technofab/jwt-authorizer
1
0
Fork 0
mirror of https://github.com/TECHNOFAB11/jwt-authorizer.git synced 2025-12-11 23:50:07 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #45 from cduvray/tmp-tonic-removal

Browse source 
temporary tonic removal
This commit is contained in:
cduvray 2024-01-21 08:43:19 +01:00 committed by GitHub
commit f0b09235a1
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
13 changed files with 284 additions and 590 deletions
Download patch file Download diff file Expand all files Collapse all files

439
Cargo.lock generated
View file

@ -43,9 +43,9 @@ dependencies = [
[[package]]
name = "anyhow"
version = "1.0.75"
version = "1.0.79"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a4668cab20f66d8d020e1fbc0ebe47217433c1b6c8f2040faf858554e394ace6"
checksum = "080e9890a082662b09c1ad45f567faeeb47f22b5fb23895fbe1e651e718e25ca"
[[package]]
name = "assert-json-diff"
@ -68,28 +68,6 @@ dependencies = [
"futures-core",
]
[[package]]
name = "async-stream"
version = "0.3.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "cd56dd203fef61ac097dd65721a419ddccb106b2d2b70ba60a6b529f03961a51"
dependencies = [
"async-stream-impl",
"futures-core",
"pin-project-lite",
]
[[package]]
name = "async-stream-impl"
version = "0.3.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "16e62a023e7c117e27523144c5d2459f4397fcc3cab0085af8e2224f643a0193"
dependencies = [
"proc-macro2",
"quote",
"syn",
]
[[package]]
name = "async-trait"
version = "0.1.73"
@ -109,19 +87,19 @@ checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa"
[[package]]
name = "axum"
version = "0.6.20"
version = "0.7.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3b829e4e32b91e643de6eafe82b1d90675f5874230191a4ffbc1b336dec4d6bf"
checksum = "1236b4b292f6c4d6dc34604bb5120d85c3fe1d1aa596bd5cc52ca054d13e7b9e"
dependencies = [
"async-trait",
"axum-core",
"bitflags 1.3.2",
"bytes",
"futures-util",
"headers",
"http",
"http-body",
"hyper",
"http 1.0.0",
"http-body 1.0.0",
"http-body-util",
"hyper 1.1.0",
"hyper-util",
"itoa",
"matchit",
"memchr",
@ -138,23 +116,28 @@ dependencies = [
"tower",
"tower-layer",
"tower-service",
"tracing",
]
[[package]]
name = "axum-core"
version = "0.3.4"
version = "0.4.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "759fa577a247914fd3f7f76d62972792636412fbfd634cd452f6a385a74d2d2c"
checksum = "a15c63fd72d41492dc4f497196f5da1fb04fb7529e631d73630d1b491e47a2e3"
dependencies = [
"async-trait",
"bytes",
"futures-util",
"http",
"http-body",
"http 1.0.0",
"http-body 1.0.0",
"http-body-util",
"mime",
"pin-project-lite",
"rustversion",
"sync_wrapper",
"tower-layer",
"tower-service",
"tracing",
]
[[package]]
@ -365,12 +348,6 @@ dependencies = [
"crypto-common",
]
[[package]]
name = "either"
version = "1.9.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a26ae43d7bcc3b814de94796a5e736d4029efb0ee900c12e2d54c993ad1a1e07"
[[package]]
name = "encoding_rs"
version = "0.8.33"
@ -606,8 +583,10 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "be4136b2a15dd319360be1c07d9933517ccf0be8f16bf62a3bee4f0d618df427"
dependencies = [
"cfg-if",
"js-sys",
"libc",
"wasi 0.11.0+wasi-snapshot-preview1",
"wasm-bindgen",
]
[[package]]
@ -627,7 +606,7 @@ dependencies = [
"futures-core",
"futures-sink",
"futures-util",
"http",
"http 0.2.9",
"indexmap 1.9.3",
"slab",
"tokio",
@ -635,6 +614,25 @@ dependencies = [
"tracing",
]
[[package]]
name = "h2"
version = "0.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e1d308f63daf4181410c242d34c11f928dcb3aa105852019e043c9d1f4e4368a"
dependencies = [
"bytes",
"fnv",
"futures-core",
"futures-sink",
"futures-util",
"http 1.0.0",
"indexmap 2.0.0",
"slab",
"tokio",
"tokio-util",
"tracing",
]
[[package]]
name = "hashbrown"
version = "0.12.3"
@ -649,14 +647,14 @@ checksum = "2c6201b9ff9fd90a5a3bac2e56a830d0caa509576f0e503818ee82c181b3437a"
[[package]]
name = "headers"
version = "0.3.9"
version = "0.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "06683b93020a07e3dbcf5f8c0f6d40080d725bea7936fc01ad345c01b97dc270"
checksum = "322106e6bd0cba2d5ead589ddb8150a13d7c4217cf80d7c4f682ca994ccc6aa9"
dependencies = [
"base64 0.21.3",
"bytes",
"headers-core",
"http",
"http 1.0.0",
"httpdate",
"mime",
"sha1",
@ -664,11 +662,11 @@ dependencies = [
[[package]]
name = "headers-core"
version = "0.2.0"
version = "0.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e7f66481bfee273957b1f20485a4ff3362987f85b2c236580d81b4eb7a326429"
checksum = "54b4a22553d4242c49fddb9ba998a99962b5cc6f22cb5a3482bec22522403ce4"
dependencies = [
"http",
"http 1.0.0",
]
[[package]]
@ -688,6 +686,17 @@ dependencies = [
"itoa",
]
[[package]]
name = "http"
version = "1.0.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b32afd38673a8016f7c9ae69e5af41a58f81b1d31689040f2f1959594ce194ea"
dependencies = [
"bytes",
"fnv",
"itoa",
]
[[package]]
name = "http-body"
version = "0.4.5"
@ -695,15 +704,32 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d5f38f16d184e36f2408a55281cd658ecbd3ca05cce6d6510a176eca393e26d1"
dependencies = [
"bytes",
"http",
"http 0.2.9",
"pin-project-lite",
]
[[package]]
name = "http-range-header"
version = "0.3.1"
name = "http-body"
version = "1.0.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "add0ab9360ddbd88cfeb3bd9574a1d85cfdfa14db10b3e21d3700dbc4328758f"
checksum = "1cac85db508abc24a2e48553ba12a996e87244a0395ce011e62b37158745d643"
dependencies = [
"bytes",
"http 1.0.0",
]
[[package]]
name = "http-body-util"
version = "0.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "41cb79eb393015dadd30fc252023adb0b2400a0caee0fa2a077e6e21a551e840"
dependencies = [
"bytes",
"futures-util",
"http 1.0.0",
"http-body 1.0.0",
"pin-project-lite",
]
[[package]]
name = "http-types"
@ -715,10 +741,10 @@ dependencies = [
"async-channel",
"base64 0.13.1",
"futures-lite",
"http",
"http 0.2.9",
"infer",
"pin-project-lite",
"rand 0.7.3",
"rand",
"serde",
"serde_json",
"serde_qs",
@ -748,9 +774,9 @@ dependencies = [
"futures-channel",
"futures-core",
"futures-util",
"h2",
"http",
"http-body",
"h2 0.3.21",
"http 0.2.9",
"http-body 0.4.5",
"httparse",
"httpdate",
"itoa",
@ -762,6 +788,26 @@ dependencies = [
"want",
]
[[package]]
name = "hyper"
version = "1.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fb5aa53871fc917b1a9ed87b683a5d86db645e23acb32c2e0785a353e522fb75"
dependencies = [
"bytes",
"futures-channel",
"futures-util",
"h2 0.4.0",
"http 1.0.0",
"http-body 1.0.0",
"httparse",
"httpdate",
"itoa",
"pin-project-lite",
"tokio",
"want",
]
[[package]]
name = "hyper-rustls"
version = "0.24.1"
@ -769,25 +815,13 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8d78e1e73ec14cf7375674f74d7dde185c8206fd9dea6fb6295e8a98098aaa97"
dependencies = [
"futures-util",
"http",
"hyper",
"http 0.2.9",
"hyper 0.14.27",
"rustls",
"tokio",
"tokio-rustls",
]
[[package]]
name = "hyper-timeout"
version = "0.4.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bbb958482e8c7be4bc3cf272a766a2b0bf1a6755e7a6ae777f017a31d11b13b1"
dependencies = [
"hyper",
"pin-project-lite",
"tokio",
"tokio-io-timeout",
]
[[package]]
name = "hyper-tls"
version = "0.5.0"
@ -795,12 +829,30 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d6183ddfa99b85da61a140bea0efc93fdf56ceaa041b37d553518030827f9905"
dependencies = [
"bytes",
"hyper",
"hyper 0.14.27",
"native-tls",
"tokio",
"tokio-native-tls",
]
[[package]]
name = "hyper-util"
version = "0.1.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bdea9aac0dbe5a9240d68cfd9501e2db94222c6dc06843e06640b9e07f0fdc67"
dependencies = [
"bytes",
"futures-channel",
"futures-util",
"http 1.0.0",
"http-body 1.0.0",
"hyper 1.1.0",
"pin-project-lite",
"socket2 0.5.5",
"tokio",
"tracing",
]
[[package]]
name = "iana-time-zone"
version = "0.1.57"
@ -875,15 +927,6 @@ version = "2.8.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "28b29a3cd74f0f4598934efe3aeba42bae0eb4680554128851ebbecb02af14e6"
[[package]]
name = "itertools"
version = "0.11.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b1c173a5686ce8bfa551b3563d0c2170bf24ca44da99c7ca4bfdab5418c3fe57"
dependencies = [
"either",
]
[[package]]
name = "itoa"
version = "1.0.9"
@ -892,9 +935,9 @@ checksum = "af150ab688ff2122fcef229be89cb50dd66af9e01a4ff320cc137eecc9bacc38"
[[package]]
name = "josekit"
version = "0.8.3"
version = "0.8.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "33a96c4f2128a6f44ecf7c36df2b03dddf5a07b060a4d5ebc0a81e9821f7c60e"
checksum = "cd20997283339a19226445db97d632c8dc7adb6b8172537fe0e9e540fb141df2"
dependencies = [
"anyhow",
"base64 0.21.3",
@ -919,11 +962,12 @@ dependencies = [
[[package]]
name = "jsonwebtoken"
version = "9.1.0"
version = "9.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "155c4d7e39ad04c172c5e3a99c434ea3b4a7ba7960b38ecd562b270b097cce09"
checksum = "5c7ea04a7c5c055c175f189b6dc6ba036fd62306b58c66c9f6389036c503a3f4"
dependencies = [
"base64 0.21.3",
"js-sys",
"pem",
"ring 0.17.5",
"serde",
@ -940,19 +984,18 @@ dependencies = [
"futures-core",
"futures-util",
"headers",
"http",
"hyper",
"http 1.0.0",
"http-body-util",
"hyper 1.1.0",
"jsonwebtoken",
"lazy_static",
"pin-project",
"prost",
"reqwest",
"serde",
"serde_json",
"thiserror",
"time 0.3.28",
"tokio",
"tonic",
"tower",
"tower-http",
"tower-layer",
@ -1034,9 +1077,9 @@ dependencies = [
[[package]]
name = "mio"
version = "0.8.8"
version = "0.8.10"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "927a765cd3fc26206e66b296465fa9d3e5ab003e651c1b3c060e7956d96b19d2"
checksum = "8f3d0b296e374a4e6f3c7b0a1f5a51d748a0d34c85e7dc48fc3fa9a87657fe09"
dependencies = [
"libc",
"wasi 0.11.0+wasi-snapshot-preview1",
@ -1122,15 +1165,15 @@ dependencies = [
[[package]]
name = "once_cell"
version = "1.18.0"
version = "1.19.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "dd8b5dd2ae5ed71462c540258bedcb51965123ad7e7ccf4b9a8cafaa4a63576d"
checksum = "3fdb12b2476b595f9358c5161aa467c2438859caa136dec86c26fdd2efe17b92"
[[package]]
name = "openssl"
version = "0.10.57"
version = "0.10.63"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bac25ee399abb46215765b1cb35bc0212377e58a061560d8b29b024fd0430e7c"
checksum = "15c9d69dd87a29568d4d017cfe8ec518706046a05184e5aea92d0af890b803c8"
dependencies = [
"bitflags 2.4.0",
"cfg-if",
@ -1160,18 +1203,18 @@ checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf"
[[package]]
name = "openssl-src"
version = "111.27.0+1.1.1v"
version = "300.2.1+3.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "06e8f197c82d7511c5b014030c9b1efeda40d7d5f99d23b4ceed3524a5e63f02"
checksum = "3fe476c29791a5ca0d1273c697e96085bbabbbea2ef7afd5617e78a4b40332d3"
dependencies = [
"cc",
]
[[package]]
name = "openssl-sys"
version = "0.9.92"
version = "0.9.99"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "db7e971c2c2bba161b2d2fdf37080177eff520b3bc044787c7f1f5f9e78d869b"
checksum = "22e1bf214306098e4832460f797824c05d25aacdf896f64a985fb0fd992454ae"
dependencies = [
"cc",
"libc",
@ -1277,41 +1320,18 @@ checksum = "5b40af805b3121feab8a3c29f04d8ad262fa8e0561883e7653e024ae4479e6de"
[[package]]
name = "proc-macro2"
version = "1.0.66"
version = "1.0.76"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "18fb31db3f9bddb2ea821cde30a9f70117e3f119938b5ee630b7403aa6e2ead9"
checksum = "95fc56cda0b5c3325f5fbbd7ff9fda9e02bb00bb3dac51252d2f1bfa1cb8cc8c"
dependencies = [
"unicode-ident",
]
[[package]]
name = "prost"
version = "0.12.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "aa8473a65b88506c106c28ae905ca4a2b83a2993640467a41bb3080627ddfd2c"
dependencies = [
"bytes",
"prost-derive",
]
[[package]]
name = "prost-derive"
version = "0.12.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "56075c27b20ae524d00f247b8a4dc333e5784f889fe63099f8e626bc8d73486c"
dependencies = [
"anyhow",
"itertools",
"proc-macro2",
"quote",
"syn",
]
[[package]]
name = "quote"
version = "1.0.33"
version = "1.0.35"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5267fca4496028628a95160fc423a33e8b2e6af8a5302579e322e4b520293cae"
checksum = "291ec9ab5efd934aaf503a6466c5d5251535d108ee747472c3977cc5acc868ef"
dependencies = [
"proc-macro2",
]
@ -1324,22 +1344,11 @@ checksum = "6a6b1679d49b24bbfe0c803429aa1874472f50d9b363131f0e89fc356b544d03"
dependencies = [
"getrandom 0.1.16",
"libc",
"rand_chacha 0.2.2",
"rand_core 0.5.1",
"rand_chacha",
"rand_core",
"rand_hc",
]
[[package]]
name = "rand"
version = "0.8.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404"
dependencies = [
"libc",
"rand_chacha 0.3.1",
"rand_core 0.6.4",
]
[[package]]
name = "rand_chacha"
version = "0.2.2"
@ -1347,17 +1356,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f4c8ed856279c9737206bf725bf36935d8666ead7aa69b52be55af369d193402"
dependencies = [
"ppv-lite86",
"rand_core 0.5.1",
]
[[package]]
name = "rand_chacha"
version = "0.3.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88"
dependencies = [
"ppv-lite86",
"rand_core 0.6.4",
"rand_core",
]
[[package]]
@ -1369,22 +1368,13 @@ dependencies = [
"getrandom 0.1.16",
]
[[package]]
name = "rand_core"
version = "0.6.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c"
dependencies = [
"getrandom 0.2.10",
]
[[package]]
name = "rand_hc"
version = "0.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ca3129af7b92a17112d59ad498c6f81eaf463253766b90396d39ea7a39d6613c"
dependencies = [
"rand_core 0.5.1",
"rand_core",
]
[[package]]
@ -1442,19 +1432,19 @@ checksum = "dbb5fb1acd8a1a18b3dd5be62d25485eb770e05afb408a9627d14d451bae12da"
[[package]]
name = "reqwest"
version = "0.11.20"
version = "0.11.23"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3e9ad3fe7488d7e34558a2033d45a0c90b72d97b4f80705666fea71472e2e6a1"
checksum = "37b1ae8d9ac08420c66222fb9096fc5de435c3c48542bc5336c51892cffafb41"
dependencies = [
"base64 0.21.3",
"bytes",
"encoding_rs",
"futures-core",
"futures-util",
"h2",
"http",
"http-body",
"hyper",
"h2 0.3.21",
"http 0.2.9",
"http-body 0.4.5",
"hyper 0.14.27",
"hyper-rustls",
"hyper-tls",
"ipnet",
@ -1471,6 +1461,7 @@ dependencies = [
"serde",
"serde_json",
"serde_urlencoded",
"system-configuration",
"tokio",
"tokio-native-tls",
"tokio-rustls",
@ -1773,9 +1764,9 @@ dependencies = [
[[package]]
name = "socket2"
version = "0.5.3"
version = "0.5.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2538b18701741680e0322a2302176d3253a35388e2e62f172f64f4f16605f877"
checksum = "7b5fac59a5cb5dd637972e5fca70daf0523c9067fcdc4842f053dae04a18f8e9"
dependencies = [
"libc",
"windows-sys",
@ -1795,9 +1786,9 @@ checksum = "6980e8d7511241f8acf4aebddbb1ff938df5eebe98691418c4468d0b72a96a67"
[[package]]
name = "syn"
version = "2.0.31"
version = "2.0.48"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "718fa2415bcb8d8bd775917a1bf12a7931b6dfa890753378538118181e0cb398"
checksum = "0f3531638e407dfc0814761abb7c00a5b54992b849452a0646b7f65c9f770f3f"
dependencies = [
"proc-macro2",
"quote",
@ -1810,6 +1801,27 @@ version = "0.1.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2047c6ded9c721764247e62cd3b03c09ffc529b2ba5b10ec482ae507a4a70160"
[[package]]
name = "system-configuration"
version = "0.5.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ba3a3adc5c275d719af8cb4272ea1c4a6d668a777f37e115f6d11ddbc1c8e0e7"
dependencies = [
"bitflags 1.3.2",
"core-foundation",
"system-configuration-sys",
]
[[package]]
name = "system-configuration-sys"
version = "0.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a75fb188eb626b924683e3b95e3a48e63551fcfb51949de2f06a9d91dbee93c9"
dependencies = [
"core-foundation-sys",
"libc",
]
[[package]]
name = "tempfile"
version = "3.8.0"
@ -1825,18 +1837,18 @@ dependencies = [
[[package]]
name = "thiserror"
version = "1.0.48"
version = "1.0.56"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9d6d7a740b8a666a7e828dd00da9c0dc290dff53154ea77ac109281de90589b7"
checksum = "d54378c645627613241d077a3a79db965db602882668f9136ac42af9ecb730ad"
dependencies = [
"thiserror-impl",
]
[[package]]
name = "thiserror-impl"
version = "1.0.48"
version = "1.0.56"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "49922ecae66cc8a249b77e68d1d0623c1b2c514f0060c27cdc68bd62a1219d35"
checksum = "fa0faa943b50f3db30a20aa7e265dbc66076993efed8463e8de414e5d06d3471"
dependencies = [
"proc-macro2",
"quote",
@ -1909,9 +1921,9 @@ checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20"
[[package]]
name = "tokio"
version = "1.32.0"
version = "1.35.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "17ed6077ed6cd6c74735e21f37eb16dc3935f96878b1fe961074089cc80893f9"
checksum = "c89b4efa943be685f629b149f53829423f8f5531ea21249408e8e2f8671ec104"
dependencies = [
"backtrace",
"bytes",
@ -1921,26 +1933,16 @@ dependencies = [
"parking_lot",
"pin-project-lite",
"signal-hook-registry",
"socket2 0.5.3",
"socket2 0.5.5",
"tokio-macros",
"windows-sys",
]
[[package]]
name = "tokio-io-timeout"
version = "1.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "30b74022ada614a1b4834de765f9bb43877f910cc8ce4be40e89042c9223a8bf"
dependencies = [
"pin-project-lite",
"tokio",
]
[[package]]
name = "tokio-macros"
version = "2.1.0"
version = "2.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "630bdcf245f78637c13ec01ffae6187cca34625e8c63150d424b59e55af2675e"
checksum = "5b8a1e28f2deaa14e508979454cb3a223b10b938b45af148bc0986de36f1923b"
dependencies = [
"proc-macro2",
"quote",
@ -1967,17 +1969,6 @@ dependencies = [
"tokio",
]
[[package]]
name = "tokio-stream"
version = "0.1.14"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "397c988d37662c7dda6d2208364a706264bf3d6138b11d436cbac0ad38832842"
dependencies = [
"futures-core",
"pin-project-lite",
"tokio",
]
[[package]]
name = "tokio-util"
version = "0.7.8"
@ -1992,33 +1983,6 @@ dependencies = [
"tracing",
]
[[package]]
name = "tonic"
version = "0.10.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5469afaf78a11265c343a88969045c1568aa8ecc6c787dbf756e92e70f199861"
dependencies = [
"async-stream",
"async-trait",
"axum",
"base64 0.21.3",
"bytes",
"h2",
"http",
"http-body",
"hyper",
"hyper-timeout",
"percent-encoding",
"pin-project",
"prost",
"tokio",
"tokio-stream",
"tower",
"tower-layer",
"tower-service",
"tracing",
]
[[package]]
name = "tower"
version = "0.4.13"
@ -2027,11 +1991,8 @@ checksum = "b8fa9be0de6cf49e536ce1851f987bd21a43b771b09473c3549a6c853db37c1c"
dependencies = [
"futures-core",
"futures-util",
"indexmap 1.9.3",
"pin-project",
"pin-project-lite",
"rand 0.8.5",
"slab",
"tokio",
"tokio-util",
"tower-layer",
@ -2041,18 +2002,16 @@ dependencies = [
[[package]]
name = "tower-http"
version = "0.4.4"
version = "0.5.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "61c5bb1d698276a2443e5ecfabc1008bf15a36c12e6a7176e7bf089ea9131140"
checksum = "0da193277a4e2c33e59e09b5861580c33dd0a637c3883d0fa74ba40c0374af2e"
dependencies = [
"base64 0.21.3",
"bitflags 2.4.0",
"bytes",
"futures-core",
"futures-util",
"http",
"http-body",
"http-range-header",
"http 1.0.0",
"http-body 1.0.0",
"http-body-util",
"mime",
"pin-project-lite",
"tower-layer",
@ -2434,9 +2393,9 @@ dependencies = [
[[package]]
name = "wiremock"
version = "0.5.19"
version = "0.5.22"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c6f71803d3a1c80377a06221e0530be02035d5b3e854af56c6ece7ac20ac441d"
checksum = "13a3a53eaf34f390dd30d7b1b078287dd05df2aa2e21a589ccb80f5c7253c2e9"
dependencies = [
"assert-json-diff",
"async-trait",
@ -2445,7 +2404,7 @@ dependencies = [
"futures",
"futures-timer",
"http-types",
"hyper",
"hyper 0.14.27",
"log",
"once_cell",
"regex",

4
README.md
View file

@ -6,6 +6,8 @@ JWT authorizer Layer for Axum.
[![Crates.io](https://img.shields.io/crates/v/jwt-authorizer)](https://crates.io/crates/jwt-authorizer)
[![Documentation](https://docs.rs/jwt-authorizer/badge.svg)](https://docs.rs/jwt-authorizer)
> **Tonic support is temporarily removed** (waiting upgrade to hyper 1 and axum 0.7 hyperium/tonic/#1584)
## Features
- JWT token verification (Bearer)
@ -19,7 +21,7 @@ JWT authorizer Layer for Axum.
- into custom deserializable structs or into `RegisteredClaims` (default)
- Claims checker
- Tracing support (error logging)
- *tonic* support
- ~~*tonic* support~~
## Usage

20
demo-server/Cargo.toml
View file

@ -6,18 +6,18 @@ edition = "2021"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
[dependencies]
anyhow = "1.0.75"
axum = { version = "0.6.20", features = ["headers"] }
headers = "0.3"
josekit = "0.8.3"
jsonwebtoken = "9.1.0"
once_cell = "1.18.0"
reqwest = { version = "0.11.20", features = ["json"] }
anyhow = "1.0.79"
axum = { version = "0.7.4" }
headers = "0.4"
josekit = "0.8.5"
jsonwebtoken = "9.2.0"
once_cell = "1.19.0"
reqwest = { version = "0.11.23", features = ["json"] }
serde = { version = "1.0", features = ["derive"] }
serde_json = "1.0"
thiserror = "1.0.47"
tokio = { version = "1.32.0", features = ["full"] }
tower-http = { version = "0.4.3", features = ["trace"] }
thiserror = "1.0.56"
tokio = { version = "1.35.1", features = ["full"] }
tower-http = { version = "0.5.1", features = ["trace"] }
tracing = "0.1"
tracing-subscriber = { version = "0.3", features = ["env-filter"] }
jwt-authorizer = { path = "../jwt-authorizer" }

8
demo-server/src/main.rs
View file

@ -3,7 +3,7 @@ use jwt_authorizer::{
error::InitError, AuthError, Authorizer, IntoLayer, JwtAuthorizer, JwtClaims, Refresh, RefreshStrategy,
};
use serde::Deserialize;
use std::net::SocketAddr;
use tokio::net::TcpListener;
use tower_http::trace::TraceLayer;
use tracing::info;
use tracing_subscriber::{layer::SubscriberExt, util::SubscriberInitExt};
@ -62,10 +62,10 @@ async fn main() -> Result<(), InitError> {
.nest("/api", api)
.layer(TraceLayer::new_for_http());
let addr = SocketAddr::from(([127, 0, 0, 1], 3000));
tracing::info!("listening on {}", addr);
let listener = TcpListener::bind("127.0.0.1:3000").await.unwrap();
tracing::info!("listening on {:?}", listener.local_addr());
axum::Server::bind(&addr).serve(app.into_make_service()).await.unwrap();
axum::serve(listener, app.into_make_service()).await.unwrap();
Ok(())
}

9
demo-server/src/oidc_provider/mod.rs
View file

@ -7,7 +7,8 @@ use jsonwebtoken::{encode, Algorithm, EncodingKey, Header};
use jwt_authorizer::{NumericDate, OneOrArray, RegisteredClaims};
use serde::{Deserialize, Serialize};
use serde_json::{json, Value};
use std::{net::SocketAddr, thread, time::Duration};
use std::{thread, time::Duration};
use tokio::net::TcpListener;
const ISSUER_URI: &str = "http://localhost:3001";
@ -171,9 +172,9 @@ pub fn run_server() -> &'static str {
.route("/tokens", get(tokens));
tokio::spawn(async move {
let addr = SocketAddr::from(([127, 0, 0, 1], 3001));
tracing::info!("oidc provider starting on: {}", addr);
axum::Server::bind(&addr).serve(app.into_make_service()).await.unwrap();
let listener = TcpListener::bind("127.0.0.1:3001").await.unwrap();
tracing::info!("oidc provider starting on: {:?}", listener.local_addr());
axum::serve(listener, app.into_make_service()).await.unwrap();
});
thread::sleep(Duration::from_millis(200)); // waiting oidc to start

25
jwt-authorizer/Cargo.toml
View file

@ -7,36 +7,35 @@ authors = ["cduvray <c_duvray@proton.me>"]
license = "MIT"
readme = "docs/README.md"
repository = "https://github.com/cduvray/jwt-authorizer"
keywords = ["jwt","axum","authorisation","jwks"]
keywords = ["jwt", "axum", "authorisation", "jwks"]
[dependencies]
axum = { version = "0.6", features = ["headers"] }
axum = { version = "0.7" }
chrono = { version = "0.4", optional = true }
futures-util = "0.3"
futures-core = "0.3"
headers = "0.3"
jsonwebtoken = "9.1.0"
http = "0.2"
headers = "0.4"
jsonwebtoken = "9.2"
http = "1.0"
pin-project = "1.0"
reqwest = { version = "0.11", default-features = false, features = ["json"] }
serde = { version = "1.0", features = ["derive"] }
serde_json = "1.0"
thiserror = "1.0"
tokio = { version = "1.25", features = ["full"] }
tower-http = { version = "0.4", features = ["trace", "auth"] }
tower-http = { version = "0.5.0", features = ["trace", "auth"] }
tower-layer = "0.3"
tower-service = "0.3"
tracing = "0.1"
tracing-subscriber = { version = "0.3", features = ["env-filter"] }
tonic = { version = "0.10", optional = true }
time = { version = "0.3", optional = true }
http-body-util = "0.1.0"
[dev-dependencies]
hyper = { version = "0.14", features = ["full"] }
hyper = { version = "1.1.0", features = ["full"] }
lazy_static = "1.4.0"
prost = "0.12"
tower = { version = "0.4", features = ["util", "buffer"] }
wiremock = "0.5.19"
tower = { version = "0.4.13", features = ["util", "buffer"] }
wiremock = "0.5.22"
[features]
default = ["default-tls", "chrono"]
@ -50,7 +49,3 @@ rustls-tls-webpki-roots = ["reqwest/rustls-tls-webpki-roots"]
rustls-tls-native-roots = ["reqwest/rustls-tls-native-roots"]
time = ["dep:time"]
chrono = ["dep:chrono"]
[[test]]
name = "tonic"
required-features = [ "tonic" ]

7
jwt-authorizer/docs/README.md
View file

@ -24,7 +24,7 @@ JWT authoriser Layer for Axum and Tonic.
# use jwt_authorizer::{AuthError, Authorizer, JwtAuthorizer, JwtClaims, RegisteredClaims, IntoLayer};
# use axum::{routing::get, Router};
# use serde::Deserialize;
# use tokio::net::TcpListener;
# async {
// let's create an authorizer builder from a JWKS Endpoint
@ -41,9 +41,8 @@ JWT authoriser Layer for Axum and Tonic.
// Send the protected data to the user
Ok(format!("Welcome: {:?}", user.sub))
}
axum::Server::bind(&"0.0.0.0:3000".parse().unwrap())
.serve(app.into_make_service()).await.expect("server failed");
let listener = TcpListener::bind("0.0.0.0:3000").await.unwrap();
axum::serve(listener, app.into_make_service()).await.expect("server failed");
# };
```

2
jwt-authorizer/src/authorizer.rs
View file

@ -48,7 +48,7 @@ pub enum KeySourceType {
impl<C> Authorizer<C>
where
C: DeserializeOwned + Clone + Send + Sync,
C: DeserializeOwned + Clone + Send,
{
pub(crate) async fn build(
key_source_type: KeySourceType,

59
jwt-authorizer/src/error.rs
View file

@ -1,5 +1,5 @@
use axum::{
body::{self, BoxBody, Empty},
body::Body,
http::StatusCode,
response::{IntoResponse, Response},
};
@ -64,8 +64,8 @@ pub enum AuthError {
NoAuthorizerLayer(),
}
fn response_wwwauth(status: StatusCode, bearer: &str) -> Response<BoxBody> {
let mut res = Response::new(body::boxed(Empty::new()));
fn response_wwwauth(status: StatusCode, bearer: &str) -> Response<Body> {
let mut res = Response::new(Body::empty());
*res.status_mut() = status;
let h = if bearer.is_empty() {
"Bearer".to_owned()
@ -77,62 +77,13 @@ fn response_wwwauth(status: StatusCode, bearer: &str) -> Response<BoxBody> {
res
}
fn response_500() -> Response<BoxBody> {
let mut res = Response::new(body::boxed(Empty::new()));
fn response_500() -> Response<Body> {
let mut res = Response::new(Body::empty());
*res.status_mut() = StatusCode::INTERNAL_SERVER_ERROR;
res
}
#[cfg(feature = "tonic")]
impl From<AuthError> for Response<tonic::body::BoxBody> {
fn from(e: AuthError) -> Self {
match e {
AuthError::JwksRefreshError(err) => {
tracing::error!("AuthErrors::JwksRefreshError: {}", err);
tonic::Status::internal("")
}
AuthError::InvalidKey(err) => {
tracing::error!("AuthErrors::InvalidKey: {}", err);
tonic::Status::internal("")
}
AuthError::JwksSerialisationError(err) => {
tracing::error!("AuthErrors::JwksSerialisationError: {}", err);
tonic::Status::internal("")
}
AuthError::InvalidKeyAlg(err) => {
debug!("AuthErrors::InvalidKeyAlg: {:?}", err);
tonic::Status::unauthenticated("error=\"invalid_token\", error_description=\"invalid key algorithm\"")
}
AuthError::InvalidKid(err) => {
debug!("AuthErrors::InvalidKid: {}", err);
tonic::Status::unauthenticated("error=\"invalid_token\", error_description=\"invalid kid\"")
}
AuthError::InvalidToken(err) => {
debug!("AuthErrors::InvalidToken: {}", err);
tonic::Status::unauthenticated("error=\"invalid_token\"")
}
AuthError::MissingToken() => {
debug!("AuthErrors::MissingToken");
tonic::Status::unauthenticated("")
}
AuthError::InvalidClaims() => {
debug!("AuthErrors::InvalidClaims");
tonic::Status::unauthenticated("error=\"insufficient_scope\"")
}
AuthError::NoAuthorizer() => {
debug!("AuthErrors::NoAuthorizer");
tonic::Status::unauthenticated("error=\"invalid_token\"")
}
AuthError::NoAuthorizerLayer() => {
debug!("AuthErrors::NoAuthorizerLayer");
tonic::Status::unauthenticated("error=\"no_authorizer_layer\"")
}
}
.to_http()
}
}
impl From<AuthError> for Response {
fn from(e: AuthError) -> Self {
e.into_response()

43
jwt-authorizer/src/layer.rs
View file

@ -1,4 +1,4 @@
use axum::http::Request;
use axum::extract::Request;
use futures_core::ready;
use futures_util::future::{self, BoxFuture};
use jsonwebtoken::TokenData;
@ -15,28 +15,25 @@ use crate::authorizer::Authorizer;
use crate::AuthError;
/// Trait for authorizing requests.
pub trait Authorize<B> {
type RequestBody;
type Future: Future<Output = Result<Request<Self::RequestBody>, AuthError>>;
pub trait Authorize {
type Future: Future<Output = Result<Request, AuthError>>;
/// Authorize the request.
///
/// If the future resolves to `Ok(request)` then the request is allowed through, otherwise not.
fn authorize(&self, request: Request<B>) -> Self::Future;
fn authorize(&self, request: Request) -> Self::Future;
}
impl<B, S, C> Authorize<B> for AuthorizationService<S, C>
impl<S, C> Authorize for AuthorizationService<S, C>
where
B: Send + Sync + 'static,
C: Clone + DeserializeOwned + Send + Sync + 'static,
{
type RequestBody = B;
type Future = BoxFuture<'static, Result<Request<B>, AuthError>>;
type Future = BoxFuture<'static, Result<Request, AuthError>>;
/// The authorizers are sequentially applied (check_auth) until one of them validates the token.
/// If no authorizer validates the token the request is rejected.
///
fn authorize(&self, mut request: Request<B>) -> Self::Future {
fn authorize(&self, mut request: Request) -> Self::Future {
let tkns_auths: Vec<(String, Arc<Authorizer<C>>)> = self
.auths
.iter()
@ -59,6 +56,7 @@ where
Ok(tdata) => {
// Set `token_data` as a request extension so it can be accessed by other
// services down the stack.
request.extensions_mut().insert(tdata);
Ok(request)
@ -119,7 +117,7 @@ pub enum JwtSource {
#[derive(Clone)]
pub struct AuthorizationService<S, C>
where
C: Clone + DeserializeOwned + Send + Sync,
C: Clone + DeserializeOwned + Send,
{
pub inner: S,
pub auths: Vec<Arc<Authorizer<C>>>,
@ -127,7 +125,7 @@ where
impl<S, C> AuthorizationService<S, C>
where
C: Clone + DeserializeOwned + Send + Sync,
C: Clone + DeserializeOwned + Send,
{
pub fn get_ref(&self) -> &S {
&self.inner
@ -156,22 +154,21 @@ where
}
}
impl<ReqBody, S, C> Service<Request<ReqBody>> for AuthorizationService<S, C>
impl<S, C> Service<Request> for AuthorizationService<S, C>
where
ReqBody: Send + Sync + 'static,
S: Service<Request<ReqBody>> + Clone,
S: Service<Request> + Clone,
S::Response: From<AuthError>,
C: Clone + DeserializeOwned + Send + Sync + 'static,
{
type Response = S::Response;
type Error = S::Error;
type Future = ResponseFuture<S, ReqBody, C>;
type Future = ResponseFuture<S, C>;
fn poll_ready(&mut self, cx: &mut Context<'_>) -> Poll<Result<(), Self::Error>> {
self.inner.poll_ready(cx)
}
fn call(&mut self, req: Request<ReqBody>) -> Self::Future {
fn call(&mut self, req: Request) -> Self::Future {
let inner = self.inner.clone();
// take the service that was ready
let inner = std::mem::replace(&mut self.inner, inner);
@ -187,14 +184,13 @@ where
#[pin_project]
/// Response future for [`AuthorizationService`].
pub struct ResponseFuture<S, ReqBody, C>
pub struct ResponseFuture<S, C>
where
S: Service<Request<ReqBody>>,
ReqBody: Send + Sync + 'static,
S: Service<Request>,
C: Clone + DeserializeOwned + Send + Sync + 'static,
{
#[pin]
state: State<<AuthorizationService<S, C> as Authorize<ReqBody>>::Future, S::Future>,
state: State<<AuthorizationService<S, C> as Authorize>::Future, S::Future>,
service: S,
}
@ -210,11 +206,10 @@ enum State<A, SFut> {
},
}
impl<S, ReqBody, C> Future for ResponseFuture<S, ReqBody, C>
impl<S, C> Future for ResponseFuture<S, C>
where
S: Service<Request<ReqBody>>,
S: Service<Request>,
S::Response: From<AuthError>,
ReqBody: Send + Sync + 'static,
C: Clone + DeserializeOwned + Send + Sync,
{
type Output = Result<S::Response, S::Error>;

30
jwt-authorizer/tests/integration_tests.rs
View file

@ -1,5 +1,5 @@
use std::{
net::{SocketAddr, TcpListener},
net::SocketAddr,
sync::{
atomic::{AtomicI16, Ordering},
Arc, Once,
@ -8,13 +8,13 @@ use std::{
time::Duration,
};
use axum::{response::Response, routing::get, Json, Router};
use axum::{body::Body, response::Response, routing::get, Json, Router};
use http::{header::AUTHORIZATION, Request, StatusCode};
use hyper::Body;
use jwt_authorizer::{IntoLayer, JwtAuthorizer, JwtClaims, Refresh, RefreshStrategy, Validation};
use lazy_static::lazy_static;
use serde::{Deserialize, Serialize};
use serde_json::Value;
use tokio::net::TcpListener;
use tower::Service;
use tower::ServiceExt;
@ -65,8 +65,8 @@ async fn jwks() -> Json<Value> {
Json(common::JWKS_RSA1.clone())
}
fn run_jwks_server() -> String {
let listener = TcpListener::bind("0.0.0.0:0".parse::<SocketAddr>().unwrap()).unwrap();
async fn run_jwks_server() -> String {
let listener = TcpListener::bind("0.0.0.0:0".parse::<SocketAddr>().unwrap()).await.unwrap();
let addr = listener.local_addr().unwrap();
let url = format!("http://{}:{}", addr.ip(), addr.port());
@ -77,11 +77,7 @@ fn run_jwks_server() -> String {
.route("/jwks", get(jwks));
tokio::spawn(async move {
axum::Server::from_tcp(listener)
.unwrap()
.serve(app.into_make_service())
.await
.unwrap();
axum::serve(listener, app.into_make_service()).await.unwrap();
});
url
@ -130,7 +126,8 @@ fn init_test() {
}
async fn make_proteced_request(app: &mut Router, bearer: &str) -> Response {
app.ready()
app.as_service()
.ready()
.await
.unwrap()
.call(
@ -145,7 +142,8 @@ async fn make_proteced_request(app: &mut Router, bearer: &str) -> Response {
}
async fn make_public_request(app: &mut Router) -> Response {
app.ready()
app.as_service()
.ready()
.await
.unwrap()
.call(Request::builder().uri("/public").body(Body::empty()).unwrap())
@ -164,7 +162,7 @@ async fn sequential_tests() {
async fn scenario1() {
init_test();
let url = run_jwks_server();
let url = run_jwks_server().await;
let auth: JwtAuthorizer<User> = JwtAuthorizer::from_oidc(&url);
let mut app = app(auth).await;
assert_eq!(1, Stats::discovery_counter());
@ -192,7 +190,7 @@ async fn scenario1() {
/// Refresh strategy: INTERVAL
async fn scenario2() {
init_test();
let url = run_jwks_server();
let url = run_jwks_server().await;
let refresh = Refresh {
refresh_interval: Duration::from_millis(40),
retry_interval: Duration::from_millis(0),
@ -221,7 +219,7 @@ async fn scenario2() {
/// Refresh strategy: KeyNotFound
async fn scenario3() {
init_test();
let url = run_jwks_server();
let url = run_jwks_server().await;
let refresh = Refresh {
strategy: RefreshStrategy::KeyNotFound,
refresh_interval: Duration::from_millis(40),
@ -252,7 +250,7 @@ async fn scenario3() {
/// Refresh strategy: NoRefresh
async fn scenario4() {
init_test();
let url = run_jwks_server();
let url = run_jwks_server().await;
let refresh = Refresh {
strategy: RefreshStrategy::NoRefresh,
refresh_interval: Duration::from_millis(0),

19
jwt-authorizer/tests/tests.rs
View file

@ -23,6 +23,7 @@ mod tests {
use tower::{util::MapErrLayer, ServiceExt};
use crate::common;
use http_body_util::BodyExt;
#[derive(Debug, Deserialize, Clone)]
struct User {
@ -102,7 +103,9 @@ mod tests {
)
.await;
assert_eq!(response.status(), StatusCode::OK);
let body = hyper::body::to_bytes(response.into_body()).await.unwrap();
let body = response.into_body().collect().await.unwrap().to_bytes();
assert_eq!(&body[..], b"hello: b@b.com");
// ECDSA PEM
@ -112,14 +115,14 @@ mod tests {
)
.await;
assert_eq!(response.status(), StatusCode::OK);
let body = hyper::body::to_bytes(response.into_body()).await.unwrap();
let body = response.into_body().collect().await.unwrap().to_bytes();
assert_eq!(&body[..], b"hello: b@b.com");
// RSA PEM
let response =
make_proteced_request(JwtAuthorizer::from_rsa_pem("../config/rsa-public2.pem"), common::JWT_RSA2_OK).await;
assert_eq!(response.status(), StatusCode::OK);
let body = hyper::body::to_bytes(response.into_body()).await.unwrap();
let body = response.into_body().collect().await.unwrap().to_bytes();
assert_eq!(&body[..], b"hello: b@b.com");
// JWKS
@ -129,7 +132,7 @@ mod tests {
)
.await;
assert_eq!(response.status(), StatusCode::OK);
let body = hyper::body::to_bytes(response.into_body()).await.unwrap();
let body = response.into_body().collect().await.unwrap().to_bytes();
assert_eq!(&body[..], b"hello: b@b.com");
let response = make_proteced_request(
@ -138,7 +141,7 @@ mod tests {
)
.await;
assert_eq!(response.status(), StatusCode::OK);
let body = hyper::body::to_bytes(response.into_body()).await.unwrap();
let body = response.into_body().collect().await.unwrap().to_bytes();
assert_eq!(&body[..], b"hello: b@b.com");
let response = make_proteced_request(
@ -147,7 +150,7 @@ mod tests {
)
.await;
assert_eq!(response.status(), StatusCode::OK);
let body = hyper::body::to_bytes(response.into_body()).await.unwrap();
let body = response.into_body().collect().await.unwrap().to_bytes();
assert_eq!(&body[..], b"hello: b@b.com");
// JWKS TEXT
@ -158,7 +161,7 @@ mod tests {
)
.await;
assert_eq!(response.status(), StatusCode::OK);
let body = hyper::body::to_bytes(response.into_body()).await.unwrap();
let body = response.into_body().collect().await.unwrap().to_bytes();
assert_eq!(&body[..], b"hello: b@b.com");
}
@ -234,7 +237,7 @@ mod tests {
.unwrap();
assert_eq!(response.status(), StatusCode::OK);
let body = hyper::body::to_bytes(response.into_body()).await.unwrap();
let body = response.into_body().collect().await.unwrap().to_bytes();
assert_eq!(&body[..], b"option: true");
}

209
jwt-authorizer/tests/tonic.rs
View file

@ -1,209 +0,0 @@
use std::{sync::Once, task::Poll};
use axum::body::HttpBody;
use futures_core::future::BoxFuture;
use http::header::AUTHORIZATION;
use jwt_authorizer::{layer::AuthorizationService, IntoLayer, JwtAuthorizer, Validation};
use serde::{Deserialize, Serialize};
use tonic::{server::UnaryService, transport::NamedService, IntoRequest, Status};
use tower::{buffer::Buffer, Service};
use tracing_subscriber::{layer::SubscriberExt, util::SubscriberInitExt};
use crate::common::{JWT_RSA1_OK, JWT_RSA2_OK};
mod common;
/// Static variable to ensure that logging is only initialized once.
pub static INITIALIZED: Once = Once::new();
#[derive(Debug, Deserialize, Serialize, Clone)]
struct User {
sub: String,
}
#[derive(prost::Message)]
struct HelloMessage {
#[prost(string, tag = "1")]
message: String,
}
#[derive(Debug, Default, Clone)]
struct SayHelloMethod {}
impl UnaryService<HelloMessage> for SayHelloMethod {
type Response = HelloMessage;
type Future = BoxFuture<'static, Result<tonic::Response<Self::Response>, Status>>;
fn call(&mut self, request: tonic::Request<HelloMessage>) -> Self::Future {
Box::pin(async move {
let hi = request.into_inner();
let reply = HelloMessage {
message: format!("Hello, {}", hi.message),
};
Ok(tonic::Response::new(reply))
})
}
}
#[derive(Debug, Default, Clone)]
struct GreeterServer {
expected_sub: String,
}
impl Service<http::Request<tonic::transport::Body>> for GreeterServer {
type Response = http::Response<tonic::body::BoxBody>;
type Error = std::convert::Infallible;
type Future = BoxFuture<'static, Result<Self::Response, Self::Error>>;
fn poll_ready(&mut self, _cx: &mut std::task::Context<'_>) -> std::task::Poll<Result<(), Self::Error>> {
Poll::Ready(Ok(()))
}
fn call(&mut self, req: http::Request<tonic::transport::Body>) -> Self::Future {
let token = req.extensions().get::<jsonwebtoken::TokenData<User>>().unwrap();
assert_eq!(token.claims.sub, self.expected_sub);
match req.uri().path() {
"/hello/SayHello" => Box::pin(async move {
let mut grpc = tonic::server::Grpc::new(tonic::codec::ProstCodec::default());
Ok(grpc.unary(SayHelloMethod::default(), req).await)
}),
p => {
let p = p.to_string();
Box::pin(async move { Ok(Status::unimplemented(p).to_http()) })
}
}
}
}
impl NamedService for GreeterServer {
const NAME: &'static str = "hello";
}
async fn app(
jwt_auth: JwtAuthorizer<User>,
expected_sub: String,
) -> AuthorizationService<Buffer<tonic::transport::server::Routes, http::Request<tonic::transport::Body>>, User> {
let layer = jwt_auth.build().await.unwrap().into_layer();
tonic::transport::Server::builder()
.layer(layer)
.layer(tower::buffer::BufferLayer::new(1))
.add_service(GreeterServer { expected_sub })
.into_service()
}
fn init_test() {
INITIALIZED.call_once(|| {
tracing_subscriber::registry()
.with(tracing_subscriber::EnvFilter::new(
std::env::var("RUST_LOG").unwrap_or_else(|_| "info,jwt-authorizer=debug,tower_http=debug".into()),
))
.with(tracing_subscriber::fmt::layer())
.init();
});
}
// The grpc client produces a http request with a tonic boxbody that the transport is meant to sent out, while the server side
// expects to receive a http request with a hyper body.. This simple wrapper converts from one to
// the other.
struct GrpcWrapper<S>
where
S: Service<http::Request<axum::body::Body>> + Clone,
{
inner: S,
}
impl<S> Service<http::Request<tonic::body::BoxBody>> for GrpcWrapper<S>
where
S: Service<http::Request<axum::body::Body>> + Clone + Send + 'static,
S::Future: Send,
{
type Response = S::Response;
type Error = S::Error;
type Future = BoxFuture<'static, Result<Self::Response, Self::Error>>;
fn poll_ready(&mut self, cx: &mut std::task::Context<'_>) -> Poll<Result<(), Self::Error>> {
self.inner.poll_ready(cx)
}
fn call(&mut self, req: http::Request<tonic::body::BoxBody>) -> Self::Future {
let inner = self.inner.clone();
// take the service that was ready
let mut inner = std::mem::replace(&mut self.inner, inner);
Box::pin(async move {
let (parts, mut body) = req.into_parts();
let mut data = Vec::new();
while let Some(d) = body.data().await {
let d = d.unwrap();
data.extend_from_slice(&d)
}
inner
.call(http::Request::from_parts(parts, axum::body::Body::from(data)))
.await
})
}
}
async fn make_protected_request<S: Clone>(
app: AuthorizationService<S, User>,
bearer: Option<&str>,
message: &str,
) -> Result<tonic::Response<HelloMessage>, Status>
where
S: Service<
http::Request<tonic::transport::Body>,
Response = http::Response<tonic::body::BoxBody>,
Error = tower::BoxError,
> + Send
+ 'static,
S::Future: Send,
{
let mut grpc = tonic::client::Grpc::new(GrpcWrapper { inner: app });
let mut request = HelloMessage {
message: message.to_string(),
}
.into_request();
if let Some(bearer) = bearer {
let headers = request.metadata_mut();
headers.insert(AUTHORIZATION.as_str(), format!("Bearer {bearer}").parse().unwrap());
}
grpc.ready().await.unwrap();
grpc.unary(
request,
http::uri::PathAndQuery::from_static("/hello/SayHello"),
tonic::codec::ProstCodec::default(),
)
.await
}
#[tokio::test]
async fn successfull_auth() {
init_test();
let auth: JwtAuthorizer<User> =
JwtAuthorizer::from_rsa_pem("../config/rsa-public1.pem").validation(Validation::new().aud(&["aud1"]));
let app = app(auth, "b@b.com".to_string()).await;
let r = make_protected_request(app.clone(), Some(JWT_RSA1_OK), "world").await.unwrap();
assert_eq!(r.get_ref().message, "Hello, world");
}
#[tokio::test]
async fn wrong_token() {
init_test();
let auth: JwtAuthorizer<User> = JwtAuthorizer::from_rsa_pem("../config/rsa-public1.pem");
let app = app(auth, "b@b.com".to_string()).await;
let status = make_protected_request(app.clone(), Some(JWT_RSA2_OK), "world")
.await
.unwrap_err();
assert_eq!(status.code(), tonic::Code::Unauthenticated);
}
#[tokio::test]
async fn no_token() {
init_test();
let auth: JwtAuthorizer<User> = JwtAuthorizer::from_rsa_pem("../config/rsa-public1.pem");
let app = app(auth, "b@b.com".to_string()).await;
let status = make_protected_request(app.clone(), None, "world").await.unwrap_err();
assert_eq!(status.code(), tonic::Code::Unauthenticated);
}