Compare commits
2 Commits
v0.4.0-dev
...
v0.4.1-dev
| Author | SHA1 | Date | |
|---|---|---|---|
| 5967ed5b13 | |||
| be4d1109a7 |
7
Cargo.lock
generated
7
Cargo.lock
generated
@@ -728,7 +728,7 @@ dependencies = [
|
||||
|
||||
[[package]]
|
||||
name = "icarus_auth"
|
||||
version = "0.4.0"
|
||||
version = "0.4.1"
|
||||
dependencies = [
|
||||
"argon2",
|
||||
"axum",
|
||||
@@ -761,9 +761,10 @@ dependencies = [
|
||||
|
||||
[[package]]
|
||||
name = "icarus_models"
|
||||
version = "0.5.0"
|
||||
source = "git+ssh://git@git.kundeng.us/phoenix/icarus_models.git?tag=v0.5.0-devel-7958b89abc-111#7958b89abc56bc9262015b3e201ea2906cc8a9ff"
|
||||
version = "0.5.4"
|
||||
source = "git+ssh://git@git.kundeng.us/phoenix/icarus_models.git?tag=v0.5.4-devel-1e95822b5a-111#1e95822b5a349bd73cc501d921052f289105ec55"
|
||||
dependencies = [
|
||||
"josekit",
|
||||
"rand 0.9.1",
|
||||
"serde",
|
||||
"serde_json",
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
[package]
|
||||
name = "icarus_auth"
|
||||
version = "0.4.0"
|
||||
version = "0.4.1"
|
||||
edition = "2024"
|
||||
rust-version = "1.88"
|
||||
|
||||
@@ -18,7 +18,7 @@ argon2 = { version = "0.5.3", features = ["std"] } # Use the latest 0.5.x versio
|
||||
rand = { version = "0.9.1" }
|
||||
time = { version = "0.3.41", features = ["macros", "serde"] }
|
||||
josekit = { version = "0.10.3" }
|
||||
icarus_models = { git = "ssh://git@git.kundeng.us/phoenix/icarus_models.git", tag = "v0.5.0-devel-7958b89abc-111" }
|
||||
icarus_models = { git = "ssh://git@git.kundeng.us/phoenix/icarus_models.git", tag = "v0.5.4-devel-1e95822b5a-111" }
|
||||
icarus_envy = { git = "ssh://git@git.kundeng.us/phoenix/icarus_envy.git", tag = "v0.3.0-devel-d73fba9899-006" }
|
||||
|
||||
[dev-dependencies]
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
# Stage 1: Build the application
|
||||
# Use a specific Rust version for reproducibility. Choose one that matches your development environment.
|
||||
# Using slim variant for smaller base image
|
||||
FROM rust:1.86 as builder
|
||||
FROM rust:1.88 as builder
|
||||
|
||||
# Set the working directory inside the container
|
||||
WORKDIR /usr/src/app
|
||||
@@ -68,4 +68,4 @@ EXPOSE 3000
|
||||
|
||||
# Set the command to run your application
|
||||
# Ensure this matches the binary name copied above
|
||||
CMD ["./icarus_auth"]
|
||||
CMD ["./icarus_auth"]
|
||||
|
||||
@@ -62,7 +62,7 @@ pub mod endpoint {
|
||||
id: user.id,
|
||||
username: user.username.clone(),
|
||||
token: token_literal,
|
||||
token_type: String::from(token_stuff::TOKENTYPE),
|
||||
token_type: String::from(icarus_models::token::TOKEN_TYPE),
|
||||
expiration: duration,
|
||||
}],
|
||||
}),
|
||||
|
||||
@@ -1,12 +1,11 @@
|
||||
use josekit::{
|
||||
self,
|
||||
jws::{JwsHeader, alg::hmac::HmacJwsAlgorithm::Hs256},
|
||||
jwt::{self, JwtPayload},
|
||||
jws::alg::hmac::HmacJwsAlgorithm::Hs256,
|
||||
jwt::{self},
|
||||
};
|
||||
|
||||
use time;
|
||||
|
||||
pub const TOKENTYPE: &str = "JWT";
|
||||
pub const KEY_ENV: &str = "SECRET_KEY";
|
||||
pub const MESSAGE: &str = "Something random";
|
||||
pub const ISSUER: &str = "icarus_auth";
|
||||
@@ -21,46 +20,13 @@ pub fn get_expiration(issued: &time::OffsetDateTime) -> Result<time::OffsetDateT
|
||||
Ok(*issued + duration_expire)
|
||||
}
|
||||
|
||||
mod util {
|
||||
pub fn time_to_std_time(
|
||||
provided_time: &time::OffsetDateTime,
|
||||
) -> Result<std::time::SystemTime, std::time::SystemTimeError> {
|
||||
let converted = std::time::SystemTime::from(*provided_time);
|
||||
Ok(converted)
|
||||
}
|
||||
}
|
||||
|
||||
pub fn create_token(provided_key: &String) -> Result<(String, i64), josekit::JoseError> {
|
||||
let mut header = JwsHeader::new();
|
||||
header.set_token_type(TOKENTYPE);
|
||||
|
||||
let mut payload = JwtPayload::new();
|
||||
payload.set_subject(MESSAGE);
|
||||
payload.set_issuer(ISSUER);
|
||||
payload.set_audience(vec![AUDIENCE]);
|
||||
match get_issued() {
|
||||
Ok(issued) => {
|
||||
let expire = get_expiration(&issued).unwrap();
|
||||
payload.set_issued_at(&util::time_to_std_time(&issued).unwrap());
|
||||
payload.set_expires_at(&util::time_to_std_time(&expire).unwrap());
|
||||
|
||||
let key: String = if provided_key.is_empty() {
|
||||
let rt = tokio::runtime::Runtime::new().unwrap();
|
||||
|
||||
// Block on the async function to get the result
|
||||
rt.block_on(icarus_envy::environment::get_secret_key())
|
||||
} else {
|
||||
provided_key.to_owned()
|
||||
};
|
||||
|
||||
let signer = Hs256.signer_from_bytes(key.as_bytes()).unwrap();
|
||||
Ok((
|
||||
josekit::jwt::encode_with_signer(&payload, &header, &signer).unwrap(),
|
||||
(expire - time::OffsetDateTime::UNIX_EPOCH).whole_seconds(),
|
||||
))
|
||||
}
|
||||
Err(e) => Err(josekit::JoseError::InvalidClaim(e.into())),
|
||||
}
|
||||
let resource = icarus_models::token::TokenResource {
|
||||
message: String::from(MESSAGE),
|
||||
issuer: String::from(ISSUER),
|
||||
audiences: vec![String::from(AUDIENCE)],
|
||||
};
|
||||
icarus_models::token::create_token(provided_key, &resource, time::Duration::hours(4))
|
||||
}
|
||||
|
||||
pub fn verify_token(key: &String, token: &String) -> bool {
|
||||
@@ -74,7 +40,6 @@ pub fn verify_token(key: &String, token: &String) -> bool {
|
||||
|
||||
#[cfg(test)]
|
||||
mod tests {
|
||||
|
||||
use super::*;
|
||||
|
||||
#[test]
|
||||
|
||||
Reference in New Issue
Block a user