bain/anon
1
0
Fork 0
mirror of https://git.nolog.cz/NoLog.cz/anon.git synced 2025-01-31 13:13:35 +01:00
Code Issues Projects Releases Packages Wiki Activity

refactoring

Browse source
This commit is contained in:
bain 2024-06-02 14:13:43 +02:00
parent 83bf3d41e1
commit 9b26cc25a4
Signed by: bain
GPG key ID: 31F0F25E3BED0B9B
2 changed files with 9 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/accounts.rs
View file

@ -1,4 +1,4 @@
/// v1 of the account identificators /// v1 of account codes
use std::time::{SystemTime, UNIX_EPOCH}; use std::time::{SystemTime, UNIX_EPOCH};
use ring::rand::{SecureRandom, SystemRandom}; use ring::rand::{SecureRandom, SystemRandom};

16
src/main.rs
View file

@ -84,9 +84,9 @@ impl fmt::Display for OAuthError {
impl Error for OAuthError {} impl Error for OAuthError {}
async fn error_handler(res: tide::Response) -> tide::Result { async fn error_handler(res: Response) -> tide::Result {
if let Some(err) = res.downcast_error::<OAuthError>() { if let Some(err) = res.downcast_error::<OAuthError>() {
return Ok(tide::Response::builder(400) return Ok(Response::builder(400)
.body(tide::Body::from_json(err)?) .body(tide::Body::from_json(err)?)
.build()); .build());
} }
@ -111,10 +111,10 @@ fn redirect_with_query(redirect_uri: &str, query: &[(&str, Option<&str>)]) -> ti
Ok(tide::Redirect::new(redirect).into()) Ok(tide::Redirect::new(redirect).into())
} }
fn render_login_page(client_name: &str, issuer_name: &str, notice: &str) -> tide::Response { fn render_login_page(client_name: &str, issuer_name: &str, notice: &str) -> Response {
Response::builder(200) Response::builder(200)
.body( .body(
// I could use a rendering library here, but its literally as simple as replacing // I could use a rendering library here, but it's literally as simple as replacing
// a few strings from a trusted config. // a few strings from a trusted config.
include_str!("authorization.html") include_str!("authorization.html")
.replace("{{client_name}}", client_name) .replace("{{client_name}}", client_name)
@ -287,7 +287,7 @@ fn create_id_token(
client_id: &str, client_id: &str,
normalized_account: &str, normalized_account: &str,
nonce: Option<String>, nonce: Option<String>,
) -> anyhow::Result<String> { ) -> Result<String> {
let header = base64_coder::URL_SAFE_NO_PAD.encode( let header = base64_coder::URL_SAFE_NO_PAD.encode(
json!({ json!({
"alg": "RS256", "alg": "RS256",
@ -312,7 +312,7 @@ fn create_id_token(
let mut signature = vec![0; app_state.signing_key.public().modulus_len()]; let mut signature = vec![0; app_state.signing_key.public().modulus_len()];
app_state.signing_key.sign( app_state.signing_key.sign(
&ring::signature::RSA_PKCS1_SHA256, &ring::signature::RSA_PKCS1_SHA256,
&ring::rand::SystemRandom::new(), &SystemRandom::new(),
message.as_bytes(), message.as_bytes(),
&mut signature, &mut signature,
)?; )?;
@ -417,7 +417,7 @@ async fn authenticate_endpoint(mut req: Request<AppState>) -> tide::Result {
} }
} }
// The token is random because there are no resources protected by the token anyways. // The token is random because there are no resources protected by the token anyway.
let mut access_token = [0u8; 32]; let mut access_token = [0u8; 32];
SystemRandom::new().fill(&mut access_token)?; SystemRandom::new().fill(&mut access_token)?;
let access_token = base64_coder::URL_SAFE_NO_PAD.encode(&access_token); let access_token = base64_coder::URL_SAFE_NO_PAD.encode(&access_token);
@ -537,7 +537,7 @@ pub struct Authorization {
} }
#[async_std::main] #[async_std::main]
async fn main() -> anyhow::Result<()> { async fn main() -> Result<()> {
log::with_level(log::LevelFilter::Error); log::with_level(log::LevelFilter::Error);
let mut conf_file = let mut conf_file =