mirror of
https://github.com/lldap/lldap.git
synced 2026-03-31 15:07:48 +01:00
server: extract opaque_handler to a separate crate
This commit is contained in:
Valentin Tolmer
committed by
nitnelave
nitnelave
parent
dbba4c4e26
commit
a49ddeaa02
@@ -102,6 +102,9 @@ path = "../crates/domain-handlers"
|
||||
[dependencies.lldap_frontend_options]
|
||||
path = "../crates/frontend-options"
|
||||
|
||||
[dependencies.lldap_opaque_handler]
|
||||
path = "../crates/opaque-handler"
|
||||
|
||||
[dependencies.lldap_validation]
|
||||
path = "../crates/validation"
|
||||
|
||||
@@ -182,6 +185,10 @@ features = ["sync", "tls-rustls"]
|
||||
path = "../crates/auth"
|
||||
features = ["test"]
|
||||
|
||||
[dev-dependencies.lldap_opaque_handler]
|
||||
path = "../crates/opaque-handler"
|
||||
features = ["test"]
|
||||
|
||||
[dev-dependencies.reqwest]
|
||||
version = "*"
|
||||
default-features = false
|
||||
|
||||
@@ -1,6 +1,5 @@
|
||||
pub mod deserialize;
|
||||
pub mod ldap;
|
||||
pub mod opaque_handler;
|
||||
pub mod sql_backend_handler;
|
||||
pub mod sql_group_backend_handler;
|
||||
pub mod sql_migrations;
|
||||
|
||||
@@ -1,46 +0,0 @@
|
||||
use async_trait::async_trait;
|
||||
use lldap_domain::types::UserId;
|
||||
use lldap_domain_model::error::Result;
|
||||
|
||||
pub use lldap_auth::{login, registration};
|
||||
|
||||
#[async_trait]
|
||||
pub trait OpaqueHandler: Send + Sync {
|
||||
async fn login_start(
|
||||
&self,
|
||||
request: login::ClientLoginStartRequest,
|
||||
) -> Result<login::ServerLoginStartResponse>;
|
||||
async fn login_finish(&self, request: login::ClientLoginFinishRequest) -> Result<UserId>;
|
||||
async fn registration_start(
|
||||
&self,
|
||||
request: registration::ClientRegistrationStartRequest,
|
||||
) -> Result<registration::ServerRegistrationStartResponse>;
|
||||
async fn registration_finish(
|
||||
&self,
|
||||
request: registration::ClientRegistrationFinishRequest,
|
||||
) -> Result<()>;
|
||||
}
|
||||
|
||||
#[cfg(test)]
|
||||
mockall::mock! {
|
||||
pub TestOpaqueHandler{}
|
||||
impl Clone for TestOpaqueHandler {
|
||||
fn clone(&self) -> Self;
|
||||
}
|
||||
#[async_trait]
|
||||
impl OpaqueHandler for TestOpaqueHandler {
|
||||
async fn login_start(
|
||||
&self,
|
||||
request: login::ClientLoginStartRequest
|
||||
) -> Result<login::ServerLoginStartResponse>;
|
||||
async fn login_finish(&self, request: login::ClientLoginFinishRequest ) -> Result<UserId>;
|
||||
async fn registration_start(
|
||||
&self,
|
||||
request: registration::ClientRegistrationStartRequest
|
||||
) -> Result<registration::ServerRegistrationStartResponse>;
|
||||
async fn registration_finish(
|
||||
&self,
|
||||
request: registration::ClientRegistrationFinishRequest
|
||||
) -> Result<()>;
|
||||
}
|
||||
}
|
||||
@@ -54,7 +54,7 @@ pub mod tests {
|
||||
}
|
||||
|
||||
pub async fn insert_user(handler: &SqlBackendHandler, name: &str, pass: &str) {
|
||||
use crate::domain::opaque_handler::OpaqueHandler;
|
||||
use lldap_opaque_handler::OpaqueHandler;
|
||||
insert_user_no_password(handler, name).await;
|
||||
let mut rng = rand::rngs::OsRng;
|
||||
let client_registration_start =
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
use async_trait::async_trait;
|
||||
use crate::domain::sql_backend_handler::SqlBackendHandler;
|
||||
use async_trait::async_trait;
|
||||
use lldap_access_control::UserReadableBackendHandler;
|
||||
use lldap_domain::{
|
||||
requests::{CreateGroupRequest, UpdateGroupRequest},
|
||||
|
||||
@@ -1,7 +1,4 @@
|
||||
use super::{
|
||||
opaque_handler::{OpaqueHandler, login, registration},
|
||||
sql_backend_handler::SqlBackendHandler,
|
||||
};
|
||||
use crate::domain::sql_backend_handler::SqlBackendHandler;
|
||||
use async_trait::async_trait;
|
||||
use base64::Engine;
|
||||
use lldap_auth::opaque;
|
||||
@@ -11,6 +8,7 @@ use lldap_domain_model::{
|
||||
error::{DomainError, Result},
|
||||
model::{self, UserColumn},
|
||||
};
|
||||
use lldap_opaque_handler::{OpaqueHandler, login, registration};
|
||||
use sea_orm::{ActiveModelTrait, ActiveValue, EntityTrait, QuerySelect};
|
||||
use secstr::SecUtf8;
|
||||
use tracing::{debug, info, instrument, warn};
|
||||
|
||||
@@ -1,9 +1,6 @@
|
||||
use crate::{
|
||||
domain::opaque_handler::OpaqueHandler,
|
||||
infra::{
|
||||
tcp_backend_handler::*,
|
||||
tcp_server::{AppState, TcpError, TcpResult, error_to_http_response},
|
||||
},
|
||||
use crate::infra::{
|
||||
tcp_backend_handler::*,
|
||||
tcp_server::{AppState, TcpError, TcpResult, error_to_http_response},
|
||||
};
|
||||
use actix_web::{
|
||||
HttpRequest, HttpResponse,
|
||||
@@ -28,6 +25,7 @@ use lldap_domain_handlers::handler::{
|
||||
BackendHandler, BindRequest, LoginHandler, UserRequestFilter,
|
||||
};
|
||||
use lldap_domain_model::{error::DomainError, model::UserColumn};
|
||||
use lldap_opaque_handler::OpaqueHandler;
|
||||
use sha2::Sha512;
|
||||
use std::{
|
||||
collections::HashSet,
|
||||
|
||||
@@ -1,11 +1,9 @@
|
||||
use crate::{
|
||||
domain::ldap::{
|
||||
error::{LdapError, LdapResult},
|
||||
utils::{LdapInfo, UserOrGroupName, get_user_or_group_id_from_distinguished_name},
|
||||
},
|
||||
use crate::domain::ldap::{
|
||||
error::{LdapError, LdapResult},
|
||||
utils::{LdapInfo, UserOrGroupName, get_user_or_group_id_from_distinguished_name},
|
||||
};
|
||||
use lldap_access_control::AdminBackendHandler;
|
||||
use ldap3_proto::proto::{LdapOp, LdapResult as LdapResultOp, LdapResultCode};
|
||||
use lldap_access_control::AdminBackendHandler;
|
||||
use lldap_domain::types::{GroupName, UserId};
|
||||
use lldap_domain_handlers::handler::GroupRequestFilter;
|
||||
use lldap_domain_model::error::DomainError;
|
||||
|
||||
@@ -1,10 +1,7 @@
|
||||
use crate::{
|
||||
domain::{
|
||||
ldap::{
|
||||
error::{LdapError, LdapResult},
|
||||
utils::{LdapInfo, parse_distinguished_name},
|
||||
},
|
||||
opaque_handler::OpaqueHandler,
|
||||
domain::ldap::{
|
||||
error::{LdapError, LdapResult},
|
||||
utils::{LdapInfo, parse_distinguished_name},
|
||||
},
|
||||
infra::ldap::{
|
||||
compare, create, delete, modify,
|
||||
@@ -24,6 +21,7 @@ use lldap_access_control::AccessControlledBackendHandler;
|
||||
use lldap_auth::access_control::ValidationResults;
|
||||
use lldap_domain::types::AttributeName;
|
||||
use lldap_domain_handlers::handler::{BackendHandler, LoginHandler};
|
||||
use lldap_opaque_handler::OpaqueHandler;
|
||||
use tracing::{debug, instrument};
|
||||
|
||||
use super::delete::make_del_response;
|
||||
|
||||
@@ -1,10 +1,7 @@
|
||||
use crate::{
|
||||
domain::{
|
||||
ldap::{
|
||||
error::{LdapError, LdapResult},
|
||||
utils::{LdapInfo, get_user_id_from_distinguished_name},
|
||||
},
|
||||
opaque_handler::OpaqueHandler,
|
||||
domain::ldap::{
|
||||
error::{LdapError, LdapResult},
|
||||
utils::{LdapInfo, get_user_id_from_distinguished_name},
|
||||
},
|
||||
infra::ldap::{
|
||||
handler::make_modify_response,
|
||||
@@ -15,6 +12,7 @@ use ldap3_proto::proto::{LdapModify, LdapModifyRequest, LdapModifyType, LdapOp,
|
||||
use lldap_access_control::UserReadableBackendHandler;
|
||||
use lldap_auth::access_control::ValidationResults;
|
||||
use lldap_domain::types::UserId;
|
||||
use lldap_opaque_handler::OpaqueHandler;
|
||||
|
||||
async fn handle_modify_change(
|
||||
opaque_handler: &impl OpaqueHandler,
|
||||
|
||||
@@ -1,23 +1,19 @@
|
||||
use crate::{
|
||||
domain::{
|
||||
ldap::{
|
||||
error::{LdapError, LdapResult},
|
||||
utils::{LdapInfo, get_user_id_from_distinguished_name},
|
||||
},
|
||||
opaque_handler::OpaqueHandler,
|
||||
},
|
||||
infra::{
|
||||
ldap::handler::make_extended_response,
|
||||
domain::ldap::{
|
||||
error::{LdapError, LdapResult},
|
||||
utils::{LdapInfo, get_user_id_from_distinguished_name},
|
||||
},
|
||||
infra::ldap::handler::make_extended_response,
|
||||
};
|
||||
use lldap_access_control::{AccessControlledBackendHandler, UserReadableBackendHandler};
|
||||
use anyhow::Result;
|
||||
use ldap3_proto::proto::{
|
||||
LdapBindCred, LdapBindRequest, LdapOp, LdapPasswordModifyRequest, LdapResultCode,
|
||||
};
|
||||
use lldap_access_control::{AccessControlledBackendHandler, UserReadableBackendHandler};
|
||||
use lldap_auth::access_control::ValidationResults;
|
||||
use lldap_domain::types::UserId;
|
||||
use lldap_domain_handlers::handler::{BackendHandler, BindRequest, LoginHandler};
|
||||
use lldap_opaque_handler::OpaqueHandler;
|
||||
|
||||
pub(crate) async fn do_bind(
|
||||
ldap_info: &LdapInfo,
|
||||
|
||||
@@ -1,18 +1,16 @@
|
||||
use crate::{
|
||||
domain::opaque_handler::OpaqueHandler,
|
||||
infra::{
|
||||
configuration::{Configuration, LdapsOptions},
|
||||
ldap::handler::LdapHandler,
|
||||
},
|
||||
use crate::infra::{
|
||||
configuration::{Configuration, LdapsOptions},
|
||||
ldap::handler::LdapHandler,
|
||||
};
|
||||
use lldap_access_control::AccessControlledBackendHandler;
|
||||
use actix_rt::net::TcpStream;
|
||||
use actix_server::ServerBuilder;
|
||||
use actix_service::{ServiceFactoryExt, fn_service};
|
||||
use anyhow::{Context, Result, anyhow};
|
||||
use ldap3_proto::{LdapCodec, control::LdapControl, proto::LdapMsg, proto::LdapOp};
|
||||
use lldap_access_control::AccessControlledBackendHandler;
|
||||
use lldap_domain::types::AttributeName;
|
||||
use lldap_domain_handlers::handler::{BackendHandler, LoginHandler};
|
||||
use lldap_opaque_handler::OpaqueHandler;
|
||||
use rustls::PrivateKey;
|
||||
use tokio_rustls::TlsAcceptor as RustlsTlsAcceptor;
|
||||
use tokio_util::codec::{FramedRead, FramedWrite};
|
||||
|
||||
@@ -1,13 +1,9 @@
|
||||
use crate::{
|
||||
domain::opaque_handler::OpaqueHandler,
|
||||
infra::{
|
||||
auth_service,
|
||||
configuration::{Configuration, MailOptions},
|
||||
logging::CustomRootSpanBuilder,
|
||||
tcp_backend_handler::*,
|
||||
},
|
||||
use crate::infra::{
|
||||
auth_service,
|
||||
configuration::{Configuration, MailOptions},
|
||||
logging::CustomRootSpanBuilder,
|
||||
tcp_backend_handler::*,
|
||||
};
|
||||
use lldap_access_control::{AccessControlledBackendHandler, ReadonlyBackendHandler};
|
||||
use actix_files::Files;
|
||||
use actix_http::{HttpServiceBuilder, header};
|
||||
use actix_server::ServerBuilder;
|
||||
@@ -15,8 +11,10 @@ use actix_service::map_config;
|
||||
use actix_web::{App, HttpResponse, Responder, dev::AppConfig, guard, web};
|
||||
use anyhow::{Context, Result};
|
||||
use hmac::Hmac;
|
||||
use lldap_access_control::{AccessControlledBackendHandler, ReadonlyBackendHandler};
|
||||
use lldap_domain_handlers::handler::{BackendHandler, LoginHandler};
|
||||
use lldap_domain_model::error::DomainError;
|
||||
use lldap_opaque_handler::OpaqueHandler;
|
||||
use sha2::Sha512;
|
||||
use std::collections::HashSet;
|
||||
use std::path::PathBuf;
|
||||
|
||||
@@ -1,14 +1,21 @@
|
||||
use crate::domain::opaque_handler::*;
|
||||
use lldap_domain::{
|
||||
requests::{
|
||||
CreateAttributeRequest, CreateGroupRequest, CreateUserRequest, UpdateGroupRequest,
|
||||
UpdateUserRequest,
|
||||
},
|
||||
schema::{AttributeList, AttributeSchema, Schema},
|
||||
types::*,
|
||||
types::{
|
||||
AttributeName, AttributeType, Group, GroupDetails, GroupId, LdapObjectClass, User,
|
||||
UserAndGroups, UserId,
|
||||
},
|
||||
};
|
||||
use lldap_domain_handlers::handler::{
|
||||
BackendHandler, BindRequest, GroupBackendHandler, GroupListerBackendHandler,
|
||||
GroupRequestFilter, LoginHandler, ReadSchemaBackendHandler, SchemaBackendHandler,
|
||||
UserBackendHandler, UserListerBackendHandler, UserRequestFilter,
|
||||
};
|
||||
use lldap_domain_handlers::handler::*;
|
||||
use lldap_domain_model::error::Result;
|
||||
use lldap_opaque_handler::{OpaqueHandler, login, registration};
|
||||
|
||||
use async_trait::async_trait;
|
||||
use std::collections::HashSet;
|
||||
|
||||
Reference in New Issue
Block a user