From 865494572f64f2dd99608a594078254a55463a60 Mon Sep 17 00:00:00 2001 From: Pierre HUBERT Date: Sat, 20 Apr 2024 13:56:05 +0200 Subject: [PATCH] Upgrade `basic-jwt` to version 0.2.0 --- virtweb_backend/Cargo.lock | 4 ++-- virtweb_backend/Cargo.toml | 2 +- virtweb_backend/examples/api_curl.rs | 6 +++--- virtweb_backend/src/api_tokens.rs | 9 +++++---- .../src/controllers/api_tokens_controller.rs | 4 ++-- .../src/extractors/api_auth_extractor.rs | 13 ++++++------- 6 files changed, 19 insertions(+), 19 deletions(-) diff --git a/virtweb_backend/Cargo.lock b/virtweb_backend/Cargo.lock index 67934a7..fe77ff3 100644 --- a/virtweb_backend/Cargo.lock +++ b/virtweb_backend/Cargo.lock @@ -600,9 +600,9 @@ checksum = "8c3c1a368f70d6cf7302d78f8f7093da241fb8e8807c05cc9e51a125895a6d5b" [[package]] name = "basic-jwt" -version = "0.1.0" +version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "20108a39851e5d33abc309904eb8f65c9b7c08c1ef3f107dfbe455de75111699" +checksum = "741afb780192f091b1ceebdc794540a956f3eb96628939f83c5d15e0cb98fa71" dependencies = [ "anyhow", "elliptic-curve", diff --git a/virtweb_backend/Cargo.toml b/virtweb_backend/Cargo.toml index 5cc663f..45d34a7 100644 --- a/virtweb_backend/Cargo.toml +++ b/virtweb_backend/Cargo.toml @@ -45,4 +45,4 @@ rust-embed = { version = "8.3.0" } mime_guess = "2.0.4" dotenvy = "0.15.7" nix = { version = "0.28.0", features = ["net"] } -basic-jwt = "0.1.0" \ No newline at end of file +basic-jwt = "0.2.0" \ No newline at end of file diff --git a/virtweb_backend/examples/api_curl.rs b/virtweb_backend/examples/api_curl.rs index 0a5c3eb..c401f8d 100644 --- a/virtweb_backend/examples/api_curl.rs +++ b/virtweb_backend/examples/api_curl.rs @@ -1,4 +1,4 @@ -use basic_jwt::{sign_jwt, TokenPrivKey}; +use basic_jwt::JWTPrivateKey; use clap::Parser; use std::os::unix::prelude::CommandExt; use std::process::Command; @@ -41,7 +41,7 @@ fn main() { let full_url = format!("{}{}", args.virtweb_url, args.uri); log::debug!("Full URL: {full_url}"); - let key = TokenPrivKey::ES384 { + let key = JWTPrivateKey::ES384 { r#priv: args.token_key, }; let claims = TokenClaims { @@ -53,7 +53,7 @@ fn main() { nonce: uuid::Uuid::new_v4().to_string(), }; - let jwt = sign_jwt(&key, &claims).expect("Failed to sign JWT!"); + let jwt = key.sign_jwt(&claims).expect("Failed to sign JWT!"); Command::new("curl") .args(["-X", &args.verb]) diff --git a/virtweb_backend/src/api_tokens.rs b/virtweb_backend/src/api_tokens.rs index be9fa6c..1adaa76 100644 --- a/virtweb_backend/src/api_tokens.rs +++ b/virtweb_backend/src/api_tokens.rs @@ -4,7 +4,7 @@ use crate::app_config::AppConfig; use crate::constants; use crate::utils::time_utils::time; use actix_http::Method; -use basic_jwt::{TokenPrivKey, TokenPubKey}; +use basic_jwt::{JWTPrivateKey, JWTPublicKey}; use std::path::Path; use std::str::FromStr; @@ -76,7 +76,7 @@ pub struct Token { created: u64, updated: u64, #[serde(skip_serializing_if = "Option::is_none")] - pub pub_key: Option, + pub pub_key: Option, pub rights: TokenRights, pub last_used: u64, pub ip_restriction: Option, @@ -195,8 +195,9 @@ impl NewToken { } /// Create a new Token -pub async fn create(t: &NewToken) -> anyhow::Result<(Token, TokenPrivKey)> { - let (pub_key, priv_key) = basic_jwt::generate_ec384_keypair()?; +pub async fn create(t: &NewToken) -> anyhow::Result<(Token, JWTPrivateKey)> { + let priv_key = JWTPrivateKey::generate_ec384_signing_key()?; + let pub_key = priv_key.to_public_key()?; let token = Token { name: t.name.to_string(), diff --git a/virtweb_backend/src/controllers/api_tokens_controller.rs b/virtweb_backend/src/controllers/api_tokens_controller.rs index 39db79c..a1f2a88 100644 --- a/virtweb_backend/src/controllers/api_tokens_controller.rs +++ b/virtweb_backend/src/controllers/api_tokens_controller.rs @@ -5,7 +5,7 @@ use crate::api_tokens::{NewToken, TokenID, TokenRights}; use crate::controllers::api_tokens_controller::rest_token::RestToken; use crate::controllers::HttpResult; use actix_web::{web, HttpResponse}; -use basic_jwt::TokenPrivKey; +use basic_jwt::JWTPrivateKey; /// Create a special module for REST token to enforce usage of constructor function mod rest_token { @@ -28,7 +28,7 @@ mod rest_token { #[derive(serde::Serialize)] struct CreateTokenResult { token: RestToken, - priv_key: TokenPrivKey, + priv_key: JWTPrivateKey, } /// Create a new API token diff --git a/virtweb_backend/src/extractors/api_auth_extractor.rs b/virtweb_backend/src/extractors/api_auth_extractor.rs index 0a5aaea..a86def9 100644 --- a/virtweb_backend/src/extractors/api_auth_extractor.rs +++ b/virtweb_backend/src/extractors/api_auth_extractor.rs @@ -71,13 +71,12 @@ impl FromRequest for ApiAuthExtractor { return Err(ErrorBadRequest("Unable to validate token!")); } - let claims = match basic_jwt::validate_jwt::( - &token - .pub_key - .clone() - .expect("All tokens shall have public key!"), - &token_jwt, - ) { + let claims = match token + .pub_key + .as_ref() + .expect("All tokens shall have public key!") + .validate_jwt::(&token_jwt) + { Ok(c) => c, Err(e) => { log::error!("Failed to validate JWT: {e}");