(Clone, Debug)]
|
||||||
|
@ -35,7 +36,12 @@ impl SignatureVerify for MyVerify {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
async fn index(_: (DigestVerified, SignatureVerified)) -> &'static str {
|
async fn index(
|
||||||
|
(_, sig_verified): (DigestVerified, SignatureVerified),
|
||||||
|
req: HttpRequest,
|
||||||
|
) -> &'static str {
|
||||||
|
info!("Verified request for {}", sig_verified.key_id());
|
||||||
|
info!("{:?}", req);
|
||||||
"Eyyyyup"
|
"Eyyyyup"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -45,7 +45,8 @@
|
||||||
//! }
|
//! }
|
||||||
//! }
|
//! }
|
||||||
//!
|
//!
|
||||||
//! async fn index(_: (DigestVerified, SignatureVerified)) -> &'static str {
|
//! async fn index((_, sig_verified): (DigestVerified, SignatureVerified)) -> &'static str {
|
||||||
|
//! println!("Signature verified for {}", sig_verified.key_id());
|
||||||
//! "Eyyyyup"
|
//! "Eyyyyup"
|
||||||
//! }
|
//! }
|
||||||
//!
|
//!
|
||||||
|
|
|
@ -16,10 +16,20 @@ use std::{
|
||||||
|
|
||||||
use crate::{Config, SignatureVerify};
|
use crate::{Config, SignatureVerify};
|
||||||
|
|
||||||
#[derive(Copy, Clone, Debug)]
|
#[derive(Clone, Debug)]
|
||||||
/// A marker type that can be used to guard routes when the signature middleware is set to
|
/// A marker type that can be used to guard routes when the signature middleware is set to
|
||||||
/// 'optional'
|
/// 'optional'
|
||||||
pub struct SignatureVerified;
|
pub struct SignatureVerified(String);
|
||||||
|
|
||||||
|
impl SignatureVerified {
|
||||||
|
/// Return the Key ID used to verify the request
|
||||||
|
///
|
||||||
|
/// It might be important for an application to verify that the payload being processed indeed
|
||||||
|
/// belongs to the owner of the key used to sign the request.
|
||||||
|
pub fn key_id(&self) -> &str {
|
||||||
|
&self.0
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
#[derive(Clone, Debug)]
|
#[derive(Clone, Debug)]
|
||||||
/// The Verify signature middleware
|
/// The Verify signature middleware
|
||||||
|
@ -116,7 +126,7 @@ where
|
||||||
let verified = fut.await?;
|
let verified = fut.await?;
|
||||||
|
|
||||||
if verified {
|
if verified {
|
||||||
req.extensions_mut().insert(SignatureVerified);
|
req.extensions_mut().insert(SignatureVerified(key_id));
|
||||||
service.borrow_mut().call(req).await
|
service.borrow_mut().call(req).await
|
||||||
} else {
|
} else {
|
||||||
Err(VerifyError.into())
|
Err(VerifyError.into())
|
||||||
|
@ -144,7 +154,7 @@ impl FromRequest for SignatureVerified {
|
||||||
ready(
|
ready(
|
||||||
req.extensions()
|
req.extensions()
|
||||||
.get::<Self>()
|
.get::<Self>()
|
||||||
.map(|s| *s)
|
.map(|s| s.clone())
|
||||||
.ok_or(VerifyError),
|
.ok_or(VerifyError),
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue