From 8440d59dd69594d8f09e640a02f0494544385d61 Mon Sep 17 00:00:00 2001 From: boastful-squirrel Date: Fri, 26 Apr 2019 19:05:59 +0200 Subject: Cargo fmt --- src/auth.rs | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'src/auth.rs') diff --git a/src/auth.rs b/src/auth.rs index e75f498..d8de30e 100644 --- a/src/auth.rs +++ b/src/auth.rs @@ -165,13 +165,18 @@ mod tests { } #[rstest_parametrize( - should_pass, param_username, param_password, required_username, required_password, encrypt, + should_pass, + param_username, + param_password, + required_username, + required_password, + encrypt, case(true, "obi", "hello there", "obi", "hello there", "plain"), case(false, "obi", "hello there", "obi", "hi!", "plain"), case(true, "obi", "hello there", "obi", "hello there", "sha256"), case(false, "obi", "hello there", "obi", "hi!", "sha256"), case(true, "obi", "hello there", "obi", "hello there", "sha512"), - case(false, "obi", "hello there", "obi", "hi!", "sha512"), + case(false, "obi", "hello there", "obi", "hi!", "sha512") )] fn test_auth( should_pass: bool, -- cgit v1.2.3 From c2ce5295eb27610734ed539d47979c7bc0f0953b Mon Sep 17 00:00:00 2001 From: boastful-squirrel Date: Sat, 27 Apr 2019 12:31:14 +0200 Subject: Fixed test + fixed clippy warning --- src/auth.rs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'src/auth.rs') diff --git a/src/auth.rs b/src/auth.rs index d8de30e..a42bb53 100644 --- a/src/auth.rs +++ b/src/auth.rs @@ -75,8 +75,8 @@ pub fn match_auth(basic_auth: BasicAuthParams, required_auth: &RequiredAuth) -> } /// Return `true` if hashing of `password` by `T` algorithm equals to `hash` -pub fn compare_hash(password: String, hash: &Vec) -> bool { - get_hash::(password) == *hash +pub fn compare_hash(password: String, hash: &[u8]) -> bool { + get_hash::(password) == hash } /// Get hash of a `text` -- cgit v1.2.3 From f53a09b8d79c85b86b161c1ec7ca6f7cff5e169f Mon Sep 17 00:00:00 2001 From: boastful-squirrel Date: Wed, 1 May 2019 13:17:13 +0200 Subject: Display HTTP authentication errors --- src/auth.rs | 43 ++++++++++++++++++++++++++++++++++++++----- 1 file changed, 38 insertions(+), 5 deletions(-) (limited to 'src/auth.rs') diff --git a/src/auth.rs b/src/auth.rs index c786d4b..b5a9867 100644 --- a/src/auth.rs +++ b/src/auth.rs @@ -3,7 +3,8 @@ use actix_web::middleware::{Middleware, Response}; use actix_web::{HttpRequest, HttpResponse, Result}; use sha2::{Digest, Sha256, Sha512}; -use crate::errors::ContextualError; +use crate::errors::{self, ContextualError}; +use crate::renderer; pub struct Auth; @@ -96,13 +97,19 @@ impl Middleware for Auth { Err(err) => { let auth_err = ContextualError::HTTPAuthenticationError(Box::new(err)); return Ok(Response::Done( - HttpResponse::BadRequest().body(auth_err.to_string()), + HttpResponse::BadRequest() + .body(build_unauthorized_response(&req, auth_err, true)), )); } }; if !match_auth(auth_req, required_auth) { - let new_resp = HttpResponse::Unauthorized().finish(); - return Ok(Response::Done(new_resp)); + return Ok(Response::Done(HttpResponse::Unauthorized().body( + build_unauthorized_response( + &req, + ContextualError::InvalidHTTPCredentials, + true, + ), + ))); } } else { let new_resp = HttpResponse::Unauthorized() @@ -110,7 +117,11 @@ impl Middleware for Auth { header::WWW_AUTHENTICATE, header::HeaderValue::from_static("Basic realm=\"miniserve\""), ) - .finish(); + .body(build_unauthorized_response( + &req, + ContextualError::InvalidHTTPCredentials, + false, + )); return Ok(Response::Done(new_resp)); } } @@ -118,6 +129,28 @@ impl Middleware for Auth { } } +fn build_unauthorized_response( + req: &HttpRequest, + error: ContextualError, + log_error_chain: bool, +) -> String { + let error = ContextualError::HTTPAuthenticationError(Box::new(error)); + + if log_error_chain { + errors::log_error_chain(error.to_string()); + } + renderer::render_error( + &error.to_string(), + req.path(), + None, + None, + req.state().default_color_scheme, + req.state().default_color_scheme, + false, + ) + .into_string() +} + #[cfg(test)] mod tests { use super::*; -- cgit v1.2.3 From 5c5b0c75509364f64c9af48595fc2dc95b0ba849 Mon Sep 17 00:00:00 2001 From: boastful-squirrel Date: Wed, 1 May 2019 17:08:15 +0200 Subject: Added doc --- src/auth.rs | 3 +++ 1 file changed, 3 insertions(+) (limited to 'src/auth.rs') diff --git a/src/auth.rs b/src/auth.rs index b5a9867..23ea668 100644 --- a/src/auth.rs +++ b/src/auth.rs @@ -129,6 +129,9 @@ impl Middleware for Auth { } } +/// Builds the unauthorized response body +/// The reason why log_error_chain is optional is to handle cases where the auth pop-up appears and when the user clicks Cancel. +/// In those case, we do not log the error to the terminal since it does not really matter. fn build_unauthorized_response( req: &HttpRequest, error: ContextualError, -- cgit v1.2.3 From 506a95319c35c5d744ca29726bafe2bff1b70221 Mon Sep 17 00:00:00 2001 From: boastful-squirrel Date: Wed, 1 May 2019 17:54:28 +0200 Subject: Fix return link when random_route is set --- src/auth.rs | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'src/auth.rs') diff --git a/src/auth.rs b/src/auth.rs index 23ea668..889498e 100644 --- a/src/auth.rs +++ b/src/auth.rs @@ -142,9 +142,14 @@ fn build_unauthorized_response( if log_error_chain { errors::log_error_chain(error.to_string()); } + let return_path = match &req.state().random_route { + Some(random_route) => format!("/{}", random_route), + None => req.path().to_string(), + }; + renderer::render_error( &error.to_string(), - req.path(), + &return_path, None, None, req.state().default_color_scheme, -- cgit v1.2.3 From fa0c2865366b1bb65a2977c4b9608c9a92fc5889 Mon Sep 17 00:00:00 2001 From: boastful-squirrel Date: Wed, 1 May 2019 18:23:29 +0200 Subject: Use HTTP StatusCode for error title --- src/auth.rs | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'src/auth.rs') diff --git a/src/auth.rs b/src/auth.rs index 889498e..dbb501d 100644 --- a/src/auth.rs +++ b/src/auth.rs @@ -1,4 +1,4 @@ -use actix_web::http::header; +use actix_web::http::{header, StatusCode}; use actix_web::middleware::{Middleware, Response}; use actix_web::{HttpRequest, HttpResponse, Result}; use sha2::{Digest, Sha256, Sha512}; @@ -98,7 +98,7 @@ impl Middleware for Auth { let auth_err = ContextualError::HTTPAuthenticationError(Box::new(err)); return Ok(Response::Done( HttpResponse::BadRequest() - .body(build_unauthorized_response(&req, auth_err, true)), + .body(build_unauthorized_response(&req, auth_err, true, StatusCode::BAD_REQUEST)), )); } }; @@ -108,6 +108,7 @@ impl Middleware for Auth { &req, ContextualError::InvalidHTTPCredentials, true, + StatusCode::UNAUTHORIZED, ), ))); } @@ -121,6 +122,7 @@ impl Middleware for Auth { &req, ContextualError::InvalidHTTPCredentials, false, + StatusCode::UNAUTHORIZED, )); return Ok(Response::Done(new_resp)); } @@ -136,6 +138,7 @@ fn build_unauthorized_response( req: &HttpRequest, error: ContextualError, log_error_chain: bool, + error_code: StatusCode, ) -> String { let error = ContextualError::HTTPAuthenticationError(Box::new(error)); @@ -149,6 +152,7 @@ fn build_unauthorized_response( renderer::render_error( &error.to_string(), + error_code, &return_path, None, None, -- cgit v1.2.3 From 07870487c4ffb11865d7485c8fc826c1247fac34 Mon Sep 17 00:00:00 2001 From: boastful-squirrel Date: Wed, 1 May 2019 18:29:16 +0200 Subject: Return to root when auth succeeds --- src/auth.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/auth.rs') diff --git a/src/auth.rs b/src/auth.rs index dbb501d..faf967c 100644 --- a/src/auth.rs +++ b/src/auth.rs @@ -147,7 +147,7 @@ fn build_unauthorized_response( } let return_path = match &req.state().random_route { Some(random_route) => format!("/{}", random_route), - None => req.path().to_string(), + None => "/".to_string(), }; renderer::render_error( -- cgit v1.2.3 From 2011cdc6f140122735d2ec0b67cf70776588067c Mon Sep 17 00:00:00 2001 From: boastful-squirrel Date: Thu, 2 May 2019 07:23:18 +0200 Subject: Added rustfmt_skip directive on tests --- src/auth.rs | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) (limited to 'src/auth.rs') diff --git a/src/auth.rs b/src/auth.rs index faf967c..502c9cb 100644 --- a/src/auth.rs +++ b/src/auth.rs @@ -163,6 +163,7 @@ fn build_unauthorized_response( .into_string() } +#[cfg_attr(rustfmt, rustfmt_skip)] #[cfg(test)] mod tests { use super::*; @@ -205,12 +206,7 @@ mod tests { } #[rstest_parametrize( - should_pass, - param_username, - param_password, - required_username, - required_password, - encrypt, + should_pass, param_username, param_password, required_username, required_password, encrypt, case(true, "obi", "hello there", "obi", "hello there", "plain"), case(false, "obi", "hello there", "obi", "hi!", "plain"), case(true, "obi", "hello there", "obi", "hello there", "sha256"), -- cgit v1.2.3 From 321b0ce7a693780830780f19de1cdec31657d2db Mon Sep 17 00:00:00 2001 From: boastful-squirrel Date: Thu, 2 May 2019 07:23:38 +0200 Subject: Cargo fmt --- src/auth.rs | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) (limited to 'src/auth.rs') diff --git a/src/auth.rs b/src/auth.rs index 502c9cb..3989ab4 100644 --- a/src/auth.rs +++ b/src/auth.rs @@ -96,10 +96,14 @@ impl Middleware for Auth { Ok(auth_req) => auth_req, Err(err) => { let auth_err = ContextualError::HTTPAuthenticationError(Box::new(err)); - return Ok(Response::Done( - HttpResponse::BadRequest() - .body(build_unauthorized_response(&req, auth_err, true, StatusCode::BAD_REQUEST)), - )); + return Ok(Response::Done(HttpResponse::BadRequest().body( + build_unauthorized_response( + &req, + auth_err, + true, + StatusCode::BAD_REQUEST, + ), + ))); } }; if !match_auth(auth_req, required_auth) { -- cgit v1.2.3 From dd8d11c698435217c370b940b41d060a614892c1 Mon Sep 17 00:00:00 2001 From: boastful-squirrel Date: Thu, 2 May 2019 21:36:47 +0200 Subject: Read query params to handle error back link --- src/auth.rs | 1 + 1 file changed, 1 insertion(+) (limited to 'src/auth.rs') diff --git a/src/auth.rs b/src/auth.rs index 3989ab4..c3cbd54 100644 --- a/src/auth.rs +++ b/src/auth.rs @@ -163,6 +163,7 @@ fn build_unauthorized_response( req.state().default_color_scheme, req.state().default_color_scheme, false, + false, ) .into_string() } -- cgit v1.2.3 From a73a74283f64986ff6a0b6da4c234a828bc52522 Mon Sep 17 00:00:00 2001 From: boastful-squirrel Date: Fri, 3 May 2019 19:32:51 +0200 Subject: Return QueryParameters struct instead of tuple --- src/auth.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/auth.rs') diff --git a/src/auth.rs b/src/auth.rs index c3cbd54..f2e5fcf 100644 --- a/src/auth.rs +++ b/src/auth.rs @@ -168,7 +168,7 @@ fn build_unauthorized_response( .into_string() } -#[cfg_attr(rustfmt, rustfmt_skip)] +#[rustfmt::skip] #[cfg(test)] mod tests { use super::*; -- cgit v1.2.3