hagrid-keyserver--hagrid/src/web/vks_api.rs

use rocket::request::Request; use rocket::response::{self, Response, Responder};
use rocket::http::{ContentType,Status};
use rocket::serde::json::Json;
use rocket_i18n::{I18n, Translations};
use serde_json::json;
use std::io::Cursor;

use crate::database::{KeyDatabase, StatefulTokens, Query};
use crate::database::types::{Email, Fingerprint, KeyID};
use crate::mail;
use crate::tokens;
use crate::rate_limiter::RateLimiter;

use crate::web;
use crate::web::{RequestOrigin, MyResponse};
use crate::web::vks;
use crate::web::vks::response::*;

use rocket::serde::json::Error as JsonError;

pub mod json {
    use crate::web::vks::response::EmailStatus;
    use std::collections::HashMap;

    #[derive(Deserialize)]
    pub struct VerifyRequest {
        pub token: String,
        pub addresses: Vec<String>,
        pub locale: Option<Vec<String>>,
    }

    #[derive(Deserialize)]
    pub struct UploadRequest {
        pub keytext: String,
    }

    #[derive(Serialize,Deserialize)]
    pub struct UploadResult {
        pub token: String,
        pub key_fpr: String,
        pub status: HashMap<String,EmailStatus>,
    }
}

type JsonResult = Result<serde_json::Value, JsonErrorResponse>;

#[derive(Debug)]
pub struct JsonErrorResponse(Status,String);

impl<'r> Responder<'r, 'static> for JsonErrorResponse {
    fn respond_to(self, _: &'r Request<'_>) -> response::Result<'static> {
        let error_json = json!({"error": self.1});
        Response::build()
            .status(self.0)
            .sized_body(None, Cursor::new(error_json.to_string()))
            .header(ContentType::JSON)
            .ok()
    }
}

fn json_or_error<T>(data: Result<Json<T>, JsonError>) -> Result<Json<T>, JsonErrorResponse> {
    match data {
        Ok(data) => Ok(data),
        Err(JsonError::Io(_)) => Err(JsonErrorResponse(Status::InternalServerError, "i/o error!".to_owned())),
        Err(JsonError::Parse(_, e)) => Err(JsonErrorResponse(Status::BadRequest, e.to_string())),
    }
}

fn upload_ok_json(response: UploadResponse) -> Result<serde_json::Value, JsonErrorResponse> {
    match response {
        UploadResponse::Ok { token, key_fpr, status, .. } =>
            Ok(json!(json::UploadResult { token, key_fpr, status })),
        UploadResponse::OkMulti { key_fprs } => Ok(json!(key_fprs)),
        UploadResponse::Error(error) => Err(JsonErrorResponse(Status::BadRequest, error)),
    }
}

#[post("/vks/v1/upload", format = "json", data = "<data>")]
pub fn upload_json(
    db: &rocket::State<KeyDatabase>,
    tokens_stateless: &rocket::State<tokens::Service>,
    rate_limiter: &rocket::State<RateLimiter>,
    i18n: I18n,
    data: Result<Json<json::UploadRequest>, JsonError>,
) -> JsonResult {
    let data = json_or_error(data)?;
    use std::io::Cursor;
    let data_reader = Cursor::new(data.keytext.as_bytes());
    let result = vks::process_key(&db, &i18n, &tokens_stateless, &rate_limiter, data_reader);
    upload_ok_json(result)
}

#[post("/vks/v1/upload", rank = 2)]
pub fn upload_fallback(
    origin: RequestOrigin,
) -> JsonErrorResponse {
    let error_msg = format!("expected application/json data. see {}/about/api for api docs.", origin.get_base_uri());
    JsonErrorResponse(Status::BadRequest, error_msg)
}

fn get_locale(
    langs: &rocket::State<Translations>,
    locales: Vec<String>,
) -> I18n {
    locales
        .iter()
        .flat_map(|lang| lang.split(|c| c == '-' || c == ';' || c == '_').next())
        .flat_map(|lang| langs.iter().find(|(trans, _)| trans == &lang))
        .next()
        .or_else(|| langs.iter().find(|(trans, _)| trans == &"en"))
        .map(|(lang, catalog)| I18n { catalog: catalog.clone(), lang })
        .expect("Expected to have an english translation!")
}

#[post("/vks/v1/request-verify", format = "json", data="<data>")]
pub fn request_verify_json(
    db: &rocket::State<KeyDatabase>,
    langs: &rocket::State<Translations>,
    origin: RequestOrigin,
    token_stateful: &rocket::State<StatefulTokens>,
    token_stateless: &rocket::State<tokens::Service>,
    mail_service: &rocket::State<mail::Service>,
    rate_limiter: &rocket::State<RateLimiter>,
    data: Result<Json<json::VerifyRequest>, JsonError>,
) -> JsonResult {
    let data = json_or_error(data)?;
    let json::VerifyRequest { token, addresses, locale } = data.into_inner();
    let i18n = get_locale(langs, locale.unwrap_or_default());
    let result = vks::request_verify(
        db, &origin, token_stateful, token_stateless, mail_service,
        rate_limiter, &i18n, token, addresses);
    upload_ok_json(result)
}

#[post("/vks/v1/request-verify", rank = 2)]
pub fn request_verify_fallback(
    origin: RequestOrigin,
) -> JsonErrorResponse {
    let error_msg = format!("expected application/json data. see {}/about/api for api docs.", origin.get_base_uri());
    JsonErrorResponse(Status::BadRequest, error_msg)
}

#[get("/vks/v1/by-fingerprint/<fpr>")]
pub fn vks_v1_by_fingerprint(
    db: &rocket::State<KeyDatabase>,
    i18n: I18n,
    fpr: String,
) -> MyResponse {
    let query = match fpr.parse::<Fingerprint>() {
        Ok(fpr) => Query::ByFingerprint(fpr),
        Err(_) => return MyResponse::bad_request_plain("malformed fingerprint"),
    };

    web::key_to_response_plain(db, i18n, query)
}

#[get("/vks/v1/by-email/<email>")]
pub fn vks_v1_by_email(
    db: &rocket::State<KeyDatabase>,
    i18n: I18n,
    email: String,
) -> MyResponse {
    let email = email.replace("%40", "@");
    let query = match email.parse::<Email>() {
        Ok(email) => Query::ByEmail(email),
        Err(_) => return MyResponse::bad_request_plain("malformed e-mail address"),
    };

    web::key_to_response_plain(db, i18n, query)
}

#[get("/vks/v1/by-keyid/<kid>")]
pub fn vks_v1_by_keyid(
    db: &rocket::State<KeyDatabase>,
    i18n: I18n,
    kid: String,
) -> MyResponse {
    let query = match kid.parse::<KeyID>() {
        Ok(keyid) => Query::ByKeyID(keyid),
        Err(_) => return MyResponse::bad_request_plain("malformed key id"),
    };

    web::key_to_response_plain(db, i18n, query)
}
web: first iteration, update to rocket v0.5-rc1 2022-01-10 20:32:59 -05:00			`use rocket::request::Request; use rocket::response::{self, Response, Responder};`
Rework API 2019-05-23 19:01:24 -04:00			`use rocket::http::{ContentType,Status};`
web: first iteration, update to rocket v0.5-rc1 2022-01-10 20:32:59 -05:00			`use rocket::serde::json::Json;`
i18n: localize mail templates 2019-08-28 14:33:24 -04:00			`use rocket_i18n::{I18n, Translations};`
web: first iteration, update to rocket v0.5-rc1 2022-01-10 20:32:59 -05:00			`use serde_json::json;`
Rework API 2019-05-23 19:01:24 -04:00			`use std::io::Cursor;`

update to rust 2018 edition 2019-09-02 16:49:02 -04:00			`use crate::database::{KeyDatabase, StatefulTokens, Query};`
			`use crate::database::types::{Email, Fingerprint, KeyID};`
			`use crate::mail;`
			`use crate::tokens;`
			`use crate::rate_limiter::RateLimiter;`
Rework API 2019-05-23 19:01:24 -04:00
update to rust 2018 edition 2019-09-02 16:49:02 -04:00			`use crate::web;`
db+web: remove x-accel optimization This removes a shortcut to serve certificates from nginx by including an X-Accel-Redirect header in the response. 2022-01-04 07:33:03 -05:00			`use crate::web::{RequestOrigin, MyResponse};`
update to rust 2018 edition 2019-09-02 16:49:02 -04:00			`use crate::web::vks;`
			`use crate::web::vks::response::*;`
Rework API 2019-05-23 19:01:24 -04:00
web: first iteration, update to rocket v0.5-rc1 2022-01-10 20:32:59 -05:00			`use rocket::serde::json::Error as JsonError;`

Rework API 2019-05-23 19:01:24 -04:00			`pub mod json {`
update to rust 2018 edition 2019-09-02 16:49:02 -04:00			`use crate::web::vks::response::EmailStatus;`
Rework API 2019-05-23 19:01:24 -04:00			`use std::collections::HashMap;`

			`#[derive(Deserialize)]`
			`pub struct VerifyRequest {`
			`pub token: String,`
			`pub addresses: Vec<String>,`
i18n: localize mail templates 2019-08-28 14:33:24 -04:00			`pub locale: Option<Vec<String>>,`
Rework API 2019-05-23 19:01:24 -04:00			`}`

			`#[derive(Deserialize)]`
			`pub struct UploadRequest {`
			`pub keytext: String,`
			`}`

			`#[derive(Serialize,Deserialize)]`
			`pub struct UploadResult {`
			`pub token: String,`
			`pub key_fpr: String,`
			`pub status: HashMap<String,EmailStatus>,`
			`}`
			`}`

web: first iteration, update to rocket v0.5-rc1 2022-01-10 20:32:59 -05:00			`type JsonResult = Result<serde_json::Value, JsonErrorResponse>;`
Rework API 2019-05-23 19:01:24 -04:00
			`#[derive(Debug)]`
			`pub struct JsonErrorResponse(Status,String);`

web: first iteration, update to rocket v0.5-rc1 2022-01-10 20:32:59 -05:00			`impl<'r> Responder<'r, 'static> for JsonErrorResponse {`
			`fn respond_to(self, _: &'r Request<'_>) -> response::Result<'static> {`
Rework API 2019-05-23 19:01:24 -04:00			`let error_json = json!({"error": self.1});`
			`Response::build()`
			`.status(self.0)`
web: first iteration, update to rocket v0.5-rc1 2022-01-10 20:32:59 -05:00			`.sized_body(None, Cursor::new(error_json.to_string()))`
Rework API 2019-05-23 19:01:24 -04:00			`.header(ContentType::JSON)`
			`.ok()`
			`}`
			`}`

			`fn json_or_error<T>(data: Result<Json<T>, JsonError>) -> Result<Json<T>, JsonErrorResponse> {`
			`match data {`
			`Ok(data) => Ok(data),`
			`Err(JsonError::Io(_)) => Err(JsonErrorResponse(Status::InternalServerError, "i/o error!".to_owned())),`
			`Err(JsonError::Parse(_, e)) => Err(JsonErrorResponse(Status::BadRequest, e.to_string())),`
			`}`
			`}`

web: first iteration, update to rocket v0.5-rc1 2022-01-10 20:32:59 -05:00			`fn upload_ok_json(response: UploadResponse) -> Result<serde_json::Value, JsonErrorResponse> {`
Rework API 2019-05-23 19:01:24 -04:00			`match response {`
report number of unparsed uids in web upload 2019-06-08 11:15:46 -04:00			`UploadResponse::Ok { token, key_fpr, status, .. } =>`
Rework API 2019-05-23 19:01:24 -04:00			`Ok(json!(json::UploadResult { token, key_fpr, status })),`
			`UploadResponse::OkMulti { key_fprs } => Ok(json!(key_fprs)),`
			`UploadResponse::Error(error) => Err(JsonErrorResponse(Status::BadRequest, error)),`
			`}`
			`}`

			`#[post("/vks/v1/upload", format = "json", data = "<data>")]`
			`pub fn upload_json(`
web: first iteration, update to rocket v0.5-rc1 2022-01-10 20:32:59 -05:00			`db: &rocket::State<KeyDatabase>,`
			`tokens_stateless: &rocket::State<tokens::Service>,`
			`rate_limiter: &rocket::State<RateLimiter>,`
i18n: translate more dynamic messages 2019-09-28 15:54:00 -04:00			`i18n: I18n,`
Rework API 2019-05-23 19:01:24 -04:00			`data: Result<Json<json::UploadRequest>, JsonError>,`
			`) -> JsonResult {`
			`let data = json_or_error(data)?;`
			`use std::io::Cursor;`
			`let data_reader = Cursor::new(data.keytext.as_bytes());`
i18n: translate more dynamic messages 2019-09-28 15:54:00 -04:00			`let result = vks::process_key(&db, &i18n, &tokens_stateless, &rate_limiter, data_reader);`
Rework API 2019-05-23 19:01:24 -04:00			`upload_ok_json(result)`
			`}`

			`#[post("/vks/v1/upload", rank = 2)]`
			`pub fn upload_fallback(`
web: rename request_origin -> origin, it is a mouthful already 2022-01-17 10:03:56 -05:00			`origin: RequestOrigin,`
Rework API 2019-05-23 19:01:24 -04:00			`) -> JsonErrorResponse {`
web: rename request_origin -> origin, it is a mouthful already 2022-01-17 10:03:56 -05:00			`let error_msg = format!("expected application/json data. see {}/about/api for api docs.", origin.get_base_uri());`
point to docs if api endpoints are called with non-json data 2019-05-24 05:55:34 -04:00			`JsonErrorResponse(Status::BadRequest, error_msg)`
Rework API 2019-05-23 19:01:24 -04:00			`}`

i18n: localize mail templates 2019-08-28 14:33:24 -04:00			`fn get_locale(`
web: first iteration, update to rocket v0.5-rc1 2022-01-10 20:32:59 -05:00			`langs: &rocket::State<Translations>,`
i18n: localize mail templates 2019-08-28 14:33:24 -04:00			`locales: Vec<String>,`
			`) -> I18n {`
			`locales`
			`.iter()`
			`.flat_map(\|lang\| lang.split(\|c\| c == '-' \|\| c == ';' \|\| c == '_').next())`
			`.flat_map(\|lang\| langs.iter().find(\|(trans, _)\| trans == &lang))`
			`.next()`
			`.or_else(\|\| langs.iter().find(\|(trans, _)\| trans == &"en"))`
			`.map(\|(lang, catalog)\| I18n { catalog: catalog.clone(), lang })`
			`.expect("Expected to have an english translation!")`
			`}`

Rework API 2019-05-23 19:01:24 -04:00			`#[post("/vks/v1/request-verify", format = "json", data="<data>")]`
			`pub fn request_verify_json(`
web: first iteration, update to rocket v0.5-rc1 2022-01-10 20:32:59 -05:00			`db: &rocket::State<KeyDatabase>,`
			`langs: &rocket::State<Translations>,`
web: rename request_origin -> origin, it is a mouthful already 2022-01-17 10:03:56 -05:00			`origin: RequestOrigin,`
web: first iteration, update to rocket v0.5-rc1 2022-01-10 20:32:59 -05:00			`token_stateful: &rocket::State<StatefulTokens>,`
			`token_stateless: &rocket::State<tokens::Service>,`
			`mail_service: &rocket::State<mail::Service>,`
			`rate_limiter: &rocket::State<RateLimiter>,`
Rework API 2019-05-23 19:01:24 -04:00			`data: Result<Json<json::VerifyRequest>, JsonError>,`
			`) -> JsonResult {`
			`let data = json_or_error(data)?;`
i18n: localize mail templates 2019-08-28 14:33:24 -04:00			`let json::VerifyRequest { token, addresses, locale } = data.into_inner();`
			`let i18n = get_locale(langs, locale.unwrap_or_default());`
Rework API 2019-05-23 19:01:24 -04:00			`let result = vks::request_verify(`
web: rename request_origin -> origin, it is a mouthful already 2022-01-17 10:03:56 -05:00			`db, &origin, token_stateful, token_stateless, mail_service,`
web: i18n and request origin everywhere 2022-01-17 08:21:07 -05:00			`rate_limiter, &i18n, token, addresses);`
Rework API 2019-05-23 19:01:24 -04:00			`upload_ok_json(result)`
			`}`

			`#[post("/vks/v1/request-verify", rank = 2)]`
			`pub fn request_verify_fallback(`
web: rename request_origin -> origin, it is a mouthful already 2022-01-17 10:03:56 -05:00			`origin: RequestOrigin,`
Rework API 2019-05-23 19:01:24 -04:00			`) -> JsonErrorResponse {`
web: rename request_origin -> origin, it is a mouthful already 2022-01-17 10:03:56 -05:00			`let error_msg = format!("expected application/json data. see {}/about/api for api docs.", origin.get_base_uri());`
point to docs if api endpoints are called with non-json data 2019-05-24 05:55:34 -04:00			`JsonErrorResponse(Status::BadRequest, error_msg)`
Rework API 2019-05-23 19:01:24 -04:00			`}`
split human-readable interface and hkp 2019-06-11 10:59:27 -04:00
			`#[get("/vks/v1/by-fingerprint/<fpr>")]`
i18n: fix some untranslatable strings from database 2021-02-20 07:28:32 -05:00			`pub fn vks_v1_by_fingerprint(`
web: first iteration, update to rocket v0.5-rc1 2022-01-10 20:32:59 -05:00			`db: &rocket::State<KeyDatabase>,`
i18n: fix some untranslatable strings from database 2021-02-20 07:28:32 -05:00			`i18n: I18n,`
			`fpr: String,`
			`) -> MyResponse {`
split human-readable interface and hkp 2019-06-11 10:59:27 -04:00			`let query = match fpr.parse::<Fingerprint>() {`
			`Ok(fpr) => Query::ByFingerprint(fpr),`
vks_api: fix returned errors to be plain 2019-07-11 16:30:46 -04:00			`Err(_) => return MyResponse::bad_request_plain("malformed fingerprint"),`
split human-readable interface and hkp 2019-06-11 10:59:27 -04:00			`};`

db+web: remove x-accel optimization This removes a shortcut to serve certificates from nginx by including an X-Accel-Redirect header in the response. 2022-01-04 07:33:03 -05:00			`web::key_to_response_plain(db, i18n, query)`
split human-readable interface and hkp 2019-06-11 10:59:27 -04:00			`}`

			`#[get("/vks/v1/by-email/<email>")]`
i18n: fix some untranslatable strings from database 2021-02-20 07:28:32 -05:00			`pub fn vks_v1_by_email(`
web: first iteration, update to rocket v0.5-rc1 2022-01-10 20:32:59 -05:00			`db: &rocket::State<KeyDatabase>,`
i18n: fix some untranslatable strings from database 2021-02-20 07:28:32 -05:00			`i18n: I18n,`
			`email: String,`
			`) -> MyResponse {`
vks_api: fix returned errors to be plain 2019-07-11 16:30:46 -04:00			`let email = email.replace("%40", "@");`
split human-readable interface and hkp 2019-06-11 10:59:27 -04:00			`let query = match email.parse::<Email>() {`
			`Ok(email) => Query::ByEmail(email),`
vks_api: fix returned errors to be plain 2019-07-11 16:30:46 -04:00			`Err(_) => return MyResponse::bad_request_plain("malformed e-mail address"),`
split human-readable interface and hkp 2019-06-11 10:59:27 -04:00			`};`

db+web: remove x-accel optimization This removes a shortcut to serve certificates from nginx by including an X-Accel-Redirect header in the response. 2022-01-04 07:33:03 -05:00			`web::key_to_response_plain(db, i18n, query)`
split human-readable interface and hkp 2019-06-11 10:59:27 -04:00			`}`

			`#[get("/vks/v1/by-keyid/<kid>")]`
i18n: fix some untranslatable strings from database 2021-02-20 07:28:32 -05:00			`pub fn vks_v1_by_keyid(`
web: first iteration, update to rocket v0.5-rc1 2022-01-10 20:32:59 -05:00			`db: &rocket::State<KeyDatabase>,`
i18n: fix some untranslatable strings from database 2021-02-20 07:28:32 -05:00			`i18n: I18n,`
			`kid: String,`
			`) -> MyResponse {`
split human-readable interface and hkp 2019-06-11 10:59:27 -04:00			`let query = match kid.parse::<KeyID>() {`
			`Ok(keyid) => Query::ByKeyID(keyid),`
vks_api: fix returned errors to be plain 2019-07-11 16:30:46 -04:00			`Err(_) => return MyResponse::bad_request_plain("malformed key id"),`
split human-readable interface and hkp 2019-06-11 10:59:27 -04:00			`};`

db+web: remove x-accel optimization This removes a shortcut to serve certificates from nginx by including an X-Accel-Redirect header in the response. 2022-01-04 07:33:03 -05:00			`web::key_to_response_plain(db, i18n, query)`
split human-readable interface and hkp 2019-06-11 10:59:27 -04:00			`}`