diff --git a/services/backup/src/http/handlers/backup.rs b/services/backup/src/http/handlers/backup.rs --- a/services/backup/src/http/handlers/backup.rs +++ b/services/backup/src/http/handlers/backup.rs @@ -7,7 +7,10 @@ auth::{AuthService, UserIdentity}, backup::LatestBackupIDResponse, blob::{client::BlobServiceClient, types::BlobInfo}, - http::multipart::{get_named_text_field, get_text_field}, + http::{ + auth_service::Authenticated, + multipart::{get_named_text_field, get_text_field}, + }, tools::Defer, }; use std::convert::Infallible; @@ -22,7 +25,7 @@ #[instrument(skip_all, fields(backup_id))] pub async fn upload( user: UserIdentity, - blob_client: web::Data, + blob_client: Authenticated, db_client: web::Data, mut multipart: actix_multipart::Multipart, ) -> actix_web::Result { @@ -214,17 +217,16 @@ pub async fn download_user_keys( user: UserIdentity, path: web::Path, - blob_client: web::Data, + blob_client: Authenticated, db_client: web::Data, ) -> actix_web::Result { - let blob_client = blob_client.with_user_identity(user.clone()); info!("Download user keys request"); let backup_id = path.into_inner(); download_user_blob( |item| &item.user_keys, &user.user_id, &backup_id, - blob_client, + blob_client.into_inner(), db_client, ) .await @@ -234,17 +236,16 @@ pub async fn download_user_data( user: UserIdentity, path: web::Path, - blob_client: web::Data, + blob_client: Authenticated, db_client: web::Data, ) -> actix_web::Result { info!("Download user data request"); - let blob_client = blob_client.with_user_identity(user.clone()); let backup_id = path.into_inner(); download_user_blob( |item| &item.user_data, &user.user_id, &backup_id, - blob_client, + blob_client.into_inner(), db_client, ) .await @@ -304,16 +305,8 @@ pub async fn download_latest_backup_keys( path: web::Path, db_client: web::Data, - blob_client: web::Data, - auth_service: AuthService, + blob_client: Authenticated, ) -> actix_web::Result { - let services_token = auth_service - .get_services_token() - .await - .map_err(BackupError::from)?; - let blob_client = blob_client.with_authentication( - comm_lib::auth::AuthorizationCredential::ServicesToken(services_token), - ); let username = path.into_inner(); // Treat username as user_id in the initial version let user_id = username; diff --git a/shared/comm-lib/src/blob/client.rs b/shared/comm-lib/src/blob/client.rs --- a/shared/comm-lib/src/blob/client.rs +++ b/shared/comm-lib/src/blob/client.rs @@ -406,3 +406,13 @@ } // they have the same layout so we can simply alias type RevokeHolderRequest = AssignHolderRequest; + +#[cfg(feature = "http")] +impl crate::http::auth_service::HttpAuthenticatedService for BlobServiceClient { + fn make_authenticated( + self, + auth_credential: AuthorizationCredential, + ) -> Self { + self.with_authentication(auth_credential) + } +}