From 56e68b3cf5833b405d489bcc12be92da01233e29 Mon Sep 17 00:00:00 2001 From: boasting-squirrel Date: Sat, 13 Apr 2019 21:37:30 +0200 Subject: Made code more idiomatic --- src/main.rs | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'src') diff --git a/src/main.rs b/src/main.rs index fce9cf6..37c68c9 100644 --- a/src/main.rs +++ b/src/main.rs @@ -134,14 +134,14 @@ fn main() { )) .bold() )); - let random_route = miniserve_config.clone().random_route; - if random_route.is_some() { + + if let Some(random_route) = miniserve_config.clone().random_route { addresses.push_str(&format!( "{}", Color::Green .paint(format!( "/{random_route}", - random_route = random_route.unwrap(), + random_route = random_route, )) .bold() )); -- cgit v1.2.3 From d94f67e0c87b07bd747f357983253eee5c4a81b5 Mon Sep 17 00:00:00 2001 From: boasting-squirrel Date: Sat, 13 Apr 2019 21:44:17 +0200 Subject: Fixed auth check --- src/args.rs | 23 +++++++++++++++++------ src/auth.rs | 19 +++++++------------ 2 files changed, 24 insertions(+), 18 deletions(-) (limited to 'src') diff --git a/src/args.rs b/src/args.rs index 516e0b6..d1250c0 100644 --- a/src/args.rs +++ b/src/args.rs @@ -77,13 +77,24 @@ fn parse_interface(src: &str) -> Result { /// Checks wether the auth string is valid, i.e. it follows the syntax username:password fn parse_auth(src: &str) -> Result<(String, String), String> { - match src.find(':') { - Some(_) => { - let split = src.split(':').collect::>(); - Ok((split[0].to_owned(), split[1].to_owned())) - } - None => Err("Correct format is username:password".to_owned()), + let mut split = src.splitn(2, ':'); + + let username = match split.next() { + Some(username) => username, + None => return Err("Invalid credentials string, expected format is username:password".to_owned()) + }; + + let password = match split.next() { + Some(password) => password, + None => return Err("Invalid credentials string, expected format is username:password".to_owned()) + }; + // Should we allow empty passwords ? + + if username.len() > 255 { + return Err("Username length cannot exceed 255 characters".to_owned()); } + + Ok((username.to_owned(), password.to_owned())) } /// Parses the command line arguments diff --git a/src/auth.rs b/src/auth.rs index e8600fb..10e7a4a 100644 --- a/src/auth.rs +++ b/src/auth.rs @@ -7,7 +7,6 @@ pub struct Auth; /// HTTP Basic authentication errors pub enum BasicAuthError { Base64DecodeError, - InvalidUsernameFormat, } #[derive(Clone, Debug)] @@ -24,13 +23,14 @@ pub fn parse_basic_auth( let basic_removed = authorization_header.to_str().unwrap().replace("Basic ", ""); let decoded = base64::decode(&basic_removed).map_err(|_| BasicAuthError::Base64DecodeError)?; let decoded_str = String::from_utf8_lossy(&decoded); - let strings: Vec<&str> = decoded_str.splitn(2, ':').collect(); - if strings.len() != 2 { - return Err(BasicAuthError::InvalidUsernameFormat); - } + let credentials: Vec<&str> = decoded_str.splitn(2, ':').collect(); + + // If argument parsing went fine, it means the HTTP credentials string is well formatted + // So we can safely unpack the username and the password + Ok(BasicAuthParams { - username: strings[0].to_owned(), - password: strings[1].to_owned(), + username: credentials[0].to_owned(), + password: credentials[1].to_owned(), }) } @@ -50,11 +50,6 @@ impl Middleware for Auth { auth_headers.to_str().unwrap() )))); } - Err(BasicAuthError::InvalidUsernameFormat) => { - return Ok(Response::Done( - HttpResponse::BadRequest().body("Invalid basic auth format"), - )); - } }; if auth_req.username != required_auth.username || auth_req.password != required_auth.password -- cgit v1.2.3 From e900dba1aaf8f169b91f2b3c5abc711109e25e35 Mon Sep 17 00:00:00 2001 From: boasting-squirrel Date: Sat, 13 Apr 2019 21:44:45 +0200 Subject: Cargo fmt --- src/args.rs | 12 ++++++++++-- src/main.rs | 5 +---- 2 files changed, 11 insertions(+), 6 deletions(-) (limited to 'src') diff --git a/src/args.rs b/src/args.rs index d1250c0..f858308 100644 --- a/src/args.rs +++ b/src/args.rs @@ -81,12 +81,20 @@ fn parse_auth(src: &str) -> Result<(String, String), String> { let username = match split.next() { Some(username) => username, - None => return Err("Invalid credentials string, expected format is username:password".to_owned()) + None => { + return Err( + "Invalid credentials string, expected format is username:password".to_owned(), + ) + } }; let password = match split.next() { Some(password) => password, - None => return Err("Invalid credentials string, expected format is username:password".to_owned()) + None => { + return Err( + "Invalid credentials string, expected format is username:password".to_owned(), + ) + } }; // Should we allow empty passwords ? diff --git a/src/main.rs b/src/main.rs index 37c68c9..2a43780 100644 --- a/src/main.rs +++ b/src/main.rs @@ -139,10 +139,7 @@ fn main() { addresses.push_str(&format!( "{}", Color::Green - .paint(format!( - "/{random_route}", - random_route = random_route, - )) + .paint(format!("/{random_route}", random_route = random_route,)) .bold() )); } -- cgit v1.2.3 From 0991f5c5007c440898ffe0f2b0c7cfc0f931c497 Mon Sep 17 00:00:00 2001 From: boastful-squirrel Date: Mon, 15 Apr 2019 18:48:32 +0200 Subject: Fix parse_auth to make it RFC-compliant + updated comments --- src/args.rs | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'src') diff --git a/src/args.rs b/src/args.rs index f858308..5a0b5db 100644 --- a/src/args.rs +++ b/src/args.rs @@ -89,6 +89,7 @@ fn parse_auth(src: &str) -> Result<(String, String), String> { }; let password = match split.next() { + // This allows empty passwords, as the spec does not forbid it Some(password) => password, None => { return Err( @@ -96,10 +97,12 @@ fn parse_auth(src: &str) -> Result<(String, String), String> { ) } }; - // Should we allow empty passwords ? - if username.len() > 255 { - return Err("Username length cannot exceed 255 characters".to_owned()); + // To make it Windows-compatible,the password needs to be shorter than 255 characters. + // After 255 characters, Windows will truncate the value. + // As for the username, the spec does not mention a limit in length + if password.len() > 255 { + return Err("Password length cannot exceed 255 characters".to_owned()); } Ok((username.to_owned(), password.to_owned())) -- cgit v1.2.3 From 25cdd8d5f98f92e5b80d2611731b3403c30da7bb Mon Sep 17 00:00:00 2001 From: boastful-squirrel Date: Mon, 15 Apr 2019 18:54:00 +0200 Subject: Fix typo in comment --- src/args.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src') diff --git a/src/args.rs b/src/args.rs index 5a0b5db..825a4ac 100644 --- a/src/args.rs +++ b/src/args.rs @@ -98,7 +98,7 @@ fn parse_auth(src: &str) -> Result<(String, String), String> { } }; - // To make it Windows-compatible,the password needs to be shorter than 255 characters. + // To make it Windows-compatible, the password needs to be shorter than 255 characters. // After 255 characters, Windows will truncate the value. // As for the username, the spec does not mention a limit in length if password.len() > 255 { -- cgit v1.2.3