use crate::security::validator::validate_token;
use actix_web::http::header::HeaderMap;
use alcoholic_jwt::{JWKS, ValidJWT};
use async_graphql::{Context, Error};
use error_util::error::AppError::GraphQLError;
use crate::security::extract_header_value_from_request_to_string;
pub async fn authenticate_for_jwt(ctx: &Context<'_>, jwks: JWKS, issuer_uri: &str) -> Result<ValidJWT, Error> {
let headers = ctx.data::<HeaderMap>().map_err(GraphQLError)?;
let auth_token = extract_header_value_from_request_to_string(headers, "authorization");
let token_split = auth_token.split(' ');
let data = token_split.take(2).collect::<Vec<_>>();
if data.len() < 2 {
return Err(Error::new("invalid token format"));
}
let bearer_text = "Bearer";
if let Some(bearer) = data.first() {
if !bearer.eq(&bearer_text) {
return Err(Error::new("invalid token format"));
}
}
if let Some(parsed_token) = data.get(1) {
validate_token(
parsed_token,
&jwks,
issuer_uri,
)
.map_err(|err| err.convert_app_error_to_graphql_error())
} else {
Err(Error::new("could not parse token"))
}
}
pub async fn authenticate_for_string(ctx: &Context<'_>, jwks: JWKS, issuer_uri: &str) -> Result<String, Error> {
let headers = ctx.data::<HeaderMap>().map_err(GraphQLError)?;
let auth_token = extract_header_value_from_request_to_string(headers, "authorization");
let token_split = auth_token.split(' ');
let data = token_split.take(2).collect::<Vec<_>>();
if data.len() < 2 {
return Err(Error::new("invalid token format"));
}
let bearer_text = "Bearer";
if let Some(bearer) = data.first() {
if !bearer.eq(&bearer_text) {
return Err(Error::new("invalid token format"));
}
}
if let Some(parsed_token) = data.get(1) {
let _ = validate_token(
parsed_token,
&jwks,
issuer_uri,
)
.map_err(|err| err.convert_app_error_to_graphql_error())?;
Ok(parsed_token.to_string())
} else {
Err(Error::new("could not parse token"))
}
}