lldap/server/src/infra/tcp_backend_handler.rs

use async_trait::async_trait;
use std::collections::HashSet;

use crate::domain::{error::Result, handler::UserId};

#[async_trait]
pub trait TcpBackendHandler {
    async fn get_jwt_blacklist(&self) -> anyhow::Result<HashSet<u64>>;
    async fn create_refresh_token(&self, user: &UserId) -> Result<(String, chrono::Duration)>;
    async fn check_token(&self, refresh_token_hash: u64, user: &UserId) -> Result<bool>;
    async fn blacklist_jwts(&self, user: &UserId) -> Result<HashSet<u64>>;
    async fn delete_refresh_token(&self, refresh_token_hash: u64) -> Result<()>;

    /// Request a token to reset a user's password.
    /// If the user doesn't exist, returns `Ok(None)`, otherwise `Ok(Some(token))`.
    async fn start_password_reset(&self, user: &UserId) -> Result<Option<String>>;

    /// Get the user ID associated with a password reset token.
    async fn get_user_id_for_password_reset_token(&self, token: &str) -> Result<UserId>;

    async fn delete_password_reset_token(&self, token: &str) -> Result<()>;
}

#[cfg(test)]
use crate::domain::handler::*;
#[cfg(test)]
mockall::mock! {
    pub TestTcpBackendHandler{}
    impl Clone for TestTcpBackendHandler {
        fn clone(&self) -> Self;
    }
    #[async_trait]
    impl LoginHandler for TestTcpBackendHandler {
        async fn bind(&self, request: BindRequest) -> Result<()>;
    }
    #[async_trait]
    impl BackendHandler for TestTcpBackendHandler {
        async fn list_users(&self, filters: Option<UserRequestFilter>) -> Result<Vec<User>>;
        async fn list_groups(&self, filters: Option<GroupRequestFilter>) -> Result<Vec<Group>>;
        async fn get_user_details(&self, user_id: &UserId) -> Result<User>;
        async fn get_group_details(&self, group_id: GroupId) -> Result<GroupIdAndName>;
        async fn get_user_groups(&self, user: &UserId) -> Result<HashSet<GroupIdAndName>>;
        async fn create_user(&self, request: CreateUserRequest) -> Result<()>;
        async fn update_user(&self, request: UpdateUserRequest) -> Result<()>;
        async fn update_group(&self, request: UpdateGroupRequest) -> Result<()>;
        async fn delete_user(&self, user_id: &UserId) -> Result<()>;
        async fn create_group(&self, group_name: &str) -> Result<GroupId>;
        async fn delete_group(&self, group_id: GroupId) -> Result<()>;
        async fn add_user_to_group(&self, user_id: &UserId, group_id: GroupId) -> Result<()>;
        async fn remove_user_from_group(&self, user_id: &UserId, group_id: GroupId) -> Result<()>;
    }
    #[async_trait]
    impl TcpBackendHandler for TestTcpBackendHandler {
        async fn get_jwt_blacklist(&self) -> anyhow::Result<HashSet<u64>>;
        async fn create_refresh_token(&self, user: &UserId) -> Result<(String, chrono::Duration)>;
        async fn check_token(&self, refresh_token_hash: u64, user: &UserId) -> Result<bool>;
        async fn blacklist_jwts(&self, user: &UserId) -> Result<HashSet<u64>>;
        async fn delete_refresh_token(&self, refresh_token_hash: u64) -> Result<()>;
        async fn start_password_reset(&self, user: &UserId) -> Result<Option<String>>;
        async fn get_user_id_for_password_reset_token(&self, token: &str) -> Result<UserId>;
        async fn delete_password_reset_token(&self, token: &str) -> Result<()>;
    }
}
Split big files into little ones 2021-05-20 17:18:15 +00:00			`use async_trait::async_trait;`
Implement server-side logout 2021-05-23 14:20:26 +00:00			`use std::collections::HashSet;`
Split big files into little ones 2021-05-20 17:18:15 +00:00
domain: introduce UserId to make uid case insensitive Note that if there was a non-lowercase user already in the DB, it cannot be found again. To fix this, run in the DB: sqlite> UPDATE users SET user_id = LOWER(user_id); 2022-03-26 17:00:37 +00:00			`use crate::domain::{error::Result, handler::UserId};`
Split big files into little ones 2021-05-20 17:18:15 +00:00
			`#[async_trait]`
			`pub trait TcpBackendHandler {`
			`async fn get_jwt_blacklist(&self) -> anyhow::Result<HashSet<u64>>;`
domain: introduce UserId to make uid case insensitive Note that if there was a non-lowercase user already in the DB, it cannot be found again. To fix this, run in the DB: sqlite> UPDATE users SET user_id = LOWER(user_id); 2022-03-26 17:00:37 +00:00			`async fn create_refresh_token(&self, user: &UserId) -> Result<(String, chrono::Duration)>;`
			`async fn check_token(&self, refresh_token_hash: u64, user: &UserId) -> Result<bool>;`
			`async fn blacklist_jwts(&self, user: &UserId) -> Result<HashSet<u64>>;`
server: Add methods to get/set a password reset token 2021-11-21 10:33:11 +00:00			`async fn delete_refresh_token(&self, refresh_token_hash: u64) -> Result<()>;`

			`/// Request a token to reset a user's password.`
			/// If the user doesn't exist, returns `Ok(None)`, otherwise `Ok(Some(token))`.
domain: introduce UserId to make uid case insensitive Note that if there was a non-lowercase user already in the DB, it cannot be found again. To fix this, run in the DB: sqlite> UPDATE users SET user_id = LOWER(user_id); 2022-03-26 17:00:37 +00:00			`async fn start_password_reset(&self, user: &UserId) -> Result<Option<String>>;`
server: Add methods to get/set a password reset token 2021-11-21 10:33:11 +00:00
			`/// Get the user ID associated with a password reset token.`
domain: introduce UserId to make uid case insensitive Note that if there was a non-lowercase user already in the DB, it cannot be found again. To fix this, run in the DB: sqlite> UPDATE users SET user_id = LOWER(user_id); 2022-03-26 17:00:37 +00:00			`async fn get_user_id_for_password_reset_token(&self, token: &str) -> Result<UserId>;`
server: Implement password reset It's still missing the email. This also secures the password change method with a JWT token check: you have to be logged in to change the password. 2021-11-21 17:09:29 +00:00
			`async fn delete_password_reset_token(&self, token: &str) -> Result<()>;`
Split big files into little ones 2021-05-20 17:18:15 +00:00			`}`

			`#[cfg(test)]`
			`use crate::domain::handler::*;`
			`#[cfg(test)]`
			`mockall::mock! {`
			`pub TestTcpBackendHandler{}`
			`impl Clone for TestTcpBackendHandler {`
			`fn clone(&self) -> Self;`
			`}`
			`#[async_trait]`
Add a handler for OPAQUE messages 2021-06-16 20:04:11 +00:00			`impl LoginHandler for TestTcpBackendHandler {`
server: Add methods to get/set a password reset token 2021-11-21 10:33:11 +00:00			`async fn bind(&self, request: BindRequest) -> Result<()>;`
Add a handler for OPAQUE messages 2021-06-16 20:04:11 +00:00			`}`
			`#[async_trait]`
			`impl BackendHandler for TestTcpBackendHandler {`
server: rename RequestFilter to UserRequestFilter 2022-02-11 08:10:28 +00:00			`async fn list_users(&self, filters: Option<UserRequestFilter>) -> Result<Vec<User>>;`
server: refactor group requests to use filters 2022-02-12 10:00:02 +00:00			`async fn list_groups(&self, filters: Option<GroupRequestFilter>) -> Result<Vec<Group>>;`
domain: introduce UserId to make uid case insensitive Note that if there was a non-lowercase user already in the DB, it cannot be found again. To fix this, run in the DB: sqlite> UPDATE users SET user_id = LOWER(user_id); 2022-03-26 17:00:37 +00:00			`async fn get_user_details(&self, user_id: &UserId) -> Result<User>;`
server: Add methods to get/set a password reset token 2021-11-21 10:33:11 +00:00			`async fn get_group_details(&self, group_id: GroupId) -> Result<GroupIdAndName>;`
domain: introduce UserId to make uid case insensitive Note that if there was a non-lowercase user already in the DB, it cannot be found again. To fix this, run in the DB: sqlite> UPDATE users SET user_id = LOWER(user_id); 2022-03-26 17:00:37 +00:00			`async fn get_user_groups(&self, user: &UserId) -> Result<HashSet<GroupIdAndName>>;`
server: Add methods to get/set a password reset token 2021-11-21 10:33:11 +00:00			`async fn create_user(&self, request: CreateUserRequest) -> Result<()>;`
			`async fn update_user(&self, request: UpdateUserRequest) -> Result<()>;`
			`async fn update_group(&self, request: UpdateGroupRequest) -> Result<()>;`
domain: introduce UserId to make uid case insensitive Note that if there was a non-lowercase user already in the DB, it cannot be found again. To fix this, run in the DB: sqlite> UPDATE users SET user_id = LOWER(user_id); 2022-03-26 17:00:37 +00:00			`async fn delete_user(&self, user_id: &UserId) -> Result<()>;`
server: Add methods to get/set a password reset token 2021-11-21 10:33:11 +00:00			`async fn create_group(&self, group_name: &str) -> Result<GroupId>;`
			`async fn delete_group(&self, group_id: GroupId) -> Result<()>;`
domain: introduce UserId to make uid case insensitive Note that if there was a non-lowercase user already in the DB, it cannot be found again. To fix this, run in the DB: sqlite> UPDATE users SET user_id = LOWER(user_id); 2022-03-26 17:00:37 +00:00			`async fn add_user_to_group(&self, user_id: &UserId, group_id: GroupId) -> Result<()>;`
			`async fn remove_user_from_group(&self, user_id: &UserId, group_id: GroupId) -> Result<()>;`
Split big files into little ones 2021-05-20 17:18:15 +00:00			`}`
			`#[async_trait]`
			`impl TcpBackendHandler for TestTcpBackendHandler {`
			`async fn get_jwt_blacklist(&self) -> anyhow::Result<HashSet<u64>>;`
domain: introduce UserId to make uid case insensitive Note that if there was a non-lowercase user already in the DB, it cannot be found again. To fix this, run in the DB: sqlite> UPDATE users SET user_id = LOWER(user_id); 2022-03-26 17:00:37 +00:00			`async fn create_refresh_token(&self, user: &UserId) -> Result<(String, chrono::Duration)>;`
			`async fn check_token(&self, refresh_token_hash: u64, user: &UserId) -> Result<bool>;`
			`async fn blacklist_jwts(&self, user: &UserId) -> Result<HashSet<u64>>;`
server: Add methods to get/set a password reset token 2021-11-21 10:33:11 +00:00			`async fn delete_refresh_token(&self, refresh_token_hash: u64) -> Result<()>;`
domain: introduce UserId to make uid case insensitive Note that if there was a non-lowercase user already in the DB, it cannot be found again. To fix this, run in the DB: sqlite> UPDATE users SET user_id = LOWER(user_id); 2022-03-26 17:00:37 +00:00			`async fn start_password_reset(&self, user: &UserId) -> Result<Option<String>>;`
			`async fn get_user_id_for_password_reset_token(&self, token: &str) -> Result<UserId>;`
server: Implement password reset It's still missing the email. This also secures the password change method with a JWT token check: you have to be logged in to change the password. 2021-11-21 17:09:29 +00:00			`async fn delete_password_reset_token(&self, token: &str) -> Result<()>;`
Split big files into little ones 2021-05-20 17:18:15 +00:00			`}`
			`}`