Struct patchify::server::Axum

source ·

#[non_exhaustive]
pub struct Axum;

Expand description

Endpoint handlers for use with the Axum web framework.

This struct contains ready-made handlers for use with the Axum web framework. These handlers call the methods on the Core struct, and provide a convenient way to add the functionality to an existing Axum-based application API.

Note the following:

The methods on the Core struct require Core to be instantiated. The instance should be wrapped in an Arc and added to the Axum router as an extension, to be extracted by the handlers.
The handlers are static methods, and stateless, and obtain their state by extracting the Core instance from the request extensions.

It is not intended that this struct should be instantiated, and so the ability to do so is not provided.

§Examples

let config = Config { /* ... */ };
let core   = Arc::new(Core::new(config));
let app    = Router::new()
    .route("/api/latest",            get(Axum::get_latest_version))
    .route("/api/hashes/:version",   get(Axum::get_hash_for_version))
    .route("/api/releases/:version", get(Axum::get_release_file))
    .layer(Extension(core))
;

Implementations§

source §

impl Axum

source

pub async fn get_latest_version( __arg0: Extension<Arc<Core>> ) -> impl IntoResponse

Latest version number of the application.

This handler returns a response containing the latest version number of the application, as per the configured version list.

It does not include the SHA256 hash, to keep the response size to a minimum.

§Parameters

core - The core server instance.

source

pub async fn get_hash_for_version( arg0: Extension<Arc<Core>>, arg1: Path<Version> ) -> impl IntoResponse

SHA256 hash for a given version of the application.

This function checks the configured version list and returns the matching SHA256 hash for the specified version of the application.

§Parameters

core - The core server instance.
version - The version of the application to retrieve the hash for.

§Errors

A 400 Bad Request status will be returned if the version format is invalid.
A 404 Not Found status will be returned if the specified version does not exist.

source

pub async fn get_release_file( arg0: Extension<Arc<Core>>, arg1: Path<Version> ) -> impl IntoResponse

Release file for a given version of the application.

This function returns the release file for the specified version of the application, as per the configured version list. It will stream the file if it is large.

§Parameters

core - The core server instance.
version - The version of the application to retrieve the release file for.

§Errors

A 400 Bad Request status will be returned if the version format is invalid.
A 404 Not Found status will be returned if the specified version does not exist.
A 500 Internal Server Error status will be returned if the file is missing or cannot be read. In this situation a message to this effect will be provided — this is useful for testing the endpoint directly, but in a production environment it would be sensible to strip it out rather than show it to an end user.

source

pub fn sign_response(key: &SigningKey, response: Response) -> Response

Signs a response by adding a signature header.

This function accepts a Response and signs it by adding an X-Signature header. The signature is generated against the response body using the server’s private key.

Note that this function is only suitable for use with responses that contain a fully-known body, as the complete body data needs to be used to generate the signature. It is therefore not suitable for use with streaming responses, as the entire body must be known in advance in order to be signed. As large files are often streamed, the implication is that these should be unsigned, with their authenticity verified by other means.

The pattern used by this library is that release file downloads are not signed, allowing them to be streamed if they are large, with a SHA256 hash being available separately for verification. The response containing the hash is signed, so the hash can be verified as authentic.