lewis.moe / bspds-sandbox
this repo has no description
fork atom
bspds-sandbox / src / api / server / service_auth.rs
at 2f185d97a899cae96f736225e87e4f446262fcd6 1.8 kB view raw
1use crate::api::ApiError; 2use crate::state::AppState; 3use axum::{ 4 Json, 5 extract::{Query, State}, 6 http::StatusCode, 7 response::{IntoResponse, Response}, 8}; 9use serde::{Deserialize, Serialize}; 10use serde_json::json; 11use tracing::error; 12 13#[derive(Deserialize)] 14pub struct GetServiceAuthParams { 15 pub aud: String, 16 pub lxm: Option<String>, 17 pub exp: Option<i64>, 18} 19 20#[derive(Serialize)] 21pub struct GetServiceAuthOutput { 22 pub token: String, 23} 24 25pub async fn get_service_auth( 26 State(state): State<AppState>, 27 headers: axum::http::HeaderMap, 28 Query(params): Query<GetServiceAuthParams>, 29) -> Response { 30 let token = match crate::auth::extract_bearer_token_from_header( 31 headers.get("Authorization").and_then(|h| h.to_str().ok()) 32 ) { 33 Some(t) => t, 34 None => return ApiError::AuthenticationRequired.into_response(), 35 }; 36 37 let auth_user = match crate::auth::validate_bearer_token(&state.db, &token).await { 38 Ok(user) => user, 39 Err(e) => return ApiError::from(e).into_response(), 40 }; 41 42 let key_bytes = match auth_user.key_bytes { 43 Some(kb) => kb, 44 None => return ApiError::AuthenticationFailedMsg("OAuth tokens cannot create service auth".into()).into_response(), 45 }; 46 47 let lxm = params.lxm.as_deref().unwrap_or("*"); 48 49 let service_token = match crate::auth::create_service_token(&auth_user.did, &params.aud, lxm, &key_bytes) 50 { 51 Ok(t) => t, 52 Err(e) => { 53 error!("Failed to create service token: {:?}", e); 54 return ( 55 StatusCode::INTERNAL_SERVER_ERROR, 56 Json(json!({"error": "InternalError"})), 57 ) 58 .into_response(); 59 } 60 }; 61 62 (StatusCode::OK, Json(GetServiceAuthOutput { token: service_token })).into_response() 63}