phoenix/icarus_auth
1
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases 46 Wiki Activity

Compare commits

base: phoenix:v0.3.10-devel-70de6b862f-950
Branches Tags
phoenix:main
phoenix:v0.5.0 phoenix:v0.4.3-devel-eb1e2990f9-950 phoenix:v0.4.2-devel-99390ce8b7-950 phoenix:v0.4.1-devel-5967ed5b13-950 phoenix:v0.4.0-devel-be4d1109a7-950 phoenix:v0.4.0-devel-4353414c69-950 phoenix:v0.4.0-devel-c176d0fcf3-950 phoenix:v0.3.10-devel-c8b8d470dc-950 phoenix:v0.3.10-devel-bcd0e607ef-950 phoenix:v0.3.10-devel-70de6b862f-950 phoenix:v0.3.10-devel-8c902b9d61-950 phoenix:v0.3.4-devel-480a428e8b-950 phoenix:v0.3.4-devel-02697b2fd9-950 phoenix:v0.3.4-devel-d4faa7976e-950 phoenix:v0.3.4-devel-ed77cab700-950 phoenix:v0.3.4-devel-2c30abb5c6-950 phoenix:v0.3.4-devel-1817ab01d6-950 phoenix:v0.3.4-devel-31be156be3-950 phoenix:v0.3.4-devel-fc6b66f2e6-950 phoenix:v0.3.4 phoenix:v0.3.4-devel-6dec9942cc-950 phoenix:v0.3.2-devel-17af1a00c0-950 phoenix:v0.3.2-devel-50e735e1a9-950 phoenix:v0.3.2-devel-f6cf968f86-950 phoenix:v0.3.2-v0.3.2-70a547ca94-950 phoenix:v0.3.2 phoenix:v0.3.2-devel-89c89a5524-950 phoenix:v0.3.0-devel-a58b0cb40b-950 phoenix:v0.3.0-v0.3.0-f601442f0e-950 phoenix:v0.3.0 phoenix:v0.3.0-devel-3424d31151-950 phoenix:v0.2.0-devel-332e9d3378-950 phoenix:v0.2.0-v0.2.0-2229d98ab6-950 phoenix:v0.2.0 phoenix:v0.2.0-devel-7f5f1bae2f-950 phoenix:v0.1.1-devel-d7c3443022-950 phoenix:v0.1.0-devel-5b0592f51d-950 phoenix:v0.1.0-devel-7e189e84d8-950 phoenix:v0.1.0-devel-68a9998572-950 phoenix:v0.1.0-devel-4d3415acf2-950 phoenix:v0.1.0-devel-c9873d95d7-950 phoenix:v0.1.0-devel-f105de7c80-950 phoenix:v0.1.0-devel-dda88ce0a0-950 phoenix:v0.1.0-devel-0a678228dd-950 phoenix:v0.1.0-devel-f2005de668-950 phoenix:v0.1.0-devel-c164b3e00e-950
..
compare: phoenix:a4c943189cb104d3a8a2d8d8d4a91cea6a4e34a4
Branches Tags
phoenix:main
phoenix:v0.5.0 phoenix:v0.4.3-devel-eb1e2990f9-950 phoenix:v0.4.2-devel-99390ce8b7-950 phoenix:v0.4.1-devel-5967ed5b13-950 phoenix:v0.4.0-devel-be4d1109a7-950 phoenix:v0.4.0-devel-4353414c69-950 phoenix:v0.4.0-devel-c176d0fcf3-950 phoenix:v0.3.10-devel-c8b8d470dc-950 phoenix:v0.3.10-devel-bcd0e607ef-950 phoenix:v0.3.10-devel-70de6b862f-950 phoenix:v0.3.10-devel-8c902b9d61-950 phoenix:v0.3.4-devel-480a428e8b-950 phoenix:v0.3.4-devel-02697b2fd9-950 phoenix:v0.3.4-devel-d4faa7976e-950 phoenix:v0.3.4-devel-ed77cab700-950 phoenix:v0.3.4-devel-2c30abb5c6-950 phoenix:v0.3.4-devel-1817ab01d6-950 phoenix:v0.3.4-devel-31be156be3-950 phoenix:v0.3.4-devel-fc6b66f2e6-950 phoenix:v0.3.4 phoenix:v0.3.4-devel-6dec9942cc-950 phoenix:v0.3.2-devel-17af1a00c0-950 phoenix:v0.3.2-devel-50e735e1a9-950 phoenix:v0.3.2-devel-f6cf968f86-950 phoenix:v0.3.2-v0.3.2-70a547ca94-950 phoenix:v0.3.2 phoenix:v0.3.2-devel-89c89a5524-950 phoenix:v0.3.0-devel-a58b0cb40b-950 phoenix:v0.3.0-v0.3.0-f601442f0e-950 phoenix:v0.3.0 phoenix:v0.3.0-devel-3424d31151-950 phoenix:v0.2.0-devel-332e9d3378-950 phoenix:v0.2.0-v0.2.0-2229d98ab6-950 phoenix:v0.2.0 phoenix:v0.2.0-devel-7f5f1bae2f-950 phoenix:v0.1.1-devel-d7c3443022-950 phoenix:v0.1.0-devel-5b0592f51d-950 phoenix:v0.1.0-devel-7e189e84d8-950 phoenix:v0.1.0-devel-68a9998572-950 phoenix:v0.1.0-devel-4d3415acf2-950 phoenix:v0.1.0-devel-c9873d95d7-950 phoenix:v0.1.0-devel-f105de7c80-950 phoenix:v0.1.0-devel-dda88ce0a0-950 phoenix:v0.1.0-devel-0a678228dd-950 phoenix:v0.1.0-devel-f2005de668-950 phoenix:v0.1.0-devel-c164b3e00e-950

10 Commits
v0.3.10-de ... a4c943189c

Author SHA1 Message Date
phoenix
a4c943189c Next release (#32)
All checks were successful
Rust Build / Rustfmt (push) Successful in 29s
Details
Rust Build / Test Suite (push) Successful in 48s
Details
Rust Build / Check (push) Successful in 57s
Details
Rust Build / Clippy (push) Successful in 34s
Details
Rust Build / build (push) Successful in 1m2s
Details 
Reviewed-on: #32
 2025-08-12 21:46:01 +00:00
phoenix
eb1e2990f9 tsk-51: Refresh token endpoint (#54)
All checks were successful
Rust Build / Check (push) Successful in 46s
Details
Rust Build / Test Suite (push) Successful in 57s
Details
Release Tagging / release (push) Successful in 59s
Details
Rust Build / Rustfmt (push) Successful in 37s
Details
Rust Build / Clippy (push) Successful in 48s
Details
Rust Build / Check (pull_request) Successful in 45s
Details
Rust Build / build (push) Successful in 59s
Details
Rust Build / Rustfmt (pull_request) Successful in 38s
Details
Rust Build / Clippy (pull_request) Successful in 43s
Details
Rust Build / Test Suite (pull_request) Successful in 54s
Details
Rust Build / build (pull_request) Successful in 59s
Details 
Closes #51

Reviewed-on: #54
Co-authored-by: phoenix <kundeng00@pm.me>
Co-committed-by: phoenix <kundeng00@pm.me>
 2025-08-11 22:15:17 +00:00
phoenix
99390ce8b7 tsk-50: Create Special endpoint for services to obtain a token (#53)
All checks were successful
Rust Build / Check (push) Successful in 32s
Details
Release Tagging / release (push) Successful in 51s
Details
Rust Build / Rustfmt (push) Successful in 25s
Details
Rust Build / build (push) Successful in 42s
Details
Rust Build / Check (pull_request) Successful in 36s
Details
Rust Build / Clippy (push) Successful in 2m2s
Details
Rust Build / Test Suite (pull_request) Successful in 42s
Details
Rust Build / Rustfmt (pull_request) Successful in 32s
Details
Rust Build / Clippy (pull_request) Successful in 37s
Details
Rust Build / Test Suite (push) Successful in 3m57s
Details
Rust Build / build (pull_request) Successful in 3m14s
Details 
Reviewed-on: #53
Co-authored-by: phoenix <kundeng00@pm.me>
Co-committed-by: phoenix <kundeng00@pm.me>
 2025-08-03 23:09:50 +00:00
phoenix
5967ed5b13 minor refactoring (#52)
All checks were successful
Release Tagging / release (push) Successful in 35s
Details
Rust Build / Check (push) Successful in 37s
Details
Rust Build / Rustfmt (push) Successful in 27s
Details
Rust Build / Test Suite (push) Successful in 41s
Details
Rust Build / build (push) Successful in 46s
Details
Rust Build / Clippy (push) Successful in 1m46s
Details
Rust Build / Check (pull_request) Successful in 37s
Details
Rust Build / Rustfmt (pull_request) Successful in 28s
Details
Rust Build / Test Suite (pull_request) Successful in 39s
Details
Rust Build / build (pull_request) Successful in 45s
Details
Rust Build / Clippy (pull_request) Successful in 1m44s
Details 
Reviewed-on: #52
Co-authored-by: phoenix <kundeng00@pm.me>
Co-committed-by: phoenix <kundeng00@pm.me>
 2025-08-01 20:49:15 +00:00
phoenix
be4d1109a7 Update rust in docker (#48)
Some checks failed
Release Tagging / release (push) Successful in 29s
Details
Rust Build / Check (push) Successful in 36s
Details
Rust Build / Test Suite (push) Successful in 45s
Details
Rust Build / Rustfmt (push) Successful in 27s
Details
Rust Build / Clippy (push) Successful in 35s
Details
Rust Build / build (push) Successful in 59s
Details
Rust Build / Check (pull_request) Failing after 44s
Details
Rust Build / Test Suite (pull_request) Failing after 1m17s
Details
Rust Build / Rustfmt (pull_request) Failing after 39s
Details
Rust Build / Clippy (pull_request) Failing after 38s
Details
Rust Build / build (pull_request) Failing after 37s
Details 
Reviewed-on: #48
Co-authored-by: phoenix <kundeng00@pm.me>
Co-committed-by: phoenix <kundeng00@pm.me>
 2025-07-13 23:01:16 +00:00
phoenix
4353414c69 Upgrade postgresql (#47)
All checks were successful
Rust Build / Check (push) Successful in 36s
Details
Rust Build / Test Suite (push) Successful in 49s
Details
Rust Build / Rustfmt (push) Successful in 29s
Details
Rust Build / Clippy (push) Successful in 40s
Details
Rust Build / build (push) Successful in 1m4s
Details
Release Tagging / release (push) Successful in 30s
Details
Rust Build / Check (pull_request) Successful in 39s
Details
Rust Build / Test Suite (pull_request) Successful in 46s
Details
Rust Build / Rustfmt (pull_request) Successful in 25s
Details
Rust Build / Clippy (pull_request) Successful in 37s
Details
Rust Build / build (pull_request) Successful in 56s
Details 
Reviewed-on: #47

Closes #46

Co-authored-by: phoenix <kundeng00@pm.me>
Co-committed-by: phoenix <kundeng00@pm.me>
 2025-07-12 19:32:56 +00:00
phoenix
c176d0fcf3 Version bump (#45)
All checks were successful
Release Tagging / release (push) Successful in 31s
Details
Rust Build / Check (push) Successful in 40s
Details
Rust Build / Test Suite (push) Successful in 52s
Details
Rust Build / Rustfmt (push) Successful in 25s
Details
Rust Build / Clippy (push) Successful in 41s
Details
Rust Build / build (push) Successful in 1m2s
Details
Rust Build / Check (pull_request) Successful in 2m18s
Details
Rust Build / Test Suite (pull_request) Successful in 2m29s
Details
Rust Build / Rustfmt (pull_request) Successful in 26s
Details
Rust Build / Clippy (pull_request) Successful in 2m23s
Details
Rust Build / build (pull_request) Successful in 4m51s
Details 
Reviewed-on: #45
Co-authored-by: phoenix <kundeng00@pm.me>
Co-committed-by: phoenix <kundeng00@pm.me>
 2025-06-29 20:50:55 +00:00
phoenix
c8b8d470dc Refactoring (#44)
All checks were successful
Release Tagging / release (push) Successful in 28s
Details
Rust Build / Check (push) Successful in 37s
Details
Rust Build / Test Suite (push) Successful in 47s
Details
Rust Build / Rustfmt (push) Successful in 25s
Details
Rust Build / Clippy (push) Successful in 39s
Details
Rust Build / build (push) Successful in 1m2s
Details
Rust Build / Check (pull_request) Successful in 38s
Details
Rust Build / Test Suite (pull_request) Successful in 50s
Details
Rust Build / Rustfmt (pull_request) Successful in 27s
Details
Rust Build / Clippy (pull_request) Successful in 40s
Details
Rust Build / build (pull_request) Successful in 1m6s
Details 
Reviewed-on: #44
Co-authored-by: phoenix <kundeng00@pm.me>
Co-committed-by: phoenix <kundeng00@pm.me>
 2025-06-29 20:39:04 +00:00
phoenix
bcd0e607ef Update dependencies (#43)
Some checks failed
Release Tagging / release (push) Successful in 31s
Details
Rust Build / Check (push) Successful in 36s
Details
Rust Build / Rustfmt (push) Successful in 25s
Details
Rust Build / Clippy (push) Failing after 39s
Details
Rust Build / Check (pull_request) Successful in 40s
Details
Rust Build / Test Suite (pull_request) Successful in 52s
Details
Rust Build / build (pull_request) Successful in 1m6s
Details
Rust Build / Test Suite (push) Successful in 47s
Details
Rust Build / build (push) Successful in 1m2s
Details
Rust Build / Rustfmt (pull_request) Successful in 27s
Details
Rust Build / Clippy (pull_request) Failing after 41s
Details 
Reviewed-on: #43
Co-authored-by: phoenix <kundeng00@pm.me>
Co-committed-by: phoenix <kundeng00@pm.me>
 2025-06-29 20:26:58 +00:00
phoenix
eb7e394cf0 Next release (#27)
All checks were successful
Rust Build / Check (push) Successful in 53s
Details
Rust Build / Test Suite (push) Successful in 1m2s
Details
Rust Build / Rustfmt (push) Successful in 32s
Details
Rust Build / Clippy (push) Successful in 59s
Details
Rust Build / build (push) Successful in 1m20s
Details 
Reviewed-on: #27
 2025-04-12 00:27:47 +00:00
17 changed files with 615 additions and 153 deletions
Expand all files Collapse all files

1
.env.docker.sample
View File

@@ -1,4 +1,5 @@
SECRET_KEY=refero34o8rfhfjn983thf39fhc943rf923n3h SECRET_KEY=refero34o8rfhfjn983thf39fhc943rf923n3h
SERVICE_PASSPHRASE=iUOo1fxshf3y1tUGn1yU8l9raPApHCdinW0VdCHdRFEjqhR3Bf02aZzsKbLtaDFH
POSTGRES_AUTH_USER=icarus_op POSTGRES_AUTH_USER=icarus_op
POSTGRES_AUTH_PASSWORD=password POSTGRES_AUTH_PASSWORD=password
POSTGRES_AUTH_DB=icarus_auth_db POSTGRES_AUTH_DB=icarus_auth_db

1
.env.sample
View File

@@ -1,4 +1,5 @@
SECRET_KEY=refero34o8rfhfjn983thf39fhc943rf923n3h SECRET_KEY=refero34o8rfhfjn983thf39fhc943rf923n3h
SERVICE_PASSPHRASE=iUOo1fxshf3y1tUGn1yU8l9raPApHCdinW0VdCHdRFEjqhR3Bf02aZzsKbLtaDFH
POSTGRES_AUTH_USER=icarus_op_test POSTGRES_AUTH_USER=icarus_op_test
POSTGRES_AUTH_PASSWORD=password POSTGRES_AUTH_PASSWORD=password
POSTGRES_AUTH_DB=icarus_auth_test_db POSTGRES_AUTH_DB=icarus_auth_test_db

2
.gitea/workflows/tag_release.yml
View File

@@ -49,5 +49,3 @@ jobs:
release_name: Release ${{ steps.version.outputs.project_tag_release }} release_name: Release ${{ steps.version.outputs.project_tag_release }}
body: | body: |
Release of version ${{ steps.version.outputs.project_tag_release }} Release of version ${{ steps.version.outputs.project_tag_release }}
# draft: false
# prerelease: ${{ startsWith(github.ref, 'v') == false }} # prerelease if not a valid release tag

2
.gitea/workflows/workflow.yml
View File

@@ -36,7 +36,7 @@ jobs:
# --- Add database service definition --- # --- Add database service definition ---
services: services:
postgres: postgres:
image: postgres:17.4 # Or pin to a more specific version like 14.9 image: postgres:17.5
env: env:
# Use secrets for DB init, with fallbacks for flexibility # Use secrets for DB init, with fallbacks for flexibility
POSTGRES_USER: ${{ secrets.DB_TEST_USER || 'testuser' }} POSTGRES_USER: ${{ secrets.DB_TEST_USER || 'testuser' }}

2
.gitignore vendored
View File

@@ -1,2 +1,4 @@
/target /target
.env .env
.env.local
.env.docker

200
Cargo.lock generated
View File

@@ -67,9 +67,9 @@ checksum = "ace50bade8e6234aa140d9a2f552bbee1db4d353f69b8217bc503490fc1a9f26"
[[package]] [[package]]
name = "axum" name = "axum"
version = "0.8.3" version = "0.8.4"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "de45108900e1f9b9242f7f2e254aa3e2c029c921c258fe9e6b4217eeebd54288" checksum = "021e862c184ae977658b36c4500f7feac3221ca5da43e3f25bd04ab6c79a29b5"
dependencies = [ dependencies = [
"axum-core", "axum-core",
"bytes", "bytes",
@@ -173,6 +173,12 @@ dependencies = [
"generic-array", "generic-array",
] ]
[[package]]
name = "bumpalo"
version = "3.19.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "46c5e41b57b8bba42a04676d81cb89e9ee8e859a1a66f80a5a72e1cb76b34d43"
[[package]] [[package]]
name = "byteorder" name = "byteorder"
version = "1.5.0" version = "1.5.0"
@@ -215,6 +221,26 @@ version = "0.9.6"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c2459377285ad874054d797f3ccebf984978aa39129f6eafde5cdc8315b612f8" checksum = "c2459377285ad874054d797f3ccebf984978aa39129f6eafde5cdc8315b612f8"
[[package]]
name = "const_format"
version = "0.2.34"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "126f97965c8ad46d6d9163268ff28432e8f6a1196a55578867832e3049df63dd"
dependencies = [
"const_format_proc_macros",
]
[[package]]
name = "const_format_proc_macros"
version = "0.2.34"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1d57c2eccfb16dbac1f4e61e206105db5820c9d26c3c472bc17c774259ef7744"
dependencies = [
"proc-macro2",
"quote",
"unicode-xid",
]
[[package]] [[package]]
name = "core-foundation" name = "core-foundation"
version = "0.9.4" version = "0.9.4"
@@ -702,7 +728,7 @@ dependencies = [
[[package]] [[package]]
name = "icarus_auth" name = "icarus_auth"
version = "0.3.10" version = "0.4.3"
dependencies = [ dependencies = [
"argon2", "argon2",
"axum", "axum",
@@ -712,7 +738,7 @@ dependencies = [
"icarus_models", "icarus_models",
"josekit", "josekit",
"once_cell", "once_cell",
"rand 0.9.0", "rand 0.9.1",
"serde", "serde",
"serde_json", "serde_json",
"sqlx", "sqlx",
@@ -726,18 +752,20 @@ dependencies = [
[[package]] [[package]]
name = "icarus_envy" name = "icarus_envy"
version = "0.2.0" version = "0.3.1"
source = "git+ssh://git@git.kundeng.us/phoenix/icarus_envy.git?tag=v0.2.0-devel-dbe4dc67cb-950#dbe4dc67cb1baa5ae5c5f2b452ff45d388c719ea" source = "git+ssh://git@git.kundeng.us/phoenix/icarus_envy.git?tag=v0.3.1-main-3cd42dab6b-006#3cd42dab6b2503609883f5f57ad3508755c34a2e"
dependencies = [ dependencies = [
"const_format",
"dotenvy", "dotenvy",
] ]
[[package]] [[package]]
name = "icarus_models" name = "icarus_models"
version = "0.4.3" version = "0.5.5"
source = "git+ssh://git@git.kundeng.us/phoenix/icarus_models.git?tag=v0.4.3#6aa4c3d74142f5fceb4a6e95078bb3ae0a2d99c5" source = "git+ssh://git@git.kundeng.us/phoenix/icarus_models.git?tag=v0.5.5-devel-bd793db08e-111#bd793db08e06b256ffecd9f4528e55e3026fede7"
dependencies = [ dependencies = [
"rand 0.9.0", "josekit",
"rand 0.9.1",
"serde", "serde",
"serde_json", "serde_json",
"time", "time",
@@ -901,9 +929,9 @@ checksum = "4a5f13b858c8d314ee3e8f639011f7ccefe71f97f96e50151fb991f267928e2c"
[[package]] [[package]]
name = "josekit" name = "josekit"
version = "0.10.1" version = "0.10.3"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fe0633782b10949cf7d5aca9ec7c87ce642cbe4fff7d34602b2ec2e890ad56e5" checksum = "a808e078330e6af222eb0044b71d4b1ff981bfef43e7bc8133a88234e0c86a0c"
dependencies = [ dependencies = [
"anyhow", "anyhow",
"base64", "base64",
@@ -912,10 +940,20 @@ dependencies = [
"regex", "regex",
"serde", "serde",
"serde_json", "serde_json",
"thiserror 1.0.69", "thiserror",
"time", "time",
] ]
[[package]]
name = "js-sys"
version = "0.3.77"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1cfaf33c695fc6e08064efbc1f72ec937429614f25eef83af942d0e227c3a28f"
dependencies = [
"once_cell",
"wasm-bindgen",
]
[[package]] [[package]]
name = "lazy_static" name = "lazy_static"
version = "1.5.0" version = "1.5.0"
@@ -1314,13 +1352,12 @@ dependencies = [
[[package]] [[package]]
name = "rand" name = "rand"
version = "0.9.0" version = "0.9.1"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3779b94aeb87e8bd4e834cee3650289ee9e0d5677f976ecdb6d219e5f4f6cd94" checksum = "9fbfd9d094a40bf3ae768db9361049ace4c0e04a4fd6b359518bd7b73a73dd97"
dependencies = [ dependencies = [
"rand_chacha 0.9.0", "rand_chacha 0.9.0",
"rand_core 0.9.3", "rand_core 0.9.3",
"zerocopy",
] ]
[[package]] [[package]]
@@ -1639,9 +1676,9 @@ dependencies = [
[[package]] [[package]]
name = "sqlx" name = "sqlx"
version = "0.8.3" version = "0.8.6"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4410e73b3c0d8442c5f99b425d7a435b5ee0ae4167b3196771dd3f7a01be745f" checksum = "1fefb893899429669dcdd979aff487bd78f4064e5e7907e4269081e0ef7d97dc"
dependencies = [ dependencies = [
"sqlx-core", "sqlx-core",
"sqlx-macros", "sqlx-macros",
@@ -1652,10 +1689,11 @@ dependencies = [
[[package]] [[package]]
name = "sqlx-core" name = "sqlx-core"
version = "0.8.3" version = "0.8.6"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6a007b6936676aa9ab40207cde35daab0a04b823be8ae004368c0793b96a61e0" checksum = "ee6798b1838b6a0f69c007c133b8df5866302197e404e8b6ee8ed3e3a5e68dc6"
dependencies = [ dependencies = [
"base64",
"bytes", "bytes",
"crc", "crc",
"crossbeam-queue", "crossbeam-queue",
@@ -1677,7 +1715,7 @@ dependencies = [
"serde_json", "serde_json",
"sha2", "sha2",
"smallvec", "smallvec",
"thiserror 2.0.12", "thiserror",
"time", "time",
"tokio", "tokio",
"tokio-stream", "tokio-stream",
@@ -1688,9 +1726,9 @@ dependencies = [
[[package]] [[package]]
name = "sqlx-macros" name = "sqlx-macros"
version = "0.8.3" version = "0.8.6"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3112e2ad78643fef903618d78cf0aec1cb3134b019730edb039b69eaf531f310" checksum = "a2d452988ccaacfbf5e0bdbc348fb91d7c8af5bee192173ac3636b5fb6e6715d"
dependencies = [ dependencies = [
"proc-macro2", "proc-macro2",
"quote", "quote",
@@ -1701,9 +1739,9 @@ dependencies = [
[[package]] [[package]]
name = "sqlx-macros-core" name = "sqlx-macros-core"
version = "0.8.3" version = "0.8.6"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4e9f90acc5ab146a99bf5061a7eb4976b573f560bc898ef3bf8435448dd5e7ad" checksum = "19a9c1841124ac5a61741f96e1d9e2ec77424bf323962dd894bdb93f37d5219b"
dependencies = [ dependencies = [
"dotenvy", "dotenvy",
"either", "either",
@@ -1720,16 +1758,15 @@ dependencies = [
"sqlx-postgres", "sqlx-postgres",
"sqlx-sqlite", "sqlx-sqlite",
"syn", "syn",
"tempfile",
"tokio", "tokio",
"url", "url",
] ]
[[package]] [[package]]
name = "sqlx-mysql" name = "sqlx-mysql"
version = "0.8.3" version = "0.8.6"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4560278f0e00ce64938540546f59f590d60beee33fffbd3b9cd47851e5fff233" checksum = "aa003f0038df784eb8fecbbac13affe3da23b45194bd57dba231c8f48199c526"
dependencies = [ dependencies = [
"atoi", "atoi",
"base64", "base64",
@@ -1762,7 +1799,7 @@ dependencies = [
"smallvec", "smallvec",
"sqlx-core", "sqlx-core",
"stringprep", "stringprep",
"thiserror 2.0.12", "thiserror",
"time", "time",
"tracing", "tracing",
"uuid", "uuid",
@@ -1771,9 +1808,9 @@ dependencies = [
[[package]] [[package]]
name = "sqlx-postgres" name = "sqlx-postgres"
version = "0.8.3" version = "0.8.6"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c5b98a57f363ed6764d5b3a12bfedf62f07aa16e1856a7ddc2a0bb190a959613" checksum = "db58fcd5a53cf07c184b154801ff91347e4c30d17a3562a635ff028ad5deda46"
dependencies = [ dependencies = [
"atoi", "atoi",
"base64", "base64",
@@ -1801,7 +1838,7 @@ dependencies = [
"smallvec", "smallvec",
"sqlx-core", "sqlx-core",
"stringprep", "stringprep",
"thiserror 2.0.12", "thiserror",
"time", "time",
"tracing", "tracing",
"uuid", "uuid",
@@ -1810,9 +1847,9 @@ dependencies = [
[[package]] [[package]]
name = "sqlx-sqlite" name = "sqlx-sqlite"
version = "0.8.3" version = "0.8.6"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f85ca71d3a5b24e64e1d08dd8fe36c6c95c339a896cc33068148906784620540" checksum = "c2d12fe70b2c1b4401038055f90f151b78208de1f9f89a7dbfd41587a10c3eea"
dependencies = [ dependencies = [
"atoi", "atoi",
"flume", "flume",
@@ -1827,6 +1864,7 @@ dependencies = [
"serde", "serde",
"serde_urlencoded", "serde_urlencoded",
"sqlx-core", "sqlx-core",
"thiserror",
"time", "time",
"tracing", "tracing",
"url", "url",
@@ -1897,33 +1935,13 @@ dependencies = [
"windows-sys 0.59.0", "windows-sys 0.59.0",
] ]
[[package]]
name = "thiserror"
version = "1.0.69"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b6aaf5339b578ea85b50e080feb250a3e8ae8cfcdff9a461c9ec2904bc923f52"
dependencies = [
"thiserror-impl 1.0.69",
]
[[package]] [[package]]
name = "thiserror" name = "thiserror"
version = "2.0.12" version = "2.0.12"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "567b8a2dae586314f7be2a752ec7474332959c6460e02bde30d702a66d488708" checksum = "567b8a2dae586314f7be2a752ec7474332959c6460e02bde30d702a66d488708"
dependencies = [ dependencies = [
"thiserror-impl 2.0.12", "thiserror-impl",
]
[[package]]
name = "thiserror-impl"
version = "1.0.69"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4fee6c4efc90059e10f81e6d42c60a18f76588c3d74cb83a0b242a2b6c7504c1"
dependencies = [
"proc-macro2",
"quote",
"syn",
] ]
[[package]] [[package]]
@@ -2005,9 +2023,9 @@ checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20"
[[package]] [[package]]
name = "tokio" name = "tokio"
version = "1.44.1" version = "1.45.1"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f382da615b842244d4b8738c82ed1275e6c5dd90c459a30941cd07080b06c91a" checksum = "75ef51a33ef1da925cea3e4eb122833cb377c61439ca401b770f54902b806779"
dependencies = [ dependencies = [
"backtrace", "backtrace",
"bytes", "bytes",
@@ -2160,6 +2178,12 @@ version = "0.1.3"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e70f2a8b45122e719eb623c01822704c4e0907e7e426a05927e1a1cfff5b75d0" checksum = "e70f2a8b45122e719eb623c01822704c4e0907e7e426a05927e1a1cfff5b75d0"
[[package]]
name = "unicode-xid"
version = "0.2.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ebc1c04c71510c7f702b52b7c350734c9ff1295c464a03335b00bb84fc54f853"
[[package]] [[package]]
name = "url" name = "url"
version = "2.5.4" version = "2.5.4"
@@ -2185,12 +2209,14 @@ checksum = "b6c140620e7ffbb22c2dee59cafe6084a59b5ffc27a8859a5f0d494b5d52b6be"
[[package]] [[package]]
name = "uuid" name = "uuid"
version = "1.16.0" version = "1.17.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "458f7a779bf54acc9f347480ac654f68407d3aab21269a6e3c9f922acd9e2da9" checksum = "3cf4199d1e5d15ddd86a694e4d0dffa9c323ce759fea589f00fef9d81cc1931d"
dependencies = [ dependencies = [
"getrandom 0.3.2", "getrandom 0.3.2",
"js-sys",
"serde", "serde",
"wasm-bindgen",
] ]
[[package]] [[package]]
@@ -2232,6 +2258,64 @@ version = "0.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b8dad83b4f25e74f184f64c43b150b91efe7647395b42289f38e50566d82855b" checksum = "b8dad83b4f25e74f184f64c43b150b91efe7647395b42289f38e50566d82855b"
[[package]]
name = "wasm-bindgen"
version = "0.2.100"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1edc8929d7499fc4e8f0be2262a241556cfc54a0bea223790e71446f2aab1ef5"
dependencies = [
"cfg-if",
"once_cell",
"rustversion",
"wasm-bindgen-macro",
]
[[package]]
name = "wasm-bindgen-backend"
version = "0.2.100"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2f0a0651a5c2bc21487bde11ee802ccaf4c51935d0d3d42a6101f98161700bc6"
dependencies = [
"bumpalo",
"log",
"proc-macro2",
"quote",
"syn",
"wasm-bindgen-shared",
]
[[package]]
name = "wasm-bindgen-macro"
version = "0.2.100"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7fe63fc6d09ed3792bd0897b314f53de8e16568c2b3f7982f468c0bf9bd0b407"
dependencies = [
"quote",
"wasm-bindgen-macro-support",
]
[[package]]
name = "wasm-bindgen-macro-support"
version = "0.2.100"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8ae87ea40c9f689fc23f209965b6fb8a99ad69aeeb0231408be24920604395de"
dependencies = [
"proc-macro2",
"quote",
"syn",
"wasm-bindgen-backend",
"wasm-bindgen-shared",
]
[[package]]
name = "wasm-bindgen-shared"
version = "0.2.100"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1a05d73b933a847d6cccdda8f838a22ff101ad9bf93e33684f39c1f5f0eece3d"
dependencies = [
"unicode-ident",
]
[[package]] [[package]]
name = "whoami" name = "whoami"
version = "1.6.0" version = "1.6.0"

26
Cargo.toml
View File

@@ -1,27 +1,27 @@
[package] [package]
name = "icarus_auth" name = "icarus_auth"
version = "0.3.10" version = "0.4.3"
edition = "2024" edition = "2024"
rust-version = "1.88" rust-version = "1.88"
[dependencies] [dependencies]
axum = { version = "0.8.3" } axum = { version = "0.8.4" }
serde = { version = "1.0.218", features = ["derive"] } serde = { version = "1.0.219", features = ["derive"] }
serde_json = { version = "1.0.139" } serde_json = { version = "1.0.140" }
tokio = { version = "1.44.1", features = ["rt-multi-thread"] } tokio = { version = "1.45.1", features = ["rt-multi-thread"] }
tracing-subscriber = { version = "0.3.19" } tracing-subscriber = { version = "0.3.19" }
tower = { version = "0.5.2" } tower = { version = "0.5.2" }
hyper = { version = "1.6.0" } hyper = { version = "1.6.0" }
sqlx = { version = "0.8.3", features = ["postgres", "runtime-tokio-native-tls", "time", "uuid"] } sqlx = { version = "0.8.6", features = ["postgres", "runtime-tokio-native-tls", "time", "uuid"] }
uuid = { version = "1.16.0", features = ["v4", "serde"] } uuid = { version = "1.17.0", features = ["v4", "serde"] }
argon2 = { version = "0.5.3", features = ["std"] } # Use the latest 0.5.x version argon2 = { version = "0.5.3", features = ["std"] } # Use the latest 0.5.x version
rand = { version = "0.9" } rand = { version = "0.9.1" }
time = { version = "0.3.41", features = ["macros", "serde"] } time = { version = "0.3.41", features = ["macros", "serde"] }
josekit = { version = "0.10.1" } josekit = { version = "0.10.3" }
icarus_models = { git = "ssh://git@git.kundeng.us/phoenix/icarus_models.git", tag = "v0.4.3" } icarus_models = { git = "ssh://git@git.kundeng.us/phoenix/icarus_models.git", tag = "v0.5.5-devel-bd793db08e-111" }
icarus_envy = { git = "ssh://git@git.kundeng.us/phoenix/icarus_envy.git", tag = "v0.2.0-devel-dbe4dc67cb-950" } icarus_envy = { git = "ssh://git@git.kundeng.us/phoenix/icarus_envy.git", tag = "v0.3.1-main-3cd42dab6b-006" }
[dev-dependencies] [dev-dependencies]
http-body-util = { version = "0.1.3" } http-body-util = { version = "0.1.3" }
url = { version = "2.5" } url = { version = "2.5.4" }
once_cell = { version = "1.19" } # Useful for lazy initialization in tests/app setup once_cell = { version = "1.21.3" } # Useful for lazy initialization in tests/app setup

4
Dockerfile
View File

@@ -1,7 +1,7 @@
# Stage 1: Build the application # Stage 1: Build the application
# Use a specific Rust version for reproducibility. Choose one that matches your development environment. # Use a specific Rust version for reproducibility. Choose one that matches your development environment.
# Using slim variant for smaller base image # Using slim variant for smaller base image
FROM rust:1.86 as builder FROM rust:1.88 as builder
# Set the working directory inside the container # Set the working directory inside the container
WORKDIR /usr/src/app WORKDIR /usr/src/app
@@ -68,4 +68,4 @@ EXPOSE 3000
# Set the command to run your application # Set the command to run your application
# Ensure this matches the binary name copied above # Ensure this matches the binary name copied above
CMD ["./icarus_auth"] CMD ["./icarus_auth"]

2
docker-compose.yaml
View File

@@ -19,7 +19,7 @@ services:
# PostgreSQL Database Service # PostgreSQL Database Service
auth_db: auth_db:
image: postgres:17.4-alpine # Use an official Postgres image (Alpine variant is smaller) image: postgres:17.5-alpine # Use an official Postgres image (Alpine variant is smaller)
container_name: icarus_auth_db # Optional: Give the container a specific name container_name: icarus_auth_db # Optional: Give the container a specific name
environment: environment:
# These MUST match the user, password, and database name in the DATABASE_URL above # These MUST match the user, password, and database name in the DATABASE_URL above

6
migrations/20250402221858_init_migrate.sql
View File

@@ -20,3 +20,9 @@ CREATE TABLE IF NOT EXISTS "salt" (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(), id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
salt TEXT NOT NULL salt TEXT NOT NULL
); );
CREATE TABLE IF NOT EXISTS "passphrase" (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
passphrase TEXT NOT NULL,
date_created TIMESTAMPTZ NOT NULL DEFAULT NOW()
);

2
migrations/20250802185652_passphrase_data.sql Normal file
View File

@@ -0,0 +1,2 @@
-- Add migration script here
INSERT INTO "passphrase" (id, passphrase) VALUES('22f9c775-cce9-457a-a147-9dafbb801f61', 'iUOo1fxshf3y1tUGn1yU8l9raPApHCdinW0VdCHdRFEjqhR3Bf02aZzsKbLtaDFH');

145
src/callers/login.rs
View File

@@ -6,6 +6,20 @@ pub mod request {
pub username: String, pub username: String,
pub password: String, pub password: String,
} }
pub mod service_login {
#[derive(Debug, serde::Deserialize, serde::Serialize)]
pub struct Request {
pub passphrase: String,
}
}
pub mod refresh_token {
#[derive(Debug, serde::Deserialize, serde::Serialize)]
pub struct Request {
pub access_token: String,
}
}
} }
pub mod response { pub mod response {
@@ -16,6 +30,22 @@ pub mod response {
pub message: String, pub message: String,
pub data: Vec<icarus_models::login_result::LoginResult>, pub data: Vec<icarus_models::login_result::LoginResult>,
} }
pub mod service_login {
#[derive(Debug, Default, serde::Deserialize, serde::Serialize)]
pub struct Response {
pub message: String,
pub data: Vec<icarus_models::login_result::LoginResult>,
}
}
pub mod refresh_token {
#[derive(Debug, Default, serde::Deserialize, serde::Serialize)]
pub struct Response {
pub message: String,
pub data: Vec<icarus_models::login_result::LoginResult>,
}
}
} }
pub mod endpoint { pub mod endpoint {
@@ -28,6 +58,10 @@ pub mod endpoint {
use super::request; use super::request;
use super::response; use super::response;
// TODO: At some point, get the username from the DB
// Name of service username when returning a login result
pub const SERVICE_USERNAME: &str = "service";
async fn not_found(message: &str) -> (StatusCode, Json<response::Response>) { async fn not_found(message: &str) -> (StatusCode, Json<response::Response>) {
( (
StatusCode::NOT_FOUND, StatusCode::NOT_FOUND,
@@ -48,7 +82,8 @@ pub mod endpoint {
if hashing::verify_password(&payload.password, user.password.clone()).unwrap() { if hashing::verify_password(&payload.password, user.password.clone()).unwrap() {
// Create token // Create token
let key = icarus_envy::environment::get_secret_key().await; let key = icarus_envy::environment::get_secret_key().await;
let (token_literal, duration) = token_stuff::create_token(&key).unwrap(); let (token_literal, duration) =
token_stuff::create_token(&key, &user.id).unwrap();
if token_stuff::verify_token(&key, &token_literal) { if token_stuff::verify_token(&key, &token_literal) {
let current_time = time::OffsetDateTime::now_utc(); let current_time = time::OffsetDateTime::now_utc();
@@ -62,7 +97,7 @@ pub mod endpoint {
id: user.id, id: user.id,
username: user.username.clone(), username: user.username.clone(),
token: token_literal, token: token_literal,
token_type: String::from(token_stuff::TOKENTYPE), token_type: String::from(icarus_models::token::TOKEN_TYPE),
expiration: duration, expiration: duration,
}], }],
}), }),
@@ -79,4 +114,110 @@ pub mod endpoint {
} }
} }
} }
pub async fn service_login(
axum::Extension(pool): axum::Extension<sqlx::PgPool>,
axum::Json(payload): axum::Json<request::service_login::Request>,
) -> (
axum::http::StatusCode,
axum::Json<response::service_login::Response>,
) {
let mut response = response::service_login::Response::default();
match repo::service::valid_passphrase(&pool, &payload.passphrase).await {
Ok((id, _passphrase, _date_created)) => {
let key = icarus_envy::environment::get_secret_key().await;
let (token_literal, duration) =
token_stuff::create_service_token(&key, &id).unwrap();
if token_stuff::verify_token(&key, &token_literal) {
let login_result = icarus_models::login_result::LoginResult {
id,
username: String::from(SERVICE_USERNAME),
token: token_literal,
token_type: String::from(icarus_models::token::TOKEN_TYPE),
expiration: duration,
};
response.data.push(login_result);
response.message = String::from("Successful");
(axum::http::StatusCode::OK, axum::Json(response))
} else {
(axum::http::StatusCode::OK, axum::Json(response))
}
}
Err(err) => {
response.message = err.to_string();
(axum::http::StatusCode::BAD_REQUEST, axum::Json(response))
}
}
}
pub async fn refresh_token(
axum::Extension(pool): axum::Extension<sqlx::PgPool>,
axum::Json(payload): axum::Json<request::refresh_token::Request>,
) -> (
axum::http::StatusCode,
axum::Json<response::refresh_token::Response>,
) {
let mut response = response::refresh_token::Response::default();
let key = icarus_envy::environment::get_secret_key().await;
if token_stuff::verify_token(&key, &payload.access_token) {
let token_type = token_stuff::get_token_type(&key, &payload.access_token).unwrap();
if token_stuff::is_token_type_valid(&token_type) {
// Get passphrase record with id
match token_stuff::extract_id_from_token(&key, &payload.access_token) {
Ok(id) => match repo::service::get_passphrase(&pool, &id).await {
Ok((returned_id, _, _)) => {
match token_stuff::create_service_refresh_token(&key, &returned_id) {
Ok((access_token, exp_dur)) => {
let login_result = icarus_models::login_result::LoginResult {
id: returned_id,
token: access_token,
expiration: exp_dur,
token_type: String::from(icarus_models::token::TOKEN_TYPE),
username: String::from(SERVICE_USERNAME),
};
response.message = String::from("Successful");
response.data.push(login_result);
(axum::http::StatusCode::OK, axum::Json(response))
}
Err(err) => {
response.message = err.to_string();
(
axum::http::StatusCode::INTERNAL_SERVER_ERROR,
axum::Json(response),
)
}
}
}
Err(err) => {
response.message = err.to_string();
(
axum::http::StatusCode::INTERNAL_SERVER_ERROR,
axum::Json(response),
)
}
},
Err(err) => {
response.message = err.to_string();
(
axum::http::StatusCode::INTERNAL_SERVER_ERROR,
axum::Json(response),
)
}
}
} else {
response.message = String::from("Invalid token type");
(axum::http::StatusCode::NOT_FOUND, axum::Json(response))
}
} else {
response.message = String::from("Could not verify token");
(axum::http::StatusCode::BAD_REQUEST, axum::Json(response))
}
}
} }

2
src/callers/mod.rs
View File

@@ -7,4 +7,6 @@ pub mod endpoints {
pub const REGISTER: &str = "/api/v2/register"; pub const REGISTER: &str = "/api/v2/register";
pub const DBTEST: &str = "/api/v2/test/db"; pub const DBTEST: &str = "/api/v2/test/db";
pub const LOGIN: &str = "/api/v2/login"; pub const LOGIN: &str = "/api/v2/login";
pub const SERVICE_LOGIN: &str = "/api/v2/service/login";
pub const REFRESH_TOKEN: &str = "/api/v2/token/refresh";
} }

2
src/lib.rs
View File

@@ -16,7 +16,7 @@ pub mod db {
pub async fn create_pool() -> Result<sqlx::PgPool, sqlx::Error> { pub async fn create_pool() -> Result<sqlx::PgPool, sqlx::Error> {
let database_url = icarus_envy::environment::get_db_url().await; let database_url = icarus_envy::environment::get_db_url().await;
println!("Database url: {:?}", database_url); println!("Database url: {database_url}");
PgPoolOptions::new() PgPoolOptions::new()
.max_connections(connection_settings::MAXCONN) .max_connections(connection_settings::MAXCONN)

173
src/main.rs
View File

@@ -41,6 +41,14 @@ mod init {
callers::endpoints::LOGIN, callers::endpoints::LOGIN,
post(callers::login::endpoint::login), post(callers::login::endpoint::login),
) )
.route(
callers::endpoints::SERVICE_LOGIN,
post(callers::login::endpoint::service_login),
)
.route(
callers::endpoints::REFRESH_TOKEN,
post(callers::login::endpoint::refresh_token),
)
} }
pub async fn app() -> Router { pub async fn app() -> Router {
@@ -154,6 +162,25 @@ mod tests {
}) })
} }
pub mod requests {
use tower::ServiceExt; // for `call`, `oneshot`, and `ready`
pub async fn register(
app: &axum::Router,
usr: &icarus_auth::callers::register::request::Request,
) -> Result<axum::response::Response, std::convert::Infallible> {
let payload = super::get_test_register_payload(&usr);
let req = axum::http::Request::builder()
.method(axum::http::Method::POST)
.uri(crate::callers::endpoints::REGISTER)
.header(axum::http::header::CONTENT_TYPE, "application/json")
.body(axum::body::Body::from(payload.to_string()))
.unwrap();
app.clone().oneshot(req).await
}
}
#[tokio::test] #[tokio::test]
async fn test_hello_world() { async fn test_hello_world() {
let app = init::app().await; let app = init::app().await;
@@ -198,18 +225,8 @@ mod tests {
let app = init::routes().await.layer(axum::Extension(pool)); let app = init::routes().await.layer(axum::Extension(pool));
let usr = get_test_register_request(); let usr = get_test_register_request();
let payload = get_test_register_payload(&usr);
let response = app let response = requests::register(&app, &usr).await;
.oneshot(
Request::builder()
.method(axum::http::Method::POST)
.uri(callers::endpoints::REGISTER)
.header(axum::http::header::CONTENT_TYPE, "application/json")
.body(Body::from(payload.to_string()))
.unwrap(),
)
.await;
match response { match response {
Ok(resp) => { Ok(resp) => {
@@ -265,19 +282,8 @@ mod tests {
let app = init::routes().await.layer(axum::Extension(pool)); let app = init::routes().await.layer(axum::Extension(pool));
let usr = get_test_register_request(); let usr = get_test_register_request();
let payload = get_test_register_payload(&usr);
let response = app let response = requests::register(&app, &usr).await;
.clone()
.oneshot(
Request::builder()
.method(axum::http::Method::POST)
.uri(callers::endpoints::REGISTER)
.header(axum::http::header::CONTENT_TYPE, "application/json")
.body(Body::from(payload.to_string()))
.unwrap(),
)
.await;
match response { match response {
Ok(resp) => { Ok(resp) => {
@@ -341,4 +347,125 @@ mod tests {
let _ = db_mgr::drop_database(&tm_pool, &db_name).await; let _ = db_mgr::drop_database(&tm_pool, &db_name).await;
} }
#[tokio::test]
async fn test_service_login_user() {
let tm_pool = db_mgr::get_pool().await.unwrap();
let db_name = db_mgr::generate_db_name().await;
match db_mgr::create_database(&tm_pool, &db_name).await {
Ok(_) => {
println!("Success");
}
Err(e) => {
assert!(false, "Error: {:?}", e.to_string());
}
}
let pool = db_mgr::connect_to_db(&db_name).await.unwrap();
icarus_auth::db::migrations(&pool).await;
let app = init::routes().await.layer(axum::Extension(pool));
let passphrase =
String::from("iUOo1fxshf3y1tUGn1yU8l9raPApHCdinW0VdCHdRFEjqhR3Bf02aZzsKbLtaDFH");
let payload = serde_json::json!({
"passphrase": passphrase
});
match app
.oneshot(
Request::builder()
.method(axum::http::Method::POST)
.uri(callers::endpoints::SERVICE_LOGIN)
.header(axum::http::header::CONTENT_TYPE, "application/json")
.body(Body::from(payload.to_string()))
.unwrap(),
)
.await
{
Ok(response) => {
assert_eq!(StatusCode::OK, response.status(), "Status is not right");
let body = axum::body::to_bytes(response.into_body(), usize::MAX)
.await
.unwrap();
let parsed_body: callers::login::response::service_login::Response =
serde_json::from_slice(&body).unwrap();
let _login_result = &parsed_body.data[0];
}
Err(err) => {
assert!(false, "Error: {err:?}");
}
}
let _ = db_mgr::drop_database(&tm_pool, &db_name).await;
}
#[tokio::test]
async fn test_refresh_token() {
let tm_pool = db_mgr::get_pool().await.unwrap();
let db_name = db_mgr::generate_db_name().await;
match db_mgr::create_database(&tm_pool, &db_name).await {
Ok(_) => {
println!("Success");
}
Err(e) => {
assert!(false, "Error: {:?}", e.to_string());
}
}
let pool = db_mgr::connect_to_db(&db_name).await.unwrap();
icarus_auth::db::migrations(&pool).await;
let app = init::routes().await.layer(axum::Extension(pool));
let id = uuid::Uuid::parse_str("22f9c775-cce9-457a-a147-9dafbb801f61").unwrap();
let key = icarus_envy::environment::get_secret_key().await;
match icarus_auth::token_stuff::create_service_token(&key, &id) {
Ok((token, _expire)) => {
let payload = serde_json::json!({
"access_token": token
});
match app
.oneshot(
Request::builder()
.method(axum::http::Method::POST)
.uri(callers::endpoints::REFRESH_TOKEN)
.header(axum::http::header::CONTENT_TYPE, "application/json")
.body(Body::from(payload.to_string()))
.unwrap(),
)
.await
{
Ok(response) => {
let body = axum::body::to_bytes(response.into_body(), usize::MAX)
.await
.unwrap();
let parsed_body: callers::login::response::service_login::Response =
serde_json::from_slice(&body).unwrap();
let login_result = &parsed_body.data[0];
assert_eq!(
id, login_result.id,
"The Id from the response does not match {id:?} {:?}",
login_result.id
);
}
Err(err) => {
assert!(false, "Error: {err:?}");
}
}
}
Err(err) => {
assert!(false, "Error: {err:?}");
}
}
let _ = db_mgr::drop_database(&tm_pool, &db_name).await;
}
} }

59
src/repo/mod.rs
View File

@@ -57,7 +57,7 @@ pub mod user {
.fetch_optional(pool) .fetch_optional(pool)
.await .await
.map_err(|e| { .map_err(|e| {
eprintln!("Error updating time: {}", e); eprintln!("Error updating time: {e}");
e e
}); });
@@ -113,7 +113,7 @@ pub mod user {
.fetch_one(pool) .fetch_one(pool)
.await .await
.map_err(|e| { .map_err(|e| {
eprintln!("Error inserting item: {}", e); eprintln!("Error inserting item: {e}");
e e
})?; })?;
@@ -180,7 +180,7 @@ pub mod salt {
.fetch_one(pool) .fetch_one(pool)
.await .await
.map_err(|e| { .map_err(|e| {
eprintln!("Error inserting item: {}", e); eprintln!("Error inserting item: {e}");
e e
})?; })?;
@@ -195,3 +195,56 @@ pub mod salt {
} }
} }
} }
pub mod service {
use sqlx::Row;
pub async fn valid_passphrase(
pool: &sqlx::PgPool,
passphrase: &String,
) -> Result<(uuid::Uuid, String, time::OffsetDateTime), sqlx::Error> {
let result = sqlx::query(
r#"
SELECT * FROM "passphrase" WHERE passphrase = $1
"#,
)
.bind(passphrase)
.fetch_one(pool)
.await;
match result {
Ok(row) => {
let id: uuid::Uuid = row.try_get("id")?;
let passphrase: String = row.try_get("passphrase")?;
let date_created: Option<time::OffsetDateTime> = row.try_get("date_created")?;
Ok((id, passphrase, date_created.unwrap()))
}
Err(err) => Err(err),
}
}
pub async fn get_passphrase(
pool: &sqlx::PgPool,
id: &uuid::Uuid,
) -> Result<(uuid::Uuid, String, time::OffsetDateTime), sqlx::Error> {
let result = sqlx::query(
r#"
SELECT * FROM "passphrase" WHERE id = $1;
"#,
)
.bind(id)
.fetch_one(pool)
.await;
match result {
Ok(row) => {
let returned_id: uuid::Uuid = row.try_get("id")?;
let passphrase: String = row.try_get("passphrase")?;
let date_created: time::OffsetDateTime = row.try_get("date_created")?;
Ok((returned_id, passphrase, date_created))
}
Err(err) => Err(err),
}
}
}

139
src/token_stuff/mod.rs
View File

@@ -1,12 +1,11 @@
use josekit::{ use josekit::{
self, self,
jws::{JwsHeader, alg::hmac::HmacJwsAlgorithm::Hs256}, jws::alg::hmac::HmacJwsAlgorithm::Hs256,
jwt::{self, JwtPayload}, jwt::{self},
}; };
use time; use time;
pub const TOKENTYPE: &str = "JWT";
pub const KEY_ENV: &str = "SECRET_KEY"; pub const KEY_ENV: &str = "SECRET_KEY";
pub const MESSAGE: &str = "Something random"; pub const MESSAGE: &str = "Something random";
pub const ISSUER: &str = "icarus_auth"; pub const ISSUER: &str = "icarus_auth";
@@ -21,67 +20,113 @@ pub fn get_expiration(issued: &time::OffsetDateTime) -> Result<time::OffsetDateT
Ok(*issued + duration_expire) Ok(*issued + duration_expire)
} }
mod util { pub fn create_token(
pub fn time_to_std_time( provided_key: &String,
provided_time: &time::OffsetDateTime, id: &uuid::Uuid,
) -> Result<std::time::SystemTime, std::time::SystemTimeError> { ) -> Result<(String, i64), josekit::JoseError> {
let converted = std::time::SystemTime::from(*provided_time); let resource = icarus_models::token::TokenResource {
Ok(converted) message: String::from(MESSAGE),
} issuer: String::from(ISSUER),
audiences: vec![String::from(AUDIENCE)],
id: *id,
};
icarus_models::token::create_token(provided_key, &resource, time::Duration::hours(4))
} }
pub fn create_token(provided_key: &String) -> Result<(String, i64), josekit::JoseError> { pub fn create_service_token(
let mut header = JwsHeader::new(); provided: &String,
header.set_token_type(TOKENTYPE); id: &uuid::Uuid,
) -> Result<(String, i64), josekit::JoseError> {
let resource = icarus_models::token::TokenResource {
message: String::from(SERVICE_SUBJECT),
issuer: String::from(ISSUER),
audiences: vec![String::from(AUDIENCE)],
id: *id,
};
icarus_models::token::create_token(provided, &resource, time::Duration::hours(1))
}
let mut payload = JwtPayload::new(); pub fn create_service_refresh_token(
payload.set_subject(MESSAGE); key: &String,
payload.set_issuer(ISSUER); id: &uuid::Uuid,
payload.set_audience(vec![AUDIENCE]); ) -> Result<(String, i64), josekit::JoseError> {
match get_issued() { let resource = icarus_models::token::TokenResource {
Ok(issued) => { message: String::from(SERVICE_SUBJECT),
let expire = get_expiration(&issued).unwrap(); issuer: String::from(ISSUER),
payload.set_issued_at(&util::time_to_std_time(&issued).unwrap()); audiences: vec![String::from(AUDIENCE)],
payload.set_expires_at(&util::time_to_std_time(&expire).unwrap()); id: *id,
};
let key: String = if provided_key.is_empty() { icarus_models::token::create_token(key, &resource, time::Duration::hours(4))
let rt = tokio::runtime::Runtime::new().unwrap();
// Block on the async function to get the result
rt.block_on(icarus_envy::environment::get_secret_key())
} else {
provided_key.to_owned()
};
let signer = Hs256.signer_from_bytes(key.as_bytes()).unwrap();
Ok((
josekit::jwt::encode_with_signer(&payload, &header, &signer).unwrap(),
(expire - time::OffsetDateTime::UNIX_EPOCH).whole_seconds(),
))
}
Err(e) => Err(josekit::JoseError::InvalidClaim(e.into())),
}
} }
pub fn verify_token(key: &String, token: &String) -> bool { pub fn verify_token(key: &String, token: &String) -> bool {
let ver = Hs256.verifier_from_bytes(key.as_bytes()).unwrap(); match get_payload(key, token) {
let (payload, _header) = jwt::decode_with_verifier(token, &ver).unwrap(); Ok((payload, _header)) => match payload.subject() {
match payload.subject() { Some(_sub) => true,
Some(_sub) => true, None => false,
None => false, },
Err(_err) => false,
} }
} }
pub fn extract_id_from_token(key: &String, token: &String) -> Result<uuid::Uuid, std::io::Error> {
match get_payload(key, token) {
Ok((payload, _header)) => match payload.claim("id") {
Some(id) => match uuid::Uuid::parse_str(id.as_str().unwrap()) {
Ok(extracted) => Ok(extracted),
Err(err) => Err(std::io::Error::other(err.to_string())),
},
None => Err(std::io::Error::other("No claim found")),
},
Err(err) => Err(std::io::Error::other(err.to_string())),
}
}
pub const APP_TOKEN_TYPE: &str = "Icarus_App";
pub const APP_SUBJECT: &str = "Something random";
pub const SERVICE_TOKEN_TYPE: &str = "Icarus_Service";
pub const SERVICE_SUBJECT: &str = "Service random";
pub fn get_token_type(key: &String, token: &String) -> Result<String, std::io::Error> {
match get_payload(key, token) {
Ok((payload, _header)) => match payload.subject() {
Some(subject) => {
if subject == APP_SUBJECT {
Ok(String::from(APP_TOKEN_TYPE))
} else if subject == SERVICE_SUBJECT {
Ok(String::from(SERVICE_TOKEN_TYPE))
} else {
Err(std::io::Error::other(String::from("Invalid subject")))
}
}
None => Err(std::io::Error::other(String::from("Invalid payload"))),
},
Err(err) => Err(std::io::Error::other(err.to_string())),
}
}
pub fn is_token_type_valid(token_type: &String) -> bool {
token_type == SERVICE_TOKEN_TYPE
}
fn get_payload(
key: &String,
token: &String,
) -> Result<(josekit::jwt::JwtPayload, josekit::jws::JwsHeader), josekit::JoseError> {
let ver = Hs256.verifier_from_bytes(key.as_bytes()).unwrap();
jwt::decode_with_verifier(token, &ver)
}
#[cfg(test)] #[cfg(test)]
mod tests { mod tests {
use super::*; use super::*;
#[test] #[test]
fn test_tokenize() { fn test_tokenize() {
let rt = tokio::runtime::Runtime::new().unwrap(); let rt = tokio::runtime::Runtime::new().unwrap();
let special_key = rt.block_on(icarus_envy::environment::get_secret_key()); let special_key = rt.block_on(icarus_envy::environment::get_secret_key());
match create_token(&special_key) { let id = uuid::Uuid::new_v4();
match create_token(&special_key, &id) {
Ok((token, _duration)) => { Ok((token, _duration)) => {
let result = verify_token(&special_key, &token); let result = verify_token(&special_key, &token);
assert!(result, "Token not verified"); assert!(result, "Token not verified");