src/api/age_assurance.rs at 32fee7a7fff8493b78ca078a840b5819718f297d · lewis.moe/bspds-sandbox

lewis.moe / bspds-sandbox
this repo has no description
bspds-sandbox / src / api / age_assurance.rs
at 32fee7a7fff8493b78ca078a840b5819718f297d 2.3 kB view raw
 1use crate::auth::{extract_auth_token_from_header, validate_token_with_dpop};
 2use crate::state::AppState;
 3use axum::{
 4    Json,
 5    extract::State,
 6    http::{HeaderMap, StatusCode},
 7    response::{IntoResponse, Response},
 8};
 9use serde_json::json;
10
11pub async fn get_state(State(state): State<AppState>, headers: HeaderMap) -> Response {
12    let created_at = get_account_created_at(&state, &headers).await;
13    let now = chrono::Utc::now().to_rfc3339();
14
15    (
16        StatusCode::OK,
17        Json(json!({
18            "state": {
19                "status": "assured",
20                "access": "full",
21                "lastInitiatedAt": now
22            },
23            "metadata": {
24                "accountCreatedAt": created_at
25            }
26        })),
27    )
28        .into_response()
29}
30
31pub async fn get_age_assurance_state() -> Response {
32    (StatusCode::OK, Json(json!({"status": "assured"}))).into_response()
33}
34
35async fn get_account_created_at(state: &AppState, headers: &HeaderMap) -> Option<String> {
36    let auth_header = headers.get("Authorization").and_then(|h| h.to_str().ok());
37    tracing::debug!(?auth_header, "age assurance: extracting token");
38
39    let extracted = extract_auth_token_from_header(auth_header)?;
40    tracing::debug!("age assurance: got token, validating");
41
42    let dpop_proof = headers.get("DPoP").and_then(|h| h.to_str().ok());
43    let http_uri = "/";
44
45    let auth_user = match validate_token_with_dpop(
46        &state.db,
47        &extracted.token,
48        extracted.is_dpop,
49        dpop_proof,
50        "GET",
51        http_uri,
52        false,
53        false,
54    )
55    .await
56    {
57        Ok(user) => {
58            tracing::debug!(did = %user.did, "age assurance: validated user");
59            user
60        }
61        Err(e) => {
62            tracing::warn!(?e, "age assurance: token validation failed");
63            return None;
64        }
65    };
66
67    let row = match sqlx::query!(
68        "SELECT created_at FROM users WHERE did = $1",
69        &auth_user.did
70    )
71    .fetch_optional(&state.db)
72    .await
73    {
74        Ok(r) => {
75            tracing::debug!(?r, "age assurance: query result");
76            r
77        }
78        Err(e) => {
79            tracing::warn!(?e, "age assurance: query failed");
80            return None;
81        }
82    };
83
84    row.map(|r| r.created_at.to_rfc3339())
85}