lewis.moe / bspds-sandbox
this repo has no description
fork atom
bspds-sandbox / src / api / server / service_auth.rs
at f7cc1a3c573bc146c2cd8fa65ed7a2c08a68d519 2.0 kB view raw
1use crate::api::ApiError; 2use crate::state::AppState; 3use axum::{ 4 Json, 5 extract::{Query, State}, 6 http::StatusCode, 7 response::{IntoResponse, Response}, 8}; 9use serde::{Deserialize, Serialize}; 10use serde_json::json; 11use tracing::error; 12 13#[derive(Deserialize)] 14pub struct GetServiceAuthParams { 15 pub aud: String, 16 pub lxm: Option<String>, 17 pub exp: Option<i64>, 18} 19 20#[derive(Serialize)] 21pub struct GetServiceAuthOutput { 22 pub token: String, 23} 24 25pub async fn get_service_auth( 26 State(state): State<AppState>, 27 headers: axum::http::HeaderMap, 28 Query(params): Query<GetServiceAuthParams>, 29) -> Response { 30 let token = match crate::auth::extract_bearer_token_from_header( 31 headers.get("Authorization").and_then(|h| h.to_str().ok()), 32 ) { 33 Some(t) => t, 34 None => return ApiError::AuthenticationRequired.into_response(), 35 }; 36 let auth_user = match crate::auth::validate_bearer_token(&state.db, &token).await { 37 Ok(user) => user, 38 Err(e) => return ApiError::from(e).into_response(), 39 }; 40 let key_bytes = match auth_user.key_bytes { 41 Some(kb) => kb, 42 None => { 43 return ApiError::AuthenticationFailedMsg( 44 "OAuth tokens cannot create service auth".into(), 45 ) 46 .into_response(); 47 } 48 }; 49 let lxm = params.lxm.as_deref().unwrap_or("*"); 50 let service_token = 51 match crate::auth::create_service_token(&auth_user.did, &params.aud, lxm, &key_bytes) { 52 Ok(t) => t, 53 Err(e) => { 54 error!("Failed to create service token: {:?}", e); 55 return ( 56 StatusCode::INTERNAL_SERVER_ERROR, 57 Json(json!({"error": "InternalError"})), 58 ) 59 .into_response(); 60 } 61 }; 62 ( 63 StatusCode::OK, 64 Json(GetServiceAuthOutput { 65 token: service_token, 66 }), 67 ) 68 .into_response() 69}