1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
use base64;
use actix_web::{HttpRequest, HttpMessage, FromRequest};
use errors::AuthError;
#[derive(Debug, PartialEq)]
pub struct BasicAuth {
pub username: String,
pub password: String,
}
impl<S> FromRequest<S> for BasicAuth {
type Config = ();
type Result = Result<Self, AuthError>;
fn from_request(req: &HttpRequest<S>, _cfg: &<Self as FromRequest<S>>::Config) -> <Self as FromRequest<S>>::Result {
let header = req.headers().get("Authorization")
.ok_or(AuthError::HeaderMissing)?
.to_str()?;
let mut parts = header.splitn(2, ' ');
match parts.next() {
None => return Err(AuthError::InvalidMechanism),
Some(mechanism) if mechanism != "Basic" => return Err(AuthError::InvalidMechanism),
_ => ()
}
let payload = parts.next().ok_or(AuthError::HeaderMalformed)?;
let payload = base64::decode(payload)?;
let payload = String::from_utf8(payload)?;
let mut parts = payload.splitn(2, ':');
let user = parts.next().ok_or(AuthError::HeaderMalformed)?;
let password = parts.next().ok_or(AuthError::HeaderMalformed)?;
Ok(BasicAuth{
username: user.to_string(),
password: password.to_string(),
})
}
}
#[cfg(test)]
mod tests {
use base64;
use actix_web::FromRequest;
use actix_web::test::TestRequest;
use super::{BasicAuth, AuthError};
#[test]
fn test_valid_auth() {
let value = format!("Basic {}", base64::encode("user:pass"));
let req = TestRequest::with_header("Authorization", value).finish();
let auth = BasicAuth::extract(&req);
assert!(auth.is_ok());
let auth = auth.unwrap();
assert_eq!(auth.username, "user".to_string());
assert_eq!(auth.password, "pass".to_string());
}
#[test]
fn test_missing_header() {
let req = TestRequest::default().finish();
let auth = BasicAuth::extract(&req);
assert!(auth.is_err());
let err = auth.err().unwrap();
assert_eq!(err, AuthError::HeaderMissing);
}
#[test]
fn test_invalid_mechanism() {
let value = format!("Digest {}", base64::encode("user:pass"));
let req = TestRequest::with_header("Authorization", value).finish();
let auth = BasicAuth::extract(&req);
assert!(auth.is_err());
let err = auth.err().unwrap();
assert_eq!(err, AuthError::InvalidMechanism);
}
#[test]
fn test_invalid_format() {
let value = format!("Basic {}", base64::encode("user"));
let req = TestRequest::with_header("Authorization", value).finish();
let auth = BasicAuth::extract(&req);
assert!(auth.is_err());
let err = auth.err().unwrap();
assert_eq!(err, AuthError::HeaderMalformed);
}
#[test]
fn test_user_without_password() {
let value = format!("Basic {}", base64::encode("user:"));
let req = TestRequest::with_header("Authorization", value).finish();
let auth = BasicAuth::extract(&req);
assert!(auth.is_ok());
assert_eq!(auth.unwrap(), BasicAuth {
username: "user".to_string(),
password: "".to_string(),
})
}
}