actix-web-httpauth 0.0.1

HTTP authorization schemes for actix-web
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120

use base64;
use actix_web::{HttpRequest, HttpMessage, FromRequest};

use errors::AuthError;

/// Extractor for `Authorization: Basic {payload}` HTTP request header.
///
/// If header is not present, HTTP 401 will be returned.
///
/// # Example
///
/// use actix_web_httpauth::BasicAuth;
///
/// pub fn handler(auth: BasicAuth) -> String {
///     format!("Hello, {}", auth.username)
/// }
#[derive(Debug, PartialEq)]
pub struct BasicAuth {
    pub username: String,
    pub password: String,
}


impl<S> FromRequest<S> for BasicAuth {
    type Config = ();
    type Result = Result<Self, AuthError>;

    fn from_request(req: &HttpRequest<S>, _cfg: &<Self as FromRequest<S>>::Config) -> <Self as FromRequest<S>>::Result {
        let header = req.headers().get("Authorization")
            .ok_or(AuthError::HeaderMissing)?
            .to_str()?;
        let mut parts = header.splitn(2, ' ');

        // Authorization mechanism
        match parts.next() {
            None => return Err(AuthError::InvalidMechanism),
            Some(mechanism) if mechanism != "Basic" => return Err(AuthError::InvalidMechanism),
            _ => ()
        }

        // Authorization payload
        let payload = parts.next().ok_or(AuthError::HeaderMalformed)?;
        let payload = base64::decode(payload)?;
        let payload = String::from_utf8(payload)?;
        let mut parts = payload.splitn(2, ':');
        let user = parts.next().ok_or(AuthError::HeaderMalformed)?;
        let password = parts.next().ok_or(AuthError::HeaderMalformed)?;

        Ok(BasicAuth{
            username: user.to_string(),
            password: password.to_string(),
        })
    }
}

#[cfg(test)]
mod tests {
    use base64;
    use actix_web::FromRequest;
    use actix_web::test::TestRequest;

    use super::{BasicAuth, AuthError};

    #[test]
    fn test_valid_auth() {
        let value = format!("Basic {}", base64::encode("user:pass"));
        let req = TestRequest::with_header("Authorization", value).finish();
        let auth = BasicAuth::extract(&req);

        assert!(auth.is_ok());
        let auth = auth.unwrap();
        assert_eq!(auth.username, "user".to_string());
        assert_eq!(auth.password, "pass".to_string());
    }

    #[test]
    fn test_missing_header() {
        let req = TestRequest::default().finish();
        let auth = BasicAuth::extract(&req);

        assert!(auth.is_err());
        let err = auth.err().unwrap();
        assert_eq!(err, AuthError::HeaderMissing);
    }

    #[test]
    fn test_invalid_mechanism() {
        let value = format!("Digest {}", base64::encode("user:pass"));
        let req = TestRequest::with_header("Authorization", value).finish();
        let auth = BasicAuth::extract(&req);

        assert!(auth.is_err());
        let err = auth.err().unwrap();
        assert_eq!(err, AuthError::InvalidMechanism);
    }

    #[test]
    fn test_invalid_format() {
        let value = format!("Basic {}", base64::encode("user"));
        let req = TestRequest::with_header("Authorization", value).finish();
        let auth = BasicAuth::extract(&req);

        assert!(auth.is_err());
        let err = auth.err().unwrap();
        assert_eq!(err, AuthError::HeaderMalformed);
    }

    #[test]
    fn test_user_without_password() {
        let value = format!("Basic {}", base64::encode("user:"));
        let req = TestRequest::with_header("Authorization", value).finish();
        let auth = BasicAuth::extract(&req);

        assert!(auth.is_ok());
        assert_eq!(auth.unwrap(), BasicAuth {
            username: "user".to_string(),
            password: "".to_string(),
        })
    }
}