Skip to main content

reddb_wire/
auth.rs

1//! Shared auth payload/header vocabulary for RedDB transports.
2//!
3//! The concrete HTTP/gRPC clients own their transport libraries, but the
4//! field names and bearer/login payload shape are wire contracts.
5
6pub const AUTHORIZATION_HEADER: &str = "authorization";
7pub const BEARER_AUTH_SCHEME: &str = "Bearer";
8pub const APIKEY_AUTH_SCHEME: &str = "ApiKey";
9
10pub fn bearer_authorization_value(token: &str) -> String {
11    format!("{BEARER_AUTH_SCHEME} {token}")
12}
13
14pub fn apikey_authorization_value(key: &str) -> String {
15    format!("{APIKEY_AUTH_SCHEME} {key}")
16}
17
18pub fn login_payload_json(username: &str, password: &str) -> String {
19    serde_json::json!({
20        "username": username,
21        "password": password,
22    })
23    .to_string()
24}
25
26#[cfg(test)]
27mod tests {
28    use super::*;
29
30    #[test]
31    fn bearer_authorization_value_uses_canonical_scheme() {
32        assert_eq!(bearer_authorization_value("token-1"), "Bearer token-1");
33    }
34
35    #[test]
36    fn apikey_authorization_value_uses_canonical_scheme() {
37        assert_eq!(apikey_authorization_value("key-1"), "ApiKey key-1");
38    }
39
40    #[test]
41    fn login_payload_json_escapes_credentials() {
42        let payload = login_payload_json("ada\"lovelace", "p\\ass\nword");
43        let value: serde_json::Value = serde_json::from_str(&payload).expect("json");
44
45        assert_eq!(value["username"], "ada\"lovelace");
46        assert_eq!(value["password"], "p\\ass\nword");
47    }
48}