biscuit_auth/token/builder/
scope.rs

1/*
2 * Copyright (c) 2019 Geoffroy Couprie <contact@geoffroycouprie.com> and Contributors to the Eclipse Foundation.
3 * SPDX-License-Identifier: Apache-2.0
4 */
5use std::fmt;
6
7use crate::{datalog::SymbolTable, error, PublicKey};
8
9use super::Convert;
10
11/// Builder for a block or rule scope
12#[derive(Clone, Debug, Hash, PartialEq, Eq)]
13pub enum Scope {
14    /// Trusts the first block, current block and the authorizer
15    Authority,
16    /// Trusts the current block and all previous ones
17    Previous,
18    /// Trusts the current block and any block signed by the public key
19    PublicKey(PublicKey),
20    /// Used for parameter substitution
21    Parameter(String),
22}
23
24impl Convert<crate::token::Scope> for Scope {
25    fn convert(&self, symbols: &mut SymbolTable) -> crate::token::Scope {
26        match self {
27            Scope::Authority => crate::token::Scope::Authority,
28            Scope::Previous => crate::token::Scope::Previous,
29            Scope::PublicKey(key) => {
30                crate::token::Scope::PublicKey(symbols.public_keys.insert(key))
31            }
32            // The error is caught in the `add_xxx` functions, so this should
33            // not happen™
34            Scope::Parameter(s) => panic!("Remaining parameter {}", &s),
35        }
36    }
37
38    fn convert_from(
39        scope: &crate::token::Scope,
40        symbols: &SymbolTable,
41    ) -> Result<Self, error::Format> {
42        Ok(match scope {
43            crate::token::Scope::Authority => Scope::Authority,
44            crate::token::Scope::Previous => Scope::Previous,
45            crate::token::Scope::PublicKey(key_id) => Scope::PublicKey(
46                *symbols
47                    .public_keys
48                    .get_key(*key_id)
49                    .ok_or(error::Format::UnknownExternalKey)?,
50            ),
51        })
52    }
53}
54
55impl fmt::Display for Scope {
56    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
57        match self {
58            Scope::Authority => write!(f, "authority"),
59            Scope::Previous => write!(f, "previous"),
60            Scope::PublicKey(pk) => pk.write(f),
61            Scope::Parameter(s) => {
62                write!(f, "{{{}}}", s)
63            }
64        }
65    }
66}
67
68impl From<biscuit_parser::builder::Scope> for Scope {
69    fn from(scope: biscuit_parser::builder::Scope) -> Self {
70        match scope {
71            biscuit_parser::builder::Scope::Authority => Scope::Authority,
72            biscuit_parser::builder::Scope::Previous => Scope::Previous,
73            biscuit_parser::builder::Scope::PublicKey(pk) => Scope::PublicKey(
74                PublicKey::from_bytes(&pk.key, pk.algorithm.into()).expect("invalid public key"),
75            ),
76            biscuit_parser::builder::Scope::Parameter(s) => Scope::Parameter(s),
77        }
78    }
79}
biscuit_auth/token/builder/scope.rs

biscuit_auth/token/builder/
scope.rs
