From ad7acc30eb2a7c063953917bdf2ee816789c399f Mon Sep 17 00:00:00 2001 From: Richard Whitehouse Date: Fri, 9 Aug 2024 08:54:58 +0100 Subject: [PATCH] [Rust/Rust Server] Fix example/test code (#19318) * [Rust Server] Fix code so examples compile Zero length arrays don't correctly type infer, so if we have no scopes, we need to not create a empty array We need an authentication middleware - without it the code doesn't compile. * Update samples * [Rust Server] Remove trailing whitespace * Update samples * [Rust Server] [CI] Build all targets * [Rust] Fix reqwest test --- .github/workflows/samples-rust.yaml | 2 +- .../codegen/languages/RustServerCodegen.java | 15 ++++ .../rust-server/example-client-main.mustache | 25 +++--- .../rust-server/example-server-auth.mustache | 56 +++++++------ .../example-server-common.mustache | 4 +- .../reqwest/petstore/tests/type_testing.rs | 3 +- .../multipart-v3/examples/client/main.rs | 15 ++-- .../multipart-v3/examples/server/server.rs | 4 +- .../examples/server/server_auth.rs | 40 ++++----- .../no-example-v3/examples/client/main.rs | 9 +- .../no-example-v3/examples/server/server.rs | 4 +- .../examples/server/server_auth.rs | 40 ++++----- .../output/openapi-v3/examples/client/main.rs | 60 +++++++------- .../openapi-v3/examples/client/server.rs | 4 +- .../openapi-v3/examples/server/server.rs | 4 +- .../openapi-v3/examples/server/server_auth.rs | 45 +++++----- .../output/ops-v3/examples/client/main.rs | 83 +++++++++---------- .../output/ops-v3/examples/server/server.rs | 4 +- .../ops-v3/examples/server/server_auth.rs | 40 ++++----- .../examples/client/main.rs | 60 +++++++------- .../examples/server/server.rs | 4 +- .../examples/server/server_auth.rs | 45 +++++----- .../ping-bearer-auth/examples/client/main.rs | 11 ++- .../examples/server/server.rs | 4 +- .../examples/server/server_auth.rs | 40 ++++----- .../rust-server-test/examples/client/main.rs | 23 +++-- .../examples/server/server.rs | 4 +- .../examples/server/server_auth.rs | 40 ++++----- 28 files changed, 347 insertions(+), 341 deletions(-) diff --git a/.github/workflows/samples-rust.yaml b/.github/workflows/samples-rust.yaml index f54dab346c6..a19438cb50b 100644 --- a/.github/workflows/samples-rust.yaml +++ b/.github/workflows/samples-rust.yaml @@ -34,4 +34,4 @@ jobs: toolchain: stable - name: Build working-directory: ${{ matrix.sample }} - run: cargo build + run: cargo build --all-targets diff --git a/modules/openapi-generator/src/main/java/org/openapitools/codegen/languages/RustServerCodegen.java b/modules/openapi-generator/src/main/java/org/openapitools/codegen/languages/RustServerCodegen.java index c9d889efb75..5b8a6e69118 100644 --- a/modules/openapi-generator/src/main/java/org/openapitools/codegen/languages/RustServerCodegen.java +++ b/modules/openapi-generator/src/main/java/org/openapitools/codegen/languages/RustServerCodegen.java @@ -26,6 +26,7 @@ import io.swagger.v3.oas.models.media.XML; import io.swagger.v3.oas.models.parameters.Parameter; import io.swagger.v3.oas.models.parameters.RequestBody; import io.swagger.v3.oas.models.responses.ApiResponse; +import io.swagger.v3.oas.models.security.SecurityScheme; import io.swagger.v3.oas.models.servers.Server; import joptsimple.internal.Strings; import lombok.Setter; @@ -1108,6 +1109,20 @@ public class RustServerCodegen extends AbstractRustCodegen implements CodegenCon bundle.put("callbacks", callbackData); } + // Flag whether we have any OAuth scopes + Map securitySchemeMap = openAPI.getComponents() != null ? openAPI.getComponents().getSecuritySchemes() : null; + List authMethods = fromSecurity(securitySchemeMap); + boolean hasAuthScopes = false; + if (authMethods != null && !authMethods.isEmpty()) { + for (CodegenSecurity authMethod : authMethods) { + if (authMethod.hasScopes != null && authMethod.hasScopes) { + hasAuthScopes = true; + break; + } + } + } + bundle.put("hasAuthScopes", hasAuthScopes); + return super.postProcessSupportingFileData(bundle); } diff --git a/modules/openapi-generator/src/main/resources/rust-server/example-client-main.mustache b/modules/openapi-generator/src/main/resources/rust-server/example-client-main.mustache index f452904d845..511739d707d 100644 --- a/modules/openapi-generator/src/main/resources/rust-server/example-client-main.mustache +++ b/modules/openapi-generator/src/main/resources/rust-server/example-client-main.mustache @@ -51,7 +51,7 @@ fn main() { {{#operation}} {{#vendorExtensions}} {{^x-no-client-example}} - "{{{operationId}}}", + "{{{operationId}}}", {{/x-no-client-example}} {{/vendorExtensions}} {{/operation}} @@ -80,24 +80,29 @@ fn main() { // In a real (production) system this Bearer token should be obtained via an external Identity/Authentication-server // Ensure that you set the correct algorithm and encodingkey that matches what is used on the server side. // See https://github.com/Keats/jsonwebtoken for more information - let auth_token = build_token( Claims { - sub: "tester@acme.com".to_owned(), + sub: "tester@acme.com".to_owned(), company: "ACME".to_owned(), iss: "my_identity_provider".to_owned(), // added a very long expiry time aud: "org.acme.Resource_Server".to_string(), exp: 10000000000, // In this example code all available Scopes are added, so the current Bearer Token gets fully authorization. - scopes: [ - {{#authMethods}} - {{#scopes}} + scopes: + {{#hasAuthScopes}} + [ + {{#authMethods}} + {{#scopes}} "{{{scope}}}", - {{/scopes}} - {{/authMethods}} - ].join(", ") - }, + {{/scopes}} + {{/authMethods}} + ].join::<&str>(", ") + {{/hasAuthScopes}} + {{^hasAuthScopes}} + "".to_owned() + {{/hasAuthScopes}} + }, b"secret").unwrap(); let auth_data = if !auth_token.is_empty() { diff --git a/modules/openapi-generator/src/main/resources/rust-server/example-server-auth.mustache b/modules/openapi-generator/src/main/resources/rust-server/example-server-auth.mustache index 148012048dd..7e0eac398fe 100644 --- a/modules/openapi-generator/src/main/resources/rust-server/example-server-auth.mustache +++ b/modules/openapi-generator/src/main/resources/rust-server/example-server-auth.mustache @@ -1,7 +1,7 @@ use swagger::{ ApiError, auth::{Basic, Bearer}, - Has, + Has, XSpanIdString}; use {{{externCrateName}}}::{AuthenticationApi, Claims}; use crate::server::Server; @@ -15,29 +15,35 @@ use log::{error, debug}; /// Get a dummy claim with full permissions (all scopes) for testing purposes fn full_permission_claim() -> Claims { - Claims { - sub: "tester@acme.com".to_owned(), - company: "ACME".to_owned(), - iss: "mini-bank-IDP".to_owned(), - aud: "org.acme.Resource_Server".to_string(), - // added a very long expiry time - exp: 10000000000, - // In this example code all available Scopes are added, so the current Bearer Token gets fully authorization. - scopes: [ - {{#authMethods}} - {{#scopes}} - "{{{scope}}}", - {{/scopes}} - {{/authMethods}} - ].join(", ") - } + // In this example code all available Scopes are added, so the current Bearer Token gets fully authorization. + Claims { + sub: "tester@acme.com".to_owned(), + company: "ACME".to_owned(), + iss: "mini-bank-IDP".to_owned(), + aud: "org.acme.Resource_Server".to_string(), + // added a very long expiry time + exp: 10000000000, + scopes: + {{#hasAuthScopes}} + [ + {{#authMethods}} + {{#scopes}} + "{{{scope}}}", + {{/scopes}} + {{/authMethods}} + ].join::<&str>(", ") + {{/hasAuthScopes}} + {{^hasAuthScopes}} + "".to_owned() + {{/hasAuthScopes}} + } } -/// Extract the data from a Bearer token using the provided Key (secret) and using the HS512-algorithm in this example. +/// Extract the data from a Bearer token using the provided Key (secret) and using the HS512-algorithm in this example. fn extract_token_data(token: &str, key: &[u8]) -> Result, JwtError::Error> { - + // Ensure that you set the correct algorithm and correct key. // See https://github.com/Keats/jsonwebtoken for more information. let header = decode_header(token)?; @@ -68,8 +74,8 @@ fn build_authorization(claims: Claims) -> Authorization { let scopes = swagger::auth::Scopes::Some(scopes); Authorization{ - subject: claims.sub, - scopes, + subject: claims.sub, + scopes, issuer: Some(claims.iss)} } @@ -110,23 +116,23 @@ impl AuthenticationApi for Server where C: Has + Send + Syn fn apikey_authorization(&self, api_key: &str) -> Result { debug!("\tAuthorizationApi: Received api-key, {api_key:#?}"); - // TODO: insert the logic to map received apikey to the set of claims + // TODO: insert the logic to map received apikey to the set of claims let claims = full_permission_claim(); // and build an authorization out of it Ok(build_authorization(claims)) } - + /// Implementation of the method to map a basic authentication (username and password) to an Authorization fn basic_authorization(&self, basic: &Basic) -> Result { debug!("\tAuthorizationApi: Received Basic-token, {basic:#?}"); - // TODO: insert the logic to map received apikey to the set of claims + // TODO: insert the logic to map received apikey to the set of claims let claims = full_permission_claim(); // and build an authorization out of it Ok(build_authorization(claims)) } -} +} diff --git a/modules/openapi-generator/src/main/resources/rust-server/example-server-common.mustache b/modules/openapi-generator/src/main/resources/rust-server/example-server-common.mustache index b3a823d6eaa..ee1167be8dc 100644 --- a/modules/openapi-generator/src/main/resources/rust-server/example-server-common.mustache +++ b/modules/openapi-generator/src/main/resources/rust-server/example-server-common.mustache @@ -30,9 +30,7 @@ pub async fn create(addr: &str, https: bool) { let service = MakeService::new(server); - // This pushes a fourth layer of the middleware-stack even though Swagger assumes only three levels. - // This fourth layer creates an accept-all policy, hower the example-code already acchieves the same via a Bearer-token with full permissions, so next line is not needed (anymore). - // let service = MakeAllowAllAuthenticator::new(service, "cosmo"); + let service = MakeAllowAllAuthenticator::new(service, "cosmo"); #[allow(unused_mut)] let mut service = diff --git a/samples/client/petstore/rust/reqwest/petstore/tests/type_testing.rs b/samples/client/petstore/rust/reqwest/petstore/tests/type_testing.rs index 186ae1acade..a6a710abf52 100644 --- a/samples/client/petstore/rust/reqwest/petstore/tests/type_testing.rs +++ b/samples/client/petstore/rust/reqwest/petstore/tests/type_testing.rs @@ -12,7 +12,8 @@ fn test_types() { double: 45.56, string: String::from("something"), boolean: true, - uuid: Uuid::new_v4() + uuid: Uuid::new_v4(), + bytes: vec![1,2,3,4] }; assert_eq!(type_of(tt.int32), "i32"); assert_eq!(type_of(tt.int64), "i64"); diff --git a/samples/server/petstore/rust-server/output/multipart-v3/examples/client/main.rs b/samples/server/petstore/rust-server/output/multipart-v3/examples/client/main.rs index 104343c50f4..f679dbf950f 100644 --- a/samples/server/petstore/rust-server/output/multipart-v3/examples/client/main.rs +++ b/samples/server/petstore/rust-server/output/multipart-v3/examples/client/main.rs @@ -36,9 +36,9 @@ fn main() { .arg(Arg::with_name("operation") .help("Sets the operation to run") .possible_values(&[ - "MultipartRelatedRequestPost", - "MultipartRequestPost", - "MultipleIdenticalMimeTypesPost", + "MultipartRelatedRequestPost", + "MultipartRequestPost", + "MultipleIdenticalMimeTypesPost", ]) .required(true) .index(1)) @@ -61,19 +61,18 @@ fn main() { // In a real (production) system this Bearer token should be obtained via an external Identity/Authentication-server // Ensure that you set the correct algorithm and encodingkey that matches what is used on the server side. // See https://github.com/Keats/jsonwebtoken for more information - let auth_token = build_token( Claims { - sub: "tester@acme.com".to_owned(), + sub: "tester@acme.com".to_owned(), company: "ACME".to_owned(), iss: "my_identity_provider".to_owned(), // added a very long expiry time aud: "org.acme.Resource_Server".to_string(), exp: 10000000000, // In this example code all available Scopes are added, so the current Bearer Token gets fully authorization. - scopes: [ - ].join(", ") - }, + scopes: + "".to_owned() + }, b"secret").unwrap(); let auth_data = if !auth_token.is_empty() { diff --git a/samples/server/petstore/rust-server/output/multipart-v3/examples/server/server.rs b/samples/server/petstore/rust-server/output/multipart-v3/examples/server/server.rs index 8eecc09eb2f..5b2d8a75d03 100644 --- a/samples/server/petstore/rust-server/output/multipart-v3/examples/server/server.rs +++ b/samples/server/petstore/rust-server/output/multipart-v3/examples/server/server.rs @@ -30,9 +30,7 @@ pub async fn create(addr: &str, https: bool) { let service = MakeService::new(server); - // This pushes a fourth layer of the middleware-stack even though Swagger assumes only three levels. - // This fourth layer creates an accept-all policy, hower the example-code already acchieves the same via a Bearer-token with full permissions, so next line is not needed (anymore). - // let service = MakeAllowAllAuthenticator::new(service, "cosmo"); + let service = MakeAllowAllAuthenticator::new(service, "cosmo"); #[allow(unused_mut)] let mut service = diff --git a/samples/server/petstore/rust-server/output/multipart-v3/examples/server/server_auth.rs b/samples/server/petstore/rust-server/output/multipart-v3/examples/server/server_auth.rs index e12846a950b..bf48130e294 100644 --- a/samples/server/petstore/rust-server/output/multipart-v3/examples/server/server_auth.rs +++ b/samples/server/petstore/rust-server/output/multipart-v3/examples/server/server_auth.rs @@ -1,7 +1,7 @@ use swagger::{ ApiError, auth::{Basic, Bearer}, - Has, + Has, XSpanIdString}; use multipart_v3::{AuthenticationApi, Claims}; use crate::server::Server; @@ -15,24 +15,24 @@ use log::{error, debug}; /// Get a dummy claim with full permissions (all scopes) for testing purposes fn full_permission_claim() -> Claims { - Claims { - sub: "tester@acme.com".to_owned(), - company: "ACME".to_owned(), - iss: "mini-bank-IDP".to_owned(), - aud: "org.acme.Resource_Server".to_string(), - // added a very long expiry time - exp: 10000000000, - // In this example code all available Scopes are added, so the current Bearer Token gets fully authorization. - scopes: [ - ].join(", ") - } + // In this example code all available Scopes are added, so the current Bearer Token gets fully authorization. + Claims { + sub: "tester@acme.com".to_owned(), + company: "ACME".to_owned(), + iss: "mini-bank-IDP".to_owned(), + aud: "org.acme.Resource_Server".to_string(), + // added a very long expiry time + exp: 10000000000, + scopes: + "".to_owned() + } } -/// Extract the data from a Bearer token using the provided Key (secret) and using the HS512-algorithm in this example. +/// Extract the data from a Bearer token using the provided Key (secret) and using the HS512-algorithm in this example. fn extract_token_data(token: &str, key: &[u8]) -> Result, JwtError::Error> { - + // Ensure that you set the correct algorithm and correct key. // See https://github.com/Keats/jsonwebtoken for more information. let header = decode_header(token)?; @@ -63,8 +63,8 @@ fn build_authorization(claims: Claims) -> Authorization { let scopes = swagger::auth::Scopes::Some(scopes); Authorization{ - subject: claims.sub, - scopes, + subject: claims.sub, + scopes, issuer: Some(claims.iss)} } @@ -105,23 +105,23 @@ impl AuthenticationApi for Server where C: Has + Send + Syn fn apikey_authorization(&self, api_key: &str) -> Result { debug!("\tAuthorizationApi: Received api-key, {api_key:#?}"); - // TODO: insert the logic to map received apikey to the set of claims + // TODO: insert the logic to map received apikey to the set of claims let claims = full_permission_claim(); // and build an authorization out of it Ok(build_authorization(claims)) } - + /// Implementation of the method to map a basic authentication (username and password) to an Authorization fn basic_authorization(&self, basic: &Basic) -> Result { debug!("\tAuthorizationApi: Received Basic-token, {basic:#?}"); - // TODO: insert the logic to map received apikey to the set of claims + // TODO: insert the logic to map received apikey to the set of claims let claims = full_permission_claim(); // and build an authorization out of it Ok(build_authorization(claims)) } -} +} diff --git a/samples/server/petstore/rust-server/output/no-example-v3/examples/client/main.rs b/samples/server/petstore/rust-server/output/no-example-v3/examples/client/main.rs index 0d53eba568b..79405fc5d22 100644 --- a/samples/server/petstore/rust-server/output/no-example-v3/examples/client/main.rs +++ b/samples/server/petstore/rust-server/output/no-example-v3/examples/client/main.rs @@ -56,19 +56,18 @@ fn main() { // In a real (production) system this Bearer token should be obtained via an external Identity/Authentication-server // Ensure that you set the correct algorithm and encodingkey that matches what is used on the server side. // See https://github.com/Keats/jsonwebtoken for more information - let auth_token = build_token( Claims { - sub: "tester@acme.com".to_owned(), + sub: "tester@acme.com".to_owned(), company: "ACME".to_owned(), iss: "my_identity_provider".to_owned(), // added a very long expiry time aud: "org.acme.Resource_Server".to_string(), exp: 10000000000, // In this example code all available Scopes are added, so the current Bearer Token gets fully authorization. - scopes: [ - ].join(", ") - }, + scopes: + "".to_owned() + }, b"secret").unwrap(); let auth_data = if !auth_token.is_empty() { diff --git a/samples/server/petstore/rust-server/output/no-example-v3/examples/server/server.rs b/samples/server/petstore/rust-server/output/no-example-v3/examples/server/server.rs index 64eb831abca..c4e6006fb34 100644 --- a/samples/server/petstore/rust-server/output/no-example-v3/examples/server/server.rs +++ b/samples/server/petstore/rust-server/output/no-example-v3/examples/server/server.rs @@ -30,9 +30,7 @@ pub async fn create(addr: &str, https: bool) { let service = MakeService::new(server); - // This pushes a fourth layer of the middleware-stack even though Swagger assumes only three levels. - // This fourth layer creates an accept-all policy, hower the example-code already acchieves the same via a Bearer-token with full permissions, so next line is not needed (anymore). - // let service = MakeAllowAllAuthenticator::new(service, "cosmo"); + let service = MakeAllowAllAuthenticator::new(service, "cosmo"); #[allow(unused_mut)] let mut service = diff --git a/samples/server/petstore/rust-server/output/no-example-v3/examples/server/server_auth.rs b/samples/server/petstore/rust-server/output/no-example-v3/examples/server/server_auth.rs index d08ae850a01..a807460bd9a 100644 --- a/samples/server/petstore/rust-server/output/no-example-v3/examples/server/server_auth.rs +++ b/samples/server/petstore/rust-server/output/no-example-v3/examples/server/server_auth.rs @@ -1,7 +1,7 @@ use swagger::{ ApiError, auth::{Basic, Bearer}, - Has, + Has, XSpanIdString}; use no_example_v3::{AuthenticationApi, Claims}; use crate::server::Server; @@ -15,24 +15,24 @@ use log::{error, debug}; /// Get a dummy claim with full permissions (all scopes) for testing purposes fn full_permission_claim() -> Claims { - Claims { - sub: "tester@acme.com".to_owned(), - company: "ACME".to_owned(), - iss: "mini-bank-IDP".to_owned(), - aud: "org.acme.Resource_Server".to_string(), - // added a very long expiry time - exp: 10000000000, - // In this example code all available Scopes are added, so the current Bearer Token gets fully authorization. - scopes: [ - ].join(", ") - } + // In this example code all available Scopes are added, so the current Bearer Token gets fully authorization. + Claims { + sub: "tester@acme.com".to_owned(), + company: "ACME".to_owned(), + iss: "mini-bank-IDP".to_owned(), + aud: "org.acme.Resource_Server".to_string(), + // added a very long expiry time + exp: 10000000000, + scopes: + "".to_owned() + } } -/// Extract the data from a Bearer token using the provided Key (secret) and using the HS512-algorithm in this example. +/// Extract the data from a Bearer token using the provided Key (secret) and using the HS512-algorithm in this example. fn extract_token_data(token: &str, key: &[u8]) -> Result, JwtError::Error> { - + // Ensure that you set the correct algorithm and correct key. // See https://github.com/Keats/jsonwebtoken for more information. let header = decode_header(token)?; @@ -63,8 +63,8 @@ fn build_authorization(claims: Claims) -> Authorization { let scopes = swagger::auth::Scopes::Some(scopes); Authorization{ - subject: claims.sub, - scopes, + subject: claims.sub, + scopes, issuer: Some(claims.iss)} } @@ -105,23 +105,23 @@ impl AuthenticationApi for Server where C: Has + Send + Syn fn apikey_authorization(&self, api_key: &str) -> Result { debug!("\tAuthorizationApi: Received api-key, {api_key:#?}"); - // TODO: insert the logic to map received apikey to the set of claims + // TODO: insert the logic to map received apikey to the set of claims let claims = full_permission_claim(); // and build an authorization out of it Ok(build_authorization(claims)) } - + /// Implementation of the method to map a basic authentication (username and password) to an Authorization fn basic_authorization(&self, basic: &Basic) -> Result { debug!("\tAuthorizationApi: Received Basic-token, {basic:#?}"); - // TODO: insert the logic to map received apikey to the set of claims + // TODO: insert the logic to map received apikey to the set of claims let claims = full_permission_claim(); // and build an authorization out of it Ok(build_authorization(claims)) } -} +} diff --git a/samples/server/petstore/rust-server/output/openapi-v3/examples/client/main.rs b/samples/server/petstore/rust-server/output/openapi-v3/examples/client/main.rs index af8b2f38293..3285d554799 100644 --- a/samples/server/petstore/rust-server/output/openapi-v3/examples/client/main.rs +++ b/samples/server/petstore/rust-server/output/openapi-v3/examples/client/main.rs @@ -60,31 +60,31 @@ fn main() { .arg(Arg::with_name("operation") .help("Sets the operation to run") .possible_values(&[ - "AnyOfGet", - "CallbackWithHeaderPost", - "ComplexQueryParamGet", - "JsonComplexQueryParamGet", - "MandatoryRequestHeaderGet", - "MergePatchJsonGet", - "MultigetGet", - "MultipleAuthSchemeGet", - "OneOfGet", - "OverrideServerGet", - "ParamgetGet", - "ReadonlyAuthSchemeGet", - "RegisterCallbackPost", - "RequiredOctetStreamPut", - "ResponsesWithHeadersGet", - "Rfc7807Get", - "UntypedPropertyGet", - "UuidGet", - "XmlExtraPost", - "XmlOtherPost", - "XmlOtherPut", - "XmlPost", - "XmlPut", - "CreateRepo", - "GetRepoInfo", + "AnyOfGet", + "CallbackWithHeaderPost", + "ComplexQueryParamGet", + "JsonComplexQueryParamGet", + "MandatoryRequestHeaderGet", + "MergePatchJsonGet", + "MultigetGet", + "MultipleAuthSchemeGet", + "OneOfGet", + "OverrideServerGet", + "ParamgetGet", + "ReadonlyAuthSchemeGet", + "RegisterCallbackPost", + "RequiredOctetStreamPut", + "ResponsesWithHeadersGet", + "Rfc7807Get", + "UntypedPropertyGet", + "UuidGet", + "XmlExtraPost", + "XmlOtherPost", + "XmlOtherPut", + "XmlPost", + "XmlPut", + "CreateRepo", + "GetRepoInfo", ]) .required(true) .index(1)) @@ -107,21 +107,21 @@ fn main() { // In a real (production) system this Bearer token should be obtained via an external Identity/Authentication-server // Ensure that you set the correct algorithm and encodingkey that matches what is used on the server side. // See https://github.com/Keats/jsonwebtoken for more information - let auth_token = build_token( Claims { - sub: "tester@acme.com".to_owned(), + sub: "tester@acme.com".to_owned(), company: "ACME".to_owned(), iss: "my_identity_provider".to_owned(), // added a very long expiry time aud: "org.acme.Resource_Server".to_string(), exp: 10000000000, // In this example code all available Scopes are added, so the current Bearer Token gets fully authorization. - scopes: [ + scopes: + [ "test.read", "test.write", - ].join(", ") - }, + ].join::<&str>(", ") + }, b"secret").unwrap(); let auth_data = if !auth_token.is_empty() { diff --git a/samples/server/petstore/rust-server/output/openapi-v3/examples/client/server.rs b/samples/server/petstore/rust-server/output/openapi-v3/examples/client/server.rs index 96694d1ad85..fc466245a56 100644 --- a/samples/server/petstore/rust-server/output/openapi-v3/examples/client/server.rs +++ b/samples/server/petstore/rust-server/output/openapi-v3/examples/client/server.rs @@ -30,9 +30,7 @@ pub async fn create(addr: &str, https: bool) { let service = MakeService::new(server); - // This pushes a fourth layer of the middleware-stack even though Swagger assumes only three levels. - // This fourth layer creates an accept-all policy, hower the example-code already acchieves the same via a Bearer-token with full permissions, so next line is not needed (anymore). - // let service = MakeAllowAllAuthenticator::new(service, "cosmo"); + let service = MakeAllowAllAuthenticator::new(service, "cosmo"); #[allow(unused_mut)] let mut service = diff --git a/samples/server/petstore/rust-server/output/openapi-v3/examples/server/server.rs b/samples/server/petstore/rust-server/output/openapi-v3/examples/server/server.rs index 63706763819..c8482bcb3e0 100644 --- a/samples/server/petstore/rust-server/output/openapi-v3/examples/server/server.rs +++ b/samples/server/petstore/rust-server/output/openapi-v3/examples/server/server.rs @@ -30,9 +30,7 @@ pub async fn create(addr: &str, https: bool) { let service = MakeService::new(server); - // This pushes a fourth layer of the middleware-stack even though Swagger assumes only three levels. - // This fourth layer creates an accept-all policy, hower the example-code already acchieves the same via a Bearer-token with full permissions, so next line is not needed (anymore). - // let service = MakeAllowAllAuthenticator::new(service, "cosmo"); + let service = MakeAllowAllAuthenticator::new(service, "cosmo"); #[allow(unused_mut)] let mut service = diff --git a/samples/server/petstore/rust-server/output/openapi-v3/examples/server/server_auth.rs b/samples/server/petstore/rust-server/output/openapi-v3/examples/server/server_auth.rs index 7f486733588..00f8adeeb6a 100644 --- a/samples/server/petstore/rust-server/output/openapi-v3/examples/server/server_auth.rs +++ b/samples/server/petstore/rust-server/output/openapi-v3/examples/server/server_auth.rs @@ -1,7 +1,7 @@ use swagger::{ ApiError, auth::{Basic, Bearer}, - Has, + Has, XSpanIdString}; use openapi_v3::{AuthenticationApi, Claims}; use crate::server::Server; @@ -15,26 +15,27 @@ use log::{error, debug}; /// Get a dummy claim with full permissions (all scopes) for testing purposes fn full_permission_claim() -> Claims { - Claims { - sub: "tester@acme.com".to_owned(), - company: "ACME".to_owned(), - iss: "mini-bank-IDP".to_owned(), - aud: "org.acme.Resource_Server".to_string(), - // added a very long expiry time - exp: 10000000000, - // In this example code all available Scopes are added, so the current Bearer Token gets fully authorization. - scopes: [ - "test.read", - "test.write", - ].join(", ") - } + // In this example code all available Scopes are added, so the current Bearer Token gets fully authorization. + Claims { + sub: "tester@acme.com".to_owned(), + company: "ACME".to_owned(), + iss: "mini-bank-IDP".to_owned(), + aud: "org.acme.Resource_Server".to_string(), + // added a very long expiry time + exp: 10000000000, + scopes: + [ + "test.read", + "test.write", + ].join::<&str>(", ") + } } -/// Extract the data from a Bearer token using the provided Key (secret) and using the HS512-algorithm in this example. +/// Extract the data from a Bearer token using the provided Key (secret) and using the HS512-algorithm in this example. fn extract_token_data(token: &str, key: &[u8]) -> Result, JwtError::Error> { - + // Ensure that you set the correct algorithm and correct key. // See https://github.com/Keats/jsonwebtoken for more information. let header = decode_header(token)?; @@ -65,8 +66,8 @@ fn build_authorization(claims: Claims) -> Authorization { let scopes = swagger::auth::Scopes::Some(scopes); Authorization{ - subject: claims.sub, - scopes, + subject: claims.sub, + scopes, issuer: Some(claims.iss)} } @@ -107,23 +108,23 @@ impl AuthenticationApi for Server where C: Has + Send + Syn fn apikey_authorization(&self, api_key: &str) -> Result { debug!("\tAuthorizationApi: Received api-key, {api_key:#?}"); - // TODO: insert the logic to map received apikey to the set of claims + // TODO: insert the logic to map received apikey to the set of claims let claims = full_permission_claim(); // and build an authorization out of it Ok(build_authorization(claims)) } - + /// Implementation of the method to map a basic authentication (username and password) to an Authorization fn basic_authorization(&self, basic: &Basic) -> Result { debug!("\tAuthorizationApi: Received Basic-token, {basic:#?}"); - // TODO: insert the logic to map received apikey to the set of claims + // TODO: insert the logic to map received apikey to the set of claims let claims = full_permission_claim(); // and build an authorization out of it Ok(build_authorization(claims)) } -} +} diff --git a/samples/server/petstore/rust-server/output/ops-v3/examples/client/main.rs b/samples/server/petstore/rust-server/output/ops-v3/examples/client/main.rs index 570a14467c9..9d9bfc6d958 100644 --- a/samples/server/petstore/rust-server/output/ops-v3/examples/client/main.rs +++ b/samples/server/petstore/rust-server/output/ops-v3/examples/client/main.rs @@ -70,43 +70,43 @@ fn main() { .arg(Arg::with_name("operation") .help("Sets the operation to run") .possible_values(&[ - "Op10Get", - "Op11Get", - "Op12Get", - "Op13Get", - "Op14Get", - "Op15Get", - "Op16Get", - "Op17Get", - "Op18Get", - "Op19Get", - "Op1Get", - "Op20Get", - "Op21Get", - "Op22Get", - "Op23Get", - "Op24Get", - "Op25Get", - "Op26Get", - "Op27Get", - "Op28Get", - "Op29Get", - "Op2Get", - "Op30Get", - "Op31Get", - "Op32Get", - "Op33Get", - "Op34Get", - "Op35Get", - "Op36Get", - "Op37Get", - "Op3Get", - "Op4Get", - "Op5Get", - "Op6Get", - "Op7Get", - "Op8Get", - "Op9Get", + "Op10Get", + "Op11Get", + "Op12Get", + "Op13Get", + "Op14Get", + "Op15Get", + "Op16Get", + "Op17Get", + "Op18Get", + "Op19Get", + "Op1Get", + "Op20Get", + "Op21Get", + "Op22Get", + "Op23Get", + "Op24Get", + "Op25Get", + "Op26Get", + "Op27Get", + "Op28Get", + "Op29Get", + "Op2Get", + "Op30Get", + "Op31Get", + "Op32Get", + "Op33Get", + "Op34Get", + "Op35Get", + "Op36Get", + "Op37Get", + "Op3Get", + "Op4Get", + "Op5Get", + "Op6Get", + "Op7Get", + "Op8Get", + "Op9Get", ]) .required(true) .index(1)) @@ -129,19 +129,18 @@ fn main() { // In a real (production) system this Bearer token should be obtained via an external Identity/Authentication-server // Ensure that you set the correct algorithm and encodingkey that matches what is used on the server side. // See https://github.com/Keats/jsonwebtoken for more information - let auth_token = build_token( Claims { - sub: "tester@acme.com".to_owned(), + sub: "tester@acme.com".to_owned(), company: "ACME".to_owned(), iss: "my_identity_provider".to_owned(), // added a very long expiry time aud: "org.acme.Resource_Server".to_string(), exp: 10000000000, // In this example code all available Scopes are added, so the current Bearer Token gets fully authorization. - scopes: [ - ].join(", ") - }, + scopes: + "".to_owned() + }, b"secret").unwrap(); let auth_data = if !auth_token.is_empty() { diff --git a/samples/server/petstore/rust-server/output/ops-v3/examples/server/server.rs b/samples/server/petstore/rust-server/output/ops-v3/examples/server/server.rs index 9f97fa0f3b4..d51ecdd7028 100644 --- a/samples/server/petstore/rust-server/output/ops-v3/examples/server/server.rs +++ b/samples/server/petstore/rust-server/output/ops-v3/examples/server/server.rs @@ -30,9 +30,7 @@ pub async fn create(addr: &str, https: bool) { let service = MakeService::new(server); - // This pushes a fourth layer of the middleware-stack even though Swagger assumes only three levels. - // This fourth layer creates an accept-all policy, hower the example-code already acchieves the same via a Bearer-token with full permissions, so next line is not needed (anymore). - // let service = MakeAllowAllAuthenticator::new(service, "cosmo"); + let service = MakeAllowAllAuthenticator::new(service, "cosmo"); #[allow(unused_mut)] let mut service = diff --git a/samples/server/petstore/rust-server/output/ops-v3/examples/server/server_auth.rs b/samples/server/petstore/rust-server/output/ops-v3/examples/server/server_auth.rs index 07851419c3e..19eb6c6add4 100644 --- a/samples/server/petstore/rust-server/output/ops-v3/examples/server/server_auth.rs +++ b/samples/server/petstore/rust-server/output/ops-v3/examples/server/server_auth.rs @@ -1,7 +1,7 @@ use swagger::{ ApiError, auth::{Basic, Bearer}, - Has, + Has, XSpanIdString}; use ops_v3::{AuthenticationApi, Claims}; use crate::server::Server; @@ -15,24 +15,24 @@ use log::{error, debug}; /// Get a dummy claim with full permissions (all scopes) for testing purposes fn full_permission_claim() -> Claims { - Claims { - sub: "tester@acme.com".to_owned(), - company: "ACME".to_owned(), - iss: "mini-bank-IDP".to_owned(), - aud: "org.acme.Resource_Server".to_string(), - // added a very long expiry time - exp: 10000000000, - // In this example code all available Scopes are added, so the current Bearer Token gets fully authorization. - scopes: [ - ].join(", ") - } + // In this example code all available Scopes are added, so the current Bearer Token gets fully authorization. + Claims { + sub: "tester@acme.com".to_owned(), + company: "ACME".to_owned(), + iss: "mini-bank-IDP".to_owned(), + aud: "org.acme.Resource_Server".to_string(), + // added a very long expiry time + exp: 10000000000, + scopes: + "".to_owned() + } } -/// Extract the data from a Bearer token using the provided Key (secret) and using the HS512-algorithm in this example. +/// Extract the data from a Bearer token using the provided Key (secret) and using the HS512-algorithm in this example. fn extract_token_data(token: &str, key: &[u8]) -> Result, JwtError::Error> { - + // Ensure that you set the correct algorithm and correct key. // See https://github.com/Keats/jsonwebtoken for more information. let header = decode_header(token)?; @@ -63,8 +63,8 @@ fn build_authorization(claims: Claims) -> Authorization { let scopes = swagger::auth::Scopes::Some(scopes); Authorization{ - subject: claims.sub, - scopes, + subject: claims.sub, + scopes, issuer: Some(claims.iss)} } @@ -105,23 +105,23 @@ impl AuthenticationApi for Server where C: Has + Send + Syn fn apikey_authorization(&self, api_key: &str) -> Result { debug!("\tAuthorizationApi: Received api-key, {api_key:#?}"); - // TODO: insert the logic to map received apikey to the set of claims + // TODO: insert the logic to map received apikey to the set of claims let claims = full_permission_claim(); // and build an authorization out of it Ok(build_authorization(claims)) } - + /// Implementation of the method to map a basic authentication (username and password) to an Authorization fn basic_authorization(&self, basic: &Basic) -> Result { debug!("\tAuthorizationApi: Received Basic-token, {basic:#?}"); - // TODO: insert the logic to map received apikey to the set of claims + // TODO: insert the logic to map received apikey to the set of claims let claims = full_permission_claim(); // and build an authorization out of it Ok(build_authorization(claims)) } -} +} diff --git a/samples/server/petstore/rust-server/output/petstore-with-fake-endpoints-models-for-testing/examples/client/main.rs b/samples/server/petstore/rust-server/output/petstore-with-fake-endpoints-models-for-testing/examples/client/main.rs index b3cd7d27e03..8e2629962dc 100644 --- a/samples/server/petstore/rust-server/output/petstore-with-fake-endpoints-models-for-testing/examples/client/main.rs +++ b/samples/server/petstore/rust-server/output/petstore-with-fake-endpoints-models-for-testing/examples/client/main.rs @@ -68,31 +68,31 @@ fn main() { .arg(Arg::with_name("operation") .help("Sets the operation to run") .possible_values(&[ - "Call123example", - "FakeOuterBooleanSerialize", - "FakeOuterCompositeSerialize", - "FakeOuterNumberSerialize", - "FakeOuterStringSerialize", - "FakeResponseWithNumericalDescription", - "HyphenParam", - "TestEndpointParameters", - "TestEnumParameters", - "TestJsonFormData", - "DeletePet", - "FindPetsByStatus", - "FindPetsByTags", - "GetPetById", - "UpdatePetWithForm", - "UploadFile", - "DeleteOrder", - "GetInventory", - "GetOrderById", - "CreateUsersWithArrayInput", - "CreateUsersWithListInput", - "DeleteUser", - "GetUserByName", - "LoginUser", - "LogoutUser", + "Call123example", + "FakeOuterBooleanSerialize", + "FakeOuterCompositeSerialize", + "FakeOuterNumberSerialize", + "FakeOuterStringSerialize", + "FakeResponseWithNumericalDescription", + "HyphenParam", + "TestEndpointParameters", + "TestEnumParameters", + "TestJsonFormData", + "DeletePet", + "FindPetsByStatus", + "FindPetsByTags", + "GetPetById", + "UpdatePetWithForm", + "UploadFile", + "DeleteOrder", + "GetInventory", + "GetOrderById", + "CreateUsersWithArrayInput", + "CreateUsersWithListInput", + "DeleteUser", + "GetUserByName", + "LoginUser", + "LogoutUser", ]) .required(true) .index(1)) @@ -115,21 +115,21 @@ fn main() { // In a real (production) system this Bearer token should be obtained via an external Identity/Authentication-server // Ensure that you set the correct algorithm and encodingkey that matches what is used on the server side. // See https://github.com/Keats/jsonwebtoken for more information - let auth_token = build_token( Claims { - sub: "tester@acme.com".to_owned(), + sub: "tester@acme.com".to_owned(), company: "ACME".to_owned(), iss: "my_identity_provider".to_owned(), // added a very long expiry time aud: "org.acme.Resource_Server".to_string(), exp: 10000000000, // In this example code all available Scopes are added, so the current Bearer Token gets fully authorization. - scopes: [ + scopes: + [ "write:pets", "read:pets", - ].join(", ") - }, + ].join::<&str>(", ") + }, b"secret").unwrap(); let auth_data = if !auth_token.is_empty() { diff --git a/samples/server/petstore/rust-server/output/petstore-with-fake-endpoints-models-for-testing/examples/server/server.rs b/samples/server/petstore/rust-server/output/petstore-with-fake-endpoints-models-for-testing/examples/server/server.rs index 38904f6f568..2401ef5bc6c 100644 --- a/samples/server/petstore/rust-server/output/petstore-with-fake-endpoints-models-for-testing/examples/server/server.rs +++ b/samples/server/petstore/rust-server/output/petstore-with-fake-endpoints-models-for-testing/examples/server/server.rs @@ -30,9 +30,7 @@ pub async fn create(addr: &str, https: bool) { let service = MakeService::new(server); - // This pushes a fourth layer of the middleware-stack even though Swagger assumes only three levels. - // This fourth layer creates an accept-all policy, hower the example-code already acchieves the same via a Bearer-token with full permissions, so next line is not needed (anymore). - // let service = MakeAllowAllAuthenticator::new(service, "cosmo"); + let service = MakeAllowAllAuthenticator::new(service, "cosmo"); #[allow(unused_mut)] let mut service = diff --git a/samples/server/petstore/rust-server/output/petstore-with-fake-endpoints-models-for-testing/examples/server/server_auth.rs b/samples/server/petstore/rust-server/output/petstore-with-fake-endpoints-models-for-testing/examples/server/server_auth.rs index f5133036d31..1593a36e2c4 100644 --- a/samples/server/petstore/rust-server/output/petstore-with-fake-endpoints-models-for-testing/examples/server/server_auth.rs +++ b/samples/server/petstore/rust-server/output/petstore-with-fake-endpoints-models-for-testing/examples/server/server_auth.rs @@ -1,7 +1,7 @@ use swagger::{ ApiError, auth::{Basic, Bearer}, - Has, + Has, XSpanIdString}; use petstore_with_fake_endpoints_models_for_testing::{AuthenticationApi, Claims}; use crate::server::Server; @@ -15,26 +15,27 @@ use log::{error, debug}; /// Get a dummy claim with full permissions (all scopes) for testing purposes fn full_permission_claim() -> Claims { - Claims { - sub: "tester@acme.com".to_owned(), - company: "ACME".to_owned(), - iss: "mini-bank-IDP".to_owned(), - aud: "org.acme.Resource_Server".to_string(), - // added a very long expiry time - exp: 10000000000, - // In this example code all available Scopes are added, so the current Bearer Token gets fully authorization. - scopes: [ - "write:pets", - "read:pets", - ].join(", ") - } + // In this example code all available Scopes are added, so the current Bearer Token gets fully authorization. + Claims { + sub: "tester@acme.com".to_owned(), + company: "ACME".to_owned(), + iss: "mini-bank-IDP".to_owned(), + aud: "org.acme.Resource_Server".to_string(), + // added a very long expiry time + exp: 10000000000, + scopes: + [ + "write:pets", + "read:pets", + ].join::<&str>(", ") + } } -/// Extract the data from a Bearer token using the provided Key (secret) and using the HS512-algorithm in this example. +/// Extract the data from a Bearer token using the provided Key (secret) and using the HS512-algorithm in this example. fn extract_token_data(token: &str, key: &[u8]) -> Result, JwtError::Error> { - + // Ensure that you set the correct algorithm and correct key. // See https://github.com/Keats/jsonwebtoken for more information. let header = decode_header(token)?; @@ -65,8 +66,8 @@ fn build_authorization(claims: Claims) -> Authorization { let scopes = swagger::auth::Scopes::Some(scopes); Authorization{ - subject: claims.sub, - scopes, + subject: claims.sub, + scopes, issuer: Some(claims.iss)} } @@ -107,23 +108,23 @@ impl AuthenticationApi for Server where C: Has + Send + Syn fn apikey_authorization(&self, api_key: &str) -> Result { debug!("\tAuthorizationApi: Received api-key, {api_key:#?}"); - // TODO: insert the logic to map received apikey to the set of claims + // TODO: insert the logic to map received apikey to the set of claims let claims = full_permission_claim(); // and build an authorization out of it Ok(build_authorization(claims)) } - + /// Implementation of the method to map a basic authentication (username and password) to an Authorization fn basic_authorization(&self, basic: &Basic) -> Result { debug!("\tAuthorizationApi: Received Basic-token, {basic:#?}"); - // TODO: insert the logic to map received apikey to the set of claims + // TODO: insert the logic to map received apikey to the set of claims let claims = full_permission_claim(); // and build an authorization out of it Ok(build_authorization(claims)) } -} +} diff --git a/samples/server/petstore/rust-server/output/ping-bearer-auth/examples/client/main.rs b/samples/server/petstore/rust-server/output/ping-bearer-auth/examples/client/main.rs index 3ef61d5f2a4..e19f556283f 100644 --- a/samples/server/petstore/rust-server/output/ping-bearer-auth/examples/client/main.rs +++ b/samples/server/petstore/rust-server/output/ping-bearer-auth/examples/client/main.rs @@ -34,7 +34,7 @@ fn main() { .arg(Arg::with_name("operation") .help("Sets the operation to run") .possible_values(&[ - "PingGet", + "PingGet", ]) .required(true) .index(1)) @@ -57,19 +57,18 @@ fn main() { // In a real (production) system this Bearer token should be obtained via an external Identity/Authentication-server // Ensure that you set the correct algorithm and encodingkey that matches what is used on the server side. // See https://github.com/Keats/jsonwebtoken for more information - let auth_token = build_token( Claims { - sub: "tester@acme.com".to_owned(), + sub: "tester@acme.com".to_owned(), company: "ACME".to_owned(), iss: "my_identity_provider".to_owned(), // added a very long expiry time aud: "org.acme.Resource_Server".to_string(), exp: 10000000000, // In this example code all available Scopes are added, so the current Bearer Token gets fully authorization. - scopes: [ - ].join(", ") - }, + scopes: + "".to_owned() + }, b"secret").unwrap(); let auth_data = if !auth_token.is_empty() { diff --git a/samples/server/petstore/rust-server/output/ping-bearer-auth/examples/server/server.rs b/samples/server/petstore/rust-server/output/ping-bearer-auth/examples/server/server.rs index ffbd60200e8..7cac3452a97 100644 --- a/samples/server/petstore/rust-server/output/ping-bearer-auth/examples/server/server.rs +++ b/samples/server/petstore/rust-server/output/ping-bearer-auth/examples/server/server.rs @@ -30,9 +30,7 @@ pub async fn create(addr: &str, https: bool) { let service = MakeService::new(server); - // This pushes a fourth layer of the middleware-stack even though Swagger assumes only three levels. - // This fourth layer creates an accept-all policy, hower the example-code already acchieves the same via a Bearer-token with full permissions, so next line is not needed (anymore). - // let service = MakeAllowAllAuthenticator::new(service, "cosmo"); + let service = MakeAllowAllAuthenticator::new(service, "cosmo"); #[allow(unused_mut)] let mut service = diff --git a/samples/server/petstore/rust-server/output/ping-bearer-auth/examples/server/server_auth.rs b/samples/server/petstore/rust-server/output/ping-bearer-auth/examples/server/server_auth.rs index e7d21b06931..15b1fc1a444 100644 --- a/samples/server/petstore/rust-server/output/ping-bearer-auth/examples/server/server_auth.rs +++ b/samples/server/petstore/rust-server/output/ping-bearer-auth/examples/server/server_auth.rs @@ -1,7 +1,7 @@ use swagger::{ ApiError, auth::{Basic, Bearer}, - Has, + Has, XSpanIdString}; use ping_bearer_auth::{AuthenticationApi, Claims}; use crate::server::Server; @@ -15,24 +15,24 @@ use log::{error, debug}; /// Get a dummy claim with full permissions (all scopes) for testing purposes fn full_permission_claim() -> Claims { - Claims { - sub: "tester@acme.com".to_owned(), - company: "ACME".to_owned(), - iss: "mini-bank-IDP".to_owned(), - aud: "org.acme.Resource_Server".to_string(), - // added a very long expiry time - exp: 10000000000, - // In this example code all available Scopes are added, so the current Bearer Token gets fully authorization. - scopes: [ - ].join(", ") - } + // In this example code all available Scopes are added, so the current Bearer Token gets fully authorization. + Claims { + sub: "tester@acme.com".to_owned(), + company: "ACME".to_owned(), + iss: "mini-bank-IDP".to_owned(), + aud: "org.acme.Resource_Server".to_string(), + // added a very long expiry time + exp: 10000000000, + scopes: + "".to_owned() + } } -/// Extract the data from a Bearer token using the provided Key (secret) and using the HS512-algorithm in this example. +/// Extract the data from a Bearer token using the provided Key (secret) and using the HS512-algorithm in this example. fn extract_token_data(token: &str, key: &[u8]) -> Result, JwtError::Error> { - + // Ensure that you set the correct algorithm and correct key. // See https://github.com/Keats/jsonwebtoken for more information. let header = decode_header(token)?; @@ -63,8 +63,8 @@ fn build_authorization(claims: Claims) -> Authorization { let scopes = swagger::auth::Scopes::Some(scopes); Authorization{ - subject: claims.sub, - scopes, + subject: claims.sub, + scopes, issuer: Some(claims.iss)} } @@ -105,23 +105,23 @@ impl AuthenticationApi for Server where C: Has + Send + Syn fn apikey_authorization(&self, api_key: &str) -> Result { debug!("\tAuthorizationApi: Received api-key, {api_key:#?}"); - // TODO: insert the logic to map received apikey to the set of claims + // TODO: insert the logic to map received apikey to the set of claims let claims = full_permission_claim(); // and build an authorization out of it Ok(build_authorization(claims)) } - + /// Implementation of the method to map a basic authentication (username and password) to an Authorization fn basic_authorization(&self, basic: &Basic) -> Result { debug!("\tAuthorizationApi: Received Basic-token, {basic:#?}"); - // TODO: insert the logic to map received apikey to the set of claims + // TODO: insert the logic to map received apikey to the set of claims let claims = full_permission_claim(); // and build an authorization out of it Ok(build_authorization(claims)) } -} +} diff --git a/samples/server/petstore/rust-server/output/rust-server-test/examples/client/main.rs b/samples/server/petstore/rust-server/output/rust-server-test/examples/client/main.rs index d1ae748d59b..99939f148af 100644 --- a/samples/server/petstore/rust-server/output/rust-server-test/examples/client/main.rs +++ b/samples/server/petstore/rust-server/output/rust-server-test/examples/client/main.rs @@ -42,13 +42,13 @@ fn main() { .arg(Arg::with_name("operation") .help("Sets the operation to run") .possible_values(&[ - "AllOfGet", - "DummyGet", - "FileResponseGet", - "GetStructuredYaml", - "HtmlPost", - "PostYaml", - "RawJsonGet", + "AllOfGet", + "DummyGet", + "FileResponseGet", + "GetStructuredYaml", + "HtmlPost", + "PostYaml", + "RawJsonGet", ]) .required(true) .index(1)) @@ -71,19 +71,18 @@ fn main() { // In a real (production) system this Bearer token should be obtained via an external Identity/Authentication-server // Ensure that you set the correct algorithm and encodingkey that matches what is used on the server side. // See https://github.com/Keats/jsonwebtoken for more information - let auth_token = build_token( Claims { - sub: "tester@acme.com".to_owned(), + sub: "tester@acme.com".to_owned(), company: "ACME".to_owned(), iss: "my_identity_provider".to_owned(), // added a very long expiry time aud: "org.acme.Resource_Server".to_string(), exp: 10000000000, // In this example code all available Scopes are added, so the current Bearer Token gets fully authorization. - scopes: [ - ].join(", ") - }, + scopes: + "".to_owned() + }, b"secret").unwrap(); let auth_data = if !auth_token.is_empty() { diff --git a/samples/server/petstore/rust-server/output/rust-server-test/examples/server/server.rs b/samples/server/petstore/rust-server/output/rust-server-test/examples/server/server.rs index 56fc2f63c4d..00240b2ecdc 100644 --- a/samples/server/petstore/rust-server/output/rust-server-test/examples/server/server.rs +++ b/samples/server/petstore/rust-server/output/rust-server-test/examples/server/server.rs @@ -30,9 +30,7 @@ pub async fn create(addr: &str, https: bool) { let service = MakeService::new(server); - // This pushes a fourth layer of the middleware-stack even though Swagger assumes only three levels. - // This fourth layer creates an accept-all policy, hower the example-code already acchieves the same via a Bearer-token with full permissions, so next line is not needed (anymore). - // let service = MakeAllowAllAuthenticator::new(service, "cosmo"); + let service = MakeAllowAllAuthenticator::new(service, "cosmo"); #[allow(unused_mut)] let mut service = diff --git a/samples/server/petstore/rust-server/output/rust-server-test/examples/server/server_auth.rs b/samples/server/petstore/rust-server/output/rust-server-test/examples/server/server_auth.rs index 3525e452ac1..3191e2f7dcb 100644 --- a/samples/server/petstore/rust-server/output/rust-server-test/examples/server/server_auth.rs +++ b/samples/server/petstore/rust-server/output/rust-server-test/examples/server/server_auth.rs @@ -1,7 +1,7 @@ use swagger::{ ApiError, auth::{Basic, Bearer}, - Has, + Has, XSpanIdString}; use rust_server_test::{AuthenticationApi, Claims}; use crate::server::Server; @@ -15,24 +15,24 @@ use log::{error, debug}; /// Get a dummy claim with full permissions (all scopes) for testing purposes fn full_permission_claim() -> Claims { - Claims { - sub: "tester@acme.com".to_owned(), - company: "ACME".to_owned(), - iss: "mini-bank-IDP".to_owned(), - aud: "org.acme.Resource_Server".to_string(), - // added a very long expiry time - exp: 10000000000, - // In this example code all available Scopes are added, so the current Bearer Token gets fully authorization. - scopes: [ - ].join(", ") - } + // In this example code all available Scopes are added, so the current Bearer Token gets fully authorization. + Claims { + sub: "tester@acme.com".to_owned(), + company: "ACME".to_owned(), + iss: "mini-bank-IDP".to_owned(), + aud: "org.acme.Resource_Server".to_string(), + // added a very long expiry time + exp: 10000000000, + scopes: + "".to_owned() + } } -/// Extract the data from a Bearer token using the provided Key (secret) and using the HS512-algorithm in this example. +/// Extract the data from a Bearer token using the provided Key (secret) and using the HS512-algorithm in this example. fn extract_token_data(token: &str, key: &[u8]) -> Result, JwtError::Error> { - + // Ensure that you set the correct algorithm and correct key. // See https://github.com/Keats/jsonwebtoken for more information. let header = decode_header(token)?; @@ -63,8 +63,8 @@ fn build_authorization(claims: Claims) -> Authorization { let scopes = swagger::auth::Scopes::Some(scopes); Authorization{ - subject: claims.sub, - scopes, + subject: claims.sub, + scopes, issuer: Some(claims.iss)} } @@ -105,23 +105,23 @@ impl AuthenticationApi for Server where C: Has + Send + Syn fn apikey_authorization(&self, api_key: &str) -> Result { debug!("\tAuthorizationApi: Received api-key, {api_key:#?}"); - // TODO: insert the logic to map received apikey to the set of claims + // TODO: insert the logic to map received apikey to the set of claims let claims = full_permission_claim(); // and build an authorization out of it Ok(build_authorization(claims)) } - + /// Implementation of the method to map a basic authentication (username and password) to an Authorization fn basic_authorization(&self, basic: &Basic) -> Result { debug!("\tAuthorizationApi: Received Basic-token, {basic:#?}"); - // TODO: insert the logic to map received apikey to the set of claims + // TODO: insert the logic to map received apikey to the set of claims let claims = full_permission_claim(); // and build an authorization out of it Ok(build_authorization(claims)) } -} +}