mirror/lldap
1
0
Fork 0
mirror of https://github.com/nitnelave/lldap.git synced 2023-04-12 14:25:13 +00:00
Code Issues Projects Releases Wiki Activity

Fix clippy warnings

Browse Source
This commit is contained in:
Valentin Tolmer 2021-06-23 10:57:34 +02:00
parent eec0903052
commit 2f7019433d
11 changed files with 34 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
app/src/api.rs
View File

@ -46,7 +46,7 @@ where
R: serde::ser::Serialize,
{
fn from(request: &'a R) -> Self {
Self(Json(&request))
Self(Json(request))
}
}
@ -92,7 +92,7 @@ impl HostService {
pub fn login_start(
request: login::ClientLoginStartRequest,
callback: Callback<Result<login::ServerLoginStartResponse>>,
callback: Callback<Result<Box<login::ServerLoginStartResponse>>>,
) -> Result<FetchTask> {
call_server(
"/auth/opaque/login/start",

6
app/src/login.rs
View File

@ -23,7 +23,7 @@ pub struct Props {
pub enum Msg {
Submit,
AuthenticationStartResponse(Result<login::ServerLoginStartResponse>),
AuthenticationStartResponse(Result<Box<login::ServerLoginStartResponse>>),
AuthenticationFinishResponse(Result<String>),
}
@ -57,9 +57,9 @@ impl LoginForm {
match msg {
Msg::Submit => {
let username = get_form_field("username")
.ok_or(anyhow!("Could not get username from form"))?;
.ok_or_else(|| anyhow!("Could not get username from form"))?;
let password = get_form_field("password")
.ok_or(anyhow!("Could not get password from form"))?;
.ok_or_else(|| anyhow!("Could not get password from form"))?;
let mut rng = rand::rngs::OsRng;
let login_start_request =
opaque::client::login::start_login(&password, &mut rng)

21
model/src/opaque.rs
View File

@ -9,7 +9,7 @@ pub enum AuthenticationError {
pub type AuthenticationResult<T> = std::result::Result<T, AuthenticationError>;
pub use opaque_ke::keypair::{PublicKey, PrivateKey};
pub use opaque_ke::keypair::{PrivateKey, PublicKey};
pub type KeyPair = opaque_ke::keypair::KeyPair<<DefaultSuite as CipherSuite>::Group>;
/// A wrapper around argon2 to provide the [`opaque_ke::slow_hash::SlowHash`] trait.
@ -64,8 +64,10 @@ pub mod client {
pub mod registration {
pub use super::*;
pub type ClientRegistration = opaque_ke::ClientRegistration<DefaultSuite>;
pub type ClientRegistrationStartResult = opaque_ke::ClientRegistrationStartResult<DefaultSuite>;
pub type ClientRegistrationFinishResult = opaque_ke::ClientRegistrationFinishResult<DefaultSuite>;
pub type ClientRegistrationStartResult =
opaque_ke::ClientRegistrationStartResult<DefaultSuite>;
pub type ClientRegistrationFinishResult =
opaque_ke::ClientRegistrationFinishResult<DefaultSuite>;
pub type RegistrationResponse = opaque_ke::RegistrationResponse<DefaultSuite>;
pub use opaque_ke::ClientRegistrationFinishParameters;
/// Initiate the registration negotiation.
@ -73,10 +75,7 @@ pub mod client {
password: &str,
rng: &mut R,
) -> AuthenticationResult<ClientRegistrationStartResult> {
Ok(ClientRegistration::start(
rng,
password.as_bytes(),
)?)
Ok(ClientRegistration::start(rng, password.as_bytes())?)
}
/// Finalize the registration negotiation.
@ -101,10 +100,7 @@ pub mod client {
pub type ClientLoginStartResult = opaque_ke::ClientLoginStartResult<DefaultSuite>;
pub type CredentialResponse = opaque_ke::CredentialResponse<DefaultSuite>;
pub type CredentialFinalization = opaque_ke::CredentialFinalization<DefaultSuite>;
pub use opaque_ke::{
ClientLoginFinishParameters,
ClientLoginStartParameters,
};
pub use opaque_ke::{ClientLoginFinishParameters, ClientLoginStartParameters};
/// Initiate the login negotiation.
pub fn start_login<R: RngCore + CryptoRng>(
@ -139,7 +135,8 @@ pub mod server {
pub use super::*;
pub type RegistrationRequest = opaque_ke::RegistrationRequest<DefaultSuite>;
pub type RegistrationUpload = opaque_ke::RegistrationUpload<DefaultSuite>;
pub type ServerRegistrationStartResult = opaque_ke::ServerRegistrationStartResult<DefaultSuite>;
pub type ServerRegistrationStartResult =
opaque_ke::ServerRegistrationStartResult<DefaultSuite>;
/// Start a registration process, from a request sent by the client.
///
/// The result must be kept for the next step.

5
src/domain/error.rs
View File

@ -1,7 +1,8 @@
use thiserror::Error;
#[allow(clippy::enum_variant_names)]
#[derive(Error, Debug)]
pub enum Error {
pub enum DomainError {
#[error("Authentication error for `{0}`")]
AuthenticationError(String),
#[error("Database error: `{0}`")]
@ -12,4 +13,4 @@ pub enum Error {
InternalError(String),
}
pub type Result<T> = std::result::Result<T, Error>;
pub type Result<T> = std::result::Result<T, DomainError>;

4
src/domain/sql_backend_handler.rs
View File

@ -173,8 +173,8 @@ impl BackendHandler for SqlBackendHandler {
// Transform it into a single result (the first error if any), and group the group_ids
// into a HashSet.
.collect::<sqlx::Result<HashSet<_>>>()
// Map the sqlx::Error into a domain::Error.
.map_err(Error::DatabaseError)
// Map the sqlx::Error into a DomainError.
.map_err(DomainError::DatabaseError)
}
async fn create_user(&self, request: CreateUserRequest) -> Result<()> {

14
src/domain/sql_opaque_handler.rs
View File

@ -52,7 +52,7 @@ impl LoginHandler for SqlBackendHandler {
return Ok(());
} else {
debug!(r#"Invalid password for LDAP bind user"#);
return Err(Error::AuthenticationError(request.name));
return Err(DomainError::AuthenticationError(request.name));
}
}
let query = Query::select()
@ -65,7 +65,7 @@ impl LoginHandler for SqlBackendHandler {
row.get::<Option<Vec<u8>>, _>(&*Users::PasswordHash.to_string())
{
if let Err(e) = passwords_match(
&&password_hash,
&password_hash,
&request.password,
self.config.get_server_keys().private(),
) {
@ -79,7 +79,7 @@ impl LoginHandler for SqlBackendHandler {
} else {
debug!(r#"No user found for "{}""#, request.name);
}
Err(Error::AuthenticationError(request.name))
Err(DomainError::AuthenticationError(request.name))
}
}
@ -101,11 +101,11 @@ impl OpaqueHandler for SqlOpaqueHandler {
.await?
.get::<Option<Vec<u8>>, _>(&*Users::PasswordHash.to_string())
// If no password, always fail.
.ok_or_else(|| Error::AuthenticationError(request.username.clone()))?
.ok_or_else(|| DomainError::AuthenticationError(request.username.clone()))?
};
let password_file = opaque::server::ServerRegistration::deserialize(&password_file_bytes)
.map_err(|_| {
Error::InternalError(format!("Corrupted password file for {}", request.username))
DomainError::InternalError(format!("Corrupted password file for {}", request.username))
})?;
let mut rng = rand::rngs::OsRng;
@ -163,7 +163,7 @@ impl OpaqueHandler for SqlOpaqueHandler {
&row.get::<Vec<u8>, _>(&*LoginAttempts::ServerLoginData.to_string()),
)
.map_err(|_| {
Error::InternalError(format!(
DomainError::InternalError(format!(
"Corrupted login data for user `{}` [id `{}`]",
username, request.login_key
))
@ -248,7 +248,7 @@ impl OpaqueHandler for SqlOpaqueHandler {
&row.get::<Vec<u8>, _>(&*RegistrationAttempts::ServerRegistrationData.to_string()),
)
.map_err(|_| {
Error::InternalError(format!(
DomainError::InternalError(format!(
"Corrupted registration data for user `{}` [id `{}`]",
username, request.registration_key
))

5
src/infra/auth_service.rs
View File

@ -1,5 +1,6 @@
use crate::{
domain::{
error::DomainError,
handler::{BackendHandler, LoginHandler},
opaque_handler::OpaqueHandler,
},
@ -191,7 +192,7 @@ where
// token.
data.backend_handler
.get_user_groups(name.to_string())
.and_then(|g| async { Ok((g, data.backend_handler.create_refresh_token(&name).await?)) })
.and_then(|g| async { Ok((g, data.backend_handler.create_refresh_token(name).await?)) })
.await
.map(|(groups, (refresh_token, max_age))| {
let token = create_jwt(&data.jwt_key, name.to_string(), groups);
@ -205,7 +206,7 @@ where
.finish(),
)
.cookie(
Cookie::build("refresh_token", refresh_token + "+" + &name)
Cookie::build("refresh_token", refresh_token + "+" + name)
.max_age(max_age.num_days().days())
.path("/auth")
.http_only(true)

2
src/infra/configuration.rs
View File

@ -33,7 +33,7 @@ pub struct Configuration {
impl ConfigurationBuilder {
#[cfg(test)]
pub fn build(self) -> Result<Configuration> {
let server_keys = get_server_keys(&self.key_file.as_deref().unwrap_or("server_key"))?;
let server_keys = get_server_keys(self.key_file.as_deref().unwrap_or("server_key"))?;
Ok(self.server_keys(server_keys).private_build()?)
}

4
src/infra/tcp_api.rs
View File

@ -1,5 +1,5 @@
use crate::{
domain::handler::*,
domain::{error::DomainError, handler::*},
infra::{
tcp_backend_handler::*,
tcp_server::{error_to_http_response, AppState},
@ -54,7 +54,7 @@ where
let msg = err.to_string();
actix_web::error::InternalError::from_response(
err,
HttpResponse::BadRequest().body(msg).into(),
HttpResponse::BadRequest().body(msg),
)
.into()
});

1
src/infra/tcp_backend_handler.rs
View File

@ -1,7 +1,6 @@
use async_trait::async_trait;
use std::collections::HashSet;
pub type DomainError = crate::domain::error::Error;
pub type DomainResult<T> = crate::domain::error::Result<T>;
#[async_trait]

3
src/infra/tcp_server.rs
View File

@ -1,5 +1,6 @@
use crate::{
domain::{
error::DomainError,
handler::{BackendHandler, LoginHandler},
opaque_handler::OpaqueHandler,
},
@ -48,7 +49,7 @@ fn http_config<Backend>(
{
cfg.data(AppState::<Backend> {
backend_handler,
jwt_key: Hmac::new_varkey(&jwt_secret.as_bytes()).unwrap(),
jwt_key: Hmac::new_varkey(jwt_secret.as_bytes()).unwrap(),
jwt_blacklist: RwLock::new(jwt_blacklist),
})
// Serve index.html and main.js, and default to index.html.