Use secrecy

2024-11-15 21:21:00 +00:00 · 2021-12-27 13:24:24 +01:00 · 2021-12-27 13:24:24 +01:00 · ffe7a25486
commit ffe7a25486
parent f8a7bf6e10
4 changed files with 31 additions and 7 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@ -1818,6 +1818,16 @@ dependencies = [
 "untrusted",
 ]

+[[package]]
+name = "secrecy"
+version = "0.8.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9bd1c54ea06cfd2f6b63219704de0b9b4f72dcc2b8fdef820be6cd799780e91e"
+dependencies = [
+ "serde",
+ "zeroize",
+]
+
 [[package]]
 name = "security-framework"
 version = "2.4.2"
@ -2853,6 +2863,7 @@ dependencies = [
 "quickcheck_macros",
 "rand 0.8.4",
 "reqwest",
+ "secrecy",
 "serde",
 "serde-aux",
 "serde_json",
@ -2870,6 +2881,12 @@ dependencies = [
 "wiremock",
 ]

+[[package]]
+name = "zeroize"
+version = "1.4.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d68d9dcec5f9b43a30d38c49f91dfedfaac384cb8f085faca366c26207dd1619"
+
 [[package]]
 name = "zstd"
 version = "0.9.1+zstd.1.5.1"
--- a/Cargo.toml
+++ b/Cargo.toml
@ -33,6 +33,7 @@ validator = "0.12.0"
 rand = { version = "0.8", features=["std_rng"] }
 sha2 = { version = "0.9" }
 anyhow = "1.0.40"
+secrecy = { version = "0.8", features = ["serde"] }

 [dev-dependencies]
 once_cell = "1.7.2"
--- a/src/configuration.rs
+++ b/src/configuration.rs
@ -1,4 +1,5 @@
 use crate::domain::SubscriberEmail;
+use secrecy::{ExposeSecret, Secret};
 use serde_aux::field_attributes::deserialize_number_from_string;
 use sqlx::postgres::{PgConnectOptions, PgSslMode};
 use sqlx::ConnectOptions;
@ -22,7 +23,7 @@ pub struct ApplicationSettings {
 #[derive(serde::Deserialize, Clone)]
 pub struct DatabaseSettings {
    pub username: String,
-    pub password: String,
+    pub password: Secret<String>,
    #[serde(deserialize_with = "deserialize_number_from_string")]
    pub port: u16,
    pub host: String,
@ -40,7 +41,7 @@ impl DatabaseSettings {
        PgConnectOptions::new()
            .host(&self.host)
            .username(&self.username)
-            .password(&self.password)
+            .password(&self.password.expose_secret())
            .port(self.port)
            .ssl_mode(ssl_mode)
    }
@ -56,7 +57,7 @@ impl DatabaseSettings {
 pub struct EmailClientSettings {
    pub base_url: String,
    pub sender_email: String,
-    pub authorization_token: String,
+    pub authorization_token: Secret<String>,
    pub timeout_milliseconds: u64,
 }

--- a/src/email_client.rs
+++ b/src/email_client.rs
@ -1,18 +1,19 @@
 use crate::domain::SubscriberEmail;
 use reqwest::Client;
+use secrecy::{ExposeSecret, Secret};

 pub struct EmailClient {
    http_client: Client,
    base_url: String,
    sender: SubscriberEmail,
-    authorization_token: String,
+    authorization_token: Secret<String>,
 }

 impl EmailClient {
    pub fn new(
        base_url: String,
        sender: SubscriberEmail,
-        authorization_token: String,
+        authorization_token: Secret<String>,
        timeout: std::time::Duration,
    ) -> Self {
        let http_client = Client::builder().timeout(timeout).build().unwrap();
@ -41,7 +42,10 @@ impl EmailClient {
        };
        self.http_client
            .post(&url)
-            .header("X-Postmark-Server-Token", &self.authorization_token)
+            .header(
+                "X-Postmark-Server-Token",
+                self.authorization_token.expose_secret(),
+            )
            .json(&request_body)
            .send()
            .await?
@ -68,6 +72,7 @@ mod tests {
    use fake::faker::internet::en::SafeEmail;
    use fake::faker::lorem::en::{Paragraph, Sentence};
    use fake::{Fake, Faker};
+    use secrecy::Secret;
    use wiremock::matchers::{any, header, header_exists, method, path};
    use wiremock::{Mock, MockServer, Request, ResponseTemplate};

@ -108,7 +113,7 @@ mod tests {
        EmailClient::new(
            base_url,
            email(),
-            Faker.fake(),
+            Secret::new(Faker.fake()),
            std::time::Duration::from_millis(200),
        )
    }