| <!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `services/authentication/enclave/src/api_service.rs`."><meta name="keywords" content="rust, rustlang, rust-lang"><title>api_service.rs - source</title><link rel="preload" as="font" type="font/woff2" crossorigin href="../../SourceSerif4-Regular.ttf.woff2"><link rel="preload" as="font" type="font/woff2" crossorigin href="../../FiraSans-Regular.woff2"><link rel="preload" as="font" type="font/woff2" crossorigin href="../../FiraSans-Medium.woff2"><link rel="preload" as="font" type="font/woff2" crossorigin href="../../SourceCodePro-Regular.ttf.woff2"><link rel="preload" as="font" type="font/woff2" crossorigin href="../../SourceSerif4-Bold.ttf.woff2"><link rel="preload" as="font" type="font/woff2" crossorigin href="../../SourceCodePro-Semibold.ttf.woff2"><link rel="stylesheet" href="../../normalize.css"><link rel="stylesheet" href="../../rustdoc.css" id="mainThemeStyle"><link rel="stylesheet" href="../../ayu.css" disabled><link rel="stylesheet" href="../../dark.css" disabled><link rel="stylesheet" href="../../light.css" id="themeStyle"><script id="default-settings" ></script><script src="../../storage.js"></script><script defer src="../../source-script.js"></script><script defer src="../../source-files.js"></script><script defer src="../../main.js"></script><noscript><link rel="stylesheet" href="../../noscript.css"></noscript><link rel="alternate icon" type="image/png" href="../../favicon-16x16.png"><link rel="alternate icon" type="image/png" href="../../favicon-32x32.png"><link rel="icon" type="image/svg+xml" href="../../favicon.svg"></head><body class="rustdoc source"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="sidebar"><a class="sidebar-logo" href="../../teaclave_authentication_service_enclave/index.html"><div class="logo-container"><img class="rust-logo" src="../../rust-logo.svg" alt="logo"></div></a></nav><main><div class="width-limiter"><nav class="sub"><a class="sub-logo-container" href="../../teaclave_authentication_service_enclave/index.html"><img class="rust-logo" src="../../rust-logo.svg" alt="logo"></a><form class="search-form"><div class="search-container"><span></span><input class="search-input" name="search" autocomplete="off" spellcheck="false" placeholder="Click or press ‘S’ to search, ‘?’ for more options…" type="search"><div id="help-button" title="help" tabindex="-1"><a href="../../help.html">?</a></div><div id="settings-menu" tabindex="-1"><a href="../../settings.html" title="settings"><img width="22" height="22" alt="Change settings" src="../../wheel.svg"></a></div></div></form></nav><section id="main-content" class="content"><div class="example-wrap"><pre class="src-line-numbers"><span id="1">1</span> |
| <span id="2">2</span> |
| <span id="3">3</span> |
| <span id="4">4</span> |
| <span id="5">5</span> |
| <span id="6">6</span> |
| <span id="7">7</span> |
| <span id="8">8</span> |
| <span id="9">9</span> |
| <span id="10">10</span> |
| <span id="11">11</span> |
| <span id="12">12</span> |
| <span id="13">13</span> |
| <span id="14">14</span> |
| <span id="15">15</span> |
| <span id="16">16</span> |
| <span id="17">17</span> |
| <span id="18">18</span> |
| <span id="19">19</span> |
| <span id="20">20</span> |
| <span id="21">21</span> |
| <span id="22">22</span> |
| <span id="23">23</span> |
| <span id="24">24</span> |
| <span id="25">25</span> |
| <span id="26">26</span> |
| <span id="27">27</span> |
| <span id="28">28</span> |
| <span id="29">29</span> |
| <span id="30">30</span> |
| <span id="31">31</span> |
| <span id="32">32</span> |
| <span id="33">33</span> |
| <span id="34">34</span> |
| <span id="35">35</span> |
| <span id="36">36</span> |
| <span id="37">37</span> |
| <span id="38">38</span> |
| <span id="39">39</span> |
| <span id="40">40</span> |
| <span id="41">41</span> |
| <span id="42">42</span> |
| <span id="43">43</span> |
| <span id="44">44</span> |
| <span id="45">45</span> |
| <span id="46">46</span> |
| <span id="47">47</span> |
| <span id="48">48</span> |
| <span id="49">49</span> |
| <span id="50">50</span> |
| <span id="51">51</span> |
| <span id="52">52</span> |
| <span id="53">53</span> |
| <span id="54">54</span> |
| <span id="55">55</span> |
| <span id="56">56</span> |
| <span id="57">57</span> |
| <span id="58">58</span> |
| <span id="59">59</span> |
| <span id="60">60</span> |
| <span id="61">61</span> |
| <span id="62">62</span> |
| <span id="63">63</span> |
| <span id="64">64</span> |
| <span id="65">65</span> |
| <span id="66">66</span> |
| <span id="67">67</span> |
| <span id="68">68</span> |
| <span id="69">69</span> |
| <span id="70">70</span> |
| <span id="71">71</span> |
| <span id="72">72</span> |
| <span id="73">73</span> |
| <span id="74">74</span> |
| <span id="75">75</span> |
| <span id="76">76</span> |
| <span id="77">77</span> |
| <span id="78">78</span> |
| <span id="79">79</span> |
| <span id="80">80</span> |
| <span id="81">81</span> |
| <span id="82">82</span> |
| <span id="83">83</span> |
| <span id="84">84</span> |
| <span id="85">85</span> |
| <span id="86">86</span> |
| <span id="87">87</span> |
| <span id="88">88</span> |
| <span id="89">89</span> |
| <span id="90">90</span> |
| <span id="91">91</span> |
| <span id="92">92</span> |
| <span id="93">93</span> |
| <span id="94">94</span> |
| <span id="95">95</span> |
| <span id="96">96</span> |
| <span id="97">97</span> |
| <span id="98">98</span> |
| <span id="99">99</span> |
| <span id="100">100</span> |
| <span id="101">101</span> |
| <span id="102">102</span> |
| <span id="103">103</span> |
| <span id="104">104</span> |
| <span id="105">105</span> |
| <span id="106">106</span> |
| <span id="107">107</span> |
| <span id="108">108</span> |
| <span id="109">109</span> |
| <span id="110">110</span> |
| <span id="111">111</span> |
| <span id="112">112</span> |
| <span id="113">113</span> |
| <span id="114">114</span> |
| <span id="115">115</span> |
| <span id="116">116</span> |
| <span id="117">117</span> |
| <span id="118">118</span> |
| <span id="119">119</span> |
| <span id="120">120</span> |
| <span id="121">121</span> |
| <span id="122">122</span> |
| <span id="123">123</span> |
| <span id="124">124</span> |
| <span id="125">125</span> |
| <span id="126">126</span> |
| <span id="127">127</span> |
| <span id="128">128</span> |
| <span id="129">129</span> |
| <span id="130">130</span> |
| <span id="131">131</span> |
| <span id="132">132</span> |
| <span id="133">133</span> |
| <span id="134">134</span> |
| <span id="135">135</span> |
| <span id="136">136</span> |
| <span id="137">137</span> |
| <span id="138">138</span> |
| <span id="139">139</span> |
| <span id="140">140</span> |
| <span id="141">141</span> |
| <span id="142">142</span> |
| <span id="143">143</span> |
| <span id="144">144</span> |
| <span id="145">145</span> |
| <span id="146">146</span> |
| <span id="147">147</span> |
| <span id="148">148</span> |
| <span id="149">149</span> |
| <span id="150">150</span> |
| <span id="151">151</span> |
| <span id="152">152</span> |
| <span id="153">153</span> |
| <span id="154">154</span> |
| <span id="155">155</span> |
| <span id="156">156</span> |
| <span id="157">157</span> |
| <span id="158">158</span> |
| <span id="159">159</span> |
| <span id="160">160</span> |
| <span id="161">161</span> |
| <span id="162">162</span> |
| <span id="163">163</span> |
| <span id="164">164</span> |
| <span id="165">165</span> |
| <span id="166">166</span> |
| <span id="167">167</span> |
| <span id="168">168</span> |
| <span id="169">169</span> |
| <span id="170">170</span> |
| <span id="171">171</span> |
| <span id="172">172</span> |
| <span id="173">173</span> |
| <span id="174">174</span> |
| <span id="175">175</span> |
| <span id="176">176</span> |
| <span id="177">177</span> |
| <span id="178">178</span> |
| <span id="179">179</span> |
| <span id="180">180</span> |
| <span id="181">181</span> |
| <span id="182">182</span> |
| <span id="183">183</span> |
| <span id="184">184</span> |
| <span id="185">185</span> |
| <span id="186">186</span> |
| <span id="187">187</span> |
| <span id="188">188</span> |
| <span id="189">189</span> |
| <span id="190">190</span> |
| <span id="191">191</span> |
| <span id="192">192</span> |
| <span id="193">193</span> |
| <span id="194">194</span> |
| <span id="195">195</span> |
| <span id="196">196</span> |
| <span id="197">197</span> |
| <span id="198">198</span> |
| <span id="199">199</span> |
| <span id="200">200</span> |
| <span id="201">201</span> |
| <span id="202">202</span> |
| <span id="203">203</span> |
| <span id="204">204</span> |
| <span id="205">205</span> |
| <span id="206">206</span> |
| <span id="207">207</span> |
| <span id="208">208</span> |
| <span id="209">209</span> |
| <span id="210">210</span> |
| <span id="211">211</span> |
| <span id="212">212</span> |
| <span id="213">213</span> |
| <span id="214">214</span> |
| <span id="215">215</span> |
| <span id="216">216</span> |
| <span id="217">217</span> |
| <span id="218">218</span> |
| <span id="219">219</span> |
| <span id="220">220</span> |
| <span id="221">221</span> |
| <span id="222">222</span> |
| <span id="223">223</span> |
| <span id="224">224</span> |
| <span id="225">225</span> |
| <span id="226">226</span> |
| <span id="227">227</span> |
| <span id="228">228</span> |
| <span id="229">229</span> |
| <span id="230">230</span> |
| <span id="231">231</span> |
| <span id="232">232</span> |
| <span id="233">233</span> |
| <span id="234">234</span> |
| <span id="235">235</span> |
| <span id="236">236</span> |
| <span id="237">237</span> |
| <span id="238">238</span> |
| <span id="239">239</span> |
| <span id="240">240</span> |
| <span id="241">241</span> |
| <span id="242">242</span> |
| <span id="243">243</span> |
| <span id="244">244</span> |
| <span id="245">245</span> |
| <span id="246">246</span> |
| <span id="247">247</span> |
| <span id="248">248</span> |
| <span id="249">249</span> |
| <span id="250">250</span> |
| <span id="251">251</span> |
| <span id="252">252</span> |
| <span id="253">253</span> |
| <span id="254">254</span> |
| <span id="255">255</span> |
| <span id="256">256</span> |
| <span id="257">257</span> |
| <span id="258">258</span> |
| <span id="259">259</span> |
| <span id="260">260</span> |
| <span id="261">261</span> |
| <span id="262">262</span> |
| <span id="263">263</span> |
| <span id="264">264</span> |
| <span id="265">265</span> |
| <span id="266">266</span> |
| <span id="267">267</span> |
| <span id="268">268</span> |
| <span id="269">269</span> |
| <span id="270">270</span> |
| <span id="271">271</span> |
| <span id="272">272</span> |
| <span id="273">273</span> |
| <span id="274">274</span> |
| <span id="275">275</span> |
| <span id="276">276</span> |
| <span id="277">277</span> |
| <span id="278">278</span> |
| <span id="279">279</span> |
| <span id="280">280</span> |
| <span id="281">281</span> |
| <span id="282">282</span> |
| <span id="283">283</span> |
| <span id="284">284</span> |
| <span id="285">285</span> |
| <span id="286">286</span> |
| <span id="287">287</span> |
| <span id="288">288</span> |
| <span id="289">289</span> |
| <span id="290">290</span> |
| <span id="291">291</span> |
| <span id="292">292</span> |
| <span id="293">293</span> |
| <span id="294">294</span> |
| <span id="295">295</span> |
| <span id="296">296</span> |
| <span id="297">297</span> |
| <span id="298">298</span> |
| <span id="299">299</span> |
| <span id="300">300</span> |
| <span id="301">301</span> |
| <span id="302">302</span> |
| <span id="303">303</span> |
| <span id="304">304</span> |
| <span id="305">305</span> |
| <span id="306">306</span> |
| <span id="307">307</span> |
| <span id="308">308</span> |
| <span id="309">309</span> |
| <span id="310">310</span> |
| <span id="311">311</span> |
| <span id="312">312</span> |
| <span id="313">313</span> |
| <span id="314">314</span> |
| <span id="315">315</span> |
| <span id="316">316</span> |
| <span id="317">317</span> |
| <span id="318">318</span> |
| <span id="319">319</span> |
| <span id="320">320</span> |
| <span id="321">321</span> |
| <span id="322">322</span> |
| <span id="323">323</span> |
| <span id="324">324</span> |
| <span id="325">325</span> |
| <span id="326">326</span> |
| <span id="327">327</span> |
| <span id="328">328</span> |
| <span id="329">329</span> |
| <span id="330">330</span> |
| <span id="331">331</span> |
| <span id="332">332</span> |
| <span id="333">333</span> |
| <span id="334">334</span> |
| <span id="335">335</span> |
| <span id="336">336</span> |
| <span id="337">337</span> |
| <span id="338">338</span> |
| <span id="339">339</span> |
| <span id="340">340</span> |
| <span id="341">341</span> |
| <span id="342">342</span> |
| <span id="343">343</span> |
| <span id="344">344</span> |
| <span id="345">345</span> |
| <span id="346">346</span> |
| <span id="347">347</span> |
| <span id="348">348</span> |
| <span id="349">349</span> |
| <span id="350">350</span> |
| <span id="351">351</span> |
| <span id="352">352</span> |
| <span id="353">353</span> |
| <span id="354">354</span> |
| <span id="355">355</span> |
| <span id="356">356</span> |
| <span id="357">357</span> |
| <span id="358">358</span> |
| <span id="359">359</span> |
| <span id="360">360</span> |
| <span id="361">361</span> |
| <span id="362">362</span> |
| <span id="363">363</span> |
| <span id="364">364</span> |
| <span id="365">365</span> |
| <span id="366">366</span> |
| <span id="367">367</span> |
| <span id="368">368</span> |
| <span id="369">369</span> |
| <span id="370">370</span> |
| <span id="371">371</span> |
| <span id="372">372</span> |
| <span id="373">373</span> |
| <span id="374">374</span> |
| <span id="375">375</span> |
| <span id="376">376</span> |
| <span id="377">377</span> |
| <span id="378">378</span> |
| <span id="379">379</span> |
| <span id="380">380</span> |
| <span id="381">381</span> |
| <span id="382">382</span> |
| <span id="383">383</span> |
| <span id="384">384</span> |
| <span id="385">385</span> |
| <span id="386">386</span> |
| <span id="387">387</span> |
| <span id="388">388</span> |
| <span id="389">389</span> |
| <span id="390">390</span> |
| <span id="391">391</span> |
| <span id="392">392</span> |
| <span id="393">393</span> |
| <span id="394">394</span> |
| <span id="395">395</span> |
| <span id="396">396</span> |
| <span id="397">397</span> |
| <span id="398">398</span> |
| <span id="399">399</span> |
| <span id="400">400</span> |
| <span id="401">401</span> |
| <span id="402">402</span> |
| <span id="403">403</span> |
| <span id="404">404</span> |
| <span id="405">405</span> |
| <span id="406">406</span> |
| <span id="407">407</span> |
| <span id="408">408</span> |
| <span id="409">409</span> |
| <span id="410">410</span> |
| <span id="411">411</span> |
| <span id="412">412</span> |
| <span id="413">413</span> |
| <span id="414">414</span> |
| <span id="415">415</span> |
| <span id="416">416</span> |
| <span id="417">417</span> |
| <span id="418">418</span> |
| <span id="419">419</span> |
| <span id="420">420</span> |
| <span id="421">421</span> |
| <span id="422">422</span> |
| <span id="423">423</span> |
| <span id="424">424</span> |
| <span id="425">425</span> |
| <span id="426">426</span> |
| <span id="427">427</span> |
| <span id="428">428</span> |
| <span id="429">429</span> |
| <span id="430">430</span> |
| <span id="431">431</span> |
| <span id="432">432</span> |
| <span id="433">433</span> |
| <span id="434">434</span> |
| <span id="435">435</span> |
| <span id="436">436</span> |
| <span id="437">437</span> |
| <span id="438">438</span> |
| <span id="439">439</span> |
| <span id="440">440</span> |
| <span id="441">441</span> |
| <span id="442">442</span> |
| <span id="443">443</span> |
| <span id="444">444</span> |
| <span id="445">445</span> |
| <span id="446">446</span> |
| <span id="447">447</span> |
| <span id="448">448</span> |
| <span id="449">449</span> |
| <span id="450">450</span> |
| <span id="451">451</span> |
| <span id="452">452</span> |
| <span id="453">453</span> |
| <span id="454">454</span> |
| <span id="455">455</span> |
| <span id="456">456</span> |
| <span id="457">457</span> |
| <span id="458">458</span> |
| <span id="459">459</span> |
| <span id="460">460</span> |
| <span id="461">461</span> |
| <span id="462">462</span> |
| <span id="463">463</span> |
| <span id="464">464</span> |
| <span id="465">465</span> |
| <span id="466">466</span> |
| <span id="467">467</span> |
| <span id="468">468</span> |
| <span id="469">469</span> |
| <span id="470">470</span> |
| <span id="471">471</span> |
| <span id="472">472</span> |
| <span id="473">473</span> |
| <span id="474">474</span> |
| <span id="475">475</span> |
| <span id="476">476</span> |
| <span id="477">477</span> |
| <span id="478">478</span> |
| <span id="479">479</span> |
| <span id="480">480</span> |
| <span id="481">481</span> |
| <span id="482">482</span> |
| <span id="483">483</span> |
| <span id="484">484</span> |
| <span id="485">485</span> |
| <span id="486">486</span> |
| <span id="487">487</span> |
| <span id="488">488</span> |
| <span id="489">489</span> |
| <span id="490">490</span> |
| <span id="491">491</span> |
| <span id="492">492</span> |
| <span id="493">493</span> |
| <span id="494">494</span> |
| <span id="495">495</span> |
| <span id="496">496</span> |
| <span id="497">497</span> |
| <span id="498">498</span> |
| <span id="499">499</span> |
| <span id="500">500</span> |
| <span id="501">501</span> |
| <span id="502">502</span> |
| <span id="503">503</span> |
| <span id="504">504</span> |
| <span id="505">505</span> |
| <span id="506">506</span> |
| <span id="507">507</span> |
| <span id="508">508</span> |
| <span id="509">509</span> |
| <span id="510">510</span> |
| <span id="511">511</span> |
| <span id="512">512</span> |
| <span id="513">513</span> |
| <span id="514">514</span> |
| <span id="515">515</span> |
| <span id="516">516</span> |
| <span id="517">517</span> |
| <span id="518">518</span> |
| <span id="519">519</span> |
| <span id="520">520</span> |
| <span id="521">521</span> |
| <span id="522">522</span> |
| <span id="523">523</span> |
| <span id="524">524</span> |
| <span id="525">525</span> |
| <span id="526">526</span> |
| <span id="527">527</span> |
| <span id="528">528</span> |
| <span id="529">529</span> |
| <span id="530">530</span> |
| <span id="531">531</span> |
| <span id="532">532</span> |
| <span id="533">533</span> |
| <span id="534">534</span> |
| <span id="535">535</span> |
| <span id="536">536</span> |
| <span id="537">537</span> |
| <span id="538">538</span> |
| <span id="539">539</span> |
| <span id="540">540</span> |
| <span id="541">541</span> |
| <span id="542">542</span> |
| <span id="543">543</span> |
| <span id="544">544</span> |
| <span id="545">545</span> |
| <span id="546">546</span> |
| <span id="547">547</span> |
| <span id="548">548</span> |
| <span id="549">549</span> |
| <span id="550">550</span> |
| <span id="551">551</span> |
| <span id="552">552</span> |
| <span id="553">553</span> |
| <span id="554">554</span> |
| <span id="555">555</span> |
| <span id="556">556</span> |
| <span id="557">557</span> |
| <span id="558">558</span> |
| <span id="559">559</span> |
| <span id="560">560</span> |
| <span id="561">561</span> |
| <span id="562">562</span> |
| <span id="563">563</span> |
| <span id="564">564</span> |
| <span id="565">565</span> |
| <span id="566">566</span> |
| <span id="567">567</span> |
| <span id="568">568</span> |
| <span id="569">569</span> |
| <span id="570">570</span> |
| <span id="571">571</span> |
| <span id="572">572</span> |
| <span id="573">573</span> |
| <span id="574">574</span> |
| <span id="575">575</span> |
| <span id="576">576</span> |
| <span id="577">577</span> |
| <span id="578">578</span> |
| <span id="579">579</span> |
| <span id="580">580</span> |
| <span id="581">581</span> |
| <span id="582">582</span> |
| <span id="583">583</span> |
| <span id="584">584</span> |
| <span id="585">585</span> |
| <span id="586">586</span> |
| <span id="587">587</span> |
| <span id="588">588</span> |
| <span id="589">589</span> |
| <span id="590">590</span> |
| </pre><pre class="rust"><code><span class="comment">// Licensed to the Apache Software Foundation (ASF) under one |
| // or more contributor license agreements. See the NOTICE file |
| // distributed with this work for additional information |
| // regarding copyright ownership. The ASF licenses this file |
| // to you under the Apache License, Version 2.0 (the |
| // "License"); you may not use this file except in compliance |
| // with the License. You may obtain a copy of the License at |
| // |
| // http://www.apache.org/licenses/LICENSE-2.0 |
| // |
| // Unless required by applicable law or agreed to in writing, |
| // software distributed under the License is distributed on an |
| // "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| // KIND, either express or implied. See the License for the |
| // specific language governing permissions and limitations |
| // under the License. |
| |
| </span><span class="kw">use </span><span class="kw">crate</span>::error::AuthenticationError; |
| <span class="kw">use </span><span class="kw">crate</span>::error::AuthenticationServiceError; |
| <span class="kw">use </span><span class="kw">crate</span>::user_db::DbClient; |
| <span class="kw">use </span><span class="kw">crate</span>::user_info::UserInfo; |
| |
| <span class="kw">use </span>std::sync::{Arc, Mutex}; |
| <span class="kw">use </span>std::time::{Duration, SystemTime, UNIX_EPOCH}; |
| <span class="attribute">#[allow(unused_imports)] |
| </span><span class="kw">use </span>std::untrusted::time::SystemTimeEx; |
| <span class="kw">use </span>teaclave_proto::teaclave_authentication_service::<span class="kw-2">*</span>; |
| <span class="kw">use </span>teaclave_rpc::{Request, Response}; |
| <span class="kw">use </span>teaclave_service_enclave_utils::{bail, ensure}; |
| <span class="kw">use </span>teaclave_types::{TeaclaveServiceResponseResult, UserRole}; |
| <span class="attribute">#[derive(Clone)] |
| </span><span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">struct </span>TeaclaveAuthenticationApiService { |
| db_client: Arc<Mutex<DbClient>>, |
| jwt_secret: Vec<u8>, |
| } |
| |
| <span class="kw">impl </span>TeaclaveAuthenticationApiService { |
| <span class="kw">pub</span>(<span class="kw">crate</span>) <span class="kw">fn </span>new(db_client: DbClient, jwt_secret: Vec<u8>) -> <span class="self">Self </span>{ |
| <span class="self">Self </span>{ |
| db_client: Arc::new(Mutex::new(db_client)), |
| jwt_secret, |
| } |
| } |
| |
| <span class="kw">fn </span>validate_user_credential( |
| <span class="kw-2">&</span><span class="self">self</span>, |
| id: <span class="kw-2">&</span>str, |
| token: <span class="kw-2">&</span>str, |
| ) -> <span class="prelude-ty">Result</span><UserRole, AuthenticationError> { |
| <span class="kw">let </span>user: UserInfo = <span class="kw">match </span><span class="self">self</span>.db_client.lock().unwrap().get_user(id) { |
| <span class="prelude-val">Ok</span>(value) => value, |
| <span class="prelude-val">Err</span>(<span class="kw">_</span>) => <span class="macro">bail!</span>(AuthenticationError::InvalidUserId), |
| }; |
| |
| <span class="kw">if </span>token.is_empty() { |
| <span class="macro">bail!</span>(AuthenticationError::InvalidToken); |
| } |
| |
| <span class="kw">match </span>user.validate_token(<span class="kw-2">&</span><span class="self">self</span>.jwt_secret, token) { |
| <span class="prelude-val">Ok</span>(claims) => <span class="prelude-val">Ok</span>(claims.get_role()), |
| <span class="prelude-val">Err</span>(<span class="kw">_</span>) => <span class="macro">bail!</span>(AuthenticationError::IncorrectToken), |
| } |
| } |
| |
| <span class="kw">fn </span>validate_credential_in_request<T>( |
| <span class="kw-2">&</span><span class="self">self</span>, |
| request: <span class="kw-2">&</span>Request<T>, |
| ) -> <span class="prelude-ty">Result</span><UserRole, AuthenticationServiceError> { |
| <span class="kw">let </span>id: String = request |
| .metadata() |
| .get(<span class="string">"id"</span>) |
| .and_then(|x| x.to_str().ok()) |
| .ok_or(AuthenticationServiceError::MissingUserId)<span class="question-mark">? |
| </span>.into(); |
| <span class="kw">let </span>token: String = request |
| .metadata() |
| .get(<span class="string">"token"</span>) |
| .and_then(|x| x.to_str().ok()) |
| .ok_or(AuthenticationServiceError::MissingToken)<span class="question-mark">? |
| </span>.into(); |
| <span class="kw">let </span>requester_role = <span class="self">self</span>.validate_user_credential(<span class="kw-2">&</span>id, <span class="kw-2">&</span>token)<span class="question-mark">?</span>; |
| <span class="prelude-val">Ok</span>(requester_role) |
| } |
| } |
| |
| <span class="attribute">#[teaclave_rpc::async_trait] |
| </span><span class="kw">impl </span>TeaclaveAuthenticationApi <span class="kw">for </span>TeaclaveAuthenticationApiService { |
| <span class="kw">async fn </span>user_register( |
| <span class="kw-2">&</span><span class="self">self</span>, |
| request: Request<UserRegisterRequest>, |
| ) -> TeaclaveServiceResponseResult<()> { |
| <span class="kw">let </span>requester_role = <span class="self">self</span>.validate_credential_in_request(<span class="kw-2">&</span>request)<span class="question-mark">?</span>; |
| |
| <span class="kw">let </span>request = request.get_ref(); |
| <span class="macro">ensure!</span>( |
| !request.id.is_empty(), |
| AuthenticationServiceError::InvalidUserId |
| ); |
| <span class="kw">if </span><span class="self">self</span>.db_client.lock().unwrap().get_user(<span class="kw-2">&</span>request.id).is_ok() { |
| <span class="macro">bail!</span>(AuthenticationServiceError::UserIdExist); |
| } |
| <span class="kw">let </span>role = UserRole::new(<span class="kw-2">&</span>request.role, <span class="kw-2">&</span>request.attribute); |
| <span class="macro">ensure!</span>( |
| role != UserRole::Invalid, |
| AuthenticationServiceError::InvalidRole |
| ); |
| |
| <span class="macro">ensure!</span>( |
| authorize_user_register(<span class="kw-2">&</span>requester_role, request), |
| AuthenticationServiceError::PermissionDenied |
| ); |
| |
| <span class="kw">let </span>new_user = UserInfo::new(<span class="kw-2">&</span>request.id, <span class="kw-2">&</span>request.password, role); |
| <span class="kw">match </span><span class="self">self</span>.db_client.lock().unwrap().create_user(<span class="kw-2">&</span>new_user) { |
| <span class="prelude-val">Ok</span>(<span class="kw">_</span>) => <span class="prelude-val">Ok</span>(Response::new(())), |
| <span class="prelude-val">Err</span>(e) => <span class="macro">bail!</span>(AuthenticationServiceError::Service(e.into())), |
| } |
| } |
| |
| <span class="kw">async fn </span>user_update( |
| <span class="kw-2">&</span><span class="self">self</span>, |
| request: Request<UserUpdateRequest>, |
| ) -> TeaclaveServiceResponseResult<()> { |
| <span class="kw">let </span>requester_role = <span class="self">self</span>.validate_credential_in_request(<span class="kw-2">&</span>request)<span class="question-mark">?</span>; |
| |
| <span class="kw">let </span>request = request.get_ref(); |
| <span class="macro">ensure!</span>( |
| !request.id.is_empty(), |
| AuthenticationServiceError::InvalidUserId |
| ); |
| <span class="kw">if </span><span class="self">self |
| </span>.db_client |
| .lock() |
| .unwrap() |
| .get_user(<span class="kw-2">&</span>request.id) |
| .is_err() |
| { |
| <span class="macro">bail!</span>(AuthenticationServiceError::InvalidUserId); |
| } |
| <span class="kw">let </span>role = UserRole::new(<span class="kw-2">&</span>request.role, <span class="kw-2">&</span>request.attribute); |
| <span class="macro">ensure!</span>( |
| role != UserRole::Invalid, |
| AuthenticationServiceError::InvalidRole |
| ); |
| |
| <span class="macro">ensure!</span>( |
| authorize_user_update(<span class="kw-2">&</span>requester_role, request), |
| AuthenticationServiceError::PermissionDenied |
| ); |
| |
| <span class="kw">let </span>updated_user = UserInfo::new(<span class="kw-2">&</span>request.id, <span class="kw-2">&</span>request.password, role); |
| <span class="kw">match </span><span class="self">self</span>.db_client.lock().unwrap().update_user(<span class="kw-2">&</span>updated_user) { |
| <span class="prelude-val">Ok</span>(<span class="kw">_</span>) => <span class="prelude-val">Ok</span>(Response::new(())), |
| <span class="prelude-val">Err</span>(e) => <span class="macro">bail!</span>(AuthenticationServiceError::Service(e.into())), |
| } |
| } |
| |
| <span class="kw">async fn </span>user_login( |
| <span class="kw-2">&</span><span class="self">self</span>, |
| request: Request<UserLoginRequest>, |
| ) -> TeaclaveServiceResponseResult<UserLoginResponse> { |
| <span class="kw">let </span>request = request.get_ref(); |
| <span class="macro">ensure!</span>(!request.id.is_empty(), AuthenticationError::InvalidUserId); |
| <span class="macro">ensure!</span>( |
| !request.password.is_empty(), |
| AuthenticationError::InvalidPassword |
| ); |
| <span class="kw">let </span>user = <span class="self">self |
| </span>.db_client |
| .lock() |
| .unwrap() |
| .get_user(<span class="kw-2">&</span>request.id) |
| .map_err(|<span class="kw">_</span>| AuthenticationError::UserIdNotFound)<span class="question-mark">?</span>; |
| <span class="kw">if </span>!user.verify_password(<span class="kw-2">&</span>request.password) { |
| <span class="macro">bail!</span>(AuthenticationError::IncorrectPassword) |
| } <span class="kw">else </span>{ |
| <span class="kw">let </span>now = SystemTime::now() |
| .duration_since(UNIX_EPOCH) |
| .map_err(|e| AuthenticationServiceError::Service(e.into()))<span class="question-mark">?</span>; |
| <span class="kw">let </span>exp = (now + Duration::from_secs(<span class="number">24 </span>* <span class="number">60 </span>* <span class="number">60</span>)).as_secs(); |
| <span class="kw">match </span>user.get_token(exp, <span class="kw-2">&</span><span class="self">self</span>.jwt_secret) { |
| <span class="prelude-val">Ok</span>(token) => <span class="prelude-val">Ok</span>(Response::new(UserLoginResponse { token })), |
| <span class="prelude-val">Err</span>(e) => <span class="macro">bail!</span>(AuthenticationServiceError::Service(e)), |
| } |
| } |
| } |
| |
| <span class="kw">async fn </span>user_change_password( |
| <span class="kw-2">&</span><span class="self">self</span>, |
| request: Request<UserChangePasswordRequest>, |
| ) -> TeaclaveServiceResponseResult<()> { |
| <span class="kw">let </span>requester_role = <span class="self">self</span>.validate_credential_in_request(<span class="kw-2">&</span>request)<span class="question-mark">?</span>; |
| |
| <span class="kw">let </span>id: String = request |
| .metadata() |
| .get(<span class="string">"id"</span>) |
| .and_then(|x| x.to_str().ok()) |
| .unwrap() |
| .into(); |
| <span class="kw">let </span>request = request.get_ref(); |
| <span class="macro">ensure!</span>( |
| !request.password.is_empty(), |
| AuthenticationError::InvalidPassword |
| ); |
| <span class="kw">let </span>updated_user = UserInfo::new(<span class="kw-2">&</span>id, <span class="kw-2">&</span>request.password, requester_role); |
| |
| <span class="kw">match </span><span class="self">self</span>.db_client.lock().unwrap().update_user(<span class="kw-2">&</span>updated_user) { |
| <span class="prelude-val">Ok</span>(<span class="kw">_</span>) => <span class="prelude-val">Ok</span>(Response::new(())), |
| <span class="prelude-val">Err</span>(e) => <span class="macro">bail!</span>(AuthenticationServiceError::Service(e.into())), |
| } |
| } |
| |
| <span class="kw">async fn </span>reset_user_password( |
| <span class="kw-2">&</span><span class="self">self</span>, |
| request: Request<ResetUserPasswordRequest>, |
| ) -> TeaclaveServiceResponseResult<ResetUserPasswordResponse> { |
| <span class="kw">let </span>requester_role = <span class="self">self</span>.validate_credential_in_request(<span class="kw-2">&</span>request)<span class="question-mark">?</span>; |
| |
| <span class="kw">let </span>request = request.get_ref(); |
| <span class="macro">ensure!</span>( |
| !request.id.is_empty(), |
| AuthenticationServiceError::InvalidUserId |
| ); |
| <span class="kw">let </span>user = <span class="self">self |
| </span>.db_client |
| .lock() |
| .unwrap() |
| .get_user(<span class="kw-2">&</span>request.id) |
| .map_err(|<span class="kw">_</span>| AuthenticationServiceError::PermissionDenied)<span class="question-mark">?</span>; |
| |
| <span class="macro">ensure!</span>( |
| authorize_reset_user_password(<span class="kw-2">&</span>requester_role, <span class="kw-2">&</span>user), |
| AuthenticationServiceError::PermissionDenied |
| ); |
| |
| <span class="kw">let </span><span class="kw-2">mut </span>encode_buffer = uuid::Uuid::encode_buffer(); |
| <span class="kw">let </span>new_password = uuid::Uuid::new_v4() |
| .to_simple() |
| .encode_lower(<span class="kw-2">&mut </span>encode_buffer); |
| <span class="kw">let </span>updated_user = UserInfo::new(<span class="kw-2">&</span>request.id, new_password, user.role); |
| <span class="kw">match </span><span class="self">self</span>.db_client.lock().unwrap().update_user(<span class="kw-2">&</span>updated_user) { |
| <span class="prelude-val">Ok</span>(<span class="kw">_</span>) => <span class="prelude-val">Ok</span>(Response::new(ResetUserPasswordResponse { |
| password: new_password.to_string(), |
| })), |
| <span class="prelude-val">Err</span>(e) => <span class="macro">bail!</span>(AuthenticationServiceError::Service(e.into())), |
| } |
| } |
| |
| <span class="kw">async fn </span>delete_user( |
| <span class="kw-2">&</span><span class="self">self</span>, |
| request: Request<DeleteUserRequest>, |
| ) -> TeaclaveServiceResponseResult<()> { |
| <span class="kw">let </span>requester_role = <span class="self">self</span>.validate_credential_in_request(<span class="kw-2">&</span>request)<span class="question-mark">?</span>; |
| |
| <span class="kw">let </span>request = request.get_ref(); |
| <span class="macro">ensure!</span>( |
| !request.id.is_empty(), |
| AuthenticationServiceError::InvalidUserId |
| ); |
| <span class="kw">let </span>user = <span class="self">self |
| </span>.db_client |
| .lock() |
| .unwrap() |
| .get_user(<span class="kw-2">&</span>request.id) |
| .map_err(|<span class="kw">_</span>| AuthenticationServiceError::PermissionDenied)<span class="question-mark">?</span>; |
| |
| <span class="macro">ensure!</span>( |
| authorize_delete_user(<span class="kw-2">&</span>requester_role, <span class="kw-2">&</span>user), |
| AuthenticationServiceError::PermissionDenied |
| ); |
| <span class="kw">match </span><span class="self">self</span>.db_client.lock().unwrap().delete_user(<span class="kw-2">&</span>request.id) { |
| <span class="prelude-val">Ok</span>(<span class="kw">_</span>) => <span class="prelude-val">Ok</span>(Response::new(())), |
| <span class="prelude-val">Err</span>(e) => <span class="macro">bail!</span>(AuthenticationServiceError::Service(e.into())), |
| } |
| } |
| |
| <span class="kw">async fn </span>list_users( |
| <span class="kw-2">&</span><span class="self">self</span>, |
| request: Request<ListUsersRequest>, |
| ) -> TeaclaveServiceResponseResult<ListUsersResponse> { |
| <span class="kw">let </span>requester_role = <span class="self">self</span>.validate_credential_in_request(<span class="kw-2">&</span>request)<span class="question-mark">?</span>; |
| |
| <span class="kw">let </span>request = request.get_ref(); |
| <span class="macro">ensure!</span>( |
| !request.id.is_empty(), |
| AuthenticationServiceError::InvalidUserId |
| ); |
| |
| <span class="macro">ensure!</span>( |
| authorize_list_users(<span class="kw-2">&</span>requester_role, request), |
| AuthenticationServiceError::PermissionDenied |
| ); |
| |
| <span class="kw">let </span>users = <span class="kw">match </span>requester_role { |
| UserRole::PlatformAdmin => <span class="self">self</span>.db_client.lock().unwrap().list_users(), |
| <span class="kw">_ </span>=> <span class="self">self |
| </span>.db_client |
| .lock() |
| .unwrap() |
| .list_users_by_attribute(<span class="kw-2">&</span>request.id), |
| }; |
| |
| <span class="kw">match </span>users { |
| <span class="prelude-val">Ok</span>(ids) => <span class="prelude-val">Ok</span>(Response::new(ListUsersResponse { ids })), |
| <span class="prelude-val">Err</span>(e) => <span class="macro">bail!</span>(AuthenticationServiceError::Service(e.into())), |
| } |
| } |
| } |
| |
| <span class="kw">fn </span>authorize_user_register(role: <span class="kw-2">&</span>UserRole, request: <span class="kw-2">&</span>UserRegisterRequest) -> bool { |
| <span class="kw">match </span>role { |
| UserRole::PlatformAdmin => <span class="bool-val">true</span>, |
| UserRole::DataOwnerManager(s) => { |
| <span class="kw">let </span>request_role = UserRole::new(<span class="kw-2">&</span>request.role, <span class="kw-2">&</span>request.attribute); |
| request_role == UserRole::DataOwner(s.to_owned()) |
| } |
| UserRole::FunctionOwner => { |
| <span class="kw">let </span>request_role = UserRole::new(<span class="kw-2">&</span>request.role, <span class="kw-2">&</span>request.attribute); |
| <span class="macro">matches!</span>(request_role, UserRole::DataOwnerManager(<span class="kw">_</span>)) |
| } |
| <span class="kw">_ </span>=> <span class="bool-val">false</span>, |
| } |
| } |
| |
| <span class="kw">fn </span>authorize_user_update(role: <span class="kw-2">&</span>UserRole, request: <span class="kw-2">&</span>UserUpdateRequest) -> bool { |
| <span class="kw">match </span>role { |
| UserRole::PlatformAdmin => <span class="bool-val">true</span>, |
| UserRole::DataOwnerManager(s) => { |
| <span class="kw">let </span>request_role = UserRole::new(<span class="kw-2">&</span>request.role, <span class="kw-2">&</span>request.attribute); |
| request_role == UserRole::DataOwner(s.to_owned()) |
| } |
| <span class="kw">_ </span>=> <span class="bool-val">false</span>, |
| } |
| } |
| |
| <span class="kw">fn </span>authorize_reset_user_password(role: <span class="kw-2">&</span>UserRole, target_user: <span class="kw-2">&</span>UserInfo) -> bool { |
| <span class="kw">match </span>role { |
| UserRole::PlatformAdmin => <span class="bool-val">true</span>, |
| UserRole::DataOwnerManager(s) => { |
| <span class="kw">let </span>request_role = <span class="kw-2">&</span>target_user.role; |
| <span class="kw-2">*</span>request_role == UserRole::DataOwner(s.to_owned()) |
| } |
| <span class="kw">_ </span>=> <span class="bool-val">false</span>, |
| } |
| } |
| |
| <span class="kw">fn </span>authorize_delete_user(role: <span class="kw-2">&</span>UserRole, target_user: <span class="kw-2">&</span>UserInfo) -> bool { |
| <span class="kw">match </span>role { |
| UserRole::PlatformAdmin => <span class="bool-val">true</span>, |
| UserRole::DataOwnerManager(s) => { |
| <span class="kw">let </span>request_role = <span class="kw-2">&</span>target_user.role; |
| <span class="kw-2">*</span>request_role == UserRole::DataOwner(s.to_owned()) |
| } |
| <span class="kw">_ </span>=> <span class="bool-val">false</span>, |
| } |
| } |
| |
| <span class="kw">fn </span>authorize_list_users(role: <span class="kw-2">&</span>UserRole, request: <span class="kw-2">&</span>ListUsersRequest) -> bool { |
| <span class="kw">match </span>role { |
| UserRole::PlatformAdmin => <span class="bool-val">true</span>, |
| UserRole::DataOwnerManager(s) => s == <span class="kw-2">&</span>request.id, |
| UserRole::FunctionOwner => <span class="bool-val">false</span>, |
| <span class="kw">_ </span>=> <span class="bool-val">false</span>, |
| } |
| } |
| |
| <span class="attribute">#[cfg(feature = <span class="string">"enclave_unit_test"</span>)] |
| </span><span class="kw">pub mod </span>tests { |
| <span class="kw">use super</span>::<span class="kw-2">*</span>; |
| <span class="kw">use </span><span class="kw">crate</span>::user_db::<span class="kw-2">*</span>; |
| <span class="kw">use </span><span class="kw">crate</span>::user_info::<span class="kw-2">*</span>; |
| <span class="kw">use </span>rand::RngCore; |
| <span class="kw">use </span>std::vec; |
| <span class="kw">use </span>teaclave_rpc::{IntoRequest, MetadataMap}; |
| |
| <span class="kw">fn </span>get_mock_service() -> TeaclaveAuthenticationApiService { |
| <span class="kw">let </span>database = Database::open(<span class="string">""</span>).unwrap(); |
| <span class="kw">let </span><span class="kw-2">mut </span>jwt_secret = <span class="macro">vec!</span>[<span class="number">0</span>; JWT_SECRET_LEN]; |
| <span class="kw">let </span><span class="kw-2">mut </span>rng = rand::thread_rng(); |
| rng.fill_bytes(<span class="kw-2">&mut </span>jwt_secret); |
| <span class="kw">let </span>client = database.get_client(); |
| <span class="kw">crate</span>::create_platform_admin_user(client, <span class="string">"admin"</span>, <span class="string">"teaclave"</span>).unwrap(); |
| |
| TeaclaveAuthenticationApiService { |
| db_client: Arc::new(Mutex::new(database.get_client())), |
| jwt_secret, |
| } |
| } |
| |
| <span class="kw">pub async fn </span>test_user_register() { |
| <span class="kw">let </span>service = get_mock_service(); |
| <span class="kw">let </span>request = UserLoginRequest::new(<span class="string">"admin"</span>, <span class="string">"teaclave"</span>).into_request(); |
| <span class="kw">let </span>response = service.user_login(request).<span class="kw">await</span>.unwrap().into_inner(); |
| |
| <span class="kw">let </span><span class="kw-2">mut </span>metadata = MetadataMap::new(); |
| metadata.insert(<span class="string">"id"</span>, <span class="string">"admin"</span>.parse().unwrap()); |
| metadata.insert(<span class="string">"token"</span>, response.token.parse().unwrap()); |
| <span class="kw">let </span><span class="kw-2">mut </span>request = |
| UserRegisterRequest::new(<span class="string">"test_register_id"</span>, <span class="string">"test_password"</span>, <span class="string">"PlatformAdmin"</span>, <span class="string">""</span>) |
| .into_request(); |
| <span class="kw">let </span>meta = request.metadata_mut(); |
| <span class="kw-2">*</span>meta = metadata; |
| <span class="macro">assert!</span>(service.user_register(request).<span class="kw">await</span>.is_ok()); |
| } |
| |
| <span class="kw">pub async fn </span>test_user_update() { |
| <span class="kw">let </span>service = get_mock_service(); |
| <span class="kw">let </span>request = UserLoginRequest::new(<span class="string">"admin"</span>, <span class="string">"teaclave"</span>).into_request(); |
| <span class="kw">let </span>response = service.user_login(request).<span class="kw">await</span>.unwrap().into_inner(); |
| |
| <span class="kw">let </span><span class="kw-2">mut </span>metadata = MetadataMap::new(); |
| metadata.insert(<span class="string">"id"</span>, <span class="string">"admin"</span>.parse().unwrap()); |
| metadata.insert(<span class="string">"token"</span>, response.token.parse().unwrap()); |
| <span class="kw">let </span><span class="kw-2">mut </span>request = |
| UserRegisterRequest::new(<span class="string">"test_update_id"</span>, <span class="string">"test_password"</span>, <span class="string">"PlatformAdmin"</span>, <span class="string">""</span>) |
| .into_request(); |
| <span class="kw">let </span>meta = request.metadata_mut(); |
| <span class="kw-2">*</span>meta = metadata.clone(); |
| <span class="macro">assert!</span>(service.user_register(request).<span class="kw">await</span>.is_ok()); |
| |
| <span class="kw">let </span><span class="kw-2">mut </span>request = |
| UserUpdateRequest::new(<span class="string">"test_update_id"</span>, <span class="string">"updated_password"</span>, <span class="string">"PlatformAdmin"</span>, <span class="string">""</span>) |
| .into_request(); |
| <span class="kw">let </span>meta = request.metadata_mut(); |
| <span class="kw-2">*</span>meta = metadata.clone(); |
| service.user_update(request).<span class="kw">await</span>.unwrap(); |
| |
| <span class="kw">let </span><span class="kw-2">mut </span>request = |
| UserUpdateRequest::new(<span class="string">"test_nonexist_id"</span>, <span class="string">"updated_password"</span>, <span class="string">"PlatformAdmin"</span>, <span class="string">""</span>) |
| .into_request(); |
| <span class="kw">let </span>meta = request.metadata_mut(); |
| <span class="kw-2">*</span>meta = metadata; |
| <span class="macro">assert!</span>(service.user_update(request).<span class="kw">await</span>.is_err()); |
| |
| <span class="kw">let </span>request = UserLoginRequest::new(<span class="string">"test_update_id"</span>, <span class="string">"updated_password"</span>).into_request(); |
| <span class="kw">let </span>response = service.user_login(request).<span class="kw">await</span>; |
| <span class="macro">assert!</span>(response.is_ok()); |
| } |
| |
| <span class="kw">pub async fn </span>test_user_login() { |
| <span class="kw">let </span>service = get_mock_service(); |
| |
| <span class="kw">let </span>request = UserLoginRequest::new(<span class="string">"admin"</span>, <span class="string">"teaclave"</span>).into_request(); |
| <span class="kw">let </span>response = service.user_login(request).<span class="kw">await</span>.unwrap().into_inner(); |
| |
| <span class="kw">let </span><span class="kw-2">mut </span>metadata = MetadataMap::new(); |
| metadata.insert(<span class="string">"id"</span>, <span class="string">"admin"</span>.parse().unwrap()); |
| metadata.insert(<span class="string">"token"</span>, response.token.parse().unwrap()); |
| |
| <span class="kw">let </span><span class="kw-2">mut </span>request = |
| UserRegisterRequest::new(<span class="string">"test_login_id"</span>, <span class="string">"test_password"</span>, <span class="string">"FunctionOwner"</span>, <span class="string">""</span>) |
| .into_request(); |
| <span class="kw">let </span>meta = request.metadata_mut(); |
| <span class="kw-2">*</span>meta = metadata; |
| <span class="macro">assert!</span>(service.user_register(request).<span class="kw">await</span>.is_ok()); |
| |
| <span class="kw">let </span>request = UserLoginRequest::new(<span class="string">"test_login_id"</span>, <span class="string">"test_password"</span>).into_request(); |
| <span class="kw">let </span>response = service.user_login(request).<span class="kw">await</span>; |
| <span class="macro">assert!</span>(response.is_ok()); |
| |
| <span class="kw">let </span>token = response.unwrap().into_inner().token; |
| <span class="kw">let </span>user = service |
| .db_client |
| .lock() |
| .unwrap() |
| .get_user(<span class="string">"test_login_id"</span>) |
| .unwrap(); |
| <span class="macro">assert!</span>(user.validate_token(<span class="kw-2">&</span>service.jwt_secret, <span class="kw-2">&</span>token).is_ok()); |
| |
| <span class="macro">debug!</span>(<span class="string">"saved user_info: {:?}"</span>, user); |
| <span class="kw">let </span>request = UserLoginRequest::new(<span class="string">"test_login_id"</span>, <span class="string">"test_password1"</span>).into_request(); |
| <span class="macro">assert!</span>(service.user_login(request).<span class="kw">await</span>.is_err()); |
| } |
| |
| <span class="kw">pub async fn </span>test_user_change_password() { |
| <span class="kw">let </span>service = get_mock_service(); |
| <span class="kw">let </span>request = UserLoginRequest::new(<span class="string">"admin"</span>, <span class="string">"teaclave"</span>).into_request(); |
| <span class="kw">let </span>response = service.user_login(request).<span class="kw">await</span>.unwrap().into_inner(); |
| |
| <span class="kw">let </span><span class="kw-2">mut </span>metadata = MetadataMap::new(); |
| metadata.insert(<span class="string">"id"</span>, <span class="string">"admin"</span>.parse().unwrap()); |
| metadata.insert(<span class="string">"token"</span>, response.token.parse().unwrap()); |
| <span class="kw">let </span><span class="kw-2">mut </span>request = UserRegisterRequest::new( |
| <span class="string">"test_user_change_password_id"</span>, |
| <span class="string">"test_password"</span>, |
| <span class="string">"PlatformAdmin"</span>, |
| <span class="string">""</span>, |
| ) |
| .into_request(); |
| <span class="kw-2">*</span>request.metadata_mut() = metadata; |
| <span class="macro">assert!</span>(service.user_register(request).<span class="kw">await</span>.is_ok()); |
| |
| <span class="kw">let </span>request = |
| UserLoginRequest::new(<span class="string">"test_user_change_password_id"</span>, <span class="string">"test_password"</span>).into_request(); |
| <span class="kw">let </span>response = service.user_login(request).<span class="kw">await</span>.unwrap().into_inner(); |
| <span class="kw">let </span><span class="kw-2">mut </span>metadata = MetadataMap::new(); |
| metadata.insert(<span class="string">"id"</span>, <span class="string">"test_user_change_password_id"</span>.parse().unwrap()); |
| metadata.insert(<span class="string">"token"</span>, response.token.parse().unwrap()); |
| |
| <span class="kw">let </span><span class="kw-2">mut </span>request = UserChangePasswordRequest::new(<span class="string">"updated_password"</span>).into_request(); |
| <span class="kw-2">*</span>request.metadata_mut() = metadata.clone(); |
| service.user_change_password(request).<span class="kw">await</span>.unwrap(); |
| |
| <span class="kw">let </span><span class="kw-2">mut </span>request = UserChangePasswordRequest::new(<span class="string">""</span>).into_request(); |
| <span class="kw-2">*</span>request.metadata_mut() = metadata; |
| |
| <span class="macro">assert!</span>(service.user_change_password(request).<span class="kw">await</span>.is_err()); |
| |
| <span class="kw">let </span>request = UserLoginRequest::new(<span class="string">"test_user_change_password_id"</span>, <span class="string">"updated_password"</span>) |
| .into_request(); |
| <span class="kw">let </span>response = service.user_login(request).<span class="kw">await</span>; |
| <span class="macro">assert!</span>(response.is_ok()); |
| } |
| |
| <span class="kw">pub async fn </span>test_reset_user_password() { |
| <span class="kw">let </span>service = get_mock_service(); |
| <span class="kw">let </span>request = UserLoginRequest::new(<span class="string">"admin"</span>, <span class="string">"teaclave"</span>).into_request(); |
| <span class="kw">let </span>response = service.user_login(request).<span class="kw">await</span>.unwrap().into_inner(); |
| |
| <span class="kw">let </span><span class="kw-2">mut </span>metadata = MetadataMap::new(); |
| metadata.insert(<span class="string">"id"</span>, <span class="string">"admin"</span>.parse().unwrap()); |
| metadata.insert(<span class="string">"token"</span>, response.token.parse().unwrap()); |
| <span class="kw">let </span><span class="kw-2">mut </span>request = UserRegisterRequest::new( |
| <span class="string">"test_reset_user_password_id"</span>, |
| <span class="string">"test_password"</span>, |
| <span class="string">"PlatformAdmin"</span>, |
| <span class="string">""</span>, |
| ) |
| .into_request(); |
| <span class="kw-2">*</span>request.metadata_mut() = metadata.clone(); |
| <span class="macro">assert!</span>(service.user_register(request).<span class="kw">await</span>.is_ok()); |
| |
| <span class="kw">let </span><span class="kw-2">mut </span>request = |
| ResetUserPasswordRequest::new(<span class="string">"test_reset_user_password_id"</span>).into_request(); |
| <span class="kw-2">*</span>request.metadata_mut() = metadata.clone(); |
| <span class="kw">let </span>response = service.reset_user_password(request).<span class="kw">await</span>; |
| <span class="macro">assert!</span>(response.is_ok()); |
| |
| <span class="kw">let </span>request = UserLoginRequest::new( |
| <span class="string">"test_reset_user_password_id"</span>, |
| response.unwrap().into_inner().password, |
| ) |
| .into_request(); |
| <span class="kw">let </span>response = service.user_login(request).<span class="kw">await</span>; |
| <span class="macro">assert!</span>(response.is_ok()); |
| } |
| |
| <span class="kw">pub async fn </span>test_delete_user() { |
| <span class="kw">let </span>service = get_mock_service(); |
| |
| <span class="kw">let </span>request = UserLoginRequest::new(<span class="string">"admin"</span>, <span class="string">"teaclave"</span>).into_request(); |
| <span class="kw">let </span>response = service.user_login(request).<span class="kw">await</span>.unwrap().into_inner(); |
| |
| <span class="kw">let </span><span class="kw-2">mut </span>metadata = MetadataMap::new(); |
| metadata.insert(<span class="string">"id"</span>, <span class="string">"admin"</span>.parse().unwrap()); |
| metadata.insert(<span class="string">"token"</span>, response.token.parse().unwrap()); |
| |
| <span class="kw">let </span><span class="kw-2">mut </span>request = |
| UserRegisterRequest::new(<span class="string">"test_delete_user_id"</span>, <span class="string">"test_password"</span>, <span class="string">"FunctionOwner"</span>, <span class="string">""</span>) |
| .into_request(); |
| <span class="kw-2">*</span>request.metadata_mut() = metadata; |
| <span class="macro">assert!</span>(service.user_register(request).<span class="kw">await</span>.is_ok()); |
| |
| <span class="kw">let </span>request = UserLoginRequest::new(<span class="string">"test_delete_user_id"</span>, <span class="string">"test_password"</span>).into_request(); |
| <span class="kw">let </span>response = service.user_login(request).<span class="kw">await</span>; |
| <span class="macro">assert!</span>(response.is_ok()); |
| |
| <span class="kw">let </span>token = response.unwrap().into_inner().token; |
| <span class="kw">let </span>user = service |
| .db_client |
| .lock() |
| .unwrap() |
| .get_user(<span class="string">"test_delete_user_id"</span>) |
| .unwrap(); |
| <span class="macro">assert!</span>(user.validate_token(<span class="kw-2">&</span>service.jwt_secret, <span class="kw-2">&</span>token).is_ok()); |
| |
| <span class="kw">let </span>request = UserLoginRequest::new(<span class="string">"admin"</span>, <span class="string">"teaclave"</span>).into_request(); |
| <span class="kw">let </span>response = service.user_login(request).<span class="kw">await</span>.unwrap().into_inner(); |
| <span class="kw">let </span><span class="kw-2">mut </span>metadata = MetadataMap::new(); |
| metadata.insert(<span class="string">"id"</span>, <span class="string">"admin"</span>.parse().unwrap()); |
| metadata.insert(<span class="string">"token"</span>, response.token.parse().unwrap()); |
| <span class="kw">let </span><span class="kw-2">mut </span>request = DeleteUserRequest::new(<span class="string">"test_delete_user_id"</span>).into_request(); |
| <span class="kw-2">*</span>request.metadata_mut() = metadata; |
| <span class="macro">assert!</span>(service.delete_user(request).<span class="kw">await</span>.is_ok()); |
| |
| <span class="macro">debug!</span>(<span class="string">"saved user_info: {:?}"</span>, user); |
| <span class="kw">let </span>request = UserLoginRequest::new(<span class="string">"test_delete_user_id"</span>, <span class="string">"test_password"</span>).into_request(); |
| <span class="macro">assert!</span>(service.user_login(request).<span class="kw">await</span>.is_err()); |
| } |
| } |
| </code></pre></div> |
| </section></div></main><div id="rustdoc-vars" data-root-path="../../" data-current-crate="teaclave_authentication_service_enclave" data-themes="ayu,dark,light" data-resource-suffix="" data-rustdoc-version="1.66.0-nightly (5c8bff74b 2022-10-21)" ></div></body></html> |