Skip to content

Commit

Permalink
Merge pull request #4 from phnx-im/update-http
Browse files Browse the repository at this point in the history 
Update HTTP deps
  • Loading branch information
@raphaelrobert
raphaelrobert authored Jan 22, 2024
2 parents 695a926 + 4acb07d commit a80d165
Show file tree
Hide file tree
Showing 6 changed files with 89 additions and 29 deletions.
19 changes: 10 additions & 9 deletions Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,19 +11,20 @@ license = "AGPL-3.0-or-later"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html

[dependencies]
axum = "0.6"
axum = "0.7.4"
features = "0.10.0"
futures = "0.3.23"
hyper = "0.14.20"
futures = "0.3"
hyper = "1"
tokio = { version = "1.20.1", features = ["rt", "rt-multi-thread", "macros"] }
tower = "0.4.13"
tower-http = { version = "0.4", features = ["trace"] }
trace = "0.1.6"
tower-http = { version = "0.5", features = ["trace"] }
trace = "0.1"
privacypass = { git = "https://github.com/raphaelrobert/privacypass" }
async-trait = "0.1.57"
base64 = "0.21.0"
actix-web = "4.2.1"
async-trait = "0.1"
base64 = "0.21"
actix-web = "4.4"
futures-util = "0.3.24"
http = "1"

[dev-dependencies]
reqwest = "0.11.11"
reqwest = "0.11"
23 changes: 16 additions & 7 deletions src/actix_middleware.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@ use actix_web::{
dev::{forward_ready, Response, Service, ServiceRequest, ServiceResponse, Transform},
error::{ErrorInternalServerError, ErrorUnauthorized},
http::{
self,
header::{self, HeaderValue},
StatusCode,
},
Expand All @@ -31,7 +30,10 @@ use privacypass::{
Deserialize, NonceStore,
};

use crate::state::{PrivacyPassProvider, PrivacyPassState};
use crate::{
state::{PrivacyPassProvider, PrivacyPassState},
utils::{header_name_to_http02, header_value_to_http02, header_value_to_http10, uri_to_http10},
};

// There are two steps in middleware processing.
// 1. Middleware initialization, middleware factory gets called with
Expand Down Expand Up @@ -103,8 +105,9 @@ where
let authorization = req.headers_mut().remove(header::AUTHORIZATION).next();

// Deserialize the token from the authorization header.
let token_option =
authorization.and_then(|header_value| parse_authorization_header(&header_value).ok());
let token_option = authorization.and_then(|header_value| {
parse_authorization_header(&header_value_to_http10(header_value)).ok()
});

// If the token is present, then authenticate the token.
if let Some(token) = token_option {
Expand All @@ -123,11 +126,17 @@ where
// If the token is not present, then issue a challenge.
let public_key = state.public_key();
let token_key = serialize_public_key(*public_key);
let build_res =
build_www_authenticate_header(&challenge(req.request().uri()), &token_key, None);
let build_res = build_www_authenticate_header(
&challenge(&uri_to_http10(req.request().uri())),
&token_key,
None,
);
if let Ok((header_name, header_value)) = build_res {
let response = HttpResponse::build(StatusCode::OK)
.append_header((header_name, header_value))
.append_header((
header_name_to_http02(header_name),
header_value_to_http02(header_value),
))
.finish();

let sr: ServiceResponse<B> = req.into_response(response);
Expand Down
2 changes: 2 additions & 0 deletions src/lib.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,3 +6,5 @@ pub mod actix_middleware;
pub mod axum_middleware;
pub mod memory_stores;
pub mod state;

pub mod utils;
36 changes: 36 additions & 0 deletions src/utils.rs
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
// SPDX-FileCopyrightText: 2024 Phoenix R&D GmbH <[email protected]>
//
// SPDX-License-Identifier: AGPL-3.0-or-later
//! This module contains utility functions for converting between actix/reqwest
//! and http types. This is necessary because actix/reqwest use a different http
//! library to hyper.
use std::str::FromStr;

pub fn header_name_to_http10(
header_name: actix_web::http::header::HeaderName,
) -> http::header::HeaderName {
http::header::HeaderName::from_str(header_name.as_str()).unwrap()
}

pub fn header_value_to_http10(
header_value: actix_web::http::header::HeaderValue,
) -> http::header::HeaderValue {
http::header::HeaderValue::from_str(header_value.to_str().unwrap()).unwrap()
}

pub fn header_name_to_http02(
header_name: http::header::HeaderName,
) -> actix_web::http::header::HeaderName {
actix_web::http::header::HeaderName::from_str(header_name.as_str()).unwrap()
}

pub fn header_value_to_http02(
header_value: http::header::HeaderValue,
) -> actix_web::http::header::HeaderValue {
actix_web::http::header::HeaderValue::from_str(header_value.to_str().unwrap()).unwrap()
}

pub fn uri_to_http10(uri: &actix_web::http::Uri) -> http::Uri {
http::Uri::from_str(uri.to_string().as_str()).unwrap()
}
6 changes: 5 additions & 1 deletion tests/actix.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ use privacypass_middleware::{
actix_middleware::*,
memory_stores::{MemoryKeyStore, MemoryNonceStore},
state::PrivacyPassState,
utils::{header_name_to_http02, header_value_to_http02, header_value_to_http10},
};
use std::{sync::Arc, thread};

Expand Down Expand Up @@ -79,7 +80,7 @@ async fn full_cycle_actix() {

// Extract token challenge from header
let header_name = http::header::WWW_AUTHENTICATE;
let header_value = res.headers().get(header_name).unwrap().clone();
let header_value = header_value_to_http10(res.headers().get(header_name).unwrap().clone());

assert_eq!(res.bytes().await.unwrap().len(), 0);

Expand Down Expand Up @@ -128,6 +129,9 @@ async fn full_cycle_actix() {
// Redeem a token
let (header_name, header_value) = build_authorization_header(&tokens[0]).unwrap();

let header_name = header_name_to_http02(header_name);
let header_value = header_value_to_http02(header_value);

let res = http_client
.get("http://localhost:3001/origin")
.header(header_name.clone(), header_value.clone())
Expand Down
32 changes: 20 additions & 12 deletions tests/axum.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,20 +2,26 @@
//
// SPDX-License-Identifier: AGPL-3.0-or-later

use axum::http::{self, HeaderValue};
use axum::{
routing::{get, post},
Extension, Router,
};
use hyper::StatusCode;
use privacypass::{
auth::{authenticate::parse_www_authenticate_header, authorize::build_authorization_header},
batched_tokens::{server::*, TokenResponse},
Serialize,
};
use privacypass_middleware::memory_stores::{MemoryKeyStore, MemoryNonceStore};
use privacypass_middleware::{axum_middleware::*, state::PrivacyPassState};
use std::{net::SocketAddr, sync::Arc};
use privacypass_middleware::{
axum_middleware::*,
memory_stores::{MemoryKeyStore, MemoryNonceStore},
state::PrivacyPassState,
utils::{header_name_to_http02, header_value_to_http02, header_value_to_http10},
};
use reqwest::{
header::{HeaderValue, CONTENT_TYPE},
StatusCode,
};
use std::sync::Arc;
use tower_http::trace::TraceLayer;

/// Sample server using axum. The server exposes two endpoints:
Expand All @@ -38,11 +44,10 @@ async fn run_server() {
.route_layer(Extension(privacy_pass_state.clone()))
.layer(TraceLayer::new_for_http());

let addr = SocketAddr::from(([127, 0, 0, 1], 3000));
axum::Server::bind(&addr)
.serve(app.into_make_service())
let listener = tokio::net::TcpListener::bind("127.0.0.1:3000")
.await
.unwrap();
axum::serve(listener, app).await.unwrap();
}

/// Origin endpoint
Expand Down Expand Up @@ -73,8 +78,8 @@ async fn full_cycle_axum() {
assert_eq!(res.status(), StatusCode::OK);

// Extract token challenge from header
let header_name = http::header::WWW_AUTHENTICATE;
let header_value = res.headers().get(header_name).unwrap().clone();
let header_name = reqwest::header::WWW_AUTHENTICATE;
let header_value = header_value_to_http10(res.headers().get(header_name).unwrap().clone());

assert_eq!(res.bytes().await.unwrap().len(), 0);

Expand All @@ -98,7 +103,7 @@ async fn full_cycle_axum() {
let res = http_client
.post("http://localhost:3000/issuer")
.header(
http::header::CONTENT_TYPE,
CONTENT_TYPE,
HeaderValue::from_static("message/token-request"),
)
.body(token_request.tls_serialize_detached().unwrap())
Expand All @@ -108,7 +113,7 @@ async fn full_cycle_axum() {

assert_eq!(res.status(), StatusCode::OK);
assert_eq!(
res.headers().get(http::header::CONTENT_TYPE).unwrap(),
res.headers().get(reqwest::header::CONTENT_TYPE).unwrap(),
HeaderValue::from_static("message/token-response")
);

Expand All @@ -123,6 +128,9 @@ async fn full_cycle_axum() {
// Redeem a token
let (header_name, header_value) = build_authorization_header(&tokens[0]).unwrap();

let header_name = header_name_to_http02(header_name);
let header_value = header_value_to_http02(header_value);

let res = http_client
.get("http://localhost:3000/origin")
.header(header_name.clone(), header_value.clone())
Expand Down

0 comments on commit a80d165

Please sign in to comment.