zero-cli 2.6.0

A command line tool for Zero Secrets Manager
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87

/// # Take user_id from token
///
/// Module provides functionality for parsing JSON Web Tokens (JWT)
/// to extract user-specific information, such as the user ID. It includes utility
/// functions for base64 padding and decoding token payloads.
///
/// **Security Note:** This module does **not** verify the token's signature or expiration.
/// It assumes that the token is trusted and has been validated on backend side.
///
/// ## Example
///
/// ```rust
///
/// let token = "your_jwt_token_here";
/// let user_id = take_user_id_from_token(&token);
/// println!("User ID: {}", user_id);
/// ```
///
use crate::common::print_formatted_error::print_formatted_error;
use base64::{engine::general_purpose, Engine as _};
use serde::{Deserialize, Serialize};
use std::str;

#[derive(Debug, Serialize, Deserialize)]
struct HasuraClaims {
    #[serde(rename = "x-hasura-allowed-roles")]
    allowed_roles: Vec<String>,
    #[serde(rename = "x-hasura-default-role")]
    default_role: String,
    #[serde(rename = "x-hasura-user-id")]
    user_id: String,
}

#[derive(Debug, Serialize, Deserialize)]
struct Claims {
    email: String,
    role: String,
    #[serde(rename = "userId")]
    user_id: String,
    #[serde(rename = "https://hasura.io/jwt/claims")]
    hasura_claims: HasuraClaims,
    iat: u64,
    exp: u64,
    iss: String,
}

fn pad_base64(input: &str) -> String {
    let mut output = input.to_string();
    while output.len() % 4 != 0 {
        output.push('=');
    }
    output
}

pub fn take_user_id_from_token(token: &str) -> String {
    let token_parts: Vec<&str> = token.split('.').collect();

    if token_parts.len() != 3 {
        print_formatted_error(&format!("Invalid token format"));
        std::process::exit(1);
    }

    let payload_encoded = pad_base64(token_parts[1]);

    return match general_purpose::URL_SAFE.decode(&payload_encoded) {
        Ok(decoded_bytes) => match str::from_utf8(&decoded_bytes) {
            Ok(payload_json) => match serde_json::from_str::<Claims>(payload_json) {
                Ok(claims) => claims.hasura_claims.user_id,

                Err(err) => {
                    print_formatted_error(&format!("Error parsing claims: {:?}", err));
                    std::process::exit(1);
                }
            },

            Err(err) => {
                print_formatted_error(&format!("Error decoding payload: {:?}", err));
                std::process::exit(1);
            }
        },

        Err(err) => {
            print_formatted_error(&format!("Error decoding base64: {:?}", err));
            std::process::exit(1);
        }
    };
}