actix-extras/actix-web-httpauth/src/middleware.rs

//! HTTP Authentication middleware.

use std::cell::RefCell;
use std::future::Future;
use std::marker::PhantomData;
use std::pin::Pin;
use std::rc::Rc;
use std::sync::Arc;

use actix_web::{
    dev::{Service, ServiceRequest, ServiceResponse, Transform},
    Error,
};
use futures_util::{
    future::{self, FutureExt as _, LocalBoxFuture, TryFutureExt as _},
    ready,
    task::{Context, Poll},
};

use crate::extractors::{basic, bearer, AuthExtractor};

/// Middleware for checking HTTP authentication.
///
/// If there is no `Authorization` header in the request, this middleware returns an error
/// immediately, without calling the `F` callback.
///
/// Otherwise, it will pass both the request and the parsed credentials into it. In case of
/// successful validation `F` callback is required to return the `ServiceRequest` back.
#[derive(Debug, Clone)]
pub struct HttpAuthentication<T, F>
where
    T: AuthExtractor,
{
    process_fn: Arc<F>,
    _extractor: PhantomData<T>,
}

impl<T, F, O> HttpAuthentication<T, F>
where
    T: AuthExtractor,
    F: Fn(ServiceRequest, T) -> O,
    O: Future<Output = Result<ServiceRequest, Error>>,
{
    /// Construct `HttpAuthentication` middleware with the provided auth extractor `T` and
    /// validation callback `F`.
    pub fn with_fn(process_fn: F) -> HttpAuthentication<T, F> {
        HttpAuthentication {
            process_fn: Arc::new(process_fn),
            _extractor: PhantomData,
        }
    }
}

impl<F, O> HttpAuthentication<basic::BasicAuth, F>
where
    F: Fn(ServiceRequest, basic::BasicAuth) -> O,
    O: Future<Output = Result<ServiceRequest, Error>>,
{
    /// Construct `HttpAuthentication` middleware for the HTTP "Basic" authentication scheme.
    ///
    /// # Example
    ///
    /// ```
    /// # use actix_web::Error;
    /// # use actix_web::dev::ServiceRequest;
    /// # use actix_web_httpauth::middleware::HttpAuthentication;
    /// # use actix_web_httpauth::extractors::basic::BasicAuth;
    /// // In this example validator returns immediately, but since it is required to return
    /// // anything that implements `IntoFuture` trait, it can be extended to query database or to
    /// // do something else in a async manner.
    /// async fn validator(
    ///     req: ServiceRequest,
    ///     credentials: BasicAuth,
    /// ) -> Result<ServiceRequest, Error> {
    ///     // All users are great and more than welcome!
    ///     Ok(req)
    /// }
    ///
    /// let middleware = HttpAuthentication::basic(validator);
    /// ```
    pub fn basic(process_fn: F) -> Self {
        Self::with_fn(process_fn)
    }
}

impl<F, O> HttpAuthentication<bearer::BearerAuth, F>
where
    F: Fn(ServiceRequest, bearer::BearerAuth) -> O,
    O: Future<Output = Result<ServiceRequest, Error>>,
{
    /// Construct `HttpAuthentication` middleware for the HTTP "Bearer" authentication scheme.
    ///
    /// # Example
    ///
    /// ```
    /// # use actix_web::Error;
    /// # use actix_web::dev::ServiceRequest;
    /// # use actix_web_httpauth::middleware::HttpAuthentication;
    /// # use actix_web_httpauth::extractors::bearer::{Config, BearerAuth};
    /// # use actix_web_httpauth::extractors::{AuthenticationError, AuthExtractorConfig};
    /// async fn validator(req: ServiceRequest, credentials: BearerAuth) -> Result<ServiceRequest, Error> {
    ///     if credentials.token() == "mF_9.B5f-4.1JqM" {
    ///         Ok(req)
    ///     } else {
    ///         let config = req.app_data::<Config>()
    ///             .map(|data| data.clone())
    ///             .unwrap_or_else(Default::default)
    ///             .scope("urn:example:channel=HBO&urn:example:rating=G,PG-13");
    ///
    ///         Err(AuthenticationError::from(config).into())
    ///     }
    /// }
    ///
    /// let middleware = HttpAuthentication::bearer(validator);
    /// ```
    pub fn bearer(process_fn: F) -> Self {
        Self::with_fn(process_fn)
    }
}

impl<S, B, T, F, O> Transform<S> for HttpAuthentication<T, F>
where
    S: Service<Request = ServiceRequest, Response = ServiceResponse<B>, Error = Error>
        + 'static,
    S::Future: 'static,
    F: Fn(ServiceRequest, T) -> O + 'static,
    O: Future<Output = Result<ServiceRequest, Error>> + 'static,
    T: AuthExtractor + 'static,
{
    type Request = ServiceRequest;
    type Response = ServiceResponse<B>;
    type Error = Error;
    type Transform = AuthenticationMiddleware<S, F, T>;
    type InitError = ();
    type Future = future::Ready<Result<Self::Transform, Self::InitError>>;

    fn new_transform(&self, service: S) -> Self::Future {
        future::ok(AuthenticationMiddleware {
            service: Rc::new(RefCell::new(service)),
            process_fn: self.process_fn.clone(),
            _extractor: PhantomData,
        })
    }
}

#[doc(hidden)]
pub struct AuthenticationMiddleware<S, F, T>
where
    T: AuthExtractor,
{
    service: Rc<RefCell<S>>,
    process_fn: Arc<F>,
    _extractor: PhantomData<T>,
}

impl<S, B, F, T, O> Service for AuthenticationMiddleware<S, F, T>
where
    S: Service<Request = ServiceRequest, Response = ServiceResponse<B>, Error = Error>
        + 'static,
    S::Future: 'static,
    F: Fn(ServiceRequest, T) -> O + 'static,
    O: Future<Output = Result<ServiceRequest, Error>> + 'static,
    T: AuthExtractor + 'static,
{
    type Request = ServiceRequest;
    type Response = ServiceResponse<B>;
    type Error = S::Error;
    type Future = LocalBoxFuture<'static, Result<ServiceResponse<B>, Error>>;

    fn poll_ready(&mut self, ctx: &mut Context<'_>) -> Poll<Result<(), Self::Error>> {
        self.service.borrow_mut().poll_ready(ctx)
    }

    fn call(&mut self, req: Self::Request) -> Self::Future {
        let process_fn = Arc::clone(&self.process_fn);

        let service = Rc::clone(&self.service);

        async move {
            let (req, credentials) = match Extract::<T>::new(req).await {
                Ok(req) => req,
                Err((err, req)) => {
                    return Ok(req.error_response(err));
                }
            };

            // TODO: alter to remove ? operator; an error response is required for downstream
            // middleware to do their thing (eg. cors adding headers)
            let req = process_fn(req, credentials).await?;
            // Ensure `borrow_mut()` and `.await` are on separate lines or else a panic occurs.
            let fut = service.borrow_mut().call(req);
            fut.await
        }
        .boxed_local()
    }
}

struct Extract<T> {
    req: Option<ServiceRequest>,
    f: Option<LocalBoxFuture<'static, Result<T, Error>>>,
    _extractor: PhantomData<fn() -> T>,
}

impl<T> Extract<T> {
    pub fn new(req: ServiceRequest) -> Self {
        Extract {
            req: Some(req),
            f: None,
            _extractor: PhantomData,
        }
    }
}

impl<T> Future for Extract<T>
where
    T: AuthExtractor,
    T::Future: 'static,
    T::Error: 'static,
{
    type Output = Result<(ServiceRequest, T), (Error, ServiceRequest)>;

    fn poll(mut self: Pin<&mut Self>, ctx: &mut Context<'_>) -> Poll<Self::Output> {
        if self.f.is_none() {
            let req = self.req.as_ref().expect("Extract future was polled twice!");
            let f = T::from_service_request(req).map_err(Into::into);
            self.f = Some(f.boxed_local());
        }

        let f = self
            .f
            .as_mut()
            .expect("Extraction future should be initialized at this point");

        let credentials = ready!(f.as_mut().poll(ctx)).map_err(|err| {
            (
                err,
                // returning request allows a proper error response to be created
                self.req.take().expect("Extract future was polled twice!"),
            )
        })?;

        let req = self.req.take().expect("Extract future was polled twice!");
        Poll::Ready(Ok((req, credentials)))
    }
}

#[cfg(test)]
mod tests {
    use super::*;
    use crate::extractors::bearer::BearerAuth;
    use actix_service::{into_service, Service};
    use actix_web::error;
    use actix_web::test::TestRequest;
    use futures_util::join;

    /// This is a test for https://github.com/actix/actix-extras/issues/10
    #[actix_rt::test]
    async fn test_middleware_panic() {
        let mut middleware = AuthenticationMiddleware {
            service: Rc::new(RefCell::new(into_service(
                |_: ServiceRequest| async move {
                    actix_rt::time::delay_for(std::time::Duration::from_secs(1)).await;
                    Err::<ServiceResponse, _>(error::ErrorBadRequest("error"))
                },
            ))),
            process_fn: Arc::new(|req, _: BearerAuth| async { Ok(req) }),
            _extractor: PhantomData,
        };

        let req = TestRequest::with_header("Authorization", "Bearer 1").to_srv_request();

        let f = middleware.call(req);

        let res = futures_util::future::lazy(|cx| middleware.poll_ready(cx));

        assert!(join!(f, res).0.is_err());
    }

    /// This is a test for https://github.com/actix/actix-extras/issues/10
    #[actix_rt::test]
    async fn test_middleware_panic_several_orders() {
        let mut middleware = AuthenticationMiddleware {
            service: Rc::new(RefCell::new(into_service(
                |_: ServiceRequest| async move {
                    actix_rt::time::delay_for(std::time::Duration::from_secs(1)).await;
                    Err::<ServiceResponse, _>(error::ErrorBadRequest("error"))
                },
            ))),
            process_fn: Arc::new(|req, _: BearerAuth| async { Ok(req) }),
            _extractor: PhantomData,
        };

        let req = TestRequest::with_header("Authorization", "Bearer 1").to_srv_request();

        let f1 = middleware.call(req);

        let req = TestRequest::with_header("Authorization", "Bearer 1").to_srv_request();

        let f2 = middleware.call(req);

        let req = TestRequest::with_header("Authorization", "Bearer 1").to_srv_request();

        let f3 = middleware.call(req);

        let res = futures_util::future::lazy(|cx| middleware.poll_ready(cx));

        let result = join!(f1, f2, f3, res);

        assert!(result.0.is_err());
        assert!(result.1.is_err());
        assert!(result.2.is_err());
    }
}
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00			`//! HTTP Authentication middleware.`

httpauth: Refactor out Mutex (#69) 2020-06-11 10:10:18 -05:00			`use std::cell::RefCell;`
httpauth: Minimize `futures` dependency 2020-05-21 17:23:59 +09:00			`use std::future::Future;`
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00			`use std::marker::PhantomData;`
Support actix-web 2.x (#14) 2020-01-07 01:00:43 +09:00			`use std::pin::Pin;`
httpauth: Refactor out Mutex (#69) 2020-06-11 10:10:18 -05:00			`use std::rc::Rc;`
Fixing the middleware multiple calls panic 2019-06-08 00:20:55 +03:00			`use std::sync::Arc;`
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00
fix httpauth extraction error handling in middleware (#128) 2020-11-18 15:08:03 +00:00			`use actix_web::{`
			`dev::{Service, ServiceRequest, ServiceResponse, Transform},`
			`Error,`
			`};`
			`use futures_util::{`
			`future::{self, FutureExt as _, LocalBoxFuture, TryFutureExt as _},`
			`ready,`
			`task::{Context, Poll},`
			`};`
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00
			`use crate::extractors::{basic, bearer, AuthExtractor};`

			`/// Middleware for checking HTTP authentication.`
			`///`
fix httpauth extraction error handling in middleware (#128) 2020-11-18 15:08:03 +00:00			/// If there is no `Authorization` header in the request, this middleware returns an error
			/// immediately, without calling the `F` callback.
Release 0.3.0 2019-06-05 18:52:47 +03:00			`///`
fix httpauth extraction error handling in middleware (#128) 2020-11-18 15:08:03 +00:00			`/// Otherwise, it will pass both the request and the parsed credentials into it. In case of`
			/// successful validation `F` callback is required to return the `ServiceRequest` back.
Fixing the middleware multiple calls panic 2019-06-08 00:20:55 +03:00			`#[derive(Debug, Clone)]`
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00			`pub struct HttpAuthentication<T, F>`
			`where`
			`T: AuthExtractor,`
			`{`
Fixing the middleware multiple calls panic 2019-06-08 00:20:55 +03:00			`process_fn: Arc<F>,`
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00			`_extractor: PhantomData<T>,`
			`}`

			`impl<T, F, O> HttpAuthentication<T, F>`
			`where`
			`T: AuthExtractor,`
Tighten HttpAuthentication::with_fn bound from FnMut to Fn. (#11) * Tighten HttpAuthentication::with_fn bound from FnMut to Fn. * Add middleware with closure example. 2019-07-20 00:34:59 +09:00			`F: Fn(ServiceRequest, T) -> O,`
Support actix-web 2.x (#14) 2020-01-07 01:00:43 +09:00			`O: Future<Output = Result<ServiceRequest, Error>>,`
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00			`{`
fix httpauth extraction error handling in middleware (#128) 2020-11-18 15:08:03 +00:00			/// Construct `HttpAuthentication` middleware with the provided auth extractor `T` and
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00			/// validation callback `F`.
Release 0.3.0 2019-06-05 18:52:47 +03:00			`pub fn with_fn(process_fn: F) -> HttpAuthentication<T, F> {`
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00			`HttpAuthentication {`
Fixing the middleware multiple calls panic 2019-06-08 00:20:55 +03:00			`process_fn: Arc::new(process_fn),`
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00			`_extractor: PhantomData,`
			`}`
			`}`
			`}`

			`impl<F, O> HttpAuthentication<basic::BasicAuth, F>`
			`where`
Tighten HttpAuthentication::with_fn bound from FnMut to Fn. (#11) * Tighten HttpAuthentication::with_fn bound from FnMut to Fn. * Add middleware with closure example. 2019-07-20 00:34:59 +09:00			`F: Fn(ServiceRequest, basic::BasicAuth) -> O,`
Support actix-web 2.x (#14) 2020-01-07 01:00:43 +09:00			`O: Future<Output = Result<ServiceRequest, Error>>,`
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00			`{`
fix httpauth extraction error handling in middleware (#128) 2020-11-18 15:08:03 +00:00			/// Construct `HttpAuthentication` middleware for the HTTP "Basic" authentication scheme.
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00			`///`
fix httpauth extraction error handling in middleware (#128) 2020-11-18 15:08:03 +00:00			`/// # Example`
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00			`///`
Make the lint stricter (#20) * Make the lint stricter * Add explicit lifetimes * Allow `needless_doctest_main` 2020-01-14 13:31:20 +09:00			/// ```
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00			`/// # use actix_web::Error;`
			`/// # use actix_web::dev::ServiceRequest;`
			`/// # use actix_web_httpauth::middleware::HttpAuthentication;`
			`/// # use actix_web_httpauth::extractors::basic::BasicAuth;`
fix httpauth extraction error handling in middleware (#128) 2020-11-18 15:08:03 +00:00			`/// // In this example validator returns immediately, but since it is required to return`
			/// // anything that implements `IntoFuture` trait, it can be extended to query database or to
			`/// // do something else in a async manner.`
Support actix-web 2.x (#14) 2020-01-07 01:00:43 +09:00			`/// async fn validator(`
Release 0.3.0 2019-06-05 18:52:47 +03:00			`/// req: ServiceRequest,`
Fixing the middleware multiple calls panic 2019-06-08 00:20:55 +03:00			`/// credentials: BasicAuth,`
Support actix-web 2.x (#14) 2020-01-07 01:00:43 +09:00			`/// ) -> Result<ServiceRequest, Error> {`
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00			`/// // All users are great and more than welcome!`
Support actix-web 2.x (#14) 2020-01-07 01:00:43 +09:00			`/// Ok(req)`
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00			`/// }`
			`///`
			`/// let middleware = HttpAuthentication::basic(validator);`
			/// ```
Release 0.3.0 2019-06-05 18:52:47 +03:00			`pub fn basic(process_fn: F) -> Self {`
			`Self::with_fn(process_fn)`
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00			`}`
			`}`

			`impl<F, O> HttpAuthentication<bearer::BearerAuth, F>`
			`where`
Tighten HttpAuthentication::with_fn bound from FnMut to Fn. (#11) * Tighten HttpAuthentication::with_fn bound from FnMut to Fn. * Add middleware with closure example. 2019-07-20 00:34:59 +09:00			`F: Fn(ServiceRequest, bearer::BearerAuth) -> O,`
Support actix-web 2.x (#14) 2020-01-07 01:00:43 +09:00			`O: Future<Output = Result<ServiceRequest, Error>>,`
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00			`{`
fix httpauth extraction error handling in middleware (#128) 2020-11-18 15:08:03 +00:00			/// Construct `HttpAuthentication` middleware for the HTTP "Bearer" authentication scheme.
Release 0.3.0 2019-06-05 18:52:47 +03:00			`///`
fix httpauth extraction error handling in middleware (#128) 2020-11-18 15:08:03 +00:00			`/// # Example`
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00			`///`
Make the lint stricter (#20) * Make the lint stricter * Add explicit lifetimes * Allow `needless_doctest_main` 2020-01-14 13:31:20 +09:00			/// ```
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00			`/// # use actix_web::Error;`
			`/// # use actix_web::dev::ServiceRequest;`
			`/// # use actix_web_httpauth::middleware::HttpAuthentication;`
			`/// # use actix_web_httpauth::extractors::bearer::{Config, BearerAuth};`
			`/// # use actix_web_httpauth::extractors::{AuthenticationError, AuthExtractorConfig};`
Support actix-web 2.x (#14) 2020-01-07 01:00:43 +09:00			`/// async fn validator(req: ServiceRequest, credentials: BearerAuth) -> Result<ServiceRequest, Error> {`
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00			`/// if credentials.token() == "mF_9.B5f-4.1JqM" {`
Support actix-web 2.x (#14) 2020-01-07 01:00:43 +09:00			`/// Ok(req)`
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00			`/// } else {`
			`/// let config = req.app_data::<Config>()`
update all packages to use actix-web v3 (#94) 2020-09-11 16:26:15 +01:00			`/// .map(\|data\| data.clone())`
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00			`/// .unwrap_or_else(Default::default)`
			`/// .scope("urn:example:channel=HBO&urn:example:rating=G,PG-13");`
			`///`
Support actix-web 2.x (#14) 2020-01-07 01:00:43 +09:00			`/// Err(AuthenticationError::from(config).into())`
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00			`/// }`
			`/// }`
			`///`
			`/// let middleware = HttpAuthentication::bearer(validator);`
			/// ```
Release 0.3.0 2019-06-05 18:52:47 +03:00			`pub fn bearer(process_fn: F) -> Self {`
			`Self::with_fn(process_fn)`
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00			`}`
			`}`

			`impl<S, B, T, F, O> Transform<S> for HttpAuthentication<T, F>`
			`where`
Check code with rustfmt not to introduce format commits (#88) 2020-07-21 03:51:51 +09:00			`S: Service<Request = ServiceRequest, Response = ServiceResponse<B>, Error = Error>`
			`+ 'static,`
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00			`S::Future: 'static,`
Release 0.3.0 2019-06-05 18:52:47 +03:00			`F: Fn(ServiceRequest, T) -> O + 'static,`
Support actix-web 2.x (#14) 2020-01-07 01:00:43 +09:00			`O: Future<Output = Result<ServiceRequest, Error>> + 'static,`
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00			`T: AuthExtractor + 'static,`
			`{`
			`type Request = ServiceRequest;`
			`type Response = ServiceResponse<B>;`
			`type Error = Error;`
			`type Transform = AuthenticationMiddleware<S, F, T>;`
			`type InitError = ();`
Support actix-web 2.x (#14) 2020-01-07 01:00:43 +09:00			`type Future = future::Ready<Result<Self::Transform, Self::InitError>>;`
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00
			`fn new_transform(&self, service: S) -> Self::Future {`
			`future::ok(AuthenticationMiddleware {`
httpauth: Refactor out Mutex (#69) 2020-06-11 10:10:18 -05:00			`service: Rc::new(RefCell::new(service)),`
Release 0.3.0 2019-06-05 18:52:47 +03:00			`process_fn: self.process_fn.clone(),`
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00			`_extractor: PhantomData,`
			`})`
			`}`
			`}`

			`#[doc(hidden)]`
			`pub struct AuthenticationMiddleware<S, F, T>`
			`where`
			`T: AuthExtractor,`
			`{`
httpauth: Refactor out Mutex (#69) 2020-06-11 10:10:18 -05:00			`service: Rc<RefCell<S>>,`
Fixing the middleware multiple calls panic 2019-06-08 00:20:55 +03:00			`process_fn: Arc<F>,`
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00			`_extractor: PhantomData<T>,`
			`}`

			`impl<S, B, F, T, O> Service for AuthenticationMiddleware<S, F, T>`
			`where`
Check code with rustfmt not to introduce format commits (#88) 2020-07-21 03:51:51 +09:00			`S: Service<Request = ServiceRequest, Response = ServiceResponse<B>, Error = Error>`
			`+ 'static,`
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00			`S::Future: 'static,`
Release 0.3.0 2019-06-05 18:52:47 +03:00			`F: Fn(ServiceRequest, T) -> O + 'static,`
Support actix-web 2.x (#14) 2020-01-07 01:00:43 +09:00			`O: Future<Output = Result<ServiceRequest, Error>> + 'static,`
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00			`T: AuthExtractor + 'static,`
			`{`
			`type Request = ServiceRequest;`
			`type Response = ServiceResponse<B>;`
			`type Error = S::Error;`
Support actix-web 2.x (#14) 2020-01-07 01:00:43 +09:00			`type Future = LocalBoxFuture<'static, Result<ServiceResponse<B>, Error>>;`
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00
Check code with rustfmt not to introduce format commits (#88) 2020-07-21 03:51:51 +09:00			`fn poll_ready(&mut self, ctx: &mut Context<'_>) -> Poll<Result<(), Self::Error>> {`
			`self.service.borrow_mut().poll_ready(ctx)`
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00			`}`

			`fn call(&mut self, req: Self::Request) -> Self::Future {`
fix httpauth extraction error handling in middleware (#128) 2020-11-18 15:08:03 +00:00			`let process_fn = Arc::clone(&self.process_fn);`
httpauth: Refactor out Mutex (#69) 2020-06-11 10:10:18 -05:00
			`let service = Rc::clone(&self.service);`
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00
Support actix-web 2.x (#14) 2020-01-07 01:00:43 +09:00			`async move {`
fix httpauth extraction error handling in middleware (#128) 2020-11-18 15:08:03 +00:00			`let (req, credentials) = match Extract::<T>::new(req).await {`
			`Ok(req) => req,`
			`Err((err, req)) => {`
			`return Ok(req.error_response(err));`
			`}`
			`};`

			`// TODO: alter to remove ? operator; an error response is required for downstream`
			`// middleware to do their thing (eg. cors adding headers)`
Support actix-web 2.x (#14) 2020-01-07 01:00:43 +09:00			`let req = process_fn(req, credentials).await?;`
fix httpauth extraction error handling in middleware (#128) 2020-11-18 15:08:03 +00:00			// Ensure `borrow_mut()` and `.await` are on separate lines or else a panic occurs.
httpauth: Refactor out Mutex (#69) 2020-06-11 10:10:18 -05:00			`let fut = service.borrow_mut().call(req);`
			`fut.await`
Support actix-web 2.x (#14) 2020-01-07 01:00:43 +09:00			`}`
			`.boxed_local()`
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00			`}`
			`}`

			`struct Extract<T> {`
			`req: Option<ServiceRequest>,`
Support actix-web 2.x (#14) 2020-01-07 01:00:43 +09:00			`f: Option<LocalBoxFuture<'static, Result<T, Error>>>,`
			`_extractor: PhantomData<fn() -> T>,`
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00			`}`

			`impl<T> Extract<T> {`
			`pub fn new(req: ServiceRequest) -> Self {`
			`Extract {`
			`req: Some(req),`
			`f: None,`
			`_extractor: PhantomData,`
			`}`
			`}`
			`}`

			`impl<T> Future for Extract<T>`
			`where`
			`T: AuthExtractor,`
			`T::Future: 'static,`
			`T::Error: 'static,`
			`{`
fix httpauth extraction error handling in middleware (#128) 2020-11-18 15:08:03 +00:00			`type Output = Result<(ServiceRequest, T), (Error, ServiceRequest)>;`
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00
Check code with rustfmt not to introduce format commits (#88) 2020-07-21 03:51:51 +09:00			`fn poll(mut self: Pin<&mut Self>, ctx: &mut Context<'_>) -> Poll<Self::Output> {`
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00			`if self.f.is_none() {`
Check code with rustfmt not to introduce format commits (#88) 2020-07-21 03:51:51 +09:00			`let req = self.req.as_ref().expect("Extract future was polled twice!");`
Support actix-web 2.x (#14) 2020-01-07 01:00:43 +09:00			`let f = T::from_service_request(req).map_err(Into::into);`
			`self.f = Some(f.boxed_local());`
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00			`}`

			`let f = self`
			`.f`
			`.as_mut()`
			`.expect("Extraction future should be initialized at this point");`
fix httpauth extraction error handling in middleware (#128) 2020-11-18 15:08:03 +00:00
			`let credentials = ready!(f.as_mut().poll(ctx)).map_err(\|err\| {`
			`(`
			`err,`
			`// returning request allows a proper error response to be created`
			`self.req.take().expect("Extract future was polled twice!"),`
			`)`
			`})?;`
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00
			`let req = self.req.take().expect("Extract future was polled twice!");`
Support actix-web 2.x (#14) 2020-01-07 01:00:43 +09:00			`Poll::Ready(Ok((req, credentials)))`
Experimental middleware for HTTP auth -- alpha.2 version 2019-05-17 17:28:57 +03:00			`}`
			`}`
httpauth: Refactor out Mutex (#69) 2020-06-11 10:10:18 -05:00
			`#[cfg(test)]`
			`mod tests {`
			`use super::*;`
			`use crate::extractors::bearer::BearerAuth;`
Check code with rustfmt not to introduce format commits (#88) 2020-07-21 03:51:51 +09:00			`use actix_service::{into_service, Service};`
httpauth: Refactor out Mutex (#69) 2020-06-11 10:10:18 -05:00			`use actix_web::error;`
Check code with rustfmt not to introduce format commits (#88) 2020-07-21 03:51:51 +09:00			`use actix_web::test::TestRequest;`
			`use futures_util::join;`
httpauth: Refactor out Mutex (#69) 2020-06-11 10:10:18 -05:00
			`/// This is a test for https://github.com/actix/actix-extras/issues/10`
			`#[actix_rt::test]`
			`async fn test_middleware_panic() {`
			`let mut middleware = AuthenticationMiddleware {`
Check code with rustfmt not to introduce format commits (#88) 2020-07-21 03:51:51 +09:00			`service: Rc::new(RefCell::new(into_service(`
			`\|_: ServiceRequest\| async move {`
httpauth: Refactor out Mutex (#69) 2020-06-11 10:10:18 -05:00			`actix_rt::time::delay_for(std::time::Duration::from_secs(1)).await;`
			`Err::<ServiceResponse, _>(error::ErrorBadRequest("error"))`
Check code with rustfmt not to introduce format commits (#88) 2020-07-21 03:51:51 +09:00			`},`
			`))),`
			`process_fn: Arc::new(\|req, _: BearerAuth\| async { Ok(req) }),`
httpauth: Refactor out Mutex (#69) 2020-06-11 10:10:18 -05:00			`_extractor: PhantomData,`
			`};`

			`let req = TestRequest::with_header("Authorization", "Bearer 1").to_srv_request();`

			`let f = middleware.call(req);`

Check code with rustfmt not to introduce format commits (#88) 2020-07-21 03:51:51 +09:00			`let res = futures_util::future::lazy(\|cx\| middleware.poll_ready(cx));`
httpauth: Refactor out Mutex (#69) 2020-06-11 10:10:18 -05:00
			`assert!(join!(f, res).0.is_err());`
			`}`

			`/// This is a test for https://github.com/actix/actix-extras/issues/10`
			`#[actix_rt::test]`
			`async fn test_middleware_panic_several_orders() {`
			`let mut middleware = AuthenticationMiddleware {`
Check code with rustfmt not to introduce format commits (#88) 2020-07-21 03:51:51 +09:00			`service: Rc::new(RefCell::new(into_service(`
			`\|_: ServiceRequest\| async move {`
httpauth: Refactor out Mutex (#69) 2020-06-11 10:10:18 -05:00			`actix_rt::time::delay_for(std::time::Duration::from_secs(1)).await;`
			`Err::<ServiceResponse, _>(error::ErrorBadRequest("error"))`
Check code with rustfmt not to introduce format commits (#88) 2020-07-21 03:51:51 +09:00			`},`
			`))),`
			`process_fn: Arc::new(\|req, _: BearerAuth\| async { Ok(req) }),`
httpauth: Refactor out Mutex (#69) 2020-06-11 10:10:18 -05:00			`_extractor: PhantomData,`
			`};`

			`let req = TestRequest::with_header("Authorization", "Bearer 1").to_srv_request();`

			`let f1 = middleware.call(req);`

			`let req = TestRequest::with_header("Authorization", "Bearer 1").to_srv_request();`

			`let f2 = middleware.call(req);`

			`let req = TestRequest::with_header("Authorization", "Bearer 1").to_srv_request();`

			`let f3 = middleware.call(req);`

			`let res = futures_util::future::lazy(\|cx\| middleware.poll_ready(cx));`

			`let result = join!(f1, f2, f3, res);`

			`assert!(result.0.is_err());`
			`assert!(result.1.is_err());`
			`assert!(result.2.is_err());`
			`}`
			`}`