diff --git a/app/src/api.rs b/app/src/api.rs index dd9c618..c1ff7d1 100644 --- a/app/src/api.rs +++ b/app/src/api.rs @@ -46,7 +46,7 @@ where R: serde::ser::Serialize, { fn from(request: &'a R) -> Self { - Self(Json(&request)) + Self(Json(request)) } } @@ -92,7 +92,7 @@ impl HostService { pub fn login_start( request: login::ClientLoginStartRequest, - callback: Callback>, + callback: Callback>>, ) -> Result { call_server( "/auth/opaque/login/start", diff --git a/app/src/login.rs b/app/src/login.rs index c809b5c..080c563 100644 --- a/app/src/login.rs +++ b/app/src/login.rs @@ -23,7 +23,7 @@ pub struct Props { pub enum Msg { Submit, - AuthenticationStartResponse(Result), + AuthenticationStartResponse(Result>), AuthenticationFinishResponse(Result), } @@ -57,9 +57,9 @@ impl LoginForm { match msg { Msg::Submit => { let username = get_form_field("username") - .ok_or(anyhow!("Could not get username from form"))?; + .ok_or_else(|| anyhow!("Could not get username from form"))?; let password = get_form_field("password") - .ok_or(anyhow!("Could not get password from form"))?; + .ok_or_else(|| anyhow!("Could not get password from form"))?; let mut rng = rand::rngs::OsRng; let login_start_request = opaque::client::login::start_login(&password, &mut rng) diff --git a/model/src/opaque.rs b/model/src/opaque.rs index eecd849..c46b81d 100644 --- a/model/src/opaque.rs +++ b/model/src/opaque.rs @@ -9,7 +9,7 @@ pub enum AuthenticationError { pub type AuthenticationResult = std::result::Result; -pub use opaque_ke::keypair::{PublicKey, PrivateKey}; +pub use opaque_ke::keypair::{PrivateKey, PublicKey}; pub type KeyPair = opaque_ke::keypair::KeyPair<::Group>; /// A wrapper around argon2 to provide the [`opaque_ke::slow_hash::SlowHash`] trait. @@ -64,8 +64,10 @@ pub mod client { pub mod registration { pub use super::*; pub type ClientRegistration = opaque_ke::ClientRegistration; - pub type ClientRegistrationStartResult = opaque_ke::ClientRegistrationStartResult; - pub type ClientRegistrationFinishResult = opaque_ke::ClientRegistrationFinishResult; + pub type ClientRegistrationStartResult = + opaque_ke::ClientRegistrationStartResult; + pub type ClientRegistrationFinishResult = + opaque_ke::ClientRegistrationFinishResult; pub type RegistrationResponse = opaque_ke::RegistrationResponse; pub use opaque_ke::ClientRegistrationFinishParameters; /// Initiate the registration negotiation. @@ -73,10 +75,7 @@ pub mod client { password: &str, rng: &mut R, ) -> AuthenticationResult { - Ok(ClientRegistration::start( - rng, - password.as_bytes(), - )?) + Ok(ClientRegistration::start(rng, password.as_bytes())?) } /// Finalize the registration negotiation. @@ -101,10 +100,7 @@ pub mod client { pub type ClientLoginStartResult = opaque_ke::ClientLoginStartResult; pub type CredentialResponse = opaque_ke::CredentialResponse; pub type CredentialFinalization = opaque_ke::CredentialFinalization; - pub use opaque_ke::{ - ClientLoginFinishParameters, - ClientLoginStartParameters, - }; + pub use opaque_ke::{ClientLoginFinishParameters, ClientLoginStartParameters}; /// Initiate the login negotiation. pub fn start_login( @@ -139,7 +135,8 @@ pub mod server { pub use super::*; pub type RegistrationRequest = opaque_ke::RegistrationRequest; pub type RegistrationUpload = opaque_ke::RegistrationUpload; - pub type ServerRegistrationStartResult = opaque_ke::ServerRegistrationStartResult; + pub type ServerRegistrationStartResult = + opaque_ke::ServerRegistrationStartResult; /// Start a registration process, from a request sent by the client. /// /// The result must be kept for the next step. diff --git a/src/domain/error.rs b/src/domain/error.rs index 5147b5c..0a77d18 100644 --- a/src/domain/error.rs +++ b/src/domain/error.rs @@ -1,7 +1,8 @@ use thiserror::Error; +#[allow(clippy::enum_variant_names)] #[derive(Error, Debug)] -pub enum Error { +pub enum DomainError { #[error("Authentication error for `{0}`")] AuthenticationError(String), #[error("Database error: `{0}`")] @@ -12,4 +13,4 @@ pub enum Error { InternalError(String), } -pub type Result = std::result::Result; +pub type Result = std::result::Result; diff --git a/src/domain/sql_backend_handler.rs b/src/domain/sql_backend_handler.rs index ec08e12..55b9f5f 100644 --- a/src/domain/sql_backend_handler.rs +++ b/src/domain/sql_backend_handler.rs @@ -173,8 +173,8 @@ impl BackendHandler for SqlBackendHandler { // Transform it into a single result (the first error if any), and group the group_ids // into a HashSet. .collect::>>() - // Map the sqlx::Error into a domain::Error. - .map_err(Error::DatabaseError) + // Map the sqlx::Error into a DomainError. + .map_err(DomainError::DatabaseError) } async fn create_user(&self, request: CreateUserRequest) -> Result<()> { diff --git a/src/domain/sql_opaque_handler.rs b/src/domain/sql_opaque_handler.rs index 3fdcfe0..ee61970 100644 --- a/src/domain/sql_opaque_handler.rs +++ b/src/domain/sql_opaque_handler.rs @@ -52,7 +52,7 @@ impl LoginHandler for SqlBackendHandler { return Ok(()); } else { debug!(r#"Invalid password for LDAP bind user"#); - return Err(Error::AuthenticationError(request.name)); + return Err(DomainError::AuthenticationError(request.name)); } } let query = Query::select() @@ -65,7 +65,7 @@ impl LoginHandler for SqlBackendHandler { row.get::>, _>(&*Users::PasswordHash.to_string()) { if let Err(e) = passwords_match( - &&password_hash, + &password_hash, &request.password, self.config.get_server_keys().private(), ) { @@ -79,7 +79,7 @@ impl LoginHandler for SqlBackendHandler { } else { debug!(r#"No user found for "{}""#, request.name); } - Err(Error::AuthenticationError(request.name)) + Err(DomainError::AuthenticationError(request.name)) } } @@ -101,11 +101,11 @@ impl OpaqueHandler for SqlOpaqueHandler { .await? .get::>, _>(&*Users::PasswordHash.to_string()) // If no password, always fail. - .ok_or_else(|| Error::AuthenticationError(request.username.clone()))? + .ok_or_else(|| DomainError::AuthenticationError(request.username.clone()))? }; let password_file = opaque::server::ServerRegistration::deserialize(&password_file_bytes) .map_err(|_| { - Error::InternalError(format!("Corrupted password file for {}", request.username)) + DomainError::InternalError(format!("Corrupted password file for {}", request.username)) })?; let mut rng = rand::rngs::OsRng; @@ -163,7 +163,7 @@ impl OpaqueHandler for SqlOpaqueHandler { &row.get::, _>(&*LoginAttempts::ServerLoginData.to_string()), ) .map_err(|_| { - Error::InternalError(format!( + DomainError::InternalError(format!( "Corrupted login data for user `{}` [id `{}`]", username, request.login_key )) @@ -248,7 +248,7 @@ impl OpaqueHandler for SqlOpaqueHandler { &row.get::, _>(&*RegistrationAttempts::ServerRegistrationData.to_string()), ) .map_err(|_| { - Error::InternalError(format!( + DomainError::InternalError(format!( "Corrupted registration data for user `{}` [id `{}`]", username, request.registration_key )) diff --git a/src/infra/auth_service.rs b/src/infra/auth_service.rs index 255703a..178b02e 100644 --- a/src/infra/auth_service.rs +++ b/src/infra/auth_service.rs @@ -1,5 +1,6 @@ use crate::{ domain::{ + error::DomainError, handler::{BackendHandler, LoginHandler}, opaque_handler::OpaqueHandler, }, @@ -191,7 +192,7 @@ where // token. data.backend_handler .get_user_groups(name.to_string()) - .and_then(|g| async { Ok((g, data.backend_handler.create_refresh_token(&name).await?)) }) + .and_then(|g| async { Ok((g, data.backend_handler.create_refresh_token(name).await?)) }) .await .map(|(groups, (refresh_token, max_age))| { let token = create_jwt(&data.jwt_key, name.to_string(), groups); @@ -205,7 +206,7 @@ where .finish(), ) .cookie( - Cookie::build("refresh_token", refresh_token + "+" + &name) + Cookie::build("refresh_token", refresh_token + "+" + name) .max_age(max_age.num_days().days()) .path("/auth") .http_only(true) diff --git a/src/infra/configuration.rs b/src/infra/configuration.rs index c184f46..3525bf9 100644 --- a/src/infra/configuration.rs +++ b/src/infra/configuration.rs @@ -33,7 +33,7 @@ pub struct Configuration { impl ConfigurationBuilder { #[cfg(test)] pub fn build(self) -> Result { - let server_keys = get_server_keys(&self.key_file.as_deref().unwrap_or("server_key"))?; + let server_keys = get_server_keys(self.key_file.as_deref().unwrap_or("server_key"))?; Ok(self.server_keys(server_keys).private_build()?) } diff --git a/src/infra/tcp_api.rs b/src/infra/tcp_api.rs index f5ff986..d1050db 100644 --- a/src/infra/tcp_api.rs +++ b/src/infra/tcp_api.rs @@ -1,5 +1,5 @@ use crate::{ - domain::handler::*, + domain::{error::DomainError, handler::*}, infra::{ tcp_backend_handler::*, tcp_server::{error_to_http_response, AppState}, @@ -54,7 +54,7 @@ where let msg = err.to_string(); actix_web::error::InternalError::from_response( err, - HttpResponse::BadRequest().body(msg).into(), + HttpResponse::BadRequest().body(msg), ) .into() }); diff --git a/src/infra/tcp_backend_handler.rs b/src/infra/tcp_backend_handler.rs index 60541ae..99b5035 100644 --- a/src/infra/tcp_backend_handler.rs +++ b/src/infra/tcp_backend_handler.rs @@ -1,7 +1,6 @@ use async_trait::async_trait; use std::collections::HashSet; -pub type DomainError = crate::domain::error::Error; pub type DomainResult = crate::domain::error::Result; #[async_trait] diff --git a/src/infra/tcp_server.rs b/src/infra/tcp_server.rs index 7384a52..dd6686c 100644 --- a/src/infra/tcp_server.rs +++ b/src/infra/tcp_server.rs @@ -1,5 +1,6 @@ use crate::{ domain::{ + error::DomainError, handler::{BackendHandler, LoginHandler}, opaque_handler::OpaqueHandler, }, @@ -48,7 +49,7 @@ fn http_config( { cfg.data(AppState:: { backend_handler, - jwt_key: Hmac::new_varkey(&jwt_secret.as_bytes()).unwrap(), + jwt_key: Hmac::new_varkey(jwt_secret.as_bytes()).unwrap(), jwt_blacklist: RwLock::new(jwt_blacklist), }) // Serve index.html and main.js, and default to index.html.