Add method to retrieve key_id from request data

This commit is contained in:
asonix 2020-03-17 14:47:00 -05:00
parent aaf8e16db4
commit 760dedaade
5 changed files with 28 additions and 10 deletions

View file

@ -1,7 +1,7 @@
[package] [package]
name = "http-signature-normalization-actix" name = "http-signature-normalization-actix"
description = "An HTTP Signatures library that leaves the signing to you" description = "An HTTP Signatures library that leaves the signing to you"
version = "0.3.0-alpha.2" version = "0.3.0-alpha.3"
authors = ["asonix <asonix@asonix.dog>"] authors = ["asonix <asonix@asonix.dog>"]
license-file = "LICENSE" license-file = "LICENSE"
readme = "README.md" readme = "README.md"

View file

@ -16,7 +16,7 @@ This crate provides extensions the ClientRequest type from Actix Web, and provid
actix = "0.10.0-alpha.1" actix = "0.10.0-alpha.1"
actix-web = "3.0.0-alpha.1" actix-web = "3.0.0-alpha.1"
thiserror = "0.1" thiserror = "0.1"
http-signature-normalization-actix = { version = "0.3.0-alpha.2", default-features = false, features = ["sha-2"] } http-signature-normalization-actix = { version = "0.3.0-alpha.3", default-features = false, features = ["sha-2"] }
sha2 = "0.8" sha2 = "0.8"
``` ```
@ -110,7 +110,8 @@ impl SignatureVerify for MyVerify {
} }
} }
async fn index(_: (DigestVerified, SignatureVerified)) -> &'static str { async fn index((_, sig_verified): (DigestVerified, SignatureVerified)) -> &'static str {
println!("Signature verified for {}", sig_verified.key_id());
"Eyyyyup" "Eyyyyup"
} }

View file

@ -1,6 +1,7 @@
use actix_web::{http::StatusCode, web, App, HttpResponse, HttpServer, ResponseError}; use actix_web::{http::StatusCode, web, App, HttpRequest, HttpResponse, HttpServer, ResponseError};
use futures::future::{err, ok, Ready}; use futures::future::{err, ok, Ready};
use http_signature_normalization_actix::prelude::*; use http_signature_normalization_actix::prelude::*;
use log::info;
use sha2::{Digest, Sha256}; use sha2::{Digest, Sha256};
#[derive(Clone, Debug)] #[derive(Clone, Debug)]
@ -35,7 +36,12 @@ impl SignatureVerify for MyVerify {
} }
} }
async fn index(_: (DigestVerified, SignatureVerified)) -> &'static str { async fn index(
(_, sig_verified): (DigestVerified, SignatureVerified),
req: HttpRequest,
) -> &'static str {
info!("Verified request for {}", sig_verified.key_id());
info!("{:?}", req);
"Eyyyyup" "Eyyyyup"
} }

View file

@ -45,7 +45,8 @@
//! } //! }
//! } //! }
//! //!
//! async fn index(_: (DigestVerified, SignatureVerified)) -> &'static str { //! async fn index((_, sig_verified): (DigestVerified, SignatureVerified)) -> &'static str {
//! println!("Signature verified for {}", sig_verified.key_id());
//! "Eyyyyup" //! "Eyyyyup"
//! } //! }
//! //!

View file

@ -16,10 +16,20 @@ use std::{
use crate::{Config, SignatureVerify}; use crate::{Config, SignatureVerify};
#[derive(Copy, Clone, Debug)] #[derive(Clone, Debug)]
/// A marker type that can be used to guard routes when the signature middleware is set to /// A marker type that can be used to guard routes when the signature middleware is set to
/// 'optional' /// 'optional'
pub struct SignatureVerified; pub struct SignatureVerified(String);
impl SignatureVerified {
/// Return the Key ID used to verify the request
///
/// It might be important for an application to verify that the payload being processed indeed
/// belongs to the owner of the key used to sign the request.
pub fn key_id(&self) -> &str {
&self.0
}
}
#[derive(Clone, Debug)] #[derive(Clone, Debug)]
/// The Verify signature middleware /// The Verify signature middleware
@ -116,7 +126,7 @@ where
let verified = fut.await?; let verified = fut.await?;
if verified { if verified {
req.extensions_mut().insert(SignatureVerified); req.extensions_mut().insert(SignatureVerified(key_id));
service.borrow_mut().call(req).await service.borrow_mut().call(req).await
} else { } else {
Err(VerifyError.into()) Err(VerifyError.into())
@ -144,7 +154,7 @@ impl FromRequest for SignatureVerified {
ready( ready(
req.extensions() req.extensions()
.get::<Self>() .get::<Self>()
.map(|s| *s) .map(|s| s.clone())
.ok_or(VerifyError), .ok_or(VerifyError),
) )
} }