From e169ca4f22d3a46f8edc014ef77884549af3c625 Mon Sep 17 00:00:00 2001 From: Peter Tripp Date: Thu, 30 Apr 2026 14:33:48 -0400 Subject: [PATCH 1/2] StyleEdition2024 --- rustfmt.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rustfmt.toml b/rustfmt.toml index 92844e0..2083782 100644 --- a/rustfmt.toml +++ b/rustfmt.toml @@ -1,2 +1,2 @@ -style_edition = "2021" +style_edition = "2024" edition = "2024" From d671fdf79ee4f3054929063d5ecccf303f1c8511 Mon Sep 17 00:00:00 2001 From: Peter Tripp Date: Thu, 30 Apr 2026 14:34:15 -0400 Subject: [PATCH 2/2] cargo fmt (2024) --- dropshot-authorization-header/src/basic.rs | 2 +- v-api-installer/src/lib.rs | 4 +- v-api-installer/src/main.rs | 4 +- v-api-permission-derive/src/lib.rs | 2 +- v-api/src/authn/jwt.rs | 9 ++- v-api/src/authn/key.rs | 2 +- v-api/src/authn/mod.rs | 6 +- v-api/src/config.rs | 10 ++-- v-api/src/context/auth.rs | 6 +- v-api/src/context/group.rs | 6 +- v-api/src/context/link.rs | 8 +-- v-api/src/context/login.rs | 4 +- v-api/src/context/magic_link.rs | 18 +++--- v-api/src/context/mapping.rs | 11 ++-- v-api/src/context/mod.rs | 56 ++++++++++--------- v-api/src/context/oauth.rs | 8 +-- v-api/src/context/saga.rs | 6 +- v-api/src/context/user.rs | 14 ++--- v-api/src/endpoints/api_user.rs | 16 +++--- v-api/src/endpoints/api_user_provider.rs | 2 +- v-api/src/endpoints/group.rs | 2 +- v-api/src/endpoints/login/local/mod.rs | 4 +- .../src/endpoints/login/magic_link/client.rs | 10 ++-- v-api/src/endpoints/login/magic_link/mod.rs | 8 +-- v-api/src/endpoints/login/mod.rs | 2 +- v-api/src/endpoints/login/oauth/client.rs | 10 ++-- v-api/src/endpoints/login/oauth/code.rs | 33 ++++++----- .../src/endpoints/login/oauth/device_token.rs | 4 +- v-api/src/endpoints/login/oauth/github.rs | 2 +- v-api/src/endpoints/login/oauth/mod.rs | 8 +-- v-api/src/endpoints/mappers.rs | 2 +- v-api/src/endpoints/saga.rs | 2 +- v-api/src/error.rs | 4 +- v-api/src/lib.rs | 8 +-- v-api/src/mapper/default.rs | 2 +- v-api/src/mapper/email_address.rs | 2 +- v-api/src/mapper/email_domain.rs | 2 +- v-api/src/mapper/github_username.rs | 2 +- v-api/src/mapper/mod.rs | 2 +- v-api/src/secrets.rs | 2 +- v-api/src/util.rs | 10 ++-- v-api/tests/import.rs | 2 +- v-model/src/permissions.rs | 4 +- v-model/src/saga/postgres.rs | 38 ++++++------- v-model/src/schema_ext.rs | 2 +- v-model/src/storage/mod.rs | 4 +- v-model/src/storage/postgres.rs | 22 ++++---- v-model/tests/postgres.rs | 41 ++++++++------ 48 files changed, 224 insertions(+), 204 deletions(-) diff --git a/dropshot-authorization-header/src/basic.rs b/dropshot-authorization-header/src/basic.rs index 35c659d..87bba74 100644 --- a/dropshot-authorization-header/src/basic.rs +++ b/dropshot-authorization-header/src/basic.rs @@ -3,7 +3,7 @@ // file, You can obtain one at https://mozilla.org/MPL/2.0/. use async_trait::async_trait; -use base64::{prelude::BASE64_STANDARD, Engine}; +use base64::{Engine, prelude::BASE64_STANDARD}; use dropshot::{ ApiEndpointBodyContentType, ExtensionMode, ExtractorMetadata, HttpError, RequestContext, ServerContext, SharedExtractor, diff --git a/v-api-installer/src/lib.rs b/v-api-installer/src/lib.rs index 7fa5fa0..c736eb5 100644 --- a/v-api-installer/src/lib.rs +++ b/v-api-installer/src/lib.rs @@ -3,10 +3,10 @@ // file, You can obtain one at https://mozilla.org/MPL/2.0/. use diesel::{ - r2d2::{ConnectionManager, ManageConnection}, PgConnection, + r2d2::{ConnectionManager, ManageConnection}, }; -use diesel_migrations::{embed_migrations, EmbeddedMigrations, MigrationHarness}; +use diesel_migrations::{EmbeddedMigrations, MigrationHarness, embed_migrations}; const MIGRATIONS: EmbeddedMigrations = embed_migrations!("../v-model/migrations"); diff --git a/v-api-installer/src/main.rs b/v-api-installer/src/main.rs index b036798..a791e61 100644 --- a/v-api-installer/src/main.rs +++ b/v-api-installer/src/main.rs @@ -8,6 +8,8 @@ fn main() { if let Ok(url) = std::env::var("DATABASE_URL") { run_migrations(&url); } else { - println!("DATABASE_URL environment variable must be specified to run migrations and must be in the form of a connection string") + println!( + "DATABASE_URL environment variable must be specified to run migrations and must be in the form of a connection string" + ) } } diff --git a/v-api-permission-derive/src/lib.rs b/v-api-permission-derive/src/lib.rs index 62dfe6c..3abb41d 100644 --- a/v-api-permission-derive/src/lib.rs +++ b/v-api-permission-derive/src/lib.rs @@ -11,10 +11,10 @@ use std::{ hash::{Hash, Hasher}, }; use syn::{ + Data, DeriveInput, Error, Ident, Result, Token, Variant, parse::{Parse, ParseStream}, parse_macro_input, spanned::Spanned, - Data, DeriveInput, Error, Ident, Result, Token, Variant, }; static MACRO_ID: &str = "v_api"; diff --git a/v-api/src/authn/jwt.rs b/v-api/src/authn/jwt.rs index 3ff7f98..9745c01 100644 --- a/v-api/src/authn/jwt.rs +++ b/v-api/src/authn/jwt.rs @@ -2,23 +2,22 @@ // License, v. 2.0. If a copy of the MPL was not distributed with this // file, You can obtain one at https://mozilla.org/MPL/2.0/. -use base64::{engine::general_purpose::URL_SAFE_NO_PAD, Engine}; +use base64::{Engine, engine::general_purpose::URL_SAFE_NO_PAD}; use chrono::{DateTime, Utc}; use dropshot::{RequestContext, SharedExtractor}; use dropshot_authorization_header::bearer::BearerAuth; use jsonwebtoken::{ - decode, decode_header, + Algorithm, DecodingKey, Header, Validation, decode, decode_header, jwk::{AlgorithmParameters, Jwk}, - Algorithm, DecodingKey, Header, Validation, }; use newtype_uuid::TypedUuid; -use serde::{de::DeserializeOwned, Deserialize, Serialize}; +use serde::{Deserialize, Serialize, de::DeserializeOwned}; use std::{fmt::Debug, sync::Arc}; use thiserror::Error; use tracing::instrument; use v_model::{AccessTokenId, UserId, UserProviderId}; -use crate::{authn::Signer, context::VContext, permissions::VAppPermission, ApiContext}; +use crate::{ApiContext, authn::Signer, context::VContext, permissions::VAppPermission}; use super::SigningKeyError; diff --git a/v-api/src/authn/key.rs b/v-api/src/authn/key.rs index 8bd0eb7..4badba6 100644 --- a/v-api/src/authn/key.rs +++ b/v-api/src/authn/key.rs @@ -144,7 +144,7 @@ mod tests { use super::RawKey; use crate::{ authn::{VerificationResult, Verify}, - util::tests::{mock_key, MockKey}, + util::tests::{MockKey, mock_key}, }; struct TestVerifier { diff --git a/v-api/src/authn/mod.rs b/v-api/src/authn/mod.rs index 4ce69c9..d1b03c3 100644 --- a/v-api/src/authn/mod.rs +++ b/v-api/src/authn/mod.rs @@ -3,13 +3,13 @@ // file, You can obtain one at https://mozilla.org/MPL/2.0/. use async_trait::async_trait; -use base64::{prelude::BASE64_STANDARD, Engine}; +use base64::{Engine, prelude::BASE64_STANDARD}; use crc32c::crc32c; use dropshot::{HttpError, RequestContext, SharedExtractor}; use dropshot_authorization_header::bearer::BearerAuth; use google_cloudkms1::{ - api::AsymmetricSignRequest, hyper_rustls::HttpsConnector, - hyper_util::client::legacy::connect::HttpConnector, CloudKMS, + CloudKMS, api::AsymmetricSignRequest, hyper_rustls::HttpsConnector, + hyper_util::client::legacy::connect::HttpConnector, }; use rsa::sha2::{Digest, Sha256}; use rsa::{ diff --git a/v-api/src/config.rs b/v-api/src/config.rs index 2278909..4c3ee2a 100644 --- a/v-api/src/config.rs +++ b/v-api/src/config.rs @@ -2,22 +2,22 @@ // License, v. 2.0. If a copy of the MPL was not distributed with this // file, You can obtain one at https://mozilla.org/MPL/2.0/. -use base64::{engine::general_purpose::URL_SAFE_NO_PAD, Engine}; +use base64::{Engine, engine::general_purpose::URL_SAFE_NO_PAD}; use futures::executor::block_on; use jsonwebtoken::jwk::{ AlgorithmParameters, CommonParameters, Jwk, KeyAlgorithm, PublicKeyUse, RSAKeyParameters, RSAKeyType, }; use rsa::{ + RsaPrivateKey, RsaPublicKey, pkcs1v15::{SigningKey, VerifyingKey}, pkcs8::{DecodePrivateKey, DecodePublicKey}, traits::PublicKeyParts, - RsaPrivateKey, RsaPublicKey, }; use secrecy::ExposeSecret; use serde::{ - de::{self, Visitor}, Deserialize, Deserializer, + de::{self, Visitor}, }; use std::path::PathBuf; use thiserror::Error; @@ -25,8 +25,8 @@ use v_api_param::StringParam; use crate::{ authn::{ - jwt::JwtSignerError, CloudKmsError, CloudKmsSigningKey, CloudKmsVerifyingKey, - LocalSigningKey, LocalVerifyingKey, Signer, SignerKey, SigningKeyError, Verifier, + CloudKmsError, CloudKmsSigningKey, CloudKmsVerifyingKey, LocalSigningKey, + LocalVerifyingKey, Signer, SignerKey, SigningKeyError, Verifier, jwt::JwtSignerError, }, util::cloud_kms_client, }; diff --git a/v-api/src/context/auth.rs b/v-api/src/context/auth.rs index a818820..0e7958b 100644 --- a/v-api/src/context/auth.rs +++ b/v-api/src/context/auth.rs @@ -10,9 +10,10 @@ use std::{collections::HashMap, fmt::Debug, sync::Arc}; use v_model::permissions::Caller; use crate::{ + ApiContext, authn::{ - jwt::{JwtSigner, JwtSignerError}, AuthError, AuthToken, Sign, Signer, VerificationResult, Verifier, Verify, + jwt::{JwtSigner, JwtSignerError}, }, config::JwtConfig, endpoints::login::oauth::{ @@ -20,7 +21,6 @@ use crate::{ }, error::AppError, permissions::{VAppPermission, VPermission}, - ApiContext, }; pub struct AuthContext { @@ -195,7 +195,7 @@ mod tests { config::JwtConfig, context::auth::AuthContext, permissions::VPermission, - util::tests::{mock_key, MockKey}, + util::tests::{MockKey, mock_key}, }; #[tokio::test] diff --git a/v-api/src/context/group.rs b/v-api/src/context/group.rs index 625ba6c..8178139 100644 --- a/v-api/src/context/group.rs +++ b/v-api/src/context/group.rs @@ -5,15 +5,15 @@ use newtype_uuid::TypedUuid; use std::sync::Arc; use v_model::{ + AccessGroup, AccessGroupId, NewAccessGroup, permissions::Caller, storage::{AccessGroupFilter, AccessGroupStore, ListPagination, StoreError}, - AccessGroup, AccessGroupId, NewAccessGroup, }; use crate::{ - permissions::{VAppPermission, VPermission}, - response::{resource_restricted, OptionalResource, ResourceResult}, VApiStorage, + permissions::{VAppPermission, VPermission}, + response::{OptionalResource, ResourceResult, resource_restricted}, }; #[derive(Clone)] diff --git a/v-api/src/context/link.rs b/v-api/src/context/link.rs index c9b2868..b722bc5 100644 --- a/v-api/src/context/link.rs +++ b/v-api/src/context/link.rs @@ -6,19 +6,19 @@ use chrono::{TimeDelta, Utc}; use newtype_uuid::{GenericUuid, TypedUuid}; use std::{ops::Add, sync::Arc}; use v_model::{ + LinkRequest, LinkRequestId, NewLinkRequest, UserId, UserProviderId, permissions::Caller, storage::{LinkRequestStore, StoreError}, - LinkRequest, LinkRequestId, NewLinkRequest, UserId, UserProviderId, }; use crate::{ + VApiStorage, authn::{ - key::{RawKey, SignedKey}, Sign, + key::{RawKey, SignedKey}, }, permissions::{VAppPermission, VPermission}, - response::{resource_restricted, ResourceResult}, - VApiStorage, + response::{ResourceResult, resource_restricted}, }; #[derive(Clone)] diff --git a/v-api/src/context/login.rs b/v-api/src/context/login.rs index c3ddcb4..e126464 100644 --- a/v-api/src/context/login.rs +++ b/v-api/src/context/login.rs @@ -6,11 +6,11 @@ use newtype_uuid::TypedUuid; use oauth2::CsrfToken; use std::sync::Arc; use v_model::{ - storage::{ListPagination, LoginAttemptFilter, LoginAttemptStore, StoreError}, LoginAttempt, LoginAttemptId, LoginAttemptState, NewLoginAttempt, + storage::{ListPagination, LoginAttemptFilter, LoginAttemptStore, StoreError}, }; -use crate::{permissions::VAppPermission, VApiStorage}; +use crate::{VApiStorage, permissions::VAppPermission}; #[derive(Clone)] pub struct LoginContext { diff --git a/v-api/src/context/magic_link.rs b/v-api/src/context/magic_link.rs index f0fdbb5..0d6b4c3 100644 --- a/v-api/src/context/magic_link.rs +++ b/v-api/src/context/magic_link.rs @@ -10,27 +10,27 @@ use thiserror::Error; use tracing::instrument; use url::Url; use v_model::{ + MagicLink, MagicLinkAttempt, MagicLinkAttemptId, MagicLinkId, MagicLinkRedirectUri, + MagicLinkRedirectUriId, MagicLinkSecret, MagicLinkSecretId, NewMagicLink, NewMagicLinkAttempt, + NewMagicLinkRedirectUri, NewMagicLinkSecret, permissions::Caller, schema_ext::{MagicLinkAttemptState, MagicLinkMedium}, storage::{ ListPagination, MagicLinkAttemptFilter, MagicLinkAttemptStore, MagicLinkFilter, MagicLinkRedirectUriStore, MagicLinkSecretStore, MagicLinkStore, StoreError, }, - MagicLink, MagicLinkAttempt, MagicLinkAttemptId, MagicLinkId, MagicLinkRedirectUri, - MagicLinkRedirectUriId, MagicLinkSecret, MagicLinkSecretId, NewMagicLink, NewMagicLinkAttempt, - NewMagicLinkRedirectUri, NewMagicLinkSecret, }; use crate::{ authn::{ - key::{ApiKeyError, RawKey}, Sign, SigningKeyError, + key::{ApiKeyError, RawKey}, }, messenger::{Message, Messenger, MessengerError}, permissions::{VAppPermission, VPermission}, response::{ - resource_error, resource_restricted, OptionalResource, ResourceError, ResourceErrorInner, - ResourceResult, + OptionalResource, ResourceError, ResourceErrorInner, ResourceResult, resource_error, + resource_restricted, }, }; @@ -452,22 +452,22 @@ mod tests { use std::{ ops::Add, sync::{ - atomic::{AtomicBool, Ordering}, Arc, RwLock, + atomic::{AtomicBool, Ordering}, }, }; use url::Url; use uuid::Uuid; use v_model::{ + MagicLinkAttempt, schema_ext::{MagicLinkAttemptState, MagicLinkMedium}, storage::MockMagicLinkAttemptStore, - MagicLinkAttempt, }; use super::{MagicLinkContext, MagicLinkMessage, MagicLinkTarget}; use crate::{ authn::key::RawKey, - context::test_mocks::{mock_context, MockStorage}, + context::test_mocks::{MockStorage, mock_context}, messenger::{Message, Messenger, MessengerError}, permissions::VPermission, response::ResourceError, diff --git a/v-api/src/context/mapping.rs b/v-api/src/context/mapping.rs index c2f1453..d5eb357 100644 --- a/v-api/src/context/mapping.rs +++ b/v-api/src/context/mapping.rs @@ -6,17 +6,17 @@ use newtype_uuid::TypedUuid; use serde_json::Value; use std::{collections::BTreeSet, sync::Arc}; use v_model::{ + AccessGroupId, Mapper, MapperId, NewMapper, Permissions, permissions::Caller, storage::{ListPagination, MapperFilter, MapperStore, StoreError}, - AccessGroupId, Mapper, MapperId, NewMapper, Permissions, }; use crate::{ + VApiStorage, endpoints::login::UserInfo, mapper::MappingEngine, permissions::{VAppPermission, VPermission}, - response::{resource_restricted, OptionalResource, ResourceResult}, - VApiStorage, + response::{OptionalResource, ResourceResult, resource_restricted}, }; pub struct MappingContext { @@ -150,7 +150,10 @@ where Err(err) => { // TODO: Inspect the error. We expect to see a conflict error, and // should is expected to be seen. Other errors are problematic. - tracing::warn!(?err, "Login may have attempted to use depleted mapper. This may be ok if it is an isolated occurrence, but should occur repeatedly."); + tracing::warn!( + ?err, + "Login may have attempted to use depleted mapper. This may be ok if it is an isolated occurrence, but should occur repeatedly." + ); false } } diff --git a/v-api/src/context/mod.rs b/v-api/src/context/mod.rs index 86302be..529106b 100644 --- a/v-api/src/context/mod.rs +++ b/v-api/src/context/mod.rs @@ -23,37 +23,37 @@ use v_model::saga::{ view::SagaExecNodeId, }; use v_model::{ + AccessGroupId, ApiUserInfo, ApiUserProvider, LinkRequest, NewApiUser, NewApiUserProvider, + NewLinkRequest, UserId, UserProviderId, permissions::{Caller, Permission}, storage::{ - postgres::{PostgresError, PostgresStore}, AccessGroupStore, AccessTokenStore, ApiKeyStore, ApiUserContactEmailStore, ApiUserFilter, ApiUserProviderFilter, ApiUserProviderStore, ApiUserStore, LinkRequestStore, ListPagination, LoginAttemptStore, MagicLinkAttemptStore, MagicLinkRedirectUriStore, MagicLinkSecretStore, MagicLinkStore, MapperStore, OAuthClientRedirectUriStore, OAuthClientSecretStore, OAuthClientStore, StoreError, + postgres::{PostgresError, PostgresStore}, }, - AccessGroupId, ApiUserInfo, ApiUserProvider, LinkRequest, NewApiUser, NewApiUserProvider, - NewLinkRequest, UserId, UserProviderId, }; use crate::{ authn::{ - jwt::{Claims, JwtSigner, JwtSignerError, DEFAULT_JWT_EXPIRATION}, AuthError, AuthToken, Sign, VerificationResult, Verify, + jwt::{Claims, DEFAULT_JWT_EXPIRATION, JwtSigner, JwtSignerError}, }, config::{AsymmetricKey, JwtConfig}, endpoints::login::{ + UserInfo, oauth::{ ClientType, OAuthProvider, OAuthProviderError, OAuthProviderFn, OAuthProviderName, }, - UserInfo, }, error::ApiError, mapper::DefaultMappingEngine, permissions::{VAppPermission, VPermission}, response::{OptionalResource, ResourceErrorInner}, util::response::{ - client_error, internal_error, resource_error, resource_restricted, ResourceResult, + ResourceResult, client_error, internal_error, resource_error, resource_restricted, }, }; @@ -530,7 +530,9 @@ where Ok((user, user_provider)) } 1 => { - tracing::info!("Found an existing user provider. Ensuring mapped permissions and groups for user."); + tracing::info!( + "Found an existing user provider. Ensuring mapped permissions and groups for user." + ); // This branch ensures that there is a 0th indexed item let mut provider = api_user_providers.into_iter().nth(0).unwrap(); @@ -949,27 +951,27 @@ mod tests { use newtype_uuid::TypedUuid; use std::{collections::BTreeSet, ops::Add, sync::Arc}; use v_model::{ + AccessGroup, AccessToken, AccessTokenId, ApiUser, ApiUserInfo, ApiUserProvider, UserId, permissions::Permissions, storage::{ AccessGroupFilter, ListPagination, MockAccessGroupStore, MockAccessTokenStore, MockApiUserStore, }, - AccessGroup, AccessToken, AccessTokenId, ApiUser, ApiUserInfo, ApiUserProvider, UserId, }; use crate::{ + VContextBuilder, VContextBuilderError, authn::{ - jwt::{Claims, Jwt}, AuthToken, + jwt::{Claims, Jwt}, }, context::user::UserContextError, permissions::VPermission, - VContextBuilder, VContextBuilderError, }; use super::{ - test_mocks::{mock_context, MockStorage}, VContext, VContextCallerError, + test_mocks::{MockStorage, mock_context}, }; async fn create_token( @@ -1167,10 +1169,12 @@ mod tests { let result = VContextBuilder::::new().build().await; match result { - Ok(_) => panic!("Expected to receive PostgresError::MissingRequiredConfiguration error"), + Ok(_) => { + panic!("Expected to receive PostgresError::MissingRequiredConfiguration error") + } Err(VContextBuilderError::MissingRequiredConfiguration(a)) => { assert_eq!(a, "storage"); - }, + } Err(other) => panic!( "Expected to receive PostgresError::MissingRequiredConfiguration error. Instead found {:?}", other @@ -1187,11 +1191,13 @@ mod tests { .await; match result { - Ok(_) => panic!("Expected to receive PostgresError::MissingRequiredConfiguration error"), + Ok(_) => { + panic!("Expected to receive PostgresError::MissingRequiredConfiguration error") + } Err(VContextBuilderError::ConfigConflict(a, b)) => { assert_eq!(a, "storage"); assert_eq!(b, "storage_url"); - }, + } Err(other) => panic!( "Expected to receive PostgresError::MissingRequiredConfiguration error. Instead found {:?}", other @@ -1208,6 +1214,13 @@ pub(crate) mod test_mocks { use std::{collections::HashMap, sync::Arc}; use uuid::Uuid; use v_model::{ + AccessGroupId, AccessToken, AccessTokenId, ApiKey, ApiKeyId, ApiUserContactEmail, + ApiUserProvider, LinkRequestId, LoginAttemptId, MagicLink, MagicLinkAttempt, + MagicLinkAttemptId, MagicLinkId, MagicLinkRedirectUri, MagicLinkRedirectUriId, + MagicLinkSecret, MagicLinkSecretId, MapperId, NewAccessGroup, NewAccessToken, NewApiKey, + NewApiUser, NewApiUserContactEmail, NewApiUserProvider, NewLoginAttempt, NewMagicLink, + NewMagicLinkAttempt, NewMagicLinkRedirectUri, NewMagicLinkSecret, NewMapper, OAuthClientId, + OAuthRedirectUriId, OAuthSecretId, UserContactEmailId, UserId, UserProviderId, permissions::Caller, saga::{ db::{ @@ -1233,22 +1246,15 @@ pub(crate) mod test_mocks { MockOAuthClientStore, OAuthClientRedirectUriStore, OAuthClientSecretStore, OAuthClientStore, StoreError, }, - AccessGroupId, AccessToken, AccessTokenId, ApiKey, ApiKeyId, ApiUserContactEmail, - ApiUserProvider, LinkRequestId, LoginAttemptId, MagicLink, MagicLinkAttempt, - MagicLinkAttemptId, MagicLinkId, MagicLinkRedirectUri, MagicLinkRedirectUriId, - MagicLinkSecret, MagicLinkSecretId, MapperId, NewAccessGroup, NewAccessToken, NewApiKey, - NewApiUser, NewApiUserContactEmail, NewApiUserProvider, NewLoginAttempt, NewMagicLink, - NewMagicLinkAttempt, NewMagicLinkRedirectUri, NewMagicLinkSecret, NewMapper, OAuthClientId, - OAuthRedirectUriId, OAuthSecretId, UserContactEmailId, UserId, UserProviderId, }; use crate::{ + VContextBuilder, config::JwtConfig, - endpoints::login::oauth::{google::GoogleOAuthProvider, OAuthProviderName}, + endpoints::login::oauth::{OAuthProviderName, google::GoogleOAuthProvider}, mapper::DefaultMappingEngine, permissions::VPermission, - util::tests::{mock_key, MockKey}, - VContextBuilder, + util::tests::{MockKey, mock_key}, }; use super::VContext; diff --git a/v-api/src/context/oauth.rs b/v-api/src/context/oauth.rs index 41835b6..0dc2ee8 100644 --- a/v-api/src/context/oauth.rs +++ b/v-api/src/context/oauth.rs @@ -5,19 +5,19 @@ use newtype_uuid::TypedUuid; use std::sync::Arc; use v_model::{ + NewOAuthClient, NewOAuthClientRedirectUri, NewOAuthClientSecret, OAuthClient, OAuthClientId, + OAuthClientRedirectUri, OAuthClientSecret, OAuthRedirectUriId, OAuthSecretId, permissions::Caller, storage::{ ListPagination, OAuthClientFilter, OAuthClientRedirectUriStore, OAuthClientSecretStore, OAuthClientStore, StoreError, }, - NewOAuthClient, NewOAuthClientRedirectUri, NewOAuthClientSecret, OAuthClient, OAuthClientId, - OAuthClientRedirectUri, OAuthClientSecret, OAuthRedirectUriId, OAuthSecretId, }; use crate::{ - permissions::{VAppPermission, VPermission}, - response::{resource_restricted, OptionalResource, ResourceResult}, VApiStorage, + permissions::{VAppPermission, VPermission}, + response::{OptionalResource, ResourceResult, resource_restricted}, }; #[derive(Clone)] diff --git a/v-api/src/context/saga.rs b/v-api/src/context/saga.rs index 0091c91..738518c 100644 --- a/v-api/src/context/saga.rs +++ b/v-api/src/context/saga.rs @@ -4,7 +4,7 @@ use async_trait::async_trait; use newtype_uuid::{GenericUuid, TypedUuid}; -use slog::{o, Discard, Logger}; +use slog::{Discard, Logger, o}; use std::{fmt::Debug, future::Future, pin::Pin, sync::Arc}; use steno::{ ActionRegistry, SagaCachedState, SagaCreateParams, SagaDag, SagaId as StenoId, SagaNodeEvent, @@ -23,11 +23,11 @@ use v_model::{ }; use crate::{ + ApiContext, VApiStorage, permissions::{VAppPermission, VPermission}, response::{ - resource_restricted, OptionalResource, ResourceError, ResourceErrorInner, ResourceResult, + OptionalResource, ResourceError, ResourceErrorInner, ResourceResult, resource_restricted, }, - ApiContext, VApiStorage, }; pub type CreateSagaFuture = Pin< diff --git a/v-api/src/context/user.rs b/v-api/src/context/user.rs index 5096ad7..ab7e591 100644 --- a/v-api/src/context/user.rs +++ b/v-api/src/context/user.rs @@ -11,30 +11,30 @@ use std::{ sync::Arc, }; use thiserror::Error; -use tracing::{info_span, instrument, Instrument}; +use tracing::{Instrument, info_span, instrument}; use uuid::Uuid; use v_model::{ + AccessGroupId, AccessToken, ApiKey, ApiKeyId, ApiUser, ApiUserContactEmail, ApiUserInfo, + ApiUserProvider, ArcMap, NewAccessToken, NewApiKey, NewApiUser, NewApiUserContactEmail, + NewApiUserProvider, Permissions, UserId, UserProviderId, permissions::{AsScope, Caller, Permission, PermissionError, PermissionStorage}, storage::{ AccessGroupFilter, AccessGroupStore, AccessTokenStore, ApiKeyFilter, ApiKeyStore, ApiUserContactEmailStore, ApiUserFilter, ApiUserProviderFilter, ApiUserProviderStore, ApiUserStore, ListPagination, StoreError, }, - AccessGroupId, AccessToken, ApiKey, ApiKeyId, ApiUser, ApiUserContactEmail, ApiUserInfo, - ApiUserProvider, ArcMap, NewAccessToken, NewApiKey, NewApiUser, NewApiUserContactEmail, - NewApiUserProvider, Permissions, UserId, UserProviderId, }; use crate::{ + VApiStorage, authn::{ - jwt::{Claims, JwtSigner, JwtSignerError}, AuthToken, Verify, + jwt::{Claims, JwtSigner, JwtSignerError}, }, permissions::{VAppPermission, VPermission}, response::{ - resource_not_found, resource_restricted, OptionalResource, ResourceError, ResourceResult, + OptionalResource, ResourceError, ResourceResult, resource_not_found, resource_restricted, }, - VApiStorage, }; #[derive(Debug)] diff --git a/v-api/src/endpoints/api_user.rs b/v-api/src/endpoints/api_user.rs index 42876ce..0c566c0 100644 --- a/v-api/src/endpoints/api_user.rs +++ b/v-api/src/endpoints/api_user.rs @@ -2,7 +2,7 @@ // License, v. 2.0. If a copy of the MPL was not distributed with this // file, You can obtain one at https://mozilla.org/MPL/2.0/. -use std::collections::{hash_map::Entry, BTreeSet, HashMap}; +use std::collections::{BTreeSet, HashMap, hash_map::Entry}; use chrono::{DateTime, Utc}; use dropshot::{ @@ -17,20 +17,20 @@ use tap::TapFallible; use tracing::instrument; use uuid::Uuid; use v_model::{ - permissions::{Caller, Permission, PermissionStorage, Permissions}, - storage::{ApiUserFilter, ApiUserProviderFilter, ListPagination}, AccessGroupId, ApiKeyId, ApiUser, ApiUserContactEmail, ApiUserProvider, NewApiKey, NewApiUser, UserId, + permissions::{Caller, Permission, PermissionStorage, Permissions}, + storage::{ApiUserFilter, ApiUserProviderFilter, ListPagination}, }; use crate::{ + VContext, authn::key::RawKey, context::{ApiContext, VContextWithCaller}, error::ApiError, permissions::{VAppPermission, VAppPermissionResponse}, secrets::OpenApiSecretString, util::response::{bad_request, not_found, to_internal_error, unauthorized}, - VContext, }; fn into_user_response(user: ApiUser) -> ApiUser @@ -772,21 +772,21 @@ mod tests { use mockall::predicate::eq; use newtype_uuid::TypedUuid; use v_model::{ + ApiKey, ApiUser, ApiUserContactEmail, ApiUserInfo, ApiUserProvider, NewApiUser, permissions::{Caller, Permissions}, storage::{ ApiKeyFilter, ListPagination, MockApiKeyStore, MockApiUserContactEmailStore, MockApiUserProviderStore, MockApiUserStore, StoreError, }, - ApiKey, ApiUser, ApiUserContactEmail, ApiUserInfo, ApiUserProvider, NewApiUser, }; use crate::{ - context::test_mocks::{mock_context, MockStorage}, + context::test_mocks::{MockStorage, mock_context}, endpoints::api_user::{ + ApiKeyCreateParams, ApiUserEmailUpdateParams, ApiUserPath, ApiUserTokenPath, create_api_user_inner, create_api_user_token_inner, delete_api_user_token_inner, get_api_user_token_inner, list_api_user_tokens_inner, set_api_user_contact_email_inner, - update_api_user_inner, ApiKeyCreateParams, ApiUserEmailUpdateParams, ApiUserPath, - ApiUserTokenPath, + update_api_user_inner, }, permissions::{VPermission, VPermissionResponse}, util::tests::get_status, diff --git a/v-api/src/endpoints/api_user_provider.rs b/v-api/src/endpoints/api_user_provider.rs index 370f630..dc78d88 100644 --- a/v-api/src/endpoints/api_user_provider.rs +++ b/v-api/src/endpoints/api_user_provider.rs @@ -7,7 +7,7 @@ use newtype_uuid::TypedUuid; use schemars::JsonSchema; use serde::{Deserialize, Serialize}; use tracing::instrument; -use v_model::{permissions::PermissionStorage, UserId, UserProviderId}; +use v_model::{UserId, UserProviderId, permissions::PermissionStorage}; use crate::{ context::{ApiContext, VContextWithCaller}, diff --git a/v-api/src/endpoints/group.rs b/v-api/src/endpoints/group.rs index eea2e51..a58d162 100644 --- a/v-api/src/endpoints/group.rs +++ b/v-api/src/endpoints/group.rs @@ -9,8 +9,8 @@ use serde::Deserialize; use std::fmt::Debug; use tracing::instrument; use v_model::{ - permissions::{Permission, PermissionStorage, Permissions}, AccessGroup, AccessGroupId, NewAccessGroup, + permissions::{Permission, PermissionStorage, Permissions}, }; use crate::{ diff --git a/v-api/src/endpoints/login/local/mod.rs b/v-api/src/endpoints/login/local/mod.rs index bd7b346..ca07749 100644 --- a/v-api/src/endpoints/login/local/mod.rs +++ b/v-api/src/endpoints/login/local/mod.rs @@ -4,7 +4,7 @@ use chrono::{Duration, Utc}; use dropshot::{Body, HttpError, RequestContext, TypedBody}; -use http::{header, Response, StatusCode}; +use http::{Response, StatusCode, header}; use schemars::JsonSchema; use serde::{Deserialize, Serialize}; use tracing::instrument; @@ -13,7 +13,7 @@ use v_model::permissions::PermissionStorage; use crate::{ authn::jwt::Claims, context::ApiContext, - endpoints::login::{oauth::device_token::ProxyTokenResponse, ExternalUserId, UserInfo}, + endpoints::login::{ExternalUserId, UserInfo, oauth::device_token::ProxyTokenResponse}, permissions::{VAppPermission, VPermission}, }; diff --git a/v-api/src/endpoints/login/magic_link/client.rs b/v-api/src/endpoints/login/magic_link/client.rs index 58a7038..09d3db3 100644 --- a/v-api/src/endpoints/login/magic_link/client.rs +++ b/v-api/src/endpoints/login/magic_link/client.rs @@ -9,18 +9,18 @@ use schemars::JsonSchema; use serde::{Deserialize, Serialize}; use tracing::instrument; use v_model::{ - permissions::{Caller, PermissionStorage}, MagicLink, MagicLinkId, MagicLinkRedirectUri, MagicLinkRedirectUriId, MagicLinkSecret, MagicLinkSecretId, + permissions::{Caller, PermissionStorage}, }; use crate::{ + VContext, authn::key::RawKey, context::{ApiContext, VContextWithCaller}, permissions::{VAppPermission, VPermission}, secrets::OpenApiSecretString, util::response::to_internal_error, - VContext, }; #[instrument(skip(rqctx), err(Debug))] @@ -233,17 +233,17 @@ mod tests { use mockall::predicate::eq; use newtype_uuid::TypedUuid; use v_model::{ + ApiUser, ApiUserInfo, MagicLink, MagicLinkSecret, permissions::Caller, storage::{MockApiUserStore, MockMagicLinkSecretStore, MockMagicLinkStore}, - ApiUser, ApiUserInfo, MagicLink, MagicLinkSecret, }; use crate::{ authn::key::RawKey, - context::test_mocks::{mock_context, MockStorage}, + context::test_mocks::{MockStorage, mock_context}, endpoints::login::magic_link::{ - client::{create_magic_link_inner, create_magic_link_secret_inner}, CheckMagicLinkClient, + client::{create_magic_link_inner, create_magic_link_secret_inner}, }, permissions::VPermission, }; diff --git a/v-api/src/endpoints/login/magic_link/mod.rs b/v-api/src/endpoints/login/magic_link/mod.rs index 2108a5b..ca86857 100644 --- a/v-api/src/endpoints/login/magic_link/mod.rs +++ b/v-api/src/endpoints/login/magic_link/mod.rs @@ -15,18 +15,18 @@ use tracing::instrument; use url::Url; use uuid::Uuid; use v_model::{ + MagicLink, MagicLinkAttemptId, permissions::PermissionStorage, schema_ext::{MagicLinkAttemptState, MagicLinkMedium}, - MagicLink, MagicLinkAttemptId, }; use crate::{ - authn::{key::RawKey, Verify}, + ApiContext, VContext, + authn::{Verify, key::RawKey}, context::magic_link::{MagicLinkSendError, MagicLinkTransitionError}, endpoints::login::{ExternalUserId, UserInfo}, permissions::VAppPermission, - response::{bad_request, internal_error, to_internal_error, ResourceError}, - ApiContext, VContext, + response::{ResourceError, bad_request, internal_error, to_internal_error}, }; pub mod client; diff --git a/v-api/src/endpoints/login/mod.rs b/v-api/src/endpoints/login/mod.rs index f9c471e..2088db3 100644 --- a/v-api/src/endpoints/login/mod.rs +++ b/v-api/src/endpoints/login/mod.rs @@ -6,8 +6,8 @@ use async_trait::async_trait; use dropshot::HttpError; use schemars::JsonSchema; use serde::{ - de::{self, Visitor}, Deserialize, Deserializer, Serialize, Serializer, + de::{self, Visitor}, }; use thiserror::Error; diff --git a/v-api/src/endpoints/login/oauth/client.rs b/v-api/src/endpoints/login/oauth/client.rs index c8fd830..59562cc 100644 --- a/v-api/src/endpoints/login/oauth/client.rs +++ b/v-api/src/endpoints/login/oauth/client.rs @@ -9,18 +9,18 @@ use schemars::JsonSchema; use serde::{Deserialize, Serialize}; use tracing::instrument; use v_model::{ - permissions::{Caller, PermissionStorage}, OAuthClient, OAuthClientId, OAuthClientRedirectUri, OAuthClientSecret, OAuthRedirectUriId, OAuthSecretId, + permissions::{Caller, PermissionStorage}, }; use crate::{ + VContext, authn::key::RawKey, context::{ApiContext, VContextWithCaller}, permissions::{VAppPermission, VPermission}, secrets::OpenApiSecretString, util::response::to_internal_error, - VContext, }; #[instrument(skip(rqctx), err(Debug))] @@ -229,17 +229,17 @@ mod tests { use mockall::predicate::eq; use newtype_uuid::TypedUuid; use v_model::{ + ApiUser, ApiUserInfo, OAuthClient, OAuthClientSecret, permissions::Caller, storage::{MockApiUserStore, MockOAuthClientSecretStore, MockOAuthClientStore}, - ApiUser, ApiUserInfo, OAuthClient, OAuthClientSecret, }; use crate::{ authn::key::RawKey, - context::test_mocks::{mock_context, MockStorage}, + context::test_mocks::{MockStorage, mock_context}, endpoints::login::oauth::{ - client::{create_oauth_client_inner, create_oauth_client_secret_inner}, CheckOAuthClient, + client::{create_oauth_client_inner, create_oauth_client_secret_inner}, }, permissions::VPermission, }; diff --git a/v-api/src/endpoints/login/oauth/code.rs b/v-api/src/endpoints/login/oauth/code.rs index 39d3a4a..0e59668 100644 --- a/v-api/src/endpoints/login/oauth/code.rs +++ b/v-api/src/endpoints/login/oauth/code.rs @@ -2,21 +2,20 @@ // License, v. 2.0. If a copy of the MPL was not distributed with this // file, You can obtain one at https://mozilla.org/MPL/2.0/. -use base64::{prelude::BASE64_URL_SAFE_NO_PAD, Engine}; +use base64::{Engine, prelude::BASE64_URL_SAFE_NO_PAD}; use chrono::{TimeDelta, Utc}; use cookie::{Cookie, SameSite}; use dropshot::{ - http_response_temporary_redirect, ClientErrorStatusCode, HttpError, HttpResponseOk, - HttpResponseTemporaryRedirect, Path, Query, RequestContext, RequestInfo, SharedExtractor, - TypedBody, + ClientErrorStatusCode, HttpError, HttpResponseOk, HttpResponseTemporaryRedirect, Path, Query, + RequestContext, RequestInfo, SharedExtractor, TypedBody, http_response_temporary_redirect, }; use dropshot_authorization_header::basic::BasicAuth; -use http::{header::SET_COOKIE, HeaderValue}; +use http::{HeaderValue, header::SET_COOKIE}; use newtype_uuid::TypedUuid; use oauth2::{ AuthorizationCode, CsrfToken, PkceCodeChallenge, PkceCodeVerifier, Scope, TokenResponse, }; -use percent_encoding::{percent_encode, NON_ALPHANUMERIC}; +use percent_encoding::{NON_ALPHANUMERIC, percent_encode}; use schemars::JsonSchema; use secrecy::SecretString; use serde::{Deserialize, Serialize}; @@ -25,9 +24,9 @@ use std::{fmt::Debug, ops::Add}; use tap::TapFallible; use tracing::instrument; use v_model::{ + LoginAttempt, LoginAttemptId, NewLoginAttempt, OAuthClient, OAuthClientId, permissions::{AsScope, PermissionStorage}, schema_ext::LoginAttemptState, - LoginAttempt, LoginAttemptId, NewLoginAttempt, OAuthClient, OAuthClientId, }; use super::{OAuthProvider, OAuthProviderNameParam, UserInfoProvider, WebClientConfig}; @@ -35,15 +34,15 @@ use crate::{ authn::key::RawKey, context::{ApiContext, VContext}, endpoints::login::{ - oauth::{CheckOAuthClient, ClientType}, LoginError, UserInfo, + oauth::{CheckOAuthClient, ClientType}, }, error::ApiError, permissions::{VAppPermission, VPermission}, secrets::OpenApiSecretString, util::{ request::RequestCookies, - response::{internal_error, to_internal_error, unauthorized, ResourceError}, + response::{ResourceError, internal_error, to_internal_error, unauthorized}, }, }; @@ -777,8 +776,8 @@ mod tests { use chrono::{TimeDelta, Utc}; use dropshot::{HttpResponse, RequestInfo}; use http::{ - header::{COOKIE, LOCATION, SET_COOKIE}, HeaderValue, StatusCode, + header::{COOKIE, LOCATION, SET_COOKIE}, }; use http_body_util::Empty; use mockall::predicate::eq; @@ -787,23 +786,23 @@ mod tests { use secrecy::SecretString; use uuid::Uuid; use v_model::{ + LoginAttempt, OAuthClient, OAuthClientRedirectUri, OAuthClientSecret, schema_ext::LoginAttemptState, storage::{MockLoginAttemptStore, MockOAuthClientStore}, - LoginAttempt, OAuthClient, OAuthClientRedirectUri, OAuthClientSecret, }; use crate::{ authn::key::RawKey, context::{ - test_mocks::{mock_context, MockStorage}, VContext, + test_mocks::{MockStorage, mock_context}, }, endpoints::login::oauth::{ + OAuthProviderName, code::{ + LOGIN_ATTEMPT_COOKIE, OAuthAuthzCodeReturnQuery, OAuthError, OAuthErrorCode, authz_code_callback_op_inner, verify_csrf, verify_login_attempt, - OAuthAuthzCodeReturnQuery, OAuthError, OAuthErrorCode, LOGIN_ATTEMPT_COOKIE, }, - OAuthProviderName, }, permissions::VPermission, }; @@ -927,7 +926,11 @@ mod tests { .unwrap(); let headers = response.headers(); - let expected_location = format!("https://accounts.google.com/o/oauth2/v2/auth?response_type=code&client_id=google_web_client_id&state={}&code_challenge={}&code_challenge_method=S256&redirect_uri=https%3A%2F%2Fapi.oxeng.dev%2Flogin%2Foauth%2Fgoogle%2Fcode%2Fcallback&scope=openid+email+profile", attempt.id, challenge.as_str()); + let expected_location = format!( + "https://accounts.google.com/o/oauth2/v2/auth?response_type=code&client_id=google_web_client_id&state={}&code_challenge={}&code_challenge_method=S256&redirect_uri=https%3A%2F%2Fapi.oxeng.dev%2Flogin%2Foauth%2Fgoogle%2Fcode%2Fcallback&scope=openid+email+profile", + attempt.id, + challenge.as_str() + ); assert_eq!( expected_location, diff --git a/v-api/src/endpoints/login/oauth/device_token.rs b/v-api/src/endpoints/login/oauth/device_token.rs index 0c9d5c1..ef0c4e7 100644 --- a/v-api/src/endpoints/login/oauth/device_token.rs +++ b/v-api/src/endpoints/login/oauth/device_token.rs @@ -4,8 +4,8 @@ use chrono::{DateTime, Utc}; use dropshot::{Body, HttpError, HttpResponseOk, Method, Path, RequestContext, TypedBody}; -use http::{header, HeaderValue, Response, StatusCode}; -use oauth2::{basic::BasicTokenType, EmptyExtraTokenFields, StandardTokenResponse, TokenResponse}; +use http::{HeaderValue, Response, StatusCode, header}; +use oauth2::{EmptyExtraTokenFields, StandardTokenResponse, TokenResponse, basic::BasicTokenType}; use schemars::JsonSchema; use secrecy::ExposeSecret; use serde::{Deserialize, Serialize}; diff --git a/v-api/src/endpoints/login/oauth/github.rs b/v-api/src/endpoints/login/oauth/github.rs index bce1356..2011162 100644 --- a/v-api/src/endpoints/login/oauth/github.rs +++ b/v-api/src/endpoints/login/oauth/github.rs @@ -2,7 +2,7 @@ // License, v. 2.0. If a copy of the MPL was not distributed with this // file, You can obtain one at https://mozilla.org/MPL/2.0/. -use http::{header::USER_AGENT, HeaderMap, HeaderValue}; +use http::{HeaderMap, HeaderValue, header::USER_AGENT}; use hyper::body::Bytes; use reqwest::Request; use secrecy::SecretString; diff --git a/v-api/src/endpoints/login/oauth/mod.rs b/v-api/src/endpoints/login/oauth/mod.rs index f89d822..a5ddc11 100644 --- a/v-api/src/endpoints/login/oauth/mod.rs +++ b/v-api/src/endpoints/login/oauth/mod.rs @@ -4,10 +4,10 @@ use async_trait::async_trait; use http::Method; -use hyper::{body::Bytes, header::HeaderValue, header::AUTHORIZATION}; +use hyper::{body::Bytes, header::AUTHORIZATION, header::HeaderValue}; use oauth2::{ - basic::BasicClient, url::ParseError, AuthUrl, ClientId, ClientSecret, EndpointMaybeSet, - EndpointNotSet, EndpointSet, RedirectUrl, RevocationUrl, TokenUrl, + AuthUrl, ClientId, ClientSecret, EndpointMaybeSet, EndpointNotSet, EndpointSet, RedirectUrl, + RevocationUrl, TokenUrl, basic::BasicClient, url::ParseError, }; use reqwest::Request; use schemars::JsonSchema; @@ -18,7 +18,7 @@ use thiserror::Error; use tracing::instrument; use v_model::OAuthClient; -use crate::authn::{key::RawKey, Verify}; +use crate::authn::{Verify, key::RawKey}; use super::{UserInfo, UserInfoError, UserInfoProvider}; diff --git a/v-api/src/endpoints/mappers.rs b/v-api/src/endpoints/mappers.rs index 1b0ed17..0e3f88e 100644 --- a/v-api/src/endpoints/mappers.rs +++ b/v-api/src/endpoints/mappers.rs @@ -9,8 +9,8 @@ use serde::{Deserialize, Serialize}; use serde_json::Value; use tracing::instrument; use v_model::{ - permissions::{AsScope, Permission, PermissionStorage}, Mapper, MapperId, NewMapper, + permissions::{AsScope, Permission, PermissionStorage}, }; use crate::{ diff --git a/v-api/src/endpoints/saga.rs b/v-api/src/endpoints/saga.rs index e6c9c71..7d75d65 100644 --- a/v-api/src/endpoints/saga.rs +++ b/v-api/src/endpoints/saga.rs @@ -17,7 +17,7 @@ use v_model::{ }, }; -use crate::{permissions::VAppPermission, ApiContext}; +use crate::{ApiContext, permissions::VAppPermission}; /// An enriched view of a saga event that includes the node name from the dag #[derive(Debug, Serialize, JsonSchema)] diff --git a/v-api/src/error.rs b/v-api/src/error.rs index 38b2577..d24af90 100644 --- a/v-api/src/error.rs +++ b/v-api/src/error.rs @@ -7,8 +7,8 @@ use thiserror::Error; use v_model::storage::StoreError; use crate::{ - authn::{jwt::JwtSignerError, SigningKeyError}, - endpoints::login::{oauth::OAuthProviderError, LoginError}, + authn::{SigningKeyError, jwt::JwtSignerError}, + endpoints::login::{LoginError, oauth::OAuthProviderError}, response::conflict, util::response::{forbidden, internal_error, not_found}, }; diff --git a/v-api/src/lib.rs b/v-api/src/lib.rs index 1e035d3..274ecac 100644 --- a/v-api/src/lib.rs +++ b/v-api/src/lib.rs @@ -14,10 +14,10 @@ mod secrets; mod util; pub use context::{ - auth::SecretContext, ApiContext, BasePermissions, CallerExtension, ExtensionError, - GroupContext, LinkContext, LoginContext, MagicLinkContext, MagicLinkMessage, MagicLinkTarget, - MappingContext, OAuthContext, UserContext, VApiStorage, VContext, VContextBuilder, - VContextBuilderError, VContextError, VContextWithCaller, + ApiContext, BasePermissions, CallerExtension, ExtensionError, GroupContext, LinkContext, + LoginContext, MagicLinkContext, MagicLinkMessage, MagicLinkTarget, MappingContext, + OAuthContext, UserContext, VApiStorage, VContext, VContextBuilder, VContextBuilderError, + VContextError, VContextWithCaller, auth::SecretContext, }; pub use util::response; diff --git a/v-api/src/mapper/default.rs b/v-api/src/mapper/default.rs index bdca4af..8e2c8c2 100644 --- a/v-api/src/mapper/default.rs +++ b/v-api/src/mapper/default.rs @@ -9,9 +9,9 @@ use serde::{Deserialize, Serialize}; use std::collections::BTreeSet; use tracing::instrument; use v_model::{ + AccessGroupId, permissions::{Caller, Permissions}, storage::StoreError, - AccessGroupId, }; use crate::{ diff --git a/v-api/src/mapper/email_address.rs b/v-api/src/mapper/email_address.rs index a35f69f..439ca11 100644 --- a/v-api/src/mapper/email_address.rs +++ b/v-api/src/mapper/email_address.rs @@ -9,9 +9,9 @@ use serde::{Deserialize, Serialize}; use std::collections::BTreeSet; use tracing::instrument; use v_model::{ + AccessGroupId, permissions::{Caller, Permissions}, storage::StoreError, - AccessGroupId, }; use crate::{ diff --git a/v-api/src/mapper/email_domain.rs b/v-api/src/mapper/email_domain.rs index 1abc7b1..03ca281 100644 --- a/v-api/src/mapper/email_domain.rs +++ b/v-api/src/mapper/email_domain.rs @@ -9,9 +9,9 @@ use serde::{Deserialize, Serialize}; use std::collections::BTreeSet; use tracing::instrument; use v_model::{ + AccessGroupId, permissions::{Caller, Permissions}, storage::StoreError, - AccessGroupId, }; use crate::{ diff --git a/v-api/src/mapper/github_username.rs b/v-api/src/mapper/github_username.rs index 085c75b..bfbddbb 100644 --- a/v-api/src/mapper/github_username.rs +++ b/v-api/src/mapper/github_username.rs @@ -8,9 +8,9 @@ use schemars::JsonSchema; use serde::{Deserialize, Serialize}; use std::collections::BTreeSet; use v_model::{ + AccessGroupId, permissions::{Caller, Permissions}, storage::StoreError, - AccessGroupId, }; use crate::{ diff --git a/v-api/src/mapper/mod.rs b/v-api/src/mapper/mod.rs index 59e9556..de87b03 100644 --- a/v-api/src/mapper/mod.rs +++ b/v-api/src/mapper/mod.rs @@ -14,9 +14,9 @@ use serde_json::Value; use std::{collections::BTreeSet, error::Error as StdError, fmt::Debug}; use thiserror::Error; use v_model::{ + AccessGroupId, Mapper, permissions::{Caller, Permissions}, storage::StoreError, - AccessGroupId, Mapper, }; use crate::{ diff --git a/v-api/src/secrets.rs b/v-api/src/secrets.rs index 84c8a5b..c5e8042 100644 --- a/v-api/src/secrets.rs +++ b/v-api/src/secrets.rs @@ -3,8 +3,8 @@ // file, You can obtain one at https://mozilla.org/MPL/2.0/. use schemars::{ - schema::{InstanceType, SchemaObject}, JsonSchema, + schema::{InstanceType, SchemaObject}, }; use secrecy::{ExposeSecret, SecretString}; use serde::{Deserialize, Serialize, Serializer}; diff --git a/v-api/src/util.rs b/v-api/src/util.rs index 681411e..de1c78b 100644 --- a/v-api/src/util.rs +++ b/v-api/src/util.rs @@ -3,10 +3,10 @@ // file, You can obtain one at https://mozilla.org/MPL/2.0/. use google_cloudkms1::{ + CloudKMS, hyper_rustls::{HttpsConnector, HttpsConnectorBuilder}, - hyper_util::client::legacy::{connect::HttpConnector, Client}, + hyper_util::client::legacy::{Client, connect::HttpConnector}, hyper_util::rt::TokioExecutor, - CloudKMS, }; use crate::authn::CloudKmsError; @@ -191,8 +191,8 @@ pub mod response { } } -pub async fn cloud_kms_client( -) -> Result>, Box> { +pub async fn cloud_kms_client() +-> Result>, Box> { let opts = yup_oauth2::ApplicationDefaultCredentialsFlowOpts::default(); tracing::trace!(?opts, "Request GCP credentials"); @@ -247,8 +247,8 @@ pub mod tests { use dropshot::{HttpCodedResponse, HttpError}; use http::StatusCode; use rsa::{ - pkcs8::{EncodePrivateKey, EncodePublicKey, LineEnding}, RsaPrivateKey, RsaPublicKey, + pkcs8::{EncodePrivateKey, EncodePublicKey, LineEnding}, }; use crate::config::AsymmetricKey; diff --git a/v-api/tests/import.rs b/v-api/tests/import.rs index f0c8d92..ee56cc6 100644 --- a/v-api/tests/import.rs +++ b/v-api/tests/import.rs @@ -5,7 +5,7 @@ use schemars::JsonSchema; use serde::{Deserialize, Serialize}; use std::collections::BTreeSet; -use v_api::{permissions::VPermission, ApiContext}; +use v_api::{ApiContext, permissions::VPermission}; use v_api_permission_derive::v_api; #[v_api(From(VPermission))] diff --git a/v-model/src/permissions.rs b/v-model/src/permissions.rs index 40f8950..fd0bd93 100644 --- a/v-model/src/permissions.rs +++ b/v-model/src/permissions.rs @@ -11,16 +11,16 @@ use std::{ }; use diesel::{ + AsExpression, FromSqlRow, backend::Backend, deserialize::{self, FromSql}, pg::Pg, serialize::{self, Output, ToSql}, sql_types::Jsonb, - AsExpression, FromSqlRow, }; use newtype_uuid::TypedUuid; use schemars::JsonSchema; -use serde::{de::DeserializeOwned, Deserialize, Serialize}; +use serde::{Deserialize, Serialize, de::DeserializeOwned}; use thiserror::Error; use crate::{ApiUser, UserId}; diff --git a/v-model/src/saga/postgres.rs b/v-model/src/saga/postgres.rs index bf81b4f..8dbc9f2 100644 --- a/v-model/src/saga/postgres.rs +++ b/v-model/src/saga/postgres.rs @@ -6,8 +6,8 @@ use async_bb8_diesel::AsyncRunQueryDsl; use async_trait::async_trait; use chrono::Utc; use diesel::{ - delete, insert_into, query_dsl::QueryDsl, update, BoolExpressionMethods, ExpressionMethods, - NullableExpressionMethods, OptionalExtension, + BoolExpressionMethods, ExpressionMethods, NullableExpressionMethods, OptionalExtension, delete, + insert_into, query_dsl::QueryDsl, update, }; use newtype_uuid::{GenericUuid, TypedUuid}; @@ -18,7 +18,7 @@ use crate::{ view::{SagaExecNodeId, SagaId}, }, schema::{saga_events, sagas}, - storage::{postgres::PostgresStore, ListPagination, StoreError}, + storage::{ListPagination, StoreError, postgres::PostgresStore}, }; #[async_trait] @@ -48,10 +48,10 @@ impl SagaStore for PostgresStore { let mut or_expression: Option< Box< dyn diesel::expression::BoxableExpression< - sagas::table, - diesel::pg::Pg, - SqlType = diesel::sql_types::Bool, - >, + sagas::table, + diesel::pg::Pg, + SqlType = diesel::sql_types::Bool, + >, >, > = None; @@ -59,10 +59,10 @@ impl SagaStore for PostgresStore { // Start with TRUE and AND each condition let mut and_expression: Box< dyn diesel::expression::BoxableExpression< - sagas::table, - diesel::pg::Pg, - SqlType = diesel::sql_types::Bool, - >, + sagas::table, + diesel::pg::Pg, + SqlType = diesel::sql_types::Bool, + >, > = Box::new(diesel::dsl::sql::("TRUE")); if let Some(saga_ids) = filter.saga_id { @@ -223,20 +223,20 @@ impl SagaEventStore for PostgresStore { let mut or_expression: Option< Box< dyn diesel::expression::BoxableExpression< - saga_events::table, - diesel::pg::Pg, - SqlType = diesel::sql_types::Bool, - >, + saga_events::table, + diesel::pg::Pg, + SqlType = diesel::sql_types::Bool, + >, >, > = None; for filter in filters { let mut and_expression: Box< dyn diesel::expression::BoxableExpression< - saga_events::table, - diesel::pg::Pg, - SqlType = diesel::sql_types::Bool, - >, + saga_events::table, + diesel::pg::Pg, + SqlType = diesel::sql_types::Bool, + >, > = Box::new(diesel::dsl::sql::("TRUE")); if let Some(saga_ids) = filter.saga_id { diff --git a/v-model/src/schema_ext.rs b/v-model/src/schema_ext.rs index 8aa6194..8ac7126 100644 --- a/v-model/src/schema_ext.rs +++ b/v-model/src/schema_ext.rs @@ -3,12 +3,12 @@ // file, You can obtain one at https://mozilla.org/MPL/2.0/. use diesel::{ + AsExpression, FromSqlRow, backend::Backend, deserialize::{self, FromSql}, pg::Pg, query_builder::QueryId, serialize::{self, IsNull, Output, ToSql}, - AsExpression, FromSqlRow, }; use schemars::JsonSchema; use serde::{Deserialize, Serialize}; diff --git a/v-model/src/storage/mod.rs b/v-model/src/storage/mod.rs index 114a77e..8102f3b 100644 --- a/v-model/src/storage/mod.rs +++ b/v-model/src/storage/mod.rs @@ -16,7 +16,6 @@ use thiserror::Error; use uuid::Uuid; use crate::{ - schema_ext::{LoginAttemptState, MagicLinkAttemptState}, AccessGroup, AccessGroupId, AccessToken, AccessTokenId, ApiKey, ApiKeyId, ApiUserContactEmail, ApiUserInfo, ApiUserProvider, LinkRequest, LinkRequestId, LoginAttempt, LoginAttemptId, MagicLink, MagicLinkAttempt, MagicLinkAttemptId, MagicLinkId, MagicLinkRedirectUri, @@ -26,6 +25,7 @@ use crate::{ NewMagicLinkSecret, NewMapper, NewOAuthClient, NewOAuthClientRedirectUri, NewOAuthClientSecret, OAuthClient, OAuthClientId, OAuthClientRedirectUri, OAuthClientSecret, OAuthRedirectUriId, OAuthSecretId, UserContactEmailId, UserId, UserProviderId, + schema_ext::{LoginAttemptState, MagicLinkAttemptState}, }; pub mod postgres; @@ -263,7 +263,7 @@ pub struct LoginAttemptFilter { #[async_trait] pub trait LoginAttemptStore { async fn get(&self, id: &TypedUuid) - -> Result, StoreError>; + -> Result, StoreError>; async fn list( &self, filter: LoginAttemptFilter, diff --git a/v-model/src/storage/postgres.rs b/v-model/src/storage/postgres.rs index bae8b07..d645bc5 100644 --- a/v-model/src/storage/postgres.rs +++ b/v-model/src/storage/postgres.rs @@ -7,8 +7,8 @@ use async_trait::async_trait; use bb8::Pool; use chrono::Utc; use diesel::{ - insert_into, pg::PgConnection, query_dsl::QueryDsl, update, upsert::excluded, ExpressionMethods, OptionalExtension as OptionalExtension2, PgArrayExpressionMethods, + insert_into, pg::PgConnection, query_dsl::QueryDsl, update, upsert::excluded, }; use newtype_uuid::{GenericUuid, TypedUuid}; use std::{collections::BTreeMap, time::Duration}; @@ -16,6 +16,16 @@ use thiserror::Error; use tracing::instrument; use crate::{ + AccessGroup, AccessGroupId, AccessToken, AccessTokenId, ApiKey, ApiKeyId, ApiUser, + ApiUserContactEmail, ApiUserInfo, ApiUserProvider, LinkRequest, LinkRequestId, LoginAttempt, + LoginAttemptId, MagicLink, MagicLinkAttempt, MagicLinkAttemptId, MagicLinkId, + MagicLinkRedirectUri, MagicLinkRedirectUriId, MagicLinkSecret, MagicLinkSecretId, Mapper, + MapperId, NewAccessGroup, NewAccessToken, NewApiKey, NewApiUser, NewApiUserContactEmail, + NewApiUserProvider, NewLinkRequest, NewLoginAttempt, NewMagicLink, NewMagicLinkAttempt, + NewMagicLinkRedirectUri, NewMagicLinkSecret, NewMapper, NewOAuthClient, + NewOAuthClientRedirectUri, NewOAuthClientSecret, OAuthClient, OAuthClientId, + OAuthClientRedirectUri, OAuthClientSecret, OAuthRedirectUriId, OAuthSecretId, + UserContactEmailId, UserId, UserProviderId, db::{ AccessGroupModel, ApiKeyModel, ApiUserAccessTokenModel, ApiUserContactEmailModel, ApiUserModel, ApiUserProviderModel, LinkRequestModel, LoginAttemptModel, @@ -31,16 +41,6 @@ use crate::{ }, schema_ext::MagicLinkAttemptState, storage::{LinkRequestFilter, LinkRequestStore, StoreError}, - AccessGroup, AccessGroupId, AccessToken, AccessTokenId, ApiKey, ApiKeyId, ApiUser, - ApiUserContactEmail, ApiUserInfo, ApiUserProvider, LinkRequest, LinkRequestId, LoginAttempt, - LoginAttemptId, MagicLink, MagicLinkAttempt, MagicLinkAttemptId, MagicLinkId, - MagicLinkRedirectUri, MagicLinkRedirectUriId, MagicLinkSecret, MagicLinkSecretId, Mapper, - MapperId, NewAccessGroup, NewAccessToken, NewApiKey, NewApiUser, NewApiUserContactEmail, - NewApiUserProvider, NewLinkRequest, NewLoginAttempt, NewMagicLink, NewMagicLinkAttempt, - NewMagicLinkRedirectUri, NewMagicLinkSecret, NewMapper, NewOAuthClient, - NewOAuthClientRedirectUri, NewOAuthClientSecret, OAuthClient, OAuthClientId, - OAuthClientRedirectUri, OAuthClientSecret, OAuthRedirectUriId, OAuthSecretId, - UserContactEmailId, UserId, UserProviderId, }; use super::{ diff --git a/v-model/tests/postgres.rs b/v-model/tests/postgres.rs index f892bfc..e133f50 100644 --- a/v-model/tests/postgres.rs +++ b/v-model/tests/postgres.rs @@ -6,8 +6,9 @@ use std::collections::BTreeSet; use chrono::{Duration, TimeDelta, Utc}; use diesel::{ + PgConnection, RunQueryDsl, r2d2::{ConnectionManager, ManageConnection}, - sql_query, PgConnection, RunQueryDsl, + sql_query, }; use newtype_uuid::TypedUuid; use schemars::JsonSchema; @@ -16,12 +17,12 @@ use std::ops::{Add, Sub}; use uuid::Uuid; use v_api_installer::run_migrations; use v_model::{ + NewApiKey, NewApiUser, NewMagicLink, NewMagicLinkAttempt, UserId, schema_ext::MagicLinkAttemptState, storage::{ - postgres::PostgresStore, ApiKeyFilter, ApiKeyStore, ApiUserFilter, ApiUserStore, - ListPagination, MagicLinkAttemptStore, MagicLinkStore, + ApiKeyFilter, ApiKeyStore, ApiUserFilter, ApiUserStore, ListPagination, + MagicLinkAttemptStore, MagicLinkStore, postgres::PostgresStore, }, - NewApiKey, NewApiUser, NewMagicLink, NewMagicLinkAttempt, UserId, }; fn leakable_dbs() -> Vec { @@ -178,14 +179,18 @@ async fn test_api_user() { .await .unwrap(); - assert!(api_user - .user - .permissions - .can(&TestPermission::GetApiKey(api_user_id).into())); - assert!(api_user - .user - .permissions - .can(&TestPermission::DeleteApiKey(api_user_id).into())); + assert!( + api_user + .user + .permissions + .can(&TestPermission::GetApiKey(api_user_id).into()) + ); + assert!( + api_user + .user + .permissions + .can(&TestPermission::DeleteApiKey(api_user_id).into()) + ); // 5. Create an API token for the user let token = ApiKeyStore::::upsert( @@ -221,11 +226,13 @@ async fn test_api_user() { .await .unwrap(); - assert!(excess_token - .permissions - .as_ref() - .unwrap() - .can(&TestPermission::CreateApiUser.into())); + assert!( + excess_token + .permissions + .as_ref() + .unwrap() + .can(&TestPermission::CreateApiUser.into()) + ); // 7. Create an API token with excess permissions for the user let expired_token = ApiKeyStore::::upsert(