neocrates 0.1.45

A comprehensive Rust library for various utilities and helpers
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191

use std::sync::Arc;

use crate::{
    awssts::aliyun::StsClient,
    rediscache::RedisPool,
    response::error::{AppError, AppResult},
};

pub const CACHE_ALIYUN_STS: &str = ":aliyun_sts:";
pub const CACHE_COS_STS: &str = ":cos_sts:";

#[derive(Debug, serde::Serialize, serde::Deserialize)]
#[serde(rename_all = "camelCase")]
pub struct AwsStsVo {
    pub access_key_id: String,
    pub access_key_secret: String,
    pub security_token: String,
    pub expiration: String,
    pub endpoint: String,
    pub region: String,
    pub bucket: String,
}
#[derive(Debug, Clone)]
pub struct AwsConfig {
    pub cos_type: String,

    pub aliyun_accesskey_id: String,
    pub aliyun_accesskey_secret: String,
    pub aliyun_role_arn: String,
    pub aliyun_expiration: u32,
    pub aliyun_role_session_name: String,
    pub aliyun_endpoint: String,
    pub aliyun_region_id: String,
    pub aliyun_bucket: String,

    pub rustfs_accesskey_id: String,
    pub rustfs_accesskey_secret: String,
    pub rustfs_endpoint: String,
    pub rustfs_region_id: String,
    pub rustfs_bucket: String,
    pub rustfs_expiration: u32,

    pub minio_accesskey_id: String,
    pub minio_accesskey_secret: String,
    pub minio_endpoint: String,
    pub minio_region_id: String,
    pub minio_bucket: String,
    pub minio_expiration: u32,
}

pub struct CosService;

impl CosService {
    /// Get COS STS credentials based on the configured COS type
    ///
    /// # Arguments
    /// * `config` - Reference to the environment configuration
    /// * `redis_pool` - Reference to the Redis connection pool
    /// * `uid` - User ID for whom the STS credentials are requested
    ///
    /// # Returns
    /// * `AppResult<AwsStsVo>` - Result containing the STS credentials or an error
    ///
    pub async fn get_cos_sts(
        config: &Arc<AwsConfig>,
        redis_pool: &Arc<RedisPool>,
        uid: i64,
    ) -> AppResult<AwsStsVo> {
        let cos_type = config.cos_type.as_str();
        match cos_type {
            "aliyun" => CosService::get_aliyun_sts(config, redis_pool, uid).await,
            "rustfs" => CosService::get_rustfs_sts(config, redis_pool, uid).await,
            "minio" => CosService::get_minio_sts(config, redis_pool, uid).await,
            _ => Err(AppError::ClientError(format!(
                "Unsupported COS type: {}",
                cos_type
            ))),
        }
    }

    /// Get RustFS STS credentials
    ///
    /// # Arguments
    /// * `config` - Reference to the environment configuration
    /// * `redis_pool` - Reference to the Redis connection pool
    /// * `uid` - User ID for whom the STS credentials are requested
    ///
    /// # Returns
    /// * `AppResult<AwsStsVo>` - Result containing the STS credentials or an error
    ///
    pub async fn get_rustfs_sts(
        config: &Arc<AwsConfig>,
        _redis_pool: &Arc<RedisPool>,
        uid: i64,
    ) -> AppResult<AwsStsVo> {
        let _redis_key = format!("{}{}", CACHE_COS_STS, uid);
        Ok(AwsStsVo {
            access_key_id: config.rustfs_accesskey_id.to_owned(),
            access_key_secret: config.rustfs_accesskey_secret.to_owned(),
            security_token: "".to_string(),
            expiration: "3600".to_string(),
            endpoint: config.rustfs_endpoint.to_owned(),
            region: config.rustfs_region_id.to_owned(),
            bucket: config.rustfs_bucket.to_owned(),
        })
    }

    /// Get RustFS STS credentials
    ///
    /// # Arguments
    /// * `config` - Reference to the environment configuration
    /// * `redis_pool` - Reference to the Redis connection pool
    /// * `uid` - User ID for whom the STS credentials are requested
    ///
    /// # Returns
    /// * `AppResult<AwsStsVo>` - Result containing the STS credentials or an error
    ///
    pub async fn get_minio_sts(
        config: &Arc<AwsConfig>,
        _redis_pool: &Arc<RedisPool>,
        uid: i64,
    ) -> AppResult<AwsStsVo> {
        let _redis_key = format!("{}{}", CACHE_COS_STS, uid);
        Ok(AwsStsVo {
            access_key_id: config.minio_accesskey_id.to_owned(),
            access_key_secret: config.minio_accesskey_secret.to_owned(),
            security_token: "".to_string(),
            expiration: "3600".to_string(),
            endpoint: config.minio_endpoint.to_owned(),
            region: config.minio_region_id.to_owned(),
            bucket: config.minio_bucket.to_owned(),
        })
    }

    /// Get Aliyun STS credentials, with caching in Redis
    ///
    /// # Arguments
    /// * `config` - Reference to the environment configuration
    /// * `redis_pool` - Reference to the Redis connection pool
    /// * `uid` - User ID for whom the STS credentials are requested
    ///
    /// # Returns
    /// * `AppResult<AwsStsVo>` - Result containing the STS credentials or an error
    ///
    pub async fn get_aliyun_sts(
        config: &Arc<AwsConfig>,
        redis_pool: &Arc<RedisPool>,
        uid: i64,
    ) -> AppResult<AwsStsVo> {
        let redis_key = format!("{}{}", CACHE_ALIYUN_STS, uid);
        let sts: AwsStsVo = match redis_pool.get::<_, String>(&redis_key).await {
            Ok(Some(t)) => {
                let x = serde_json::from_str(&t).expect("Failed to deserialize AliyunStsVo");
                x
            }
            Ok(None) => {
                let client = StsClient::new(
                    &config.aliyun_accesskey_id,
                    &config.aliyun_accesskey_secret,
                    &config.aliyun_role_arn,
                    &config.aliyun_role_session_name,
                );
                let sts: AwsStsVo = match client.assume_role(config.aliyun_expiration).await {
                    Ok(response) => AwsStsVo {
                        access_key_id: response.credentials.access_key_id,
                        access_key_secret: response.credentials.access_key_secret,
                        security_token: response.credentials.security_token,
                        expiration: response.credentials.expiration,
                        endpoint: config.aliyun_endpoint.to_owned(),
                        region: config.aliyun_region_id.to_owned(),
                        bucket: config.aliyun_bucket.to_owned(),
                    },
                    Err(err) => {
                        return Err(AppError::ClientError(err.to_string()));
                    }
                };
                redis_pool
                    .setex(
                        redis_key,
                        serde_json::to_string(&sts).expect("Failed to serialize AliyunStsVo"),
                        config.aliyun_expiration as u64 - 60,
                    )
                    .await
                    .map_err(|e| AppError::RedisError(e.to_string()))?;
                sts
            }
            Err(err) => return Err(AppError::RedisError(err.to_string())),
        };
        Ok(sts)
    }
}