mycelium-http-tools 8.3.1-beta.4

Provide HTTP related elements to the mycelium project.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107

use crate::{
    dtos::claims::Claims, models::internal_auth_config::InternalOauthConfig,
    settings::MYCELIUM_PROVIDER_KEY, utils::HttpJsonResponse,
};

use actix_web::HttpResponse;
use chrono::{Duration, Utc};
use jsonwebtoken::{encode, Algorithm, EncodingKey, Header};
use myc_core::{domain::dtos::user::User, models::AccountLifeCycle};
use tracing::error;

/// Encode a user into a JWT token
pub async fn encode_jwt(
    user: User,
    auth_config: InternalOauthConfig,
    core_config: AccountLifeCycle,
    is_temporary: bool,
) -> Result<(String, Duration), HttpResponse> {
    let expires_in = match match is_temporary {
        true => auth_config.tmp_expires_in,
        false => auth_config.jwt_expires_in,
    }
    .async_get_or_error()
    .await
    {
        Ok(exp) => exp,
        Err(err) => {
            error!("Could not get token expiration: {err}");

            return Err(HttpResponse::InternalServerError().json(
                HttpJsonResponse::new_message(
                    "Could not get token expiration.".to_string(),
                ),
            ));
        }
    };

    let duration = chrono::Duration::seconds(expires_in);

    let expiration = match Utc::now().checked_add_signed(duration) {
        Some(exp) => exp.timestamp(),
        None => {
            return Err(HttpResponse::InternalServerError().json(
                HttpJsonResponse::new_message(
                    "Could not calculate token expiration.".to_string(),
                ),
            ));
        }
    };

    let claims = Claims {
        iat: Utc::now().timestamp(),
        sub: match user.id.to_owned() {
            Some(id) => id.to_string(),
            None => "".to_string(),
        },
        email: user.email.email(),
        exp: expiration,
        iss: MYCELIUM_PROVIDER_KEY.to_string(),
        aud: core_config
            .domain_url
            .ok_or(core_config.domain_name)
            .map_err(|err| {
                error!("Could not get domain URL: {err:?}");

                HttpResponse::InternalServerError().json(
                    HttpJsonResponse::new_message(
                        "Unexpected error on build JWT claims".to_string(),
                    ),
                )
            })?
            .async_get_or_error()
            .await
            .map_err(|err| {
                error!("Could not get domain URL: {err:?}");

                HttpResponse::InternalServerError().json(
                    HttpJsonResponse::new_message(
                        "Unexpected error on build JWT claims".to_string(),
                    ),
                )
            })?,
    };

    let header = Header::new(Algorithm::HS512);

    let secret = match auth_config.jwt_secret.async_get_or_error().await {
        Ok(key) => key,
        Err(_) => {
            return Err(HttpResponse::InternalServerError().json(
                HttpJsonResponse::new_message(
                    "Could not get token secret key.".to_string(),
                ),
            ));
        }
    };

    match encode(
        &header,
        &claims,
        &EncodingKey::from_secret(secret.as_bytes()),
    ) {
        Ok(token) => Ok((token, duration)),
        Err(err) => Err(HttpResponse::InternalServerError()
            .json(HttpJsonResponse::new_message(err.to_string()))),
    }
}