Skip to main content

cloudiful_redactor/session/
inspect.rs

1use anyhow::Result;
2
3use crate::types::SessionSummary;
4
5use super::crypto::decrypt_session_from_str;
6
7pub fn inspect_encrypted_session(data: &str, passphrase: &str) -> Result<SessionSummary> {
8    let session = decrypt_session_from_str(data, passphrase)?;
9    Ok(SessionSummary::from(&session))
10}
11
12#[cfg(test)]
13mod tests {
14    use super::inspect_encrypted_session;
15    use crate::{RedactorBuilder, encrypt_session_to_string};
16
17    #[test]
18    fn inspect_uses_authenticated_session_not_outer_metadata() {
19        let session = RedactorBuilder::new()
20            .build()
21            .redact_with_session("alice@example.com")
22            .expect("session");
23        let encrypted = encrypt_session_to_string(&session, "inspect-passphrase").expect("encrypt");
24        let mut envelope: serde_json::Value = serde_json::from_str(&encrypted).expect("json");
25        envelope["session_id"] = serde_json::Value::String("forged".to_string());
26        let summary = inspect_encrypted_session(&envelope.to_string(), "inspect-passphrase")
27            .expect("inspect");
28        assert_eq!(summary.session_id, session.session_id);
29    }
30
31    #[test]
32    fn inspect_rejects_wrong_passphrase() {
33        let session = RedactorBuilder::new()
34            .build()
35            .redact_with_session("alice@example.com")
36            .expect("session");
37        let encrypted = encrypt_session_to_string(&session, "inspect-passphrase").expect("encrypt");
38        assert!(inspect_encrypted_session(&encrypted, "wrong-passphrase").is_err());
39    }
40}