Compare commits

..

No commits in common. "deb3415c30df38df72f46c2250d46fdeb2199384" and "2c1c19690f7be12fb1257ea9dfe18672aa98a28e" have entirely different histories.

3 changed files with 45 additions and 180 deletions

View File

@ -6,6 +6,9 @@ use std::{convert::Infallible, str::FromStr};
use thiserror::Error;
use uuid::{adapter::Hyphenated, Uuid};
#[cfg(test)]
use crate::errors::maybe_fail;
#[derive(Debug, Error, PartialEq)]
pub enum AuthenticationError {
#[error("username already exists")]
@ -141,7 +144,7 @@ impl FromSql for Username {
pub trait AuthenticationDB: Send + Sync {
fn create_user(&mut self, username: Username) -> AppResult<UserId, AuthenticationError>;
fn create_invitation(&mut self, user: &UserId) -> AppResult<Invitation, AuthenticationError>;
fn create_invitation(&mut self, user: UserId) -> AppResult<Invitation, AuthenticationError>;
fn authenticate(
&mut self,
@ -176,9 +179,8 @@ pub struct MemoryAuth {
impl AuthenticationDB for MemoryAuth {
fn create_user(&mut self, username: Username) -> AppResult<UserId, AuthenticationError> {
if self.users.contains_key(&username) {
return Ok(Err(AuthenticationError::DuplicateUsername));
}
#[cfg(test)]
let _ = maybe_fail::<AuthenticationError>(vec![])?;
let userid = UserId::from(format!("{}", Hyphenated::from_uuid(Uuid::new_v4())).as_str());
self.users.insert(username.clone(), userid.clone());
@ -187,14 +189,17 @@ impl AuthenticationDB for MemoryAuth {
ok(userid)
}
fn create_invitation(&mut self, user: &UserId) -> AppResult<Invitation, AuthenticationError> {
fn create_invitation(&mut self, user: UserId) -> AppResult<Invitation, AuthenticationError> {
#[cfg(test)]
let _ = maybe_fail::<AuthenticationError>(vec![])?;
if !self.inverse_users.contains_key(&user) {
return error::<Invitation, AuthenticationError>(AuthenticationError::UserNotFound);
}
let invitation =
Invitation::from(format!("{}", Hyphenated::from_uuid(Uuid::new_v4())).as_str());
self.invitations.insert(invitation.clone(), user.clone());
self.invitations.insert(invitation.clone(), user);
ok(invitation)
}
@ -202,6 +207,9 @@ impl AuthenticationDB for MemoryAuth {
&mut self,
invitation: Invitation,
) -> AppResult<SessionToken, AuthenticationError> {
#[cfg(test)]
let _ = maybe_fail::<AuthenticationError>(vec![])?;
if let Some(user) = self.invitations.get(&invitation) {
let session_token =
SessionToken::from(format!("{}", Hyphenated::from_uuid(Uuid::new_v4())).as_str());
@ -214,6 +222,9 @@ impl AuthenticationDB for MemoryAuth {
}
fn delete_session(&mut self, session: SessionToken) -> AppResult<(), AuthenticationError> {
#[cfg(test)]
let _ = maybe_fail::<AuthenticationError>(vec![])?;
if let Some(_) = self.sessions.remove(&session) {
ok(())
} else {
@ -222,6 +233,9 @@ impl AuthenticationDB for MemoryAuth {
}
fn delete_invitation(&mut self, invitation: Invitation) -> AppResult<(), AuthenticationError> {
#[cfg(test)]
let _ = maybe_fail::<AuthenticationError>(vec![])?;
if let Some(_) = self.invitations.remove(&invitation) {
ok(())
} else {
@ -230,6 +244,9 @@ impl AuthenticationDB for MemoryAuth {
}
fn delete_user(&mut self, user: UserId) -> AppResult<(), AuthenticationError> {
#[cfg(test)]
let _ = maybe_fail::<AuthenticationError>(vec![])?;
if let Some(username) = self.inverse_users.remove(&user) {
let _ = self.users.remove(&username);
self.invitations = self
@ -289,11 +306,10 @@ impl AuthenticationDB for MemoryAuth {
#[cfg(test)]
mod test {
use super::*;
use std::panic;
fn with_memory_db<F>(test: F)
where
F: Fn(Box<dyn AuthenticationDB>) -> () + panic::UnwindSafe,
F: Fn(Box<dyn AuthenticationDB>),
{
let authdb: Box<MemoryAuth> = Box::new(Default::default());
test(authdb);
@ -311,7 +327,6 @@ mod test {
assert_eq!(authdb.get_username(&userid).unwrap(), Ok(username));
assert!(authdb.list_users().unwrap().unwrap().contains(&userid));
}
with_memory_db(test_case);
}
@ -331,197 +346,43 @@ mod test {
with_memory_db(test_case);
}
#[test]
fn it_exchanges_an_invitation_for_a_session() {
fn test_case(mut authdb: Box<dyn AuthenticationDB>) {
let username = Username::from("shephard");
let userid = authdb
.create_user(username.clone())
.expect("no fatal errors")
.expect("user to be created");
let invitation = authdb
.create_invitation(&userid)
.expect("no fatal errors")
.expect("invitation to be created");
let _ = authdb
.authenticate(invitation)
.expect("no fatal errors")
.expect("to receive a session token");
}
with_memory_db(test_case);
}
#[test]
fn it_identifies_a_user_by_session() {
fn test_case(mut authdb: Box<dyn AuthenticationDB>) {
let shephard = Username::from("shephard");
let garrus = Username::from("garrus");
let (shephard_session, shephard_id) = {
let userid = authdb.create_user(shephard.clone()).unwrap().unwrap();
let invitation = authdb.create_invitation(&userid).unwrap().unwrap();
(authdb.authenticate(invitation).unwrap().unwrap(), userid)
};
let (garrus_session, garrus_id) = {
let userid = authdb.create_user(garrus.clone()).unwrap().unwrap();
let invitation = authdb.create_invitation(&userid).unwrap().unwrap();
(authdb.authenticate(invitation).unwrap().unwrap(), userid)
};
assert_eq!(
authdb.validate_session(shephard_session).unwrap().unwrap(),
(shephard, shephard_id)
);
assert_eq!(
authdb.validate_session(garrus_session).unwrap().unwrap(),
(garrus, garrus_id)
);
}
with_memory_db(test_case);
}
#[test]
fn it_allows_multiple_invitations_per_user() {
fn test_case(mut authdb: Box<dyn AuthenticationDB>) {
let username = Username::from("shephard");
let userid = authdb.create_user(username).unwrap().unwrap();
let invite1 = authdb.create_invitation(&userid).unwrap().unwrap();
let invite2 = authdb.create_invitation(&userid).unwrap().unwrap();
unimplemented!()
}
assert_ne!(invite1, invite2);
authdb.authenticate(invite1).unwrap().unwrap();
authdb.authenticate(invite2).unwrap().unwrap();
}
with_memory_db(test_case);
#[test]
fn it_exchanges_an_invitation_for_a_session() {
unimplemented!()
}
#[test]
fn it_allows_multiple_sessions_per_user() {
fn test_case(mut authdb: Box<dyn AuthenticationDB>) {
let username = Username::from("shephard");
let userid = authdb.create_user(username.clone()).unwrap().unwrap();
let invite1 = authdb.create_invitation(&userid).unwrap().unwrap();
let invite2 = authdb.create_invitation(&userid).unwrap().unwrap();
assert_ne!(invite1, invite2);
let session1 = authdb.authenticate(invite1).unwrap().unwrap();
let session2 = authdb.authenticate(invite2).unwrap().unwrap();
assert_ne!(session1, session2);
assert_eq!(
authdb.validate_session(session1).unwrap().unwrap(),
(username.clone(), userid.clone())
);
assert_eq!(
authdb.validate_session(session2).unwrap().unwrap(),
(username, userid)
);
}
with_memory_db(test_case);
unimplemented!()
}
#[test]
fn it_disallows_invitation_reuse() {
fn test_case(mut authdb: Box<dyn AuthenticationDB>) {
let username = Username::from("shephard");
let userid = authdb
.create_user(username.clone())
.expect("no fatal errors")
.expect("user to be created");
let invitation = authdb
.create_invitation(&userid)
.expect("no fatal errors")
.expect("invitation to be created");
let _ = authdb
.authenticate(invitation.clone())
.expect("no fatal errors")
.expect("to receive a session token");
let reuse_result = authdb.authenticate(invitation).expect("no fatal errors");
assert_eq!(reuse_result, Err(AuthenticationError::InvalidInvitation));
}
with_memory_db(test_case);
unimplemented!()
}
#[test]
fn it_identifies_a_user_by_session() {
unimplemented!()
}
#[test]
fn it_deletes_a_user_and_invalidates_tokens() {
fn test_case(mut authdb: Box<dyn AuthenticationDB>) {
let shephard = Username::from("shephard");
let garrus = Username::from("garrus");
let (shephard_session, shephard_id) = {
let userid = authdb.create_user(shephard.clone()).unwrap().unwrap();
let invitation = authdb.create_invitation(&userid).unwrap().unwrap();
(authdb.authenticate(invitation).unwrap().unwrap(), userid)
};
let (garrus_invitation, garrus_id) = {
let userid = authdb.create_user(garrus.clone()).unwrap().unwrap();
(authdb.create_invitation(&userid).unwrap().unwrap(), userid)
};
authdb.delete_user(shephard_id).unwrap().unwrap();
assert_eq!(
authdb.validate_session(shephard_session).unwrap(),
Err(AuthenticationError::InvalidSession)
);
authdb.delete_user(garrus_id).unwrap().unwrap();
assert_eq!(
authdb.authenticate(garrus_invitation).unwrap(),
Err(AuthenticationError::InvalidInvitation)
);
}
with_memory_db(test_case);
unimplemented!()
}
#[test]
fn it_deletes_a_session() {
fn test_case(mut authdb: Box<dyn AuthenticationDB>) {
let username = Username::from("shephard");
let userid = authdb
.create_user(username.clone())
.expect("no fatal errors")
.expect("user to be created");
let invitation = authdb
.create_invitation(&userid)
.expect("no fatal errors")
.expect("invitation to be created");
let session = authdb.authenticate(invitation).unwrap().unwrap();
authdb.delete_session(session.clone()).unwrap().unwrap();
assert_eq!(
authdb.validate_session(session).unwrap(),
Err(AuthenticationError::InvalidSession)
);
}
with_memory_db(test_case);
unimplemented!()
}
#[test]
fn it_deletes_an_invitation() {
fn test_case(mut authdb: Box<dyn AuthenticationDB>) {
let username = Username::from("shephard");
let userid = authdb
.create_user(username.clone())
.expect("no fatal errors")
.expect("user to be created");
let invitation = authdb
.create_invitation(&userid)
.expect("no fatal errors")
.expect("invitation to be created");
authdb
.delete_invitation(invitation.clone())
.unwrap()
.unwrap();
assert_eq!(
authdb.authenticate(invitation).unwrap(),
Err(AuthenticationError::InvalidInvitation)
);
}
with_memory_db(test_case);
unimplemented!()
}
}

View File

@ -26,3 +26,8 @@ pub fn error<A, E>(err: E) -> AppResult<A, E> {
pub fn fatal<A, E>(err: FatalError) -> AppResult<A, E> {
Err(err)
}
#[cfg(test)]
pub fn maybe_fail<E>(possible_errors: Vec<E>) -> AppResult<(), E> {
ok(())
}

View File

@ -87,7 +87,6 @@ struct MakeInvitationResponse {
invitation: Invitation,
}
/*
fn make_invitation(
auth_ctx: Arc<RwLock<impl AuthenticationDB>>,
) -> impl Filter<Extract = impl warp::Reply, Error = warp::Rejection> + Clone {
@ -105,7 +104,6 @@ fn make_invitation(
}
})
}
*/
#[derive(Deserialize)]
struct AuthenticateParams {
@ -193,6 +191,7 @@ pub async fn main() {
.or(echo_unauthenticated);
*/
let filter = make_user(auth_ctx.clone())
.or(make_invitation(auth_ctx.clone()))
.or(authenticate(auth_ctx.clone()))
.or(echo_authenticated)
.or(echo_unauthenticated);