diff options
| author | metamuffin <metamuffin@disroot.org> | 2024-05-30 00:09:11 +0200 |
|---|---|---|
| committer | metamuffin <metamuffin@disroot.org> | 2024-05-30 00:09:11 +0200 |
| commit | 532cc431d1c5ca1ffcf429a4ccb94edc7848fe7a (patch) | |
| tree | c4422c4d54e01f63bae391cd95788cad74f59fbb /src/filters/auth/basic.rs | |
| parent | 8b39940a58c28bc1bbe291eb5229e9ce1444e33c (diff) | |
| download | gnix-532cc431d1c5ca1ffcf429a4ccb94edc7848fe7a.tar gnix-532cc431d1c5ca1ffcf429a4ccb94edc7848fe7a.tar.bz2 gnix-532cc431d1c5ca1ffcf429a4ccb94edc7848fe7a.tar.zst | |
rename filters dir
Diffstat (limited to 'src/filters/auth/basic.rs')
| -rw-r--r-- | src/filters/auth/basic.rs | 68 |
1 files changed, 0 insertions, 68 deletions
diff --git a/src/filters/auth/basic.rs b/src/filters/auth/basic.rs deleted file mode 100644 index a7a74c8..0000000 --- a/src/filters/auth/basic.rs +++ /dev/null @@ -1,68 +0,0 @@ -use crate::{ - config::DynNode, - error::ServiceError, - filters::{Node, NodeContext, NodeKind, NodeRequest, NodeResponse}, -}; -use base64::Engine; -use futures::Future; -use http_body_util::{combinators::BoxBody, BodyExt}; -use hyper::{ - header::{HeaderValue, AUTHORIZATION, WWW_AUTHENTICATE}, - Response, StatusCode, -}; -use log::debug; -use serde::Deserialize; -use serde_yaml::Value; -use std::{collections::HashSet, pin::Pin, sync::Arc}; - -pub struct HttpBasicAuthKind; -impl NodeKind for HttpBasicAuthKind { - fn name(&self) -> &'static str { - "http_basic_auth" - } - fn instanciate(&self, config: Value) -> anyhow::Result<Arc<dyn Node>> { - Ok(Arc::new(serde_yaml::from_value::<HttpBasicAuth>(config)?)) - } -} - -#[derive(Deserialize)] -pub struct HttpBasicAuth { - realm: String, - valid: HashSet<String>, - next: DynNode, -} - -impl Node for HttpBasicAuth { - fn handle<'a>( - &'a self, - context: &'a mut NodeContext, - request: NodeRequest, - ) -> Pin<Box<dyn Future<Output = Result<NodeResponse, ServiceError>> + Send + Sync + 'a>> { - Box::pin(async move { - if let Some(auth) = request.headers().get(AUTHORIZATION) { - let k = auth - .as_bytes() - .strip_prefix(b"Basic ") - .ok_or(ServiceError::BadAuth)?; - let k = base64::engine::general_purpose::STANDARD.decode(k)?; - let k = String::from_utf8(k)?; - if self.valid.contains(&k) { - debug!("valid auth"); - return self.next.handle(context, request).await; - } else { - debug!("invalid auth"); - } - } - debug!("unauthorized; sending auth challenge"); - let mut r = Response::new(BoxBody::<_, ServiceError>::new( - String::new().map_err(|_| unreachable!()), - )); - *r.status_mut() = StatusCode::UNAUTHORIZED; - r.headers_mut().insert( - WWW_AUTHENTICATE, - HeaderValue::from_str(&format!("Basic realm=\"{}\"", self.realm)).unwrap(), - ); - Ok(r) - }) - } -} |