diff options
| author | mrw1593 <botahamec@outlook.com> | 2023-06-22 20:36:06 -0400 |
|---|---|---|
| committer | mrw1593 <botahamec@outlook.com> | 2023-06-22 20:36:06 -0400 |
| commit | 31f80998a8eef32c0ef2d309bee68ab88f453bab (patch) | |
| tree | c4a4b9aaa14119f95c825375116052afb571941f /src/models | |
| parent | 27ab8b4d2ea815a2bac432e7393adf19429135f9 (diff) | |
Implement the password grant
Diffstat (limited to 'src/models')
| -rw-r--r-- | src/models/client.rs | 34 |
1 files changed, 20 insertions, 14 deletions
diff --git a/src/models/client.rs b/src/models/client.rs index 90c5902..56b0ae6 100644 --- a/src/models/client.rs +++ b/src/models/client.rs @@ -36,6 +36,7 @@ pub struct Client { allowed_scopes: Box<[Box<str>]>, default_scopes: Option<Box<[Box<str>]>>, redirect_uris: Box<[Url]>, + trusted: bool, } impl PartialEq for Client { @@ -54,24 +55,19 @@ impl Hash for Client { #[derive(Debug, Clone, Copy, Error)] #[error("Confidential clients must have a secret, but it was not provided")] -pub struct NoSecretError { - _phantom: PhantomData<()>, +pub enum CreateClientError { + #[error("Confidential clients must have a secret, but it was not provided")] + NoSecret, + #[error("Only confidential clients may be trusted")] + TrustedError, } -impl ResponseError for NoSecretError { +impl ResponseError for CreateClientError { fn status_code(&self) -> StatusCode { StatusCode::BAD_REQUEST } } -impl NoSecretError { - pub(crate) fn new() -> Self { - Self { - _phantom: PhantomData, - } - } -} - impl Client { pub fn new( id: Uuid, @@ -81,7 +77,8 @@ impl Client { allowed_scopes: Box<[Box<str>]>, default_scopes: Option<Box<[Box<str>]>>, redirect_uris: &[Url], - ) -> Result<Self, Expect<NoSecretError>> { + trusted: bool, + ) -> Result<Self, Expect<CreateClientError>> { let secret = if let Some(secret) = secret { Some(PasswordHash::new(secret)?) } else { @@ -89,17 +86,22 @@ impl Client { }; if ty == ClientType::Confidential && secret.is_none() { - yeet!(NoSecretError::new().into()); + yeet!(CreateClientError::NoSecret.into()); + } + + if ty == ClientType::Public && trusted { + yeet!(CreateClientError::TrustedError.into()); } Ok(Self { id, alias: Box::from(alias), - ty: ClientType::Public, + ty, secret, allowed_scopes, default_scopes, redirect_uris: redirect_uris.into_iter().cloned().collect(), + trusted, }) } @@ -139,6 +141,10 @@ impl Client { self.default_scopes.clone().map(|s| s.join(" ")) } + pub fn is_trusted(&self) -> bool { + self.trusted + } + pub fn check_secret(&self, secret: &str) -> Option<Result<bool, RawUnexpected>> { self.secret.as_ref().map(|s| s.check_password(secret)) } |