lewis.moe / bspds-sandbox
this repo has no description
fork atom
bspds-sandbox / src / api / server / service_auth.rs
at 6f959c6c1b6e9ee99e7f6e49c3fc78a4affe0491 1.8 kB view raw
1use crate::api::ApiError; 2use crate::state::AppState; 3use axum::{ 4 Json, 5 extract::{Query, State}, 6 http::StatusCode, 7 response::{IntoResponse, Response}, 8}; 9use serde::{Deserialize, Serialize}; 10use serde_json::json; 11use tracing::error; 12#[derive(Deserialize)] 13pub struct GetServiceAuthParams { 14 pub aud: String, 15 pub lxm: Option<String>, 16 pub exp: Option<i64>, 17} 18#[derive(Serialize)] 19pub struct GetServiceAuthOutput { 20 pub token: String, 21} 22pub async fn get_service_auth( 23 State(state): State<AppState>, 24 headers: axum::http::HeaderMap, 25 Query(params): Query<GetServiceAuthParams>, 26) -> Response { 27 let token = match crate::auth::extract_bearer_token_from_header( 28 headers.get("Authorization").and_then(|h| h.to_str().ok()) 29 ) { 30 Some(t) => t, 31 None => return ApiError::AuthenticationRequired.into_response(), 32 }; 33 let auth_user = match crate::auth::validate_bearer_token(&state.db, &token).await { 34 Ok(user) => user, 35 Err(e) => return ApiError::from(e).into_response(), 36 }; 37 let key_bytes = match auth_user.key_bytes { 38 Some(kb) => kb, 39 None => return ApiError::AuthenticationFailedMsg("OAuth tokens cannot create service auth".into()).into_response(), 40 }; 41 let lxm = params.lxm.as_deref().unwrap_or("*"); 42 let service_token = match crate::auth::create_service_token(&auth_user.did, &params.aud, lxm, &key_bytes) 43 { 44 Ok(t) => t, 45 Err(e) => { 46 error!("Failed to create service token: {:?}", e); 47 return ( 48 StatusCode::INTERNAL_SERVER_ERROR, 49 Json(json!({"error": "InternalError"})), 50 ) 51 .into_response(); 52 } 53 }; 54 (StatusCode::OK, Json(GetServiceAuthOutput { token: service_token })).into_response() 55}