pierre/BasicOIDC
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases 2 Wiki Activity

Compare commits

base: pierre:20251204
Branches Tags
pierre:master pierre:renovate/jwt-simple-0.x pierre:renovate/digest-0.x pierre:renovate/rand-0.x
pierre:20251204 pierre:20251028
...
compare: pierre:renovate/jwt-simple-0.x
Branches Tags
pierre:renovate/jwt-simple-0.x pierre:renovate/digest-0.x pierre:master pierre:renovate/rand-0.x
pierre:20251204 pierre:20251028

30 Commits
20251204 ... renovate/j

Author SHA1 Message Date
Renovate Bot
c820b40392 Update Rust crate jwt-simple to 0.12.14
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-01-21 00:09:56 +00:00
Renovate Bot
320d65e8ff Merge pull request 'Update Rust crate chrono to 0.4.43' (#460) from renovate/chrono-0.x into master
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-01-16 00:23:32 +00:00
Renovate Bot
1e61b20249 Update Rust crate chrono to 0.4.43
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
2026-01-15 00:26:45 +00:00
Renovate Bot
630a5271cd Merge pull request 'Update Rust crate rkyv to 0.8.14' (#459) from renovate/rkyv-0.x into master
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-01-15 00:26:33 +00:00
Renovate Bot
588a06ccbb Update Rust crate rkyv to 0.8.14
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
2026-01-14 00:24:16 +00:00
Renovate Bot
ab1fa624b0 Merge pull request 'Update Rust crate bcrypt to 0.18.0' (#458) from renovate/bcrypt-0.x into master
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-01-13 00:23:17 +00:00
Renovate Bot
c8f7db0bee Update Rust crate bcrypt to 0.18.0
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
2026-01-12 00:24:15 +00:00
Renovate Bot
294c6a5d3b Merge pull request 'Update Rust crate lazy-regex to 3.5.1' (#457) from renovate/lazy-regex-3.x into master
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-01-10 00:23:20 +00:00
Renovate Bot
4b02e84047 Update Rust crate lazy-regex to 3.5.1
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
2026-01-09 00:19:54 +00:00
Renovate Bot
e646798996 Merge pull request 'Update Rust crate url to 2.5.8' (#456) from renovate/url-2.x into master
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-01-09 00:19:13 +00:00
Renovate Bot
029bb1140f Update Rust crate url to 2.5.8
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
2026-01-08 00:20:10 +00:00
Renovate Bot
d4924efa67 Merge pull request 'Update Rust crate serde_json to 1.0.149' (#455) from renovate/serde_json-1.x into master
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-01-08 00:19:14 +00:00
Renovate Bot
20f7e4e706 Update Rust crate serde_json to 1.0.149
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
2026-01-07 00:19:39 +00:00
Renovate Bot
4fb7b98d8a Merge pull request 'Update Rust crate rkyv to 0.8.13' (#454) from renovate/rkyv-0.x into master
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-01-07 00:19:09 +00:00
Renovate Bot
e9e9dc2a41 Update Rust crate rkyv to 0.8.13
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
2026-01-06 00:20:00 +00:00
Renovate Bot
62f91a4f34 Merge pull request 'Update Rust crate clap to 4.5.54' (#453) from renovate/clap-4.x into master
All checks were successful
continuous-integration/drone/push Build is passing
Details
2026-01-06 00:19:17 +00:00
Renovate Bot
6191eb1682 Update Rust crate clap to 4.5.54
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
2026-01-05 00:19:36 +00:00
Pierre HUBERT
2a0b20ad00 Update light-openid to version 1.1.0
All checks were successful
continuous-integration/drone/push Build is passing
Details
2025-12-29 16:53:44 +01:00
Renovate Bot
a07c58955e Merge pull request 'Update Rust crate digest to 0.11.0-rc.5' (#450) from renovate/digest-0.x into master
Some checks failed
continuous-integration/drone/push Build is failing
Details
2025-12-29 00:27:39 +00:00
Renovate Bot
adc9b6bee6 Update Rust crate digest to 0.11.0-rc.5
Some checks failed
continuous-integration/drone/push Build is failing
Details
continuous-integration/drone/pr Build is failing
Details
2025-12-28 00:27:15 +00:00
Renovate Bot
487c2febb7 Merge pull request 'Update Rust crate serde_json to 1.0.147' (#449) from renovate/serde_json-1.x into master
Some checks failed
continuous-integration/drone/push Build is failing
Details
2025-12-27 00:27:22 +00:00
Renovate Bot
3856529abc Update Rust crate serde_json to 1.0.147
Some checks failed
continuous-integration/drone/push Build is failing
Details
continuous-integration/drone/pr Build is failing
Details
2025-12-25 00:27:44 +00:00
Renovate Bot
3aaaffd1a8 Merge pull request 'Update Rust crate askama to 0.15.0' (#448) from renovate/askama-0.x into master
Some checks failed
continuous-integration/drone/push Build is failing
Details
2025-12-24 00:27:22 +00:00
Renovate Bot
7564702bd5 Update Rust crate askama to 0.15.0
Some checks failed
continuous-integration/drone/push Build is failing
Details
continuous-integration/drone/pr Build is failing
Details
2025-12-23 00:26:53 +00:00
Renovate Bot
98c63056e6 Merge pull request 'Update Rust crate bincode to v3' (#447) from renovate/bincode-3.x into master
Some checks failed
continuous-integration/drone/push Build is failing
Details
2025-12-17 00:27:51 +00:00
Renovate Bot
f490d314e5 Update Rust crate bincode to v3
Some checks failed
renovate/artifacts Artifact file update failure
continuous-integration/drone/pr Build is failing
Details
continuous-integration/drone/push Build is failing
Details
2025-12-17 00:27:46 +00:00
Renovate Bot
6efd6a5abd Merge pull request 'Update Rust crate webauthn-rs to 0.5.4' (#446) from renovate/webauthn-rs-0.x into master
All checks were successful
continuous-integration/drone/push Build is passing
Details
2025-12-12 00:27:34 +00:00
Renovate Bot
cc79501f5a Update Rust crate webauthn-rs to 0.5.4
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
2025-12-11 00:28:09 +00:00
Pierre HUBERT
9535ab754a Hide real build time of application
All checks were successful
continuous-integration/drone/push Build is passing
Details
2025-12-05 10:10:00 +01:00
Pierre HUBERT
b72fa90b67 Fix Hex encoding of assets file digests
All checks were successful
continuous-integration/drone/push Build is passing
Details
2025-12-04 19:21:18 +01:00
6 changed files with 374 additions and 217 deletions
Expand all files Collapse all files

522
Cargo.lock generated
View File

File diff suppressed because it is too large Load Diff

28
Cargo.toml
View File

@@ -11,33 +11,35 @@ actix-identity = "0.9.0"
actix-web = "4.12.1" actix-web = "4.12.1"
actix-session = { version = "0.11.0", features = ["cookie-session", "redis-session"] } actix-session = { version = "0.11.0", features = ["cookie-session", "redis-session"] }
actix-remote-ip = "0.1.0" actix-remote-ip = "0.1.0"
clap = { version = "4.5.53", features = ["derive", "env"] } clap = { version = "4.5.54", features = ["derive", "env"] }
include_dir = "0.7.4" include_dir = "0.7.4"
log = "0.4.29" log = "0.4.29"
serde_json = "1.0.145" serde_json = "1.0.149"
serde_yaml = "0.9.34" serde_yaml = "0.9.34"
env_logger = "0.11.8" env_logger = "0.11.8"
serde = { version = "1.0.228", features = ["derive"] } serde = { version = "1.0.228", features = ["derive"] }
bcrypt = "0.17.1" bcrypt = "0.18.0"
uuid = { version = "1.19.0", features = ["v4"] } uuid = { version = "1.19.0", features = ["v4"] }
mime_guess = "2.0.5" mime_guess = "2.0.5"
askama = "0.14.0" askama = "0.15.1"
urlencoding = "2.1.3" urlencoding = "2.1.3"
rand = "0.10.0-rc.5" rand = "0.9.0"
base64 = "0.22.1" base64 = "0.22.1"
jwt-simple = { version = "0.12.13", default-features = false, features = ["pure-rust"] } jwt-simple = { version = "0.12.14", default-features = false, features = ["pure-rust"] }
digest = "0.11.0-rc.4" digest = "0.11.0-rc.5"
sha2 = "0.11.0-rc.3" sha2 = "0.11.0-rc.3"
lazy-regex = "3.4.2" lazy-regex = "3.5.1"
totp_rfc6238 = "0.6.1" totp_rfc6238 = "0.6.1"
base32 = "0.5.1" base32 = "0.5.1"
qrcode-generator = "5.0.0" qrcode-generator = "5.0.0"
webauthn-rs = { version = "0.5.3", features = ["danger-allow-state-serialisation"] } webauthn-rs = { version = "0.5.4", features = ["danger-allow-state-serialisation"] }
url = "2.5.7" url = "2.5.8"
light-openid = { version = "1.0.4", features = ["crypto-wrapper"] } light-openid = { version = "1.1.0", features = ["crypto-wrapper"] }
bincode = "2.0.1" rkyv = "0.8.14"
chrono = "0.4.42" chrono = "0.4.43"
lazy_static = "1.5.0" lazy_static = "1.5.0"
mailchecker = "6.0.19" mailchecker = "6.0.19"
httpdate = "1.0.3" httpdate = "1.0.3"
build-time = "0.1.3" build-time = "0.1.3"
hex = "0.4.3"
anyhow = "1.0.100"

11
src/controllers/assets_controller.rs
View File

@@ -3,6 +3,7 @@ use crate::utils::time_utils;
use actix_web::http::header; use actix_web::http::header;
use actix_web::{HttpRequest, HttpResponse, web}; use actix_web::{HttpRequest, HttpResponse, web};
use include_dir::{Dir, include_dir}; use include_dir::{Dir, include_dir};
use std::cmp::max;
use std::ops::Add; use std::ops::Add;
use std::path::Path; use std::path::Path;
use std::time::Duration; use std::time::Duration;
@@ -22,14 +23,15 @@ pub async fn assets_route(req: HttpRequest, path: web::Path<String>) -> HttpResp
None => HttpResponse::NotFound().body("404 Not found"), None => HttpResponse::NotFound().body("404 Not found"),
Some(file) => { Some(file) => {
let res = mime_guess::from_path(path).first_or_octet_stream(); let res = mime_guess::from_path(path).first_or_octet_stream();
let digest = format!("{:x?}", sha256(file.contents())); let digest = hex::encode(sha256(file.contents()));
let file_time = max(time_utils::time_start_of_day(), time_utils::build_time());
// Check if the browser already knows the file by date // Check if the browser already knows the file by date
if let Some(c) = req.headers().get(header::IF_MODIFIED_SINCE) { if let Some(c) = req.headers().get(header::IF_MODIFIED_SINCE) {
let date_str = c.to_str().unwrap_or(""); let date_str = c.to_str().unwrap_or("");
if let Ok(date) = httpdate::parse_http_date(date_str) if let Ok(date) = httpdate::parse_http_date(date_str)
&& date.add(Duration::from_secs(1)) && date.add(Duration::from_secs(1))
>= time_utils::unix_to_system_time(time_utils::build_time()) >= time_utils::unix_to_system_time(file_time)
{ {
return HttpResponse::NotModified().finish(); return HttpResponse::NotModified().finish();
} }
@@ -45,10 +47,7 @@ pub async fn assets_route(req: HttpRequest, path: web::Path<String>) -> HttpResp
HttpResponse::Ok() HttpResponse::Ok()
.content_type(res.to_string()) .content_type(res.to_string())
.insert_header(("etag", digest)) .insert_header(("etag", digest))
.insert_header(( .insert_header(("last-modified", time_utils::unix_to_http_date(file_time)))
"last-modified",
time_utils::unix_to_http_date(time_utils::build_time()),
))
.body(file.contents()) .body(file.contents())
} }
} }

13
src/data/user.rs
View File

@@ -1,4 +1,3 @@
use bincode::{Decode, Encode};
use std::collections::HashMap; use std::collections::HashMap;
use std::net::IpAddr; use std::net::IpAddr;
@@ -11,7 +10,17 @@ use crate::data::totp_key::TotpKey;
use crate::data::webauthn_manager::WebauthnPubKey; use crate::data::webauthn_manager::WebauthnPubKey;
use crate::utils::time_utils::{fmt_time, time}; use crate::utils::time_utils::{fmt_time, time};
#[derive(Clone, Debug, Eq, PartialEq, serde::Serialize, serde::Deserialize, Encode, Decode)] #[derive(
Clone,
Debug,
Eq,
PartialEq,
serde::Serialize,
serde::Deserialize,
rkyv::Archive,
rkyv::Serialize,
rkyv::Deserialize,
)]
pub struct UserID(pub String); pub struct UserID(pub String);
impl UserID { impl UserID {

7
src/data/webauthn_manager.rs
View File

@@ -1,7 +1,6 @@
use std::sync::Arc; use std::sync::Arc;
use actix_web::web; use actix_web::web;
use bincode::{Decode, Encode};
use light_openid::crypto_wrapper::CryptoWrapper; use light_openid::crypto_wrapper::CryptoWrapper;
use uuid::Uuid; use uuid::Uuid;
use webauthn_rs::prelude::{ use webauthn_rs::prelude::{
@@ -28,7 +27,9 @@ pub struct RegisterKeyRequest {
pub creation_challenge: CreationChallengeResponse, pub creation_challenge: CreationChallengeResponse,
} }
#[derive(Debug, serde::Serialize, serde::Deserialize, Encode, Decode)] #[derive(
Debug, serde::Serialize, serde::Deserialize, rkyv::Archive, rkyv::Serialize, rkyv::Deserialize,
)]
struct RegisterKeyOpaqueData { struct RegisterKeyOpaqueData {
registration_state: String, registration_state: String,
user_id: UserID, user_id: UserID,
@@ -40,7 +41,7 @@ pub struct AuthRequest {
pub login_challenge: RequestChallengeResponse, pub login_challenge: RequestChallengeResponse,
} }
#[derive(Debug, Encode, Decode)] #[derive(Debug, rkyv::Archive, rkyv::Serialize, rkyv::Deserialize)]
struct AuthStateOpaqueData { struct AuthStateOpaqueData {
authentication_state: String, authentication_state: String,
user_id: UserID, user_id: UserID,

10
src/utils/time_utils.rs
View File

@@ -1,4 +1,4 @@
use chrono::DateTime; use chrono::{DateTime, Local, NaiveTime};
use std::time::{Duration, SystemTime, UNIX_EPOCH}; use std::time::{Duration, SystemTime, UNIX_EPOCH};
/// Get the current time since epoch /// Get the current time since epoch
@@ -37,6 +37,14 @@ pub fn build_time() -> u64 {
date.timestamp() as u64 date.timestamp() as u64
} }
/// Get the first second of the day (local time)
pub fn time_start_of_day() -> u64 {
let local: DateTime<Local> = Local::now()
.with_time(NaiveTime::from_hms_opt(0, 0, 0).unwrap())
.unwrap();
local.timestamp() as u64
}
#[cfg(test)] #[cfg(test)]
mod test { mod test {
use crate::utils::time_utils::{fmt_time, time}; use crate::utils::time_utils::{fmt_time, time};