reqsign_core/
signer.rs

1// Licensed to the Apache Software Foundation (ASF) under one
2// or more contributor license agreements.  See the NOTICE file
3// distributed with this work for additional information
4// regarding copyright ownership.  The ASF licenses this file
5// to you under the Apache License, Version 2.0 (the
6// "License"); you may not use this file except in compliance
7// with the License.  You may obtain a copy of the License at
8//
9//   http://www.apache.org/licenses/LICENSE-2.0
10//
11// Unless required by applicable law or agreed to in writing,
12// software distributed under the License is distributed on an
13// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
14// KIND, either express or implied.  See the License for the
15// specific language governing permissions and limitations
16// under the License.
17
18use crate::Context;
19use crate::Error;
20use crate::ProvideCredential;
21use crate::ProvideCredentialDyn;
22use crate::Result;
23use crate::SignRequest;
24use crate::SignRequestDyn;
25use crate::SigningCredential;
26use std::any::type_name;
27use std::sync::{Arc, Mutex};
28use std::time::Duration;
29
30/// Signer is the main struct used to sign the request.
31#[derive(Clone, Debug)]
32pub struct Signer<K: SigningCredential> {
33    ctx: Context,
34    loader: Arc<dyn ProvideCredentialDyn<Credential = K>>,
35    builder: Arc<dyn SignRequestDyn<Credential = K>>,
36    credential: Arc<Mutex<Option<K>>>,
37}
38
39impl<K: SigningCredential> Signer<K> {
40    /// Create a new signer.
41    pub fn new(
42        ctx: Context,
43        loader: impl ProvideCredential<Credential = K>,
44        builder: impl SignRequest<Credential = K>,
45    ) -> Self {
46        Self {
47            ctx,
48
49            loader: Arc::new(loader),
50            builder: Arc::new(builder),
51            credential: Arc::new(Mutex::new(None)),
52        }
53    }
54
55    /// Replace the context while keeping credential provider and request signer.
56    pub fn with_context(mut self, ctx: Context) -> Self {
57        self.ctx = ctx;
58        self
59    }
60
61    /// Replace the credential provider while keeping context and request signer.
62    pub fn with_credential_provider(
63        mut self,
64        provider: impl ProvideCredential<Credential = K>,
65    ) -> Self {
66        self.loader = Arc::new(provider);
67        self.credential = Arc::new(Mutex::new(None)); // Clear cached credential
68        self
69    }
70
71    /// Replace the request signer while keeping context and credential provider.
72    pub fn with_request_signer(mut self, signer: impl SignRequest<Credential = K>) -> Self {
73        self.builder = Arc::new(signer);
74        self
75    }
76
77    /// Signing request.
78    pub async fn sign(
79        &self,
80        req: &mut http::request::Parts,
81        expires_in: Option<Duration>,
82    ) -> Result<()> {
83        let credential = self.credential.lock().expect("lock poisoned").clone();
84        let credential = if credential.is_valid() {
85            credential
86        } else {
87            let ctx = self.loader.provide_credential_dyn(&self.ctx).await?;
88            *self.credential.lock().expect("lock poisoned") = ctx.clone();
89            ctx
90        };
91
92        let credential_ref = credential.as_ref().ok_or_else(|| {
93            Error::credential_invalid("failed to load signing credential")
94                .with_context(format!("credential_type: {}", type_name::<K>()))
95        })?;
96
97        self.builder
98            .sign_request_dyn(&self.ctx, req, Some(credential_ref), expires_in)
99            .await
100    }
101}
reqsign_core/signer.rs

reqsign_core/
signer.rs
