openauth-plugins 0.0.4

Official OpenAuth plugin modules.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88

use time::{Duration, OffsetDateTime};

use openauth_core::crypto::random::generate_random_string;
use openauth_core::db::{DbAdapter, DbRecord, DbValue, FindMany, Sort, SortDirection, Where};
use openauth_core::error::OpenAuthError;
use openauth_core::verification::{CreateVerificationInput, DbVerificationStore};

pub(crate) fn generate_otp(length: usize) -> String {
    generate_random_string(length)
        .bytes()
        .map(|byte| char::from(b'0' + (byte % 10)))
        .collect()
}

pub(crate) fn encode(code: &str, attempts: u32) -> String {
    format!("{code}:{attempts}")
}

pub(crate) fn decode(value: &str) -> (&str, u32) {
    let Some((code, attempts)) = value.split_once(':') else {
        return (value, 0);
    };
    (code, attempts.parse().unwrap_or(0))
}

pub(crate) async fn create(
    adapter: &dyn openauth_core::db::DbAdapter,
    identifier: impl Into<String>,
    code: &str,
    expires_in: u64,
) -> Result<(), OpenAuthError> {
    DbVerificationStore::new(adapter)
        .create_verification(CreateVerificationInput::new(
            identifier.into(),
            encode(code, 0),
            OffsetDateTime::now_utc() + Duration::seconds(expires_in as i64),
        ))
        .await?;
    Ok(())
}

pub(crate) async fn find_raw(
    adapter: &dyn DbAdapter,
    identifier: &str,
) -> Result<Option<VerificationRecord>, OpenAuthError> {
    let Some(record) = adapter
        .find_many(
            FindMany::new("verification")
                .where_clause(Where::new(
                    "identifier",
                    DbValue::String(identifier.to_owned()),
                ))
                .sort_by(Sort::new("created_at", SortDirection::Desc))
                .limit(1),
        )
        .await?
        .into_iter()
        .next()
    else {
        return Ok(None);
    };
    Ok(Some(verification_from_record(record)?))
}

pub(crate) struct VerificationRecord {
    pub value: String,
    pub expires_at: OffsetDateTime,
}

fn verification_from_record(record: DbRecord) -> Result<VerificationRecord, OpenAuthError> {
    let value = match record.get("value") {
        Some(DbValue::String(value)) => value.clone(),
        _ => {
            return Err(OpenAuthError::Adapter(
                "verification.value must be a string".to_owned(),
            ));
        }
    };
    let expires_at = match record.get("expires_at") {
        Some(DbValue::Timestamp(value)) => *value,
        _ => {
            return Err(OpenAuthError::Adapter(
                "verification.expires_at must be a timestamp".to_owned(),
            ));
        }
    };
    Ok(VerificationRecord { value, expires_at })
}