Can register a new key

2025-11-04 09:34:04 +00:00 · 2021-05-14 10:58:11 +02:00
parent 70860ab184
commit 3838cf3e03
9 changed files with 67 additions and 6 deletions
--- a/src/controllers/admin/admin_account_controller.rs
+++ b/src/controllers/admin/admin_account_controller.rs
@@ -12,7 +12,7 @@ use crate::data::admin::NewAdminGeneralSettings;
 use crate::data::base_request_handler::BaseRequestHandler;
 use crate::data::http_request_handler::HttpRequestHandler;
 use crate::data::webauthn_config::get_wan;
-use crate::helpers::{admin_access_token_helper, admin_account_helper, admin_key_registration_challenges_helper};
+use crate::helpers::{admin_access_token_helper, admin_account_helper, admin_account_key_helper, admin_key_registration_challenges_helper};
 use crate::routes::RequestResult;
 use crate::utils::date_utils::time;

@@ -103,4 +103,22 @@ pub fn challenge_register_key(r: &mut HttpRequestHandler) -> RequestResult {
    admin_key_registration_challenges_helper::set(r.admin_id()?, state)?;

    r.set_response(res)
+}
+
+/// Register key
+pub fn register_key(r: &mut HttpRequestHandler) -> RequestResult {
+    let name = r.post_string("name")?;
+
+    let creds = r.post_register_public_key_credential("key")?;
+    let state = r.some_or_internal_error(
+        admin_key_registration_challenges_helper::get(r.admin_id()?)?,
+        "No challenge found!",
+    )?;
+
+    let wan = get_wan();
+    let key = wan.register_credential(creds, state, |_| Ok(false))?;
+
+    admin_account_key_helper::add_key(r.admin_id()?, &name, key)?;
+
+    r.ok()
 }
--- a/src/data/base_request_handler.rs
+++ b/src/data/base_request_handler.rs
@@ -551,6 +551,13 @@ pub trait BaseRequestHandler {
        Ok(list)
    }

+    /// Get the response to a key register credential included in the request
+    fn post_register_public_key_credential(&mut self, name: &str) -> Res<webauthn_rs::proto::RegisterPublicKeyCredential> {
+        let str = self.post_string(name)?;
+
+        Ok(serde_json::from_str(&str)?)
+    }
+
    /// Get the ID of a user included in a POST request
    fn post_user_id(&mut self, name: &str) -> ResultBoxError<UserID> {
        let user_id = UserID::new(self.post_u64(name)?);
--- a/src/helpers/admin_account_key_helper.rs
+++ b/src/helpers/admin_account_key_helper.rs
@@ -0,0 +1,21 @@
+//! # Admin account key helper
+//!
+//! @author Pierre Hubert
+
+use webauthn_rs::proto::Credential;
+
+use crate::constants::database_tables_names::ADMIN_KEYS_TABLE;
+use crate::data::admin::AdminID;
+use crate::data::error::Res;
+use crate::helpers::database;
+use crate::utils::date_utils::time;
+
+/// Save a new key in the database
+pub fn add_key(id: AdminID, name: &str, key: Credential) -> Res {
+    database::InsertQuery::new(ADMIN_KEYS_TABLE)
+        .add_admin_id("admin_id", id)
+        .add_str("name", name)
+        .add_u64("time_add", time())
+        .add_str("security_key", &serde_json::to_string(&key)?)
+        .insert_drop_result()
+}
--- a/src/helpers/admin_key_registration_challenges_helper.rs
+++ b/src/helpers/admin_key_registration_challenges_helper.rs
@@ -31,4 +31,12 @@ pub fn set(admin: AdminID, key: RegistrationState) -> Res {
    cache?.insert(admin, key);

    Ok(())
+}
+
+pub fn get(admin: AdminID) -> Res<Option<RegistrationState>> {
+    let cache = unsafe {
+        CACHE.as_ref().unwrap().lock()
+    };
+
+    Ok(cache?.remove(&admin))
 }
--- a/src/helpers/database.rs
+++ b/src/helpers/database.rs
@@ -692,6 +692,11 @@ impl InsertQuery {
        self
    }

+    pub fn add_admin_id(mut self, key: &str, value: AdminID) -> InsertQuery {
+        self.values.insert(key.to_string(), Value::from(value.id()));
+        self
+    }
+
    pub fn add_group_id(mut self, key: &str, value: &GroupID) -> InsertQuery {
        self.values.insert(key.to_string(), Value::from(value.id()));
        self
--- a/src/helpers/mod.rs
+++ b/src/helpers/mod.rs
@@ -23,5 +23,6 @@ pub mod independent_push_notifications_service_helper;
 pub mod firebase_notifications_helper;
 pub mod forez_presence_helper;
 pub mod admin_account_helper;
+pub mod admin_account_key_helper;
 pub mod admin_access_token_helper;
 pub mod admin_key_registration_challenges_helper;
--- a/src/routes.rs
+++ b/src/routes.rs
@@ -353,6 +353,7 @@ pub fn get_routes() -> Vec<Route> {
        Route::admin_post("/admin/accounts/id", Box::new(admin_account_controller::get_admin_id)),
        Route::admin_post("/admin/accounts/info", Box::new(admin_account_controller::get_admin_info)),
        Route::admin_post("/admin/accounts/update_general_settings", Box::new(admin_account_controller::update_general_settings)),
-        Route::admin_post("/admin/accounts/challenge_register_key", Box::new(admin_account_controller::challenge_register_key))
+        Route::admin_post("/admin/accounts/challenge_register_key", Box::new(admin_account_controller::challenge_register_key)),
+        Route::admin_post("/admin/accounts/register_key", Box::new(admin_account_controller::register_key)),
    ]
 }