Page MenuHomePhorge
Files F32134035

D15520.1765026758.diff
No OneTemporary
Actions

Size
3 KB
Referenced Files
None
Subscribers
None

D15520.1765026758.diff
View Options

diff --git a/services/tunnelbroker/src/identity/mod.rs b/services/tunnelbroker/src/identity/mod.rs
deleted file mode 100644
--- a/services/tunnelbroker/src/identity/mod.rs
+++ /dev/null
@@ -1,41 +0,0 @@
-use client_proto::VerifyUserAccessTokenRequest;
-use comm_lib::auth::is_csat_verification_disabled;
-use grpc_clients::identity::{self, PlatformMetadata};
-use grpc_clients::tonic::Request;
-use identity::get_unauthenticated_client;
-use identity::protos::unauthenticated as client_proto;
-
-use crate::config::CONFIG;
-use crate::error::Error;
-
-// Identity service gRPC clients require a code version and device type.
-// We can supply some placeholder values for services for the time being, since
-// this metadata is only relevant for devices.
-const PLACEHOLDER_CODE_VERSION: u64 = 0;
-const DEVICE_TYPE: &str = "service";
-
-/// Returns true if access token is valid
-pub async fn verify_user_access_token(
- user_id: &str,
- device_id: &str,
- access_token: &str,
-) -> Result<bool, Error> {
- if is_csat_verification_disabled() {
- return Ok(true);
- }
-
- let mut grpc_client = get_unauthenticated_client(
- &CONFIG.identity_endpoint,
- PlatformMetadata::new(PLACEHOLDER_CODE_VERSION, DEVICE_TYPE),
- )
- .await?;
- let message = VerifyUserAccessTokenRequest {
- user_id: user_id.to_string(),
- device_id: device_id.to_string(),
- access_token: access_token.to_string(),
- };
-
- let request = Request::new(message);
- let response = grpc_client.verify_user_access_token(request).await?;
- Ok(response.into_inner().token_valid)
-}
diff --git a/services/tunnelbroker/src/main.rs b/services/tunnelbroker/src/main.rs
--- a/services/tunnelbroker/src/main.rs
+++ b/services/tunnelbroker/src/main.rs
@@ -5,7 +5,6 @@
pub mod error;
pub mod farcaster;
pub mod grpc;
-pub mod identity;
pub mod log;
pub mod notifs;
pub mod token_distributor;
diff --git a/services/tunnelbroker/src/websockets/session.rs b/services/tunnelbroker/src/websockets/session.rs
--- a/services/tunnelbroker/src/websockets/session.rs
+++ b/services/tunnelbroker/src/websockets/session.rs
@@ -9,6 +9,8 @@
use lapin::message::Delivery;
use std::sync::Arc;
+use grpc_clients::identity::unauthenticated::client as identity_client;
+
use reqwest::Url;
use tokio::io::AsyncRead;
use tokio::io::AsyncWrite;
@@ -16,10 +18,11 @@
use tracing::{debug, error, info, trace};
use crate::amqp_client::AmqpClient;
+use crate::config::CONFIG;
use crate::database::{self, DatabaseClient};
+use crate::farcaster;
use crate::farcaster::FarcasterClient;
use crate::notifs::SessionNotifClient;
-use crate::{farcaster, identity};
use tunnelbroker_messages::farcaster::{
FarcasterAPIRequest, FarcasterAPIResponse, FarcasterAPIResponseData,
FarcasterAPIResponseError,
@@ -94,10 +97,20 @@
// Authenticate device
debug!("Authenticating device: {}", &session_info.device_id);
- let auth_request = identity::verify_user_access_token(
+
+ // Identity service gRPC clients require a code version and device type.
+ // We can supply some placeholder values for services for the time being, since
+ // this metadata is only relevant for devices.
+ const PLACEHOLDER_CODE_VERSION: u64 = 0;
+ const DEVICE_TYPE: &str = "service";
+
+ let auth_request = identity_client::verify_user_access_token(
+ &CONFIG.identity_endpoint,
&session_info.user_id,
&device_info.device_id,
&session_info.access_token,
+ PLACEHOLDER_CODE_VERSION,
+ DEVICE_TYPE.to_string(),
)
.await;

File Metadata

Mime Type
text/plain
Expires
Sat, Dec 6, 1:12 PM (14 h, 27 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
5837841
Default Alt Text
D15520.1765026758.diff (3 KB)

Event Timeline