pxsolver-auth 1.2.0

API-key + per-domain allowlist + audit log
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53

use crate::domain::allowlist_entry::{AllowlistEntry, AllowlistEntryError};
use crate::domain::allowlist_store::AllowlistStore;
use async_trait::async_trait;
use px_errors::AppError;
use serde::Deserialize;
use std::collections::HashMap;
use std::path::Path;

#[derive(Debug, Deserialize)]
struct AllowlistFile {
    entries: Vec<AllowlistEntry>,
}

pub struct YamlAllowlistStore {
    by_domain: HashMap<String, AllowlistEntry>,
}

impl YamlAllowlistStore {
    pub async fn load(path: impl AsRef<Path>) -> Result<Self, AppError> {
        let bytes = tokio::fs::read(path.as_ref())
            .await
            .map_err(|e| AppError::InternalError(format!("read allowlist yaml: {e}")))?;
        let parsed: AllowlistFile = serde_yaml::from_slice(&bytes)
            .map_err(|e| AppError::InternalError(format!("parse allowlist yaml: {e}")))?;
        for entry in &parsed.entries {
            entry
                .validate()
                .map_err(|e: AllowlistEntryError| AppError::InternalError(e.to_string()))?;
        }
        let by_domain = parsed
            .entries
            .into_iter()
            .map(|e| (e.domain.clone(), e))
            .collect();
        Ok(Self { by_domain })
    }

    pub fn from_entries(entries: Vec<AllowlistEntry>) -> Self {
        let by_domain = entries.into_iter().map(|e| (e.domain.clone(), e)).collect();
        Self { by_domain }
    }
}

#[async_trait]
impl AllowlistStore for YamlAllowlistStore {
    async fn lookup(&self, domain: &str) -> Result<Option<AllowlistEntry>, AppError> {
        Ok(self.by_domain.get(domain).cloned())
    }

    async fn list(&self) -> Result<Vec<AllowlistEntry>, AppError> {
        Ok(self.by_domain.values().cloned().collect())
    }
}