1use openauth_core::db::{DbRecord, DbValue};
2use openauth_core::error::OpenAuthError;
3use serde::{Deserialize, Serialize};
4use serde_json::Value;
5use time::OffsetDateTime;
6
7use super::options::ApiKeyPermissions;
8
9#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
10#[serde(rename_all = "camelCase")]
11pub struct ApiKeyRecord {
12 pub id: String,
13 pub config_id: String,
14 pub name: Option<String>,
15 pub start: Option<String>,
16 pub prefix: Option<String>,
17 pub key: String,
18 pub reference_id: String,
19 pub refill_interval: Option<i64>,
20 pub refill_amount: Option<i64>,
21 pub last_refill_at: Option<OffsetDateTime>,
22 pub enabled: bool,
23 pub rate_limit_enabled: bool,
24 pub rate_limit_time_window: Option<i64>,
25 pub rate_limit_max: Option<i64>,
26 pub request_count: i64,
27 pub remaining: Option<i64>,
28 pub last_request: Option<OffsetDateTime>,
29 pub expires_at: Option<OffsetDateTime>,
30 pub created_at: OffsetDateTime,
31 pub updated_at: OffsetDateTime,
32 pub metadata: Option<Value>,
33 pub permissions: Option<ApiKeyPermissions>,
34}
35
36#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
37#[serde(rename_all = "camelCase")]
38pub struct ApiKeyPublicRecord {
39 pub id: String,
40 pub config_id: String,
41 pub name: Option<String>,
42 pub start: Option<String>,
43 pub prefix: Option<String>,
44 pub reference_id: String,
45 pub refill_interval: Option<i64>,
46 pub refill_amount: Option<i64>,
47 pub last_refill_at: Option<OffsetDateTime>,
48 pub enabled: bool,
49 pub rate_limit_enabled: bool,
50 pub rate_limit_time_window: Option<i64>,
51 pub rate_limit_max: Option<i64>,
52 pub request_count: i64,
53 pub remaining: Option<i64>,
54 pub last_request: Option<OffsetDateTime>,
55 pub expires_at: Option<OffsetDateTime>,
56 pub created_at: OffsetDateTime,
57 pub updated_at: OffsetDateTime,
58 pub metadata: Option<Value>,
59 pub permissions: Option<ApiKeyPermissions>,
60}
61
62#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
63#[serde(rename_all = "camelCase")]
64pub struct ApiKeyCreateRecord {
65 #[serde(flatten)]
66 pub record: ApiKeyPublicRecord,
67 pub key: String,
68}
69
70impl ApiKeyRecord {
71 pub fn public(&self) -> ApiKeyPublicRecord {
72 ApiKeyPublicRecord {
73 id: self.id.clone(),
74 config_id: self.config_id.clone(),
75 name: self.name.clone(),
76 start: self.start.clone(),
77 prefix: self.prefix.clone(),
78 reference_id: self.reference_id.clone(),
79 refill_interval: self.refill_interval,
80 refill_amount: self.refill_amount,
81 last_refill_at: self.last_refill_at,
82 enabled: self.enabled,
83 rate_limit_enabled: self.rate_limit_enabled,
84 rate_limit_time_window: self.rate_limit_time_window,
85 rate_limit_max: self.rate_limit_max,
86 request_count: self.request_count,
87 remaining: self.remaining,
88 last_request: self.last_request,
89 expires_at: self.expires_at,
90 created_at: self.created_at,
91 updated_at: self.updated_at,
92 metadata: normalize_metadata(self.metadata.clone()),
93 permissions: self.permissions.clone(),
94 }
95 }
96
97 pub fn to_record(&self) -> DbRecord {
98 DbRecord::from([
99 ("id".to_owned(), DbValue::String(self.id.clone())),
100 (
101 "config_id".to_owned(),
102 DbValue::String(self.config_id.clone()),
103 ),
104 ("name".to_owned(), optional_string(self.name.clone())),
105 ("start".to_owned(), optional_string(self.start.clone())),
106 ("prefix".to_owned(), optional_string(self.prefix.clone())),
107 ("key".to_owned(), DbValue::String(self.key.clone())),
108 (
109 "reference_id".to_owned(),
110 DbValue::String(self.reference_id.clone()),
111 ),
112 (
113 "refill_interval".to_owned(),
114 optional_number(self.refill_interval),
115 ),
116 (
117 "refill_amount".to_owned(),
118 optional_number(self.refill_amount),
119 ),
120 (
121 "last_refill_at".to_owned(),
122 optional_timestamp(self.last_refill_at),
123 ),
124 ("enabled".to_owned(), DbValue::Boolean(self.enabled)),
125 (
126 "rate_limit_enabled".to_owned(),
127 DbValue::Boolean(self.rate_limit_enabled),
128 ),
129 (
130 "rate_limit_time_window".to_owned(),
131 optional_number(self.rate_limit_time_window),
132 ),
133 (
134 "rate_limit_max".to_owned(),
135 optional_number(self.rate_limit_max),
136 ),
137 (
138 "request_count".to_owned(),
139 DbValue::Number(self.request_count),
140 ),
141 ("remaining".to_owned(), optional_number(self.remaining)),
142 (
143 "last_request".to_owned(),
144 optional_timestamp(self.last_request),
145 ),
146 ("expires_at".to_owned(), optional_timestamp(self.expires_at)),
147 ("created_at".to_owned(), DbValue::Timestamp(self.created_at)),
148 ("updated_at".to_owned(), DbValue::Timestamp(self.updated_at)),
149 (
150 "metadata".to_owned(),
151 self.metadata
152 .clone()
153 .map(DbValue::Json)
154 .unwrap_or(DbValue::Null),
155 ),
156 (
157 "permissions".to_owned(),
158 self.permissions
159 .as_ref()
160 .and_then(|permissions| serde_json::to_value(permissions).ok())
161 .map(DbValue::Json)
162 .unwrap_or(DbValue::Null),
163 ),
164 ])
165 }
166}
167
168pub(crate) const API_KEY_FIELDS: [&str; 22] = [
169 "id",
170 "config_id",
171 "name",
172 "start",
173 "prefix",
174 "key",
175 "reference_id",
176 "refill_interval",
177 "refill_amount",
178 "last_refill_at",
179 "enabled",
180 "rate_limit_enabled",
181 "rate_limit_time_window",
182 "rate_limit_max",
183 "request_count",
184 "remaining",
185 "last_request",
186 "expires_at",
187 "created_at",
188 "updated_at",
189 "metadata",
190 "permissions",
191];
192
193pub(crate) fn record_from_db(record: DbRecord) -> Result<ApiKeyRecord, OpenAuthError> {
194 Ok(ApiKeyRecord {
195 id: required_string(&record, "id")?.to_owned(),
196 config_id: required_string(&record, "config_id")?.to_owned(),
197 name: optional_string_field(&record, "name")?,
198 start: optional_string_field(&record, "start")?,
199 prefix: optional_string_field(&record, "prefix")?,
200 key: required_string(&record, "key")?.to_owned(),
201 reference_id: required_string(&record, "reference_id")?.to_owned(),
202 refill_interval: optional_number_field(&record, "refill_interval")?,
203 refill_amount: optional_number_field(&record, "refill_amount")?,
204 last_refill_at: optional_timestamp_field(&record, "last_refill_at")?,
205 enabled: optional_bool_field(&record, "enabled")?.unwrap_or(true),
206 rate_limit_enabled: optional_bool_field(&record, "rate_limit_enabled")?.unwrap_or(true),
207 rate_limit_time_window: optional_number_field(&record, "rate_limit_time_window")?,
208 rate_limit_max: optional_number_field(&record, "rate_limit_max")?,
209 request_count: optional_number_field(&record, "request_count")?.unwrap_or(0),
210 remaining: optional_number_field(&record, "remaining")?,
211 last_request: optional_timestamp_field(&record, "last_request")?,
212 expires_at: optional_timestamp_field(&record, "expires_at")?,
213 created_at: required_timestamp(&record, "created_at")?,
214 updated_at: required_timestamp(&record, "updated_at")?,
215 metadata: optional_json_field(&record, "metadata")?,
216 permissions: optional_json_field(&record, "permissions")?
217 .map(serde_json::from_value)
218 .transpose()
219 .map_err(|error| OpenAuthError::Adapter(error.to_string()))?,
220 })
221}
222
223fn normalize_metadata(metadata: Option<Value>) -> Option<Value> {
224 match metadata {
225 Some(Value::String(value)) => serde_json::from_str(&value).ok(),
226 other => other,
227 }
228}
229
230fn optional_string(value: Option<String>) -> DbValue {
231 value.map(DbValue::String).unwrap_or(DbValue::Null)
232}
233
234fn optional_number(value: Option<i64>) -> DbValue {
235 value.map(DbValue::Number).unwrap_or(DbValue::Null)
236}
237
238fn optional_timestamp(value: Option<OffsetDateTime>) -> DbValue {
239 value.map(DbValue::Timestamp).unwrap_or(DbValue::Null)
240}
241
242fn required_string<'a>(record: &'a DbRecord, field: &str) -> Result<&'a str, OpenAuthError> {
243 match record.get(field) {
244 Some(DbValue::String(value)) => Ok(value),
245 Some(DbValue::Null) | None => Err(OpenAuthError::Adapter(format!(
246 "api key field `{field}` is missing"
247 ))),
248 Some(_) => Err(OpenAuthError::Adapter(format!(
249 "api key field `{field}` has invalid type"
250 ))),
251 }
252}
253
254fn required_timestamp(record: &DbRecord, field: &str) -> Result<OffsetDateTime, OpenAuthError> {
255 match record.get(field) {
256 Some(DbValue::Timestamp(value)) => Ok(*value),
257 Some(DbValue::Null) | None => Err(OpenAuthError::Adapter(format!(
258 "api key field `{field}` is missing"
259 ))),
260 Some(_) => Err(OpenAuthError::Adapter(format!(
261 "api key field `{field}` has invalid type"
262 ))),
263 }
264}
265
266fn optional_string_field(record: &DbRecord, field: &str) -> Result<Option<String>, OpenAuthError> {
267 match record.get(field) {
268 Some(DbValue::String(value)) => Ok(Some(value.clone())),
269 Some(DbValue::Null) | None => Ok(None),
270 Some(_) => Err(OpenAuthError::Adapter(format!(
271 "api key field `{field}` has invalid type"
272 ))),
273 }
274}
275
276fn optional_number_field(record: &DbRecord, field: &str) -> Result<Option<i64>, OpenAuthError> {
277 match record.get(field) {
278 Some(DbValue::Number(value)) => Ok(Some(*value)),
279 Some(DbValue::Null) | None => Ok(None),
280 Some(_) => Err(OpenAuthError::Adapter(format!(
281 "api key field `{field}` has invalid type"
282 ))),
283 }
284}
285
286fn optional_bool_field(record: &DbRecord, field: &str) -> Result<Option<bool>, OpenAuthError> {
287 match record.get(field) {
288 Some(DbValue::Boolean(value)) => Ok(Some(*value)),
289 Some(DbValue::Null) | None => Ok(None),
290 Some(_) => Err(OpenAuthError::Adapter(format!(
291 "api key field `{field}` has invalid type"
292 ))),
293 }
294}
295
296fn optional_timestamp_field(
297 record: &DbRecord,
298 field: &str,
299) -> Result<Option<OffsetDateTime>, OpenAuthError> {
300 match record.get(field) {
301 Some(DbValue::Timestamp(value)) => Ok(Some(*value)),
302 Some(DbValue::Null) | None => Ok(None),
303 Some(_) => Err(OpenAuthError::Adapter(format!(
304 "api key field `{field}` has invalid type"
305 ))),
306 }
307}
308
309fn optional_json_field(record: &DbRecord, field: &str) -> Result<Option<Value>, OpenAuthError> {
310 match record.get(field) {
311 Some(DbValue::Json(value)) => Ok(Some(value.clone())),
312 Some(DbValue::String(value)) => serde_json::from_str(value)
313 .map(Some)
314 .map_err(|error| OpenAuthError::Adapter(error.to_string())),
315 Some(DbValue::Null) | None => Ok(None),
316 Some(_) => Err(OpenAuthError::Adapter(format!(
317 "api key field `{field}` has invalid type"
318 ))),
319 }
320}