ldap: generate uuid attribute

2023-04-12 14:25:13 +00:00 · 2022-06-10 18:23:16 +02:00 · 2022-06-10 18:23:16 +02:00 · 00ddc827f2
commit 00ddc827f2
parent 733d363e25
4 changed files with 144 additions and 63 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@ -512,6 +512,15 @@ dependencies = [
 "generic-array",
 ]

+[[package]]
+name = "block-buffer"
+version = "0.10.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0bf7fe51849ea569fd452f37822f606a5cabb684dc918707a0193fd4664ff324"
+dependencies = [
+ "generic-array",
+]
+
 [[package]]
 name = "boolinator"
 version = "2.4.0"
@ -552,7 +561,7 @@ dependencies = [
 "rand 0.7.3",
 "serde",
 "serde_json",
- "uuid",
+ "uuid 0.8.2",
 ]

 [[package]]
@ -831,6 +840,16 @@ dependencies = [
 "winapi",
 ]

+[[package]]
+name = "crypto-common"
+version = "0.1.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "57952ca27b5e3606ff4dd79b0020231aaf9d6aa76dc05fd30137538c50bd3ce8"
+dependencies = [
+ "generic-array",
+ "typenum",
+]
+
 [[package]]
 name = "crypto-mac"
 version = "0.10.1"
@ -864,7 +883,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "0b9fdf9972b2bd6af2d913799d9ebc165ea4d2e65878e329d9c6b372c4491b61"
 dependencies = [
 "byteorder",
- "digest",
+ "digest 0.9.0",
 "rand_core 0.5.1",
 "serde",
 "subtle",
@ -976,6 +995,16 @@ dependencies = [
 "generic-array",
 ]

+[[package]]
+name = "digest"
+version = "0.10.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f2fb860ca6fafa5552fb6d0e816a69c8e49f0908bf524e30a90d97c85892d506"
+dependencies = [
+ "block-buffer 0.10.2",
+ "crypto-common",
+]
+
 [[package]]
 name = "discard"
 version = "1.0.4"
@ -1485,7 +1514,7 @@ version = "0.11.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "01706d578d5c281058480e673ae4086a9f4710d8df1ad80a5b03e39ece5f886b"
 dependencies = [
- "digest",
+ "digest 0.9.0",
 "hmac 0.11.0",
 ]

@ -1496,7 +1525,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "c1441c6b1e930e2817404b5046f1f989899143a12bf92de603b69f4e0aee1e15"
 dependencies = [
 "crypto-mac 0.10.1",
- "digest",
+ "digest 0.9.0",
 ]

 [[package]]
@ -1506,7 +1535,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "2a2a2320eb7ec0ebe8da8f744d7812d9fc4cb4d09344ac01898dbcb6a20ae69b"
 dependencies = [
 "crypto-mac 0.11.1",
- "digest",
+ "digest 0.9.0",
 ]

 [[package]]
@ -1704,7 +1733,7 @@ dependencies = [
 "smartstring",
 "static_assertions",
 "url",
- "uuid",
+ "uuid 0.8.2",
 ]

 [[package]]
@ -1746,7 +1775,7 @@ checksum = "86e46349d67dc03bdbdb28da0337a355a53ca1d5156452722c36fe21d0e6389b"
 dependencies = [
 "base64",
 "crypto-mac 0.10.1",
- "digest",
+ "digest 0.9.0",
 "hmac 0.10.1",
 "serde",
 "serde_json",
@ -1939,6 +1968,7 @@ dependencies = [
 "tracing-actix-web",
 "tracing-log",
 "tracing-subscriber",
+ "uuid 1.1.1",
 ]

 [[package]]
@ -1971,7 +2001,7 @@ version = "0.3.0-alpha.1"
 dependencies = [
 "chrono",
 "curve25519-dalek",
- "digest",
+ "digest 0.9.0",
 "generic-array",
 "getrandom 0.2.3",
 "opaque-ke",
@ -2042,11 +2072,20 @@ version = "0.9.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "7b5a279bb9607f9f53c22d496eade00d138d1bdcccd07d74650387cf94942a15"
 dependencies = [
- "block-buffer",
- "digest",
+ "block-buffer 0.9.0",
+ "digest 0.9.0",
 "opaque-debug",
 ]

+[[package]]
+name = "md-5"
+version = "0.10.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "658646b21e0b72f7866c7038ab086d3d5e1cd6271f060fd37defb241949d0582"
+dependencies = [
+ "digest 0.10.3",
+]
+
 [[package]]
 name = "memchr"
 version = "2.4.1"
@ -2342,7 +2381,7 @@ checksum = "26772682ba4fa69f11ae6e4af8bc83946372981ff31a026648d4acb2553c9ee8"
 dependencies = [
 "base64",
 "curve25519-dalek",
- "digest",
+ "digest 0.9.0",
 "displaydoc",
 "generic-array",
 "generic-bytes",
@ -2840,7 +2879,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "3648b669b10afeab18972c105e284a7b953a669b0be3514c27f9b17acab2f9cd"
 dependencies = [
 "byteorder",
- "digest",
+ "digest 0.9.0",
 "lazy_static",
 "num-bigint-dig",
 "num-integer",
@ -3060,10 +3099,10 @@ version = "0.9.8"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "99cd6713db3cf16b6c84e06321e049a9b9f699826e16096d23bbcc44d15d51a6"
 dependencies = [
- "block-buffer",
+ "block-buffer 0.9.0",
 "cfg-if 1.0.0",
 "cpufeatures",
- "digest",
+ "digest 0.9.0",
 "opaque-debug",
 ]

@ -3079,10 +3118,10 @@ version = "0.9.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "9204c41a1597a8c5af23c82d1c921cb01ec0a4c59e07a9c7306062829a3903f3"
 dependencies = [
- "block-buffer",
+ "block-buffer 0.9.0",
 "cfg-if 1.0.0",
 "cpufeatures",
- "digest",
+ "digest 0.9.0",
 "opaque-debug",
 ]

@ -3219,7 +3258,7 @@ dependencies = [
 "crossbeam-channel",
 "crossbeam-queue",
 "crossbeam-utils",
- "digest",
+ "digest 0.9.0",
 "either",
 "futures-channel",
 "futures-core",
@ -3232,7 +3271,7 @@ dependencies = [
 "libc",
 "libsqlite3-sys",
 "log",
- "md-5",
+ "md-5 0.9.1",
 "memchr",
 "num-bigint 0.3.3",
 "once_cell",
@ -3636,7 +3675,7 @@ dependencies = [
 "futures",
 "tracing",
 "tracing-futures",
- "uuid",
+ "uuid 0.8.2",
 ]

 [[package]]
@ -3814,6 +3853,15 @@ dependencies = [
 "getrandom 0.2.3",
 ]

+[[package]]
+name = "uuid"
+version = "1.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c6d5d669b51467dcf7b2f1a796ce0f955f05f01cafda6c19d6e95f730df29238"
+dependencies = [
+ "md-5 0.10.1",
+]
+
 [[package]]
 name = "validator"
 version = "0.14.0"
--- a/server/Cargo.toml
+++ b/server/Cargo.toml
@ -3,7 +3,6 @@ authors = ["Valentin Tolmer <valentin@tolmer.fr>"]
 edition = "2021"
 name = "lldap"
 version = "0.3.0-alpha.1"
-
 [dependencies]
 actix = "0.12"
 actix-files = "0.6.0-beta.6"
@ -17,79 +16,83 @@ anyhow = "*"
 async-trait = "0.1"
 base64 = "0.13"
 bincode = "1.3"
-chrono = { version = "*", features = [ "serde" ]}
-clap = { version = "3.1.15", features = [ "std", "color", "suggestions", "derive", "env" ] }
 cron = "*"
 derive_builder = "0.10.2"
 futures = "*"
 futures-util = "*"
 hmac = "0.10"
 http = "*"
+itertools = "0.10.1"
+juniper = "0.15.6"
+juniper_actix = "0.4.0"
 jwt = "0.13"
 ldap3_server = ">=0.1.9"
-lldap_auth = { path = "../auth" }
 log = "*"
-orion = "0.16"
 native-tls = "0.2.10"
+orion = "0.16"
 serde = "*"
 serde_json = "1"
 sha2 = "0.9"
 sqlx-core = "=0.5.1"
 thiserror = "*"
 time = "0.2"
-tokio = { version = "1.2.0", features = ["full"] }
 tokio-native-tls = "0.3"
-tokio-util = "0.6.3"
 tokio-stream = "*"
+tokio-util = "0.6.3"
 tracing = "*"
 tracing-actix-web = "0.4.0-beta.7"
 tracing-log = "*"
 tracing-subscriber = "0.3"
-rand = { version = "0.8", features = ["small_rng", "getrandom"] }
-juniper_actix = "0.4.0"
-juniper = "0.15.6"
-itertools = "0.10.1"

-[dependencies.opaque-ke]
-version = "0.6"
+[dependencies.chrono]
+features = ["serde"]
+version = "*"

-[dependencies.lettre]
-version = "0.10.0-rc.3"
-features = [
-  "builder",
-  "serde",
-  "smtp-transport",
-  "tokio1-native-tls",
-  "tokio1",
-]
-
-[dependencies.sqlx]
-version = "0.5.1"
-features = [
-  "any",
-  "chrono",
-  "macros",
-  "mysql",
-  "postgres",
-  "runtime-actix-native-tls",
-  "sqlite",
-]
-
-[dependencies.sea-query]
-version = "0.9.4"
-features = ["with-chrono"]
+[dependencies.clap]
+features = ["std", "color", "suggestions", "derive", "env"]
+version = "3.1.15"

 [dependencies.figment]
 features = ["env", "toml"]
 version = "*"

-[dependencies.secstr]
-features = ["serde"]
-version = "*"
+[dependencies.lettre]
+features = ["builder", "serde", "smtp-transport", "tokio1-native-tls", "tokio1"]
+version = "0.10.0-rc.3"
+
+[dependencies.lldap_auth]
+path = "../auth"
+
+[dependencies.opaque-ke]
+version = "0.6"

 [dependencies.openssl-sys]
 features = ["vendored"]
 version = "*"

+[dependencies.rand]
+features = ["small_rng", "getrandom"]
+version = "0.8"
+
+[dependencies.sea-query]
+features = ["with-chrono"]
+version = "0.9.4"
+
+[dependencies.secstr]
+features = ["serde"]
+version = "*"
+
+[dependencies.sqlx]
+features = ["any", "chrono", "macros", "mysql", "postgres", "runtime-actix-native-tls", "sqlite"]
+version = "0.5.1"
+
+[dependencies.tokio]
+features = ["full"]
+version = "1.2.0"
+
+[dependencies.uuid]
+features = ["v3"]
+version = "*"
+
 [dev-dependencies]
 mockall = "0.9.1"
--- a/server/src/domain/sql_backend_handler.rs
+++ b/server/src/domain/sql_backend_handler.rs
@ -163,7 +163,6 @@ impl BackendHandler for SqlBackendHandler {

            query_builder.to_string(DbQueryBuilder {})
        };
-        log::error!("query: {}", &query);

        // For group_by.
        use itertools::Itertools;
--- a/server/src/infra/ldap_handler.rs
+++ b/server/src/infra/ldap_handler.rs
@ -148,6 +148,15 @@ fn get_user_id_from_distinguished_name(
    }
 }

+fn get_hash_as_uuid(dn: &str, creation_date: &chrono::DateTime<chrono::Utc>) -> String {
+    use uuid::Uuid;
+    Uuid::new_v3(
+        &Uuid::NAMESPACE_X500,
+        &[dn.as_bytes(), creation_date.to_rfc3339().as_bytes()].concat(),
+    )
+    .to_string()
+}
+
 fn get_user_attribute(
    user: &User,
    attribute: &str,
@ -166,6 +175,7 @@ fn get_user_attribute(
        ],
        "dn" | "distinguishedname" => vec![dn.to_string()],
        "uid" => vec![user.user_id.to_string()],
+        "entryuuid" => vec![get_hash_as_uuid(dn, &user.creation_date)],
        "mail" => vec![user.email.clone()],
        "givenname" => vec![user.first_name.clone()],
        "sn" => vec![user.last_name.clone()],
@ -1394,6 +1404,7 @@ mod tests {
                "sn",
                "cn",
                "createTimestamp",
+                "entryUuid",
            ],
        );
        assert_eq!(
@ -1438,7 +1449,11 @@ mod tests {
                        LdapPartialAttribute {
                            atype: "createTimestamp".to_string(),
                            vals: vec!["1970-01-01T00:00:00+00:00".to_string()]
-                        }
+                        },
+                        LdapPartialAttribute {
+                            atype: "entryUuid".to_string(),
+                            vals: vec!["698e1d5f-7a40-3151-8745-b9b8a37839da".to_string()]
+                        },
                    ],
                }),
                LdapOp::SearchResultEntry(LdapSearchResultEntry {
@ -1480,7 +1495,11 @@ mod tests {
                        LdapPartialAttribute {
                            atype: "createTimestamp".to_string(),
                            vals: vec!["2014-07-08T09:10:11+00:00".to_string()]
-                        }
+                        },
+                        LdapPartialAttribute {
+                            atype: "entryUuid".to_string(),
+                            vals: vec!["04ac75e0-2900-3e21-926c-2f732c26b3fc".to_string()]
+                        },
                    ],
                }),
                make_search_success(),
@ -2279,4 +2298,16 @@ mod tests {
            ]
        );
    }
+
+    #[test]
+    fn test_hash_time() {
+        use chrono::prelude::*;
+        let user_id = "bob";
+        let date1 = Utc.ymd(2014, 7, 8).and_hms(9, 10, 11);
+        let date2 = Utc.ymd(2014, 7, 8).and_hms(9, 10, 12);
+        assert_ne!(
+            get_hash_as_uuid(user_id, &date1),
+            get_hash_as_uuid(user_id, &date2)
+        );
+    }
 }