Changeset View
Changeset View
Standalone View
Standalone View
services/identity/src/database.rs
use constant_time_eq::constant_time_eq; | |||||
use std::collections::HashMap; | use std::collections::HashMap; | ||||
use std::fmt::{Display, Formatter, Result as FmtResult}; | use std::fmt::{Display, Formatter, Result as FmtResult}; | ||||
use std::str::FromStr; | use std::str::FromStr; | ||||
use std::sync::Arc; | use std::sync::Arc; | ||||
use aws_config::SdkConfig; | use aws_config::SdkConfig; | ||||
use aws_sdk_dynamodb::model::AttributeValue; | use aws_sdk_dynamodb::model::AttributeValue; | ||||
use aws_sdk_dynamodb::output::{ | use aws_sdk_dynamodb::output::{ | ||||
▲ Show 20 Lines • Show All 355 Lines • ▼ Show 20 Lines | match get_item_result { | ||||
"DynamoDB client failed to get token for user {} with signing public key {}: {}", | "DynamoDB client failed to get token for user {} with signing public key {}: {}", | ||||
user_id, signing_public_key, e | user_id, signing_public_key, e | ||||
); | ); | ||||
Err(Error::AwsSdk(e.into())) | Err(Error::AwsSdk(e.into())) | ||||
} | } | ||||
} | } | ||||
} | } | ||||
pub async fn verify_access_token( | |||||
&self, | |||||
user_id: String, | |||||
signing_public_key: String, | |||||
access_token_to_verify: String, | |||||
) -> Result<bool, Error> { | |||||
let is_valid = self | |||||
.get_access_token_data(user_id, signing_public_key) | |||||
.await? | |||||
.map(|access_token_data| { | |||||
constant_time_eq( | |||||
access_token_data.access_token.as_bytes(), | |||||
access_token_to_verify.as_bytes(), | |||||
) && access_token_data.is_valid() | |||||
}) | |||||
.unwrap_or(false); | |||||
Ok(is_valid) | |||||
} | |||||
pub async fn put_access_token_data( | pub async fn put_access_token_data( | ||||
&self, | &self, | ||||
access_token_data: AccessTokenData, | access_token_data: AccessTokenData, | ||||
) -> Result<PutItemOutput, Error> { | ) -> Result<PutItemOutput, Error> { | ||||
let item = HashMap::from([ | let item = HashMap::from([ | ||||
( | ( | ||||
ACCESS_TOKEN_TABLE_PARTITION_KEY.to_string(), | ACCESS_TOKEN_TABLE_PARTITION_KEY.to_string(), | ||||
AttributeValue::S(access_token_data.user_id), | AttributeValue::S(access_token_data.user_id), | ||||
▲ Show 20 Lines • Show All 619 Lines • Show Last 20 Lines |