wascc_host/
actor.rs

1use crate::authz;
2use crate::Result;
3use std::fs::File;
4use std::io::prelude::*;
5use std::path::Path;
6use wascap::jwt::Token;
7
8/// An actor is a WebAssembly module that conforms to the waSCC protocols and can securely
9/// consume capabilities exposed by native or portable capability providers
10#[derive(Debug)]
11pub struct Actor {
12    pub(crate) token: Token<wascap::jwt::Actor>,
13    pub(crate) bytes: Vec<u8>,
14}
15
16impl Actor {
17    /// Create an actor from the bytes of a signed WebAssembly module. Attempting to load
18    /// an unsigned module, or a module signed improperly, will result in an error
19    pub fn from_slice(buf: &[u8]) -> Result<Actor> {
20        let token = authz::extract_claims(&buf)?;
21        Ok(Actor {
22            token,
23            bytes: buf.to_vec(),
24        })
25    }
26
27    /// Create an actor from a signed WebAssembly (`.wasm`) file
28    pub fn from_file(path: impl AsRef<Path>) -> Result<Actor> {
29        let mut file = File::open(path)?;
30        let mut buf = Vec::new();
31        file.read_to_end(&mut buf)?;
32
33        Actor::from_slice(&buf)
34    }
35
36    /// Obtain the actor's public key (The `sub` field of a JWT). This can be treated as a globally unique identifier
37    pub fn public_key(&self) -> String {
38        self.token.claims.subject.to_string()
39    }
40
41    /// The actor's human-friendly display name
42    pub fn name(&self) -> String {
43        match self.token.claims.metadata.as_ref().unwrap().name {
44            Some(ref n) => n.to_string(),
45            None => "Unnamed".to_string(),
46        }
47    }
48
49    /// Obtain the public key of the issuer of the actor's signed token (the `iss` field of the JWT)
50    pub fn issuer(&self) -> String {
51        self.token.claims.issuer.to_string()
52    }
53
54    /// Obtain the list of capabilities declared in this actor's embedded token
55    pub fn capabilities(&self) -> Vec<String> {
56        match self.token.claims.metadata.as_ref().unwrap().caps {
57            Some(ref caps) => caps.clone(),
58            None => vec![],
59        }
60    }
61
62    /// Obtain the list of tags in the actor's token
63    pub fn tags(&self) -> Vec<String> {
64        match self.token.claims.metadata.as_ref().unwrap().tags {
65            Some(ref tags) => tags.clone(),
66            None => vec![],
67        }
68    }
69}