cts-common 0.4.1

Common types and traits used across the CipherStash ecosystem
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125

use crate::{Region, RegionError};
use regex::Regex;
use std::sync::LazyLock;
use url::Url;

/// Regex to extract the region from a host FQDN or a URL.
static REGION_HOST_REGEX: LazyLock<Regex> = LazyLock::new(|| {
    Regex::new(r"^(?:https://){0,1}([^\.]+)\.([^\.]+)\.viturhosted\.net/?$").expect("Invalid regex")
});

/// Domain name for the service discovery.
static DOMAIN_NAME: &str = "viturhosted.net";

/// Simple service discover trait that defines the name of the service and the endpoint for a given region.
pub trait ServiceDiscovery {
    fn name(&self) -> &'static str;
    fn fqdn(region: Region) -> String;
    fn endpoint(region: Region) -> Result<Url, RegionError>;
}

/// ZeroKms service.
pub struct ZeroKmsServiceDiscovery;

impl ServiceDiscovery for ZeroKmsServiceDiscovery {
    fn name(&self) -> &'static str {
        "zerokms"
    }

    /// Returns the FQDN for the service in the given region.
    /// The FQDN is in the format `<region>.<provider>.viturhosted.net`.
    fn fqdn(region: Region) -> String {
        format!("{}.viturhosted.net", region.identifier())
    }

    /// Returns the URL for the service in the given region.
    /// The URL is in the format `https://<region>.<provider>.viturhosted.net/`.
    fn endpoint(region: Region) -> Result<Url, RegionError> {
        Url::parse(&format!("https://{}.{DOMAIN_NAME}/", region.identifier())).map_err(|e| {
            RegionError::InvalidRegion(format!(
                "Invalid service URL for ZeroKMS in region {}: {}",
                region.identifier(),
                e
            ))
        })
    }
}

impl ZeroKmsServiceDiscovery {
    /// Attempt to extract the region from a host FQDN or URL.
    /// The FQDN must be in the format `<region>.<provider>.viturhosted.net`.
    /// The URL must be in the format `https://<region>.<provider>.viturhosted.net/`.
    pub fn region_from_host_fqdn(host_fqdn: &str) -> Result<Region, RegionError> {
        REGION_HOST_REGEX
            .captures(host_fqdn)
            .ok_or_else(|| RegionError::InvalidHostFqdn(host_fqdn.to_string()))
            .and_then(|caps| {
                let region = caps.get(1).unwrap().as_str().to_string();
                let provider = caps.get(2).unwrap().as_str().to_string();
                Region::new(&format!("{region}.{provider}"))
            })
    }
}

/// CTS service.
pub struct CtsServiceDiscovery;

impl ServiceDiscovery for CtsServiceDiscovery {
    fn name(&self) -> &'static str {
        "cts"
    }

    fn fqdn(region: Region) -> String {
        format!("{}.auth.{DOMAIN_NAME}", region.identifier())
    }

    fn endpoint(region: Region) -> Result<Url, RegionError> {
        if matches!(region, Region::Aws(crate::AwsRegion::ApSoutheast2)) {
            return Url::parse(&format!(
                "https://{}.auth.{DOMAIN_NAME}/",
                region.identifier()
            ))
            .map_err(|e| {
                RegionError::InvalidRegion(format!(
                    "Invalid service URL for ZeroKMS in region {}: {}",
                    region.identifier(),
                    e
                ))
            });
        }
        Err(RegionError::InvalidRegion(format!(
            "Region {} is not supported by the CTS service",
            region.identifier()
        )))
    }
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn test_region_from_host_fqdn() -> anyhow::Result<()> {
        let host_fqdn = "us-west-1.aws.viturhosted.net";
        let region = ZeroKmsServiceDiscovery::region_from_host_fqdn(host_fqdn)?;
        assert_eq!(region.identifier(), "us-west-1.aws");

        Ok(())
    }

    #[test]
    fn test_region_from_host_endpoint() -> anyhow::Result<()> {
        let host_fqdn = "https://us-west-1.aws.viturhosted.net";
        let region = ZeroKmsServiceDiscovery::region_from_host_fqdn(host_fqdn)?;
        assert_eq!(region.identifier(), "us-west-1.aws");
        Ok(())
    }

    #[test]
    fn test_region_from_host_endpoint_with_trailing_slash() -> anyhow::Result<()> {
        let host_fqdn = "https://us-west-1.aws.viturhosted.net/";
        let region = ZeroKmsServiceDiscovery::region_from_host_fqdn(host_fqdn)?;
        assert_eq!(region.identifier(), "us-west-1.aws");
        Ok(())
    }
}