samael 0.0.21

A SAML2 library for Rust
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153

use chrono::prelude::*;
use quick_xml::events::{BytesEnd, BytesStart, BytesText, Event};
use quick_xml::Writer;
use serde::Deserialize;
use std::io::Cursor;

const NAME: &str = "saml2:Conditions";

#[derive(Clone, Debug, Deserialize, Hash, Eq, PartialEq, Ord, PartialOrd)]
pub struct Conditions {
    #[serde(rename = "@NotBefore")]
    pub not_before: Option<DateTime<Utc>>,
    #[serde(rename = "@NotOnOrAfter")]
    pub not_on_or_after: Option<DateTime<Utc>>,
    #[serde(rename = "AudienceRestriction", default)]
    pub audience_restrictions: Option<Vec<AudienceRestriction>>,
    #[serde(rename = "OneTimeUse")]
    pub one_time_use: Option<OneTimeUse>,
    #[serde(rename = "ProxyRestriction")]
    pub proxy_restriction: Option<ProxyRestriction>,
}

impl TryFrom<Conditions> for Event<'_> {
    type Error = Box<dyn std::error::Error>;

    fn try_from(value: Conditions) -> Result<Self, Self::Error> {
        (&value).try_into()
    }
}

impl TryFrom<&Conditions> for Event<'_> {
    type Error = Box<dyn std::error::Error>;

    fn try_from(value: &Conditions) -> Result<Self, Self::Error> {
        let mut write_buf = Vec::new();
        let mut writer = Writer::new(Cursor::new(&mut write_buf));
        let mut root = BytesStart::new(NAME);
        if let Some(not_before) = &value.not_before {
            root.push_attribute((
                "NotBefore",
                not_before
                    .to_rfc3339_opts(SecondsFormat::Secs, true)
                    .as_ref(),
            ));
        }
        if let Some(not_on_or_after) = &value.not_on_or_after {
            root.push_attribute((
                "NotOnOrAfter",
                not_on_or_after
                    .to_rfc3339_opts(SecondsFormat::Secs, true)
                    .as_ref(),
            ));
        }
        writer.write_event(Event::Start(root))?;
        if let Some(audience_restrictions) = &value.audience_restrictions {
            for restriction in audience_restrictions {
                let event: Event<'_> = restriction.try_into()?;
                writer.write_event(event)?;
            }
        }
        if let Some(proxy_restriction) = &value.proxy_restriction {
            let event: Event<'_> = proxy_restriction.try_into()?;
            writer.write_event(event)?;
        }
        writer.write_event(Event::End(BytesEnd::new(NAME)))?;
        Ok(Event::Text(BytesText::from_escaped(String::from_utf8(
            write_buf,
        )?)))
    }
}

const AUDIENCE_RESTRICTION_NAME: &str = "saml2:AudienceRestriction";
const AUDIENCE_NAME: &str = "saml2:Audience";

#[derive(Clone, Debug, Deserialize, Hash, Eq, PartialEq, Ord, PartialOrd)]
pub struct AudienceRestriction {
    #[serde(rename = "Audience")]
    pub audience: Vec<String>,
}

impl TryFrom<AudienceRestriction> for Event<'_> {
    type Error = Box<dyn std::error::Error>;

    fn try_from(value: AudienceRestriction) -> Result<Self, Self::Error> {
        (&value).try_into()
    }
}

impl TryFrom<&AudienceRestriction> for Event<'_> {
    type Error = Box<dyn std::error::Error>;

    fn try_from(value: &AudienceRestriction) -> Result<Self, Self::Error> {
        let mut write_buf = Vec::new();
        let mut writer = Writer::new(Cursor::new(&mut write_buf));
        let root = BytesStart::new(AUDIENCE_RESTRICTION_NAME);
        writer.write_event(Event::Start(root))?;
        for aud in &value.audience {
            writer.write_event(Event::Start(BytesStart::new(AUDIENCE_NAME)))?;
            writer.write_event(Event::Text(BytesText::from_escaped(aud)))?;
            writer.write_event(Event::End(BytesEnd::new(AUDIENCE_NAME)))?;
        }
        writer.write_event(Event::End(BytesEnd::new(AUDIENCE_RESTRICTION_NAME)))?;
        Ok(Event::Text(BytesText::from_escaped(String::from_utf8(
            write_buf,
        )?)))
    }
}

#[derive(Clone, Debug, Deserialize, Hash, Eq, PartialEq, Ord, PartialOrd)]
pub struct OneTimeUse {}

const PROXY_RESTRICTION_NAME: &str = "saml2:ProxyRestriction";

#[derive(Clone, Debug, Deserialize, Hash, Eq, PartialEq, Ord, PartialOrd)]
pub struct ProxyRestriction {
    #[serde(rename = "@Count")]
    pub count: Option<usize>,
    #[serde(rename = "Audience")]
    pub audiences: Option<Vec<String>>,
}

impl TryFrom<ProxyRestriction> for Event<'_> {
    type Error = Box<dyn std::error::Error>;

    fn try_from(value: ProxyRestriction) -> Result<Self, Self::Error> {
        (&value).try_into()
    }
}

impl TryFrom<&ProxyRestriction> for Event<'_> {
    type Error = Box<dyn std::error::Error>;

    fn try_from(value: &ProxyRestriction) -> Result<Self, Self::Error> {
        let mut write_buf = Vec::new();
        let mut writer = Writer::new(Cursor::new(&mut write_buf));
        let mut root = BytesStart::new(PROXY_RESTRICTION_NAME);
        if let Some(count) = &value.count {
            root.push_attribute(("Count", count.to_string().as_ref()));
        }
        writer.write_event(Event::Start(root))?;
        if let Some(audiences) = &value.audiences {
            for aud in audiences {
                writer.write_event(Event::Start(BytesStart::new(AUDIENCE_NAME)))?;
                writer.write_event(Event::Text(BytesText::from_escaped(aud)))?;
                writer.write_event(Event::End(BytesEnd::new(AUDIENCE_NAME)))?;
            }
        }
        writer.write_event(Event::End(BytesEnd::new(PROXY_RESTRICTION_NAME)))?;
        Ok(Event::Text(BytesText::from_escaped(String::from_utf8(
            write_buf,
        )?)))
    }
}