openauth-plugins 0.0.3

Official OpenAuth plugin modules.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91

pub mod permissions;
pub mod sessions;
pub mod users;

use openauth_core::api::ApiRequest;
use openauth_core::auth::session::{GetSessionInput, SessionAuth};
use openauth_core::context::AuthContext;
use openauth_core::error::OpenAuthError;

use super::cookies::cookie_header;
use super::models::{AdminSession, AdminUser};
use super::store::AdminStore;

pub async fn current_admin(
    context: &AuthContext,
    request: &ApiRequest,
) -> Result<Option<(AdminSession, AdminUser)>, OpenAuthError> {
    let Some(adapter) = context.adapter() else {
        return Ok(None);
    };
    let header = cookie_header(request);
    let Some(result) = SessionAuth::new(adapter.as_ref(), context)
        .get_session(GetSessionInput::new(header))
        .await?
    else {
        return Ok(None);
    };
    let Some(session) = result.session else {
        return Ok(None);
    };
    let Some((admin_session, admin_user)) = AdminStore::new(adapter.as_ref())
        .find_session(&session.token)
        .await?
    else {
        return Ok(None);
    };
    Ok(Some((admin_session, admin_user)))
}

pub fn permission(resource: &str, action: &str) -> crate::admin::PermissionMap {
    crate::admin::PermissionMap::from([(resource.to_owned(), vec![action.to_owned()])])
}

pub fn require_adapter(
    context: &AuthContext,
) -> Result<std::sync::Arc<dyn openauth_core::db::DbAdapter>, OpenAuthError> {
    context
        .adapter()
        .ok_or_else(|| OpenAuthError::Api("admin plugin requires a database adapter".to_owned()))
}

pub fn query_value(request: &ApiRequest, name: &str) -> Option<String> {
    request.uri().query().and_then(|query| {
        query.split('&').find_map(|pair| {
            let (key, value) = pair.split_once('=').unwrap_or((pair, ""));
            (key == name).then(|| percent_decode(value))
        })
    })
}

pub fn query_usize(request: &ApiRequest, name: &str) -> Option<usize> {
    query_value(request, name).and_then(|value| value.parse().ok())
}

fn percent_decode(input: &str) -> String {
    let mut output = String::new();
    let mut bytes = input.as_bytes().iter().copied();
    while let Some(byte) = bytes.next() {
        match byte {
            b'+' => output.push(' '),
            b'%' => {
                let high = bytes.next().and_then(hex);
                let low = bytes.next().and_then(hex);
                if let (Some(high), Some(low)) = (high, low) {
                    output.push(char::from((high << 4) | low));
                }
            }
            byte => output.push(char::from(byte)),
        }
    }
    output
}

fn hex(byte: u8) -> Option<u8> {
    match byte {
        b'0'..=b'9' => Some(byte - b'0'),
        b'a'..=b'f' => Some(byte - b'a' + 10),
        b'A'..=b'F' => Some(byte - b'A' + 10),
        _ => None,
    }
}