Page MenuHomePhabricator

[Identity] Token constructor
ClosedPublic

Authored by varun on May 6 2022, 12:03 PM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Dec 20, 11:24 PM
Unknown Object (File)
Fri, Dec 20, 11:24 PM
Unknown Object (File)
Fri, Dec 20, 11:24 PM
Unknown Object (File)
Fri, Dec 20, 11:24 PM
Unknown Object (File)
Fri, Dec 20, 11:24 PM
Unknown Object (File)
Fri, Dec 20, 11:24 PM
Unknown Object (File)
Fri, Dec 20, 11:20 PM
Unknown Object (File)
Mon, Dec 9, 7:22 PM

Details

Summary

new function to generate a Token. we use the rand crate to generate a random string for the token, and chrono to get the creation time. I used len 512 for the string because that's what OAuth uses for access tokens.

@jimpo, is this the best way to generate a random String in Rust?

Depends on D3957

Test Plan

Called constructor and verified the contents of the Token

Diff Detail

Repository
rCOMM Comm
Lint
No Lint Coverage
Unit
No Test Coverage

Event Timeline

varun requested review of this revision.May 6 2022, 12:08 PM

What kind of token is this exactly? Wonder if we should have a more precise name

karol added inline comments.
services/identity/src/token.rs
21

Cannot this be provided to the function inline?

This revision is now accepted and ready to land.May 9 2022, 4:33 AM

I'm not sure why this is in an "accepted" state. I hope it cannot be landed... After I accept, rust diffs should not be accepted, I know rust far too little to be decisive. Adding Jim as blocking.

This revision now requires review to proceed.May 9 2022, 4:53 AM
jim requested changes to this revision.May 9 2022, 10:14 AM
jim added inline comments.
services/identity/src/token.rs
14

Why are these fields all optional?

21

Agree, the constructor should take a &mut impl (Rng + CryptoRng) argument

23

Are you sure this will sample readable characters?

This revision now requires changes to proceed.May 9 2022, 10:14 AM

What kind of token is this exactly? Wonder if we should have a more precise name

It's an access token. We should name this struct AccessToken to be more precise.

Requesting review cos I have a couple q's for @jimpo

services/identity/src/token.rs
14

To handle incomplete data from DynamoDB. The token field should actually be optional too, fixing that in a separate diff

21

I see how adding the rng as an argument could make testing easier, but is there another reason why we should do this?

23

It won't. I'd need to use Alphanumeric instead of Standard to sample readable characters. Perhaps a naive q - why is readability important?

Addressing feedback. Still have a couple unanswered q's on the last revision

jim requested changes to this revision.May 17 2022, 8:04 AM
jim added inline comments.
services/identity/src/token.rs
14

I don't see why that needs to be handled at the struct layer. Like if you try to fetch an invalid record from the DB with incomplete fields, just return an error.

Basically, my recommendation is to drop the optionals on any fields where if it's None, the token would be considered invalid.

This revision now requires changes to proceed.May 17 2022, 8:04 AM
This revision is now accepted and ready to land.May 24 2022, 12:22 PM
This revision was automatically updated to reflect the committed changes.