openauth-plugins 0.0.3

Official OpenAuth plugin modules.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41

use openauth_core::context::{AuthContext, SecretMaterial};
use openauth_core::crypto::{symmetric_decrypt, symmetric_encrypt};
use openauth_core::error::OpenAuthError;

use super::Jwk;

pub(crate) fn encrypt_private_key(
    context: &AuthContext,
    mut key: Jwk,
    disabled: bool,
) -> Result<Jwk, OpenAuthError> {
    if !disabled {
        key.private_key = encrypt_with_context(context, &key.private_key)?;
    }
    Ok(key)
}

pub(crate) fn decrypt_private_key(
    context: &AuthContext,
    private_key: &str,
    disabled: bool,
) -> Result<String, OpenAuthError> {
    if disabled {
        return Ok(private_key.to_owned());
    }
    decrypt_with_context(context, private_key)
}

fn encrypt_with_context(context: &AuthContext, data: &str) -> Result<String, OpenAuthError> {
    match &context.secret_config {
        SecretMaterial::Single(secret) => symmetric_encrypt(secret.as_str(), data),
        SecretMaterial::Rotating(config) => symmetric_encrypt(config, data),
    }
}

fn decrypt_with_context(context: &AuthContext, data: &str) -> Result<String, OpenAuthError> {
    match &context.secret_config {
        SecretMaterial::Single(secret) => symmetric_decrypt(secret.as_str(), data),
        SecretMaterial::Rotating(config) => symmetric_decrypt(config, data),
    }
}