redact-client 1.5.9

Receives request for private data and decrypts it to display securely in browser
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125

use async_trait::async_trait;
use http::StatusCode;
use reqwest::{Certificate, Response};
use std::collections::HashMap;
use std::fs::File;
use std::io::Read;
use std::ops::Deref;
use std::sync::Arc;
use thiserror::Error;
use warp::reject::Reject;

#[derive(Error, Debug)]
pub enum RelayError {
    #[error("Failure happened during relay")]
    RelayRequestError { source: Option<reqwest::Error> },
}

impl Reject for RelayError {}

#[async_trait]
pub trait Relayer: Clone + Send + Sync {
    async fn relay(&self, path: String, relay_url: String) -> Result<StatusCode, RelayError>;
    async fn get(&self, relay_url: String) -> Result<Response, RelayError>;
}

#[async_trait]
impl<U> Relayer for Arc<U>
where
    U: Relayer,
{
    async fn relay(&self, path: String, relay_url: String) -> Result<StatusCode, RelayError> {
        self.deref().relay(path, relay_url).await
    }

    async fn get(&self, relay_url: String) -> Result<Response, RelayError> {
        self.deref().get(relay_url).await
    }
}

#[derive(Debug, Clone)]
pub struct MutualTLSRelayer {
    pub client: reqwest::Client,
}

impl MutualTLSRelayer {
    pub fn new(
        pem_file_path: String,
        additional_ca_certs: Option<&[Certificate]>,
    ) -> Result<MutualTLSRelayer, RelayError> {
        // Load the client TLS certificate and key
        let mut buf = Vec::new();
        File::open(pem_file_path)
            .unwrap()
            .read_to_end(&mut buf)
            .unwrap();
        let pkcs12 = reqwest::Identity::from_pem(&buf).unwrap();

        // Build the relay HTTP client, adding in provided certificate as additional CA certs
        let mut client_builder = reqwest::Client::builder().identity(pkcs12).use_rustls_tls();
        if let Some(ca_certs) = additional_ca_certs {
            // In order for the additional certs to be used, the built-in root certs must be disabled
            client_builder = client_builder.tls_built_in_root_certs(false);
            for cert in ca_certs.iter() {
                client_builder = client_builder.add_root_certificate(cert.clone())
            }
        }
        Ok(MutualTLSRelayer {
            client: client_builder.build().unwrap(),
        })
    }
}

#[async_trait]
impl Relayer for MutualTLSRelayer {
    async fn relay(&self, path: String, relay_url: String) -> Result<StatusCode, RelayError> {
        let mut req_body = HashMap::new();
        req_body.insert("path", path);
        req_body.insert("userId", "abc".to_owned());

        self.client
            .post(relay_url)
            .json(&req_body)
            .send()
            .await
            .and_then(|response| response.error_for_status())
            .and_then(|response| Ok(response.status()))
            .map_err(|source| RelayError::RelayRequestError {
                source: Some(source),
            })
    }

    async fn get(&self, relay_url: String) -> Result<Response, RelayError> {
        self.client
            .get(relay_url)
            .send()
            .await
            .and_then(|response| response.error_for_status())
            .map_err(|source| RelayError::RelayRequestError {
                source: Some(source),
            })
    }
}

#[cfg(test)]
pub mod tests {
    use super::{RelayError, Relayer};
    use async_trait::async_trait;
    use http::StatusCode;
    use mockall::predicate::*;
    use mockall::*;
    use reqwest::Response;

    mock! {
    pub Relayer {}
    impl Clone for Relayer {
            fn clone(&self) -> Self;
    }

    #[async_trait]
    impl Relayer for MockRelayer {
        async fn relay(&self, path: String, relay_url: String) -> Result<StatusCode, RelayError>;
        async fn get(&self, relay_url: String) -> Result<Response, RelayError>;
    }
    }
}