Remove "None" variant for JWT public key

virtweb_backend/src/api_tokens.rs

@@ -76,8 +76,8 @@ pub struct Token {
     pub description: String,
     created: u64,
     updated: u64,
-    #[serde(skip_serializing_if = "TokenPubKey::is_invalid")]
+    #[serde(skip_serializing_if = "Option::is_none")]
-    pub pub_key: TokenPubKey,
+    pub pub_key: Option<TokenPubKey>,
     pub rights: TokenRights,
     pub last_used: u64,
     pub ip_restriction: Option<ipnetwork::IpNetwork>,
@@ -205,7 +205,7 @@ pub async fn create(t: &NewToken) -> anyhow::Result<(Token, TokenPrivKey)> {
         id: TokenID(uuid::Uuid::new_v4()),
         created: time(),
         updated: time(),
-        pub_key,
+        pub_key: Some(pub_key),
         rights: t.rights.clone(),
         last_used: time(),
         ip_restriction: t.ip_restriction,

virtweb_backend/src/controllers/api_tokens_controller.rs

@@ -10,7 +10,6 @@ use actix_web::{web, HttpResponse};
 /// Create a special module for REST token to enforce usage of constructor function
 mod rest_token {
     use crate::api_tokens::Token;
-    use crate::utils::jwt_utils::TokenPubKey;
 
     #[derive(serde::Serialize)]
     pub struct RestToken {
@@ -20,7 +19,7 @@ mod rest_token {
 
     impl RestToken {
         pub fn new(mut token: Token) -> Self {
-            token.pub_key = TokenPubKey::None;
+            token.pub_key = None;
             Self { token }
         }
     }

virtweb_backend/src/extractors/api_auth_extractor.rs

@@ -72,7 +72,13 @@ impl FromRequest for ApiAuthExtractor {
                 return Err(ErrorBadRequest("Unable to validate token!"));
             }
 
-            let claims = match jwt_utils::validate_jwt::<TokenClaims>(&token.pub_key, &token_jwt) {
+            let claims = match jwt_utils::validate_jwt::<TokenClaims>(
+                &token
+                    .pub_key
+                    .clone()
+                    .expect("All tokens shall have public key!"),
+                &token_jwt,
+            ) {
                 Ok(c) => c,
                 Err(e) => {
                     log::error!("Failed to validate JWT: {e}");

virtweb_backend/src/utils/jwt_utils.rs

@@ -9,21 +9,10 @@ use serde::Serialize;
 #[derive(serde::Serialize, serde::Deserialize, Clone, Debug, Eq, PartialEq)]
 #[serde(tag = "alg")]
 pub enum TokenPubKey {
-    /// This variant DOES make crash the program. It MUST NOT used to validate JWT.
-    ///
-    /// It is a hack to hide public key when getting the list of tokens
-    None,
-
     /// ECDSA with SHA2-384 variant
     ES384 { r#pub: String },
 }
 
-impl TokenPubKey {
-    pub fn is_invalid(&self) -> bool {
-        self == &TokenPubKey::None
-    }
-}
-
 #[derive(serde::Serialize, serde::Deserialize, Clone, Debug)]
 #[serde(tag = "alg")]
 pub enum TokenPrivKey {
@@ -71,9 +60,6 @@ pub fn validate_jwt<E: DeserializeOwned>(key: &TokenPubKey, token: &str) -> anyh
             let validation = Validation::new(Algorithm::ES384);
             Ok(jsonwebtoken::decode::<E>(token, &decoding_key, &validation)?.claims)
         }
-        TokenPubKey::None => {
-            panic!("A public key is required!")
-        }
     }
 }