From 12f0c78091a7d2ec668345e231aed8ad3318b88d Mon Sep 17 00:00:00 2001 From: Nikolay Kim Date: Sat, 9 Mar 2019 20:40:09 -0800 Subject: [PATCH] port identity middleware --- Cargo.toml | 7 +- errhandlers.rs | 141 ---------- identity.rs => src/middleware/identity.rs | 320 +++++++++++++--------- src/middleware/mod.rs | 7 +- src/service.rs | 11 +- 5 files changed, 211 insertions(+), 275 deletions(-) delete mode 100644 errhandlers.rs rename identity.rs => src/middleware/identity.rs (53%) diff --git a/Cargo.toml b/Cargo.toml index 6be1996e0..c64f4bc68 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -33,10 +33,10 @@ members = [ ] [package.metadata.docs.rs] -features = ["ssl", "tls", "rust-tls"] #, "session"] +features = ["ssl", "tls", "rust-tls", "session"] [features] -default = ["brotli", "flate2-c"] +default = ["brotli", "flate2-c", "session"] # brotli encoding, requires c compiler brotli = ["brotli2"] @@ -48,7 +48,7 @@ flate2-c = ["flate2/miniz-sys"] flate2-rust = ["flate2/rust_backend"] # sessions feature, session require "ring" crate and c compiler -# session = ["actix-session"] +session = ["cookie/secure"] # tls tls = ["native-tls", "actix-server/ssl"] @@ -72,6 +72,7 @@ actix-server = { git = "https://github.com/actix/actix-net.git" } actix-server-config = { git = "https://github.com/actix/actix-net.git" } bytes = "0.4" +cookie = { version="0.11", features=["percent-encode"] } derive_more = "0.14" encoding = "0.2" futures = "0.1" diff --git a/errhandlers.rs b/errhandlers.rs deleted file mode 100644 index c7d19d334..000000000 --- a/errhandlers.rs +++ /dev/null @@ -1,141 +0,0 @@ -use std::collections::HashMap; - -use error::Result; -use http::StatusCode; -use httprequest::HttpRequest; -use httpresponse::HttpResponse; -use middleware::{Middleware, Response}; - -type ErrorHandler = Fn(&HttpRequest, HttpResponse) -> Result; - -/// `Middleware` for allowing custom handlers for responses. -/// -/// You can use `ErrorHandlers::handler()` method to register a custom error -/// handler for specific status code. You can modify existing response or -/// create completely new one. -/// -/// ## Example -/// -/// ```rust -/// # extern crate actix_web; -/// use actix_web::middleware::{ErrorHandlers, Response}; -/// use actix_web::{http, App, HttpRequest, HttpResponse, Result}; -/// -/// fn render_500(_: &HttpRequest, resp: HttpResponse) -> Result { -/// let mut builder = resp.into_builder(); -/// builder.header(http::header::CONTENT_TYPE, "application/json"); -/// Ok(Response::Done(builder.into())) -/// } -/// -/// fn main() { -/// let app = App::new() -/// .middleware( -/// ErrorHandlers::new() -/// .handler(http::StatusCode::INTERNAL_SERVER_ERROR, render_500), -/// ) -/// .resource("/test", |r| { -/// r.method(http::Method::GET).f(|_| HttpResponse::Ok()); -/// r.method(http::Method::HEAD) -/// .f(|_| HttpResponse::MethodNotAllowed()); -/// }) -/// .finish(); -/// } -/// ``` -pub struct ErrorHandlers { - handlers: HashMap>>, -} - -impl Default for ErrorHandlers { - fn default() -> Self { - ErrorHandlers { - handlers: HashMap::new(), - } - } -} - -impl ErrorHandlers { - /// Construct new `ErrorHandlers` instance - pub fn new() -> Self { - ErrorHandlers::default() - } - - /// Register error handler for specified status code - pub fn handler(mut self, status: StatusCode, handler: F) -> Self - where - F: Fn(&HttpRequest, HttpResponse) -> Result + 'static, - { - self.handlers.insert(status, Box::new(handler)); - self - } -} - -impl Middleware for ErrorHandlers { - fn response(&self, req: &HttpRequest, resp: HttpResponse) -> Result { - if let Some(handler) = self.handlers.get(&resp.status()) { - handler(req, resp) - } else { - Ok(Response::Done(resp)) - } - } -} - -#[cfg(test)] -mod tests { - use super::*; - use error::{Error, ErrorInternalServerError}; - use http::header::CONTENT_TYPE; - use http::StatusCode; - use httpmessage::HttpMessage; - use middleware::Started; - use test::{self, TestRequest}; - - fn render_500(_: &HttpRequest, resp: HttpResponse) -> Result { - let mut builder = resp.into_builder(); - builder.header(CONTENT_TYPE, "0001"); - Ok(Response::Done(builder.into())) - } - - #[test] - fn test_handler() { - let mw = - ErrorHandlers::new().handler(StatusCode::INTERNAL_SERVER_ERROR, render_500); - - let mut req = TestRequest::default().finish(); - let resp = HttpResponse::InternalServerError().finish(); - let resp = match mw.response(&mut req, resp) { - Ok(Response::Done(resp)) => resp, - _ => panic!(), - }; - assert_eq!(resp.headers().get(CONTENT_TYPE).unwrap(), "0001"); - - let resp = HttpResponse::Ok().finish(); - let resp = match mw.response(&mut req, resp) { - Ok(Response::Done(resp)) => resp, - _ => panic!(), - }; - assert!(!resp.headers().contains_key(CONTENT_TYPE)); - } - - struct MiddlewareOne; - - impl Middleware for MiddlewareOne { - fn start(&self, _: &HttpRequest) -> Result { - Err(ErrorInternalServerError("middleware error")) - } - } - - #[test] - fn test_middleware_start_error() { - let mut srv = test::TestServer::new(move |app| { - app.middleware( - ErrorHandlers::new() - .handler(StatusCode::INTERNAL_SERVER_ERROR, render_500), - ).middleware(MiddlewareOne) - .handler(|_| HttpResponse::Ok()) - }); - - let request = srv.get().finish().unwrap(); - let response = srv.execute(request.send()).unwrap(); - assert_eq!(response.headers().get(CONTENT_TYPE).unwrap(), "0001"); - } -} diff --git a/identity.rs b/src/middleware/identity.rs similarity index 53% rename from identity.rs rename to src/middleware/identity.rs index a664ba1f0..d04ed717c 100644 --- a/identity.rs +++ b/src/middleware/identity.rs @@ -14,26 +14,26 @@ //! *HttpRequest* implements *RequestIdentity* trait. //! //! ```rust -//! use actix_web::middleware::identity::RequestIdentity; +//! use actix_web::middleware::identity::Identity; //! use actix_web::middleware::identity::{CookieIdentityPolicy, IdentityService}; //! use actix_web::*; //! -//! fn index(req: HttpRequest) -> Result { +//! fn index(id: Identity) -> String { //! // access request identity -//! if let Some(id) = req.identity() { -//! Ok(format!("Welcome! {}", id)) +//! if let Some(id) = id.identity() { +//! format!("Welcome! {}", id) //! } else { -//! Ok("Welcome Anonymous!".to_owned()) +//! "Welcome Anonymous!".to_owned() //! } //! } //! -//! fn login(mut req: HttpRequest) -> HttpResponse { -//! req.remember("User1".to_owned()); // <- remember identity +//! fn login(id: Idenity) -> HttpResponse { +//! id.remember("User1".to_owned()); // <- remember identity //! HttpResponse::Ok().finish() //! } //! -//! fn logout(mut req: HttpRequest) -> HttpResponse { -//! req.forget(); // <- remove identity +//! fn logout(id: Identity) -> HttpResponse { +//! id.forget(); // <- remove identity //! HttpResponse::Ok().finish() //! } //! @@ -42,118 +42,144 @@ //! // <- create identity middleware //! CookieIdentityPolicy::new(&[0; 32]) // <- create cookie session backend //! .name("auth-cookie") -//! .secure(false), +//! .secure(false)) +//! .service(web::resource("/index.html").to(index) +//! .service(web::resource("/login.html").to(login) +//! .service(web::resource("/logout.html").to(logout) //! )); //! } //! ``` +use std::cell::RefCell; use std::rc::Rc; +use actix_service::{Service, Transform}; use cookie::{Cookie, CookieJar, Key, SameSite}; -use futures::future::{err as FutErr, ok as FutOk, FutureResult}; -use futures::Future; +use futures::future::{ok, Either, FutureResult}; +use futures::{Future, IntoFuture, Poll}; use time::Duration; -use error::{Error, Result}; -use http::header::{self, HeaderValue}; -use httprequest::HttpRequest; -use httpresponse::HttpResponse; -use middleware::{Middleware, Response, Started}; +use crate::error::{Error, Result}; +use crate::http::header::{self, HeaderValue}; +use crate::request::HttpRequest; +use crate::service::{ServiceFromRequest, ServiceRequest, ServiceResponse}; +use crate::FromRequest; +use crate::HttpMessage; -/// The helper trait to obtain your identity from a request. +/// The extractor type to obtain your identity from a request. /// /// ```rust -/// use actix_web::middleware::identity::RequestIdentity; /// use actix_web::*; +/// use actix_web::middleware::identity::Identity; /// -/// fn index(req: HttpRequest) -> Result { +/// fn index(id: Identity) -> Result { /// // access request identity -/// if let Some(id) = req.identity() { +/// if let Some(id) = id.identity() { /// Ok(format!("Welcome! {}", id)) /// } else { /// Ok("Welcome Anonymous!".to_owned()) /// } /// } /// -/// fn login(mut req: HttpRequest) -> HttpResponse { -/// req.remember("User1".to_owned()); // <- remember identity +/// fn login(id: Identity) -> HttpResponse { +/// id.remember("User1".to_owned()); // <- remember identity /// HttpResponse::Ok().finish() /// } /// -/// fn logout(mut req: HttpRequest) -> HttpResponse { -/// req.forget(); // <- remove identity +/// fn logout(id: Identity) -> HttpResponse { +/// id.forget(); // <- remove identity /// HttpResponse::Ok().finish() /// } /// # fn main() {} /// ``` -pub trait RequestIdentity { +#[derive(Clone)] +pub struct Identity(HttpRequest); + +impl Identity { /// Return the claimed identity of the user associated request or /// ``None`` if no identity can be found associated with the request. - fn identity(&self) -> Option; + pub fn identity(&self) -> Option { + if let Some(id) = self.0.extensions().get::() { + id.id.clone() + } else { + None + } + } /// Remember identity. - fn remember(&self, identity: String); + pub fn remember(&self, identity: String) { + if let Some(id) = self.0.extensions_mut().get_mut::() { + id.id = Some(identity); + id.changed = true; + } + } /// This method is used to 'forget' the current identity on subsequent /// requests. - fn forget(&self); -} - -impl RequestIdentity for HttpRequest { - fn identity(&self) -> Option { - if let Some(id) = self.extensions().get::() { - return id.0.identity().map(|s| s.to_owned()); - } - None - } - - fn remember(&self, identity: String) { - if let Some(id) = self.extensions_mut().get_mut::() { - return id.0.as_mut().remember(identity); - } - } - - fn forget(&self) { - if let Some(id) = self.extensions_mut().get_mut::() { - return id.0.forget(); + pub fn forget(&self) { + if let Some(id) = self.0.extensions_mut().get_mut::() { + id.id = None; + id.changed = true; } } } -/// An identity -pub trait Identity: 'static { - /// Return the claimed identity of the user associated request or - /// ``None`` if no identity can be found associated with the request. - fn identity(&self) -> Option<&str>; +struct IdentityItem { + id: Option, + changed: bool, +} - /// Remember identity. - fn remember(&mut self, key: String); +/// Extractor implementation for Identity type. +/// +/// ```rust +/// # use actix_web::*; +/// use actix_web::middleware::identity::Identity; +/// +/// fn index(id: Identity) -> String { +/// // access request identity +/// if let Some(id) = id.identity() { +/// format!("Welcome! {}", id) +/// } else { +/// "Welcome Anonymous!".to_owned() +/// } +/// } +/// # fn main() {} +/// ``` +impl

FromRequest

for Identity { + type Error = Error; + type Future = Result; + type Config = (); - /// This method is used to 'forget' the current identity on subsequent - /// requests. - fn forget(&mut self); - - /// Write session to storage backend. - fn write(&mut self, resp: HttpResponse) -> Result; + #[inline] + fn from_request(req: &mut ServiceFromRequest

) -> Self::Future { + Ok(Identity(req.clone())) + } } /// Identity policy definition. -pub trait IdentityPolicy: Sized + 'static { - /// The associated identity - type Identity: Identity; +pub trait IdentityPolicy: Sized + 'static { + /// The return type of the middleware + type Future: IntoFuture, Error = Error>; /// The return type of the middleware - type Future: Future; + type ResponseFuture: IntoFuture; /// Parse the session from request and load data from a service identity. - fn from_request(&self, request: &HttpRequest) -> Self::Future; + fn from_request

(&self, request: &mut ServiceRequest

) -> Self::Future; + + /// Write changes to response + fn to_response( + &self, + identity: Option, + changed: bool, + response: &mut ServiceResponse, + ) -> Self::ResponseFuture; } /// Request identity middleware /// /// ```rust -/// # extern crate actix_web; -/// use actix_web::middleware::identity::{CookieIdentityPolicy, IdentityService}; /// use actix_web::App; +/// use actix_web::middleware::identity::{CookieIdentityPolicy, IdentityService}; /// /// fn main() { /// let app = App::new().middleware(IdentityService::new( @@ -165,68 +191,97 @@ pub trait IdentityPolicy: Sized + 'static { /// } /// ``` pub struct IdentityService { - backend: T, + backend: Rc, } impl IdentityService { /// Create new identity service with specified backend. pub fn new(backend: T) -> Self { - IdentityService { backend } - } -} - -struct IdentityBox(Box); - -impl> Middleware for IdentityService { - fn start(&self, req: &HttpRequest) -> Result { - let req = req.clone(); - let fut = self.backend.from_request(&req).then(move |res| match res { - Ok(id) => { - req.extensions_mut().insert(IdentityBox(Box::new(id))); - FutOk(None) - } - Err(err) => FutErr(err), - }); - Ok(Started::Future(Box::new(fut))) - } - - fn response(&self, req: &HttpRequest, resp: HttpResponse) -> Result { - if let Some(ref mut id) = req.extensions_mut().get_mut::() { - id.0.as_mut().write(resp) - } else { - Ok(Response::Done(resp)) + IdentityService { + backend: Rc::new(backend), } } } -#[doc(hidden)] -/// Identity that uses private cookies as identity storage. -pub struct CookieIdentity { - changed: bool, - identity: Option, - inner: Rc, +impl Transform for IdentityService +where + P: 'static, + S: Service, Response = ServiceResponse> + 'static, + S::Future: 'static, + T: IdentityPolicy, + B: 'static, +{ + type Request = ServiceRequest

; + type Response = ServiceResponse; + type Error = S::Error; + type InitError = (); + type Transform = IdentityServiceMiddleware; + type Future = FutureResult; + + fn new_transform(&self, service: S) -> Self::Future { + ok(IdentityServiceMiddleware { + backend: self.backend.clone(), + service: Rc::new(RefCell::new(service)), + }) + } } -impl Identity for CookieIdentity { - fn identity(&self) -> Option<&str> { - self.identity.as_ref().map(|s| s.as_ref()) +pub struct IdentityServiceMiddleware { + backend: Rc, + service: Rc>, +} + +impl Service for IdentityServiceMiddleware +where + P: 'static, + B: 'static, + S: Service, Response = ServiceResponse> + 'static, + S::Future: 'static, + T: IdentityPolicy, +{ + type Request = ServiceRequest

; + type Response = ServiceResponse; + type Error = S::Error; + type Future = Box>; + + fn poll_ready(&mut self) -> Poll<(), Self::Error> { + self.service.borrow_mut().poll_ready() } - fn remember(&mut self, value: String) { - self.changed = true; - self.identity = Some(value); - } + fn call(&mut self, mut req: ServiceRequest

) -> Self::Future { + let srv = self.service.clone(); + let backend = self.backend.clone(); - fn forget(&mut self) { - self.changed = true; - self.identity = None; - } + Box::new( + self.backend.from_request(&mut req).into_future().then( + move |res| match res { + Ok(id) => { + req.extensions_mut() + .insert(IdentityItem { id, changed: false }); - fn write(&mut self, mut resp: HttpResponse) -> Result { - if self.changed { - let _ = self.inner.set_cookie(&mut resp, self.identity.take()); - } - Ok(Response::Done(resp)) + Either::A(srv.borrow_mut().call(req).and_then(move |mut res| { + let id = + res.request().extensions_mut().remove::(); + + if let Some(id) = id { + return Either::A( + backend + .to_response(id.id, id.changed, &mut res) + .into_future() + .then(move |t| match t { + Ok(_) => Ok(res), + Err(e) => Ok(res.error_response(e)), + }), + ); + } else { + Either::B(ok(res)) + } + })) + } + Err(err) => Either::B(ok(req.error_response(err))), + }, + ), + ) } } @@ -253,7 +308,11 @@ impl CookieIdentityInner { } } - fn set_cookie(&self, resp: &mut HttpResponse, id: Option) -> Result<()> { + fn set_cookie( + &self, + resp: &mut ServiceResponse, + id: Option, + ) -> Result<()> { let some = id.is_some(); { let id = id.unwrap_or_else(String::new); @@ -291,7 +350,7 @@ impl CookieIdentityInner { Ok(()) } - fn load(&self, req: &HttpRequest) -> Option { + fn load(&self, req: &ServiceRequest) -> Option { if let Ok(cookies) = req.cookies() { for cookie in cookies.iter() { if cookie.name() == self.name { @@ -384,16 +443,23 @@ impl CookieIdentityPolicy { } } -impl IdentityPolicy for CookieIdentityPolicy { - type Identity = CookieIdentity; - type Future = FutureResult; +impl IdentityPolicy for CookieIdentityPolicy { + type Future = Result, Error>; + type ResponseFuture = Result<(), Error>; - fn from_request(&self, req: &HttpRequest) -> Self::Future { - let identity = self.0.load(req); - FutOk(CookieIdentity { - identity, - changed: false, - inner: Rc::clone(&self.0), - }) + fn from_request

(&self, req: &mut ServiceRequest

) -> Self::Future { + Ok(self.0.load(req)) + } + + fn to_response( + &self, + id: Option, + changed: bool, + res: &mut ServiceResponse, + ) -> Self::ResponseFuture { + if changed { + let _ = self.0.set_cookie(res, id); + } + Ok(()) } } diff --git a/src/middleware/mod.rs b/src/middleware/mod.rs index d63ca8930..288c1d63b 100644 --- a/src/middleware/mod.rs +++ b/src/middleware/mod.rs @@ -6,8 +6,11 @@ pub use self::compress::Compress; mod defaultheaders; pub use self::defaultheaders::DefaultHeaders; -#[cfg(feature = "session")] -pub use actix_session as session; +// #[cfg(feature = "session")] +// pub use actix_session as session; mod logger; pub use self::logger::Logger; + +#[cfg(feature = "session")] +pub mod identity; diff --git a/src/service.rs b/src/service.rs index f4b63a460..612fe4e89 100644 --- a/src/service.rs +++ b/src/service.rs @@ -82,8 +82,9 @@ impl

ServiceRequest

{ /// Create service response for error #[inline] - pub fn error_response>(self, err: E) -> ServiceResponse { - ServiceResponse::new(self.req, err.into().into()) + pub fn error_response>(self, err: E) -> ServiceResponse { + let res: Response = err.into().into(); + ServiceResponse::new(self.req, res.into_body()) } /// This method returns reference to the request head @@ -335,6 +336,12 @@ impl ServiceResponse { } } + /// Create service response for error + #[inline] + pub fn error_response>(self, err: E) -> Self { + Self::from_err(err, self.request) + } + /// Get reference to original request #[inline] pub fn request(&self) -> &HttpRequest {