mirror of
https://github.com/YGGverse/Yoda.git
synced 2025-01-28 20:14:13 +00:00
begin authorization components implementation for gemini protocol
This commit is contained in:
parent
b32a1a297f
commit
f487215ca9
@ -20,12 +20,18 @@ use crate::app::browser::{
|
||||
use crate::Profile;
|
||||
use gtk::{
|
||||
gdk_pixbuf::Pixbuf,
|
||||
gio::{Cancellable, SocketClient, SocketClientEvent, SocketProtocol, TlsCertificateFlags},
|
||||
gio::{
|
||||
Cancellable, SocketClient, SocketClientEvent, SocketConnectable, SocketProtocol,
|
||||
TlsCertificate, TlsCertificateFlags, TlsClientConnection,
|
||||
},
|
||||
glib::{
|
||||
gformat, Bytes, GString, Priority, Regex, RegexCompileFlags, RegexMatchFlags, Uri,
|
||||
UriFlags, UriHideFlags,
|
||||
},
|
||||
prelude::{CancellableExt, EditableExt, IOStreamExt, OutputStreamExt, SocketClientExt},
|
||||
prelude::{
|
||||
CancellableExt, EditableExt, IOStreamExt, OutputStreamExt, SocketClientExt,
|
||||
TlsConnectionExt,
|
||||
},
|
||||
};
|
||||
use sqlite::Transaction;
|
||||
use std::{cell::RefCell, rc::Rc, time::Duration};
|
||||
@ -434,10 +440,24 @@ impl Page {
|
||||
|
||||
// Init socket
|
||||
let client = SocketClient::new();
|
||||
|
||||
client.set_protocol(SocketProtocol::Tcp);
|
||||
|
||||
// Check request match configured identity in profile database
|
||||
let auth = if let Some(pem) = self
|
||||
.profile
|
||||
.identity
|
||||
.gemini(&self.navigation.request().widget().gobject().text())
|
||||
{
|
||||
match TlsCertificate::from_pem(&pem) {
|
||||
Ok(certificate) => Some(certificate),
|
||||
Err(_) => todo!(),
|
||||
}
|
||||
} else {
|
||||
// Use unauthorized connection
|
||||
client.set_tls_validation_flags(TlsCertificateFlags::INSECURE);
|
||||
client.set_tls(true);
|
||||
None
|
||||
};
|
||||
|
||||
// Listen for connection status updates
|
||||
client.connect_event({
|
||||
@ -468,6 +488,21 @@ impl Page {
|
||||
Some(&cancellable.clone()),
|
||||
move |connect| match connect {
|
||||
Ok(connection) => {
|
||||
// Wrap connection with TLS
|
||||
if let Some(certificate) = auth {
|
||||
let connection = TlsClientConnection::new(
|
||||
&connection.clone(),
|
||||
None::<&SocketConnectable>,
|
||||
)
|
||||
.unwrap(); // @TODO handle
|
||||
// Apply authorization
|
||||
connection.set_certificate(
|
||||
&certificate,
|
||||
);
|
||||
// Validate @TODO
|
||||
// connection.connect_accept_certificate(|_, _, _| true);
|
||||
}
|
||||
|
||||
// Send request
|
||||
connection.output_stream().write_bytes_async(
|
||||
&Bytes::from(gformat!("{url}\r\n").as_bytes()),
|
||||
|
@ -1,10 +1,11 @@
|
||||
mod bookmark;
|
||||
mod database;
|
||||
//mod history;
|
||||
//mod identity;
|
||||
mod identity;
|
||||
|
||||
use bookmark::Bookmark;
|
||||
use database::Database;
|
||||
use identity::Identity;
|
||||
|
||||
use gtk::glib::{user_config_dir, DateTime};
|
||||
use sqlite::{Connection, Transaction};
|
||||
@ -19,6 +20,7 @@ const DB_NAME: &str = "database.sqlite3";
|
||||
pub struct Profile {
|
||||
pub bookmark: Rc<Bookmark>,
|
||||
pub database: Rc<Database>,
|
||||
pub identity: Rc<Identity>,
|
||||
pub config_path: PathBuf,
|
||||
}
|
||||
|
||||
@ -93,7 +95,8 @@ impl Profile {
|
||||
|
||||
// Result
|
||||
Self {
|
||||
bookmark: Rc::new(Bookmark::new(connection, profile_id)),
|
||||
bookmark: Rc::new(Bookmark::new(connection.clone(), profile_id.clone())),
|
||||
identity: Rc::new(Identity::new(connection, profile_id)),
|
||||
database,
|
||||
config_path,
|
||||
}
|
||||
@ -108,9 +111,9 @@ pub fn migrate(tx: &Transaction) -> Result<(), String> {
|
||||
|
||||
// Delegate migration to children components
|
||||
bookmark::migrate(tx)?;
|
||||
identity::migrate(tx)?;
|
||||
// @TODO not in use yet
|
||||
// history::migrate(tx)?;
|
||||
// identity::migrate(tx)?;
|
||||
|
||||
// Success
|
||||
Ok(())
|
||||
|
@ -1,17 +1,51 @@
|
||||
mod database;
|
||||
mod gemini;
|
||||
use gemini::Gemini;
|
||||
|
||||
use sqlite::Transaction;
|
||||
use sqlite::{Connection, Transaction};
|
||||
use std::{rc::Rc, sync::RwLock};
|
||||
|
||||
/// Authorization wrapper for different protocols
|
||||
pub struct Identity {
|
||||
gemini: Rc<Gemini>,
|
||||
}
|
||||
|
||||
impl Identity {
|
||||
// Constructors
|
||||
|
||||
/// Create new `Self`
|
||||
pub fn new(connection: Rc<RwLock<Connection>>, profile_id: Rc<i64>) -> Self {
|
||||
Self {
|
||||
gemini: Rc::new(Gemini::new(connection, profile_id)),
|
||||
}
|
||||
}
|
||||
|
||||
/// Get `pem` record match `request`
|
||||
///
|
||||
/// https://geminiprotocol.net/docs/protocol-specification.gmi#client-certificates
|
||||
pub fn gemini(&self, request: &str) -> Option<String> {
|
||||
if let Ok(auth_records) = self.gemini.auth.database.records(Some(request)) {
|
||||
for auth_record in auth_records {
|
||||
if let Ok(gemini_records) = self.gemini.database.records() {
|
||||
for gemini_record in gemini_records {
|
||||
if gemini_record.id == auth_record.gemini_id {
|
||||
return Some(gemini_record.pem);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
None
|
||||
} // @TODO apply protocol rules to selection
|
||||
}
|
||||
|
||||
// Tools
|
||||
|
||||
pub fn migrate(tx: &Transaction) -> Result<(), String> {
|
||||
// Migrate self components
|
||||
if let Err(e) = database::init(tx) {
|
||||
return Err(e.to_string());
|
||||
}
|
||||
// nothing yet..
|
||||
|
||||
// Delegate migration to childs
|
||||
// nothing yet..
|
||||
gemini::migrate(tx)?;
|
||||
|
||||
// Success
|
||||
Ok(())
|
||||
|
@ -1,20 +0,0 @@
|
||||
use sqlite::{Error, Transaction};
|
||||
|
||||
pub struct Table {
|
||||
pub id: i64,
|
||||
//pub profile_id: i64,
|
||||
}
|
||||
|
||||
// Low-level DB API
|
||||
|
||||
pub fn init(tx: &Transaction) -> Result<usize, Error> {
|
||||
tx.execute(
|
||||
"CREATE TABLE IF NOT EXISTS `profile_identity`
|
||||
(
|
||||
`id` INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL,
|
||||
`profile_id` INTEGER NOT NULL,
|
||||
`pem` TEXT NOT NULL
|
||||
)",
|
||||
[],
|
||||
)
|
||||
}
|
45
src/profile/identity/gemini.rs
Normal file
45
src/profile/identity/gemini.rs
Normal file
@ -0,0 +1,45 @@
|
||||
mod auth;
|
||||
mod database;
|
||||
|
||||
use auth::Auth;
|
||||
use database::Database;
|
||||
|
||||
use sqlite::{Connection, Transaction};
|
||||
use std::{rc::Rc, sync::RwLock};
|
||||
|
||||
/// Authorization wrapper for Gemini protocol
|
||||
///
|
||||
/// https://geminiprotocol.net/docs/protocol-specification.gmi#client-certificates
|
||||
pub struct Gemini {
|
||||
pub auth: Rc<Auth>,
|
||||
pub database: Rc<Database>,
|
||||
}
|
||||
|
||||
impl Gemini {
|
||||
// Constructors
|
||||
|
||||
/// Create new `Self`
|
||||
pub fn new(connection: Rc<RwLock<Connection>>, profile_id: Rc<i64>) -> Self {
|
||||
Self {
|
||||
auth: Rc::new(Auth::new(connection.clone(), profile_id.clone())),
|
||||
database: Rc::new(Database::new(connection, profile_id)),
|
||||
}
|
||||
}
|
||||
|
||||
// @TODO create new identity API
|
||||
}
|
||||
|
||||
// Tools
|
||||
|
||||
pub fn migrate(tx: &Transaction) -> Result<(), String> {
|
||||
// Migrate self components
|
||||
if let Err(e) = database::init(tx) {
|
||||
return Err(e.to_string());
|
||||
}
|
||||
|
||||
// Delegate migration to childs
|
||||
auth::migrate(tx)?;
|
||||
|
||||
// Success
|
||||
Ok(())
|
||||
}
|
37
src/profile/identity/gemini/auth.rs
Normal file
37
src/profile/identity/gemini/auth.rs
Normal file
@ -0,0 +1,37 @@
|
||||
mod database;
|
||||
|
||||
use database::Database;
|
||||
|
||||
use sqlite::{Connection, Transaction};
|
||||
use std::{rc::Rc, sync::RwLock};
|
||||
|
||||
/// API for `gemini_id` + `request` auth pairs operations
|
||||
pub struct Auth {
|
||||
pub database: Rc<Database>,
|
||||
}
|
||||
|
||||
impl Auth {
|
||||
// Constructors
|
||||
|
||||
/// Create new `Self`
|
||||
pub fn new(connection: Rc<RwLock<Connection>>, profile_id: Rc<i64>) -> Self {
|
||||
Self {
|
||||
database: Rc::new(Database::new(connection, profile_id)),
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Tools
|
||||
|
||||
pub fn migrate(tx: &Transaction) -> Result<(), String> {
|
||||
// Migrate self components
|
||||
if let Err(e) = database::init(tx) {
|
||||
return Err(e.to_string());
|
||||
}
|
||||
|
||||
// Delegate migration to childs
|
||||
// nothing yet..
|
||||
|
||||
// Success
|
||||
Ok(())
|
||||
}
|
81
src/profile/identity/gemini/auth/database.rs
Normal file
81
src/profile/identity/gemini/auth/database.rs
Normal file
@ -0,0 +1,81 @@
|
||||
use std::{rc::Rc, sync::RwLock};
|
||||
|
||||
use sqlite::{Connection, Error, Transaction};
|
||||
|
||||
pub struct Table {
|
||||
//pub id: i64,
|
||||
//pub profile_id: i64,
|
||||
pub gemini_id: i64,
|
||||
}
|
||||
|
||||
/// Storage for `gemini_id` + `request` auth pairs
|
||||
pub struct Database {
|
||||
connection: Rc<RwLock<Connection>>,
|
||||
profile_id: Rc<i64>, // multi-profile relationship
|
||||
}
|
||||
|
||||
impl Database {
|
||||
// Constructors
|
||||
|
||||
/// Create new `Self`
|
||||
pub fn new(connection: Rc<RwLock<Connection>>, profile_id: Rc<i64>) -> Self {
|
||||
Self {
|
||||
connection,
|
||||
profile_id,
|
||||
}
|
||||
}
|
||||
|
||||
// Getters
|
||||
|
||||
/// Get records from database match current `profile_id` optionally filtered by `request`
|
||||
pub fn records(&self, request: Option<&str>) -> Result<Vec<Table>, Error> {
|
||||
let readable = self.connection.read().unwrap(); // @TODO
|
||||
let tx = readable.unchecked_transaction()?;
|
||||
select(&tx, *self.profile_id, request)
|
||||
}
|
||||
}
|
||||
|
||||
// Low-level DB API
|
||||
|
||||
pub fn init(tx: &Transaction) -> Result<usize, Error> {
|
||||
tx.execute(
|
||||
"CREATE TABLE IF NOT EXISTS `profile_identity_gemini_auth`
|
||||
(
|
||||
`id` INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL,
|
||||
`profile_id` INTEGER NOT NULL,
|
||||
`gemini_id` INTEGER NOT NULL,
|
||||
`request` TEXT NOT NULL
|
||||
)",
|
||||
[],
|
||||
)
|
||||
}
|
||||
|
||||
pub fn select(
|
||||
tx: &Transaction,
|
||||
profile_id: i64,
|
||||
request: Option<&str>,
|
||||
) -> Result<Vec<Table>, Error> {
|
||||
let mut stmt = tx.prepare(
|
||||
"SELECT `id`,
|
||||
`profile_id`,
|
||||
`gemini_id` FROM `profile_identity_gemini_auth`
|
||||
WHERE `profile_id` = ? AND `request` LIKE ?",
|
||||
)?;
|
||||
|
||||
let result = stmt.query_map((profile_id, request.unwrap_or("%")), |row| {
|
||||
Ok(Table {
|
||||
//id: row.get(0)?,
|
||||
//profile_id: row.get(1)?,
|
||||
gemini_id: row.get(2)?,
|
||||
})
|
||||
})?;
|
||||
|
||||
let mut records = Vec::new();
|
||||
|
||||
for record in result {
|
||||
let table = record?;
|
||||
records.push(table);
|
||||
}
|
||||
|
||||
Ok(records)
|
||||
}
|
70
src/profile/identity/gemini/database.rs
Normal file
70
src/profile/identity/gemini/database.rs
Normal file
@ -0,0 +1,70 @@
|
||||
use sqlite::{Connection, Error, Transaction};
|
||||
use std::{rc::Rc, sync::RwLock};
|
||||
|
||||
pub struct Table {
|
||||
pub id: i64,
|
||||
//pub profile_id: i64,
|
||||
pub pem: String,
|
||||
}
|
||||
|
||||
/// Storage for Gemini auth certificates
|
||||
pub struct Database {
|
||||
connection: Rc<RwLock<Connection>>,
|
||||
profile_id: Rc<i64>, // multi-profile relationship
|
||||
}
|
||||
|
||||
impl Database {
|
||||
// Constructors
|
||||
|
||||
/// Create new `Self`
|
||||
pub fn new(connection: Rc<RwLock<Connection>>, profile_id: Rc<i64>) -> Self {
|
||||
Self {
|
||||
connection,
|
||||
profile_id,
|
||||
}
|
||||
}
|
||||
|
||||
/// Get all records match current `profile_id`
|
||||
pub fn records(&self) -> Result<Vec<Table>, Error> {
|
||||
let readable = self.connection.read().unwrap(); // @TODO
|
||||
let tx = readable.unchecked_transaction()?;
|
||||
select(&tx, *self.profile_id)
|
||||
}
|
||||
}
|
||||
|
||||
// Low-level DB API
|
||||
|
||||
pub fn init(tx: &Transaction) -> Result<usize, Error> {
|
||||
tx.execute(
|
||||
"CREATE TABLE IF NOT EXISTS `profile_identity_gemini`
|
||||
(
|
||||
`id` INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL,
|
||||
`profile_id` INTEGER NOT NULL,
|
||||
`pem` TEXT NOT NULL
|
||||
)",
|
||||
[],
|
||||
)
|
||||
}
|
||||
|
||||
pub fn select(tx: &Transaction, profile_id: i64) -> Result<Vec<Table>, Error> {
|
||||
let mut stmt = tx.prepare(
|
||||
"SELECT `id`, `profile_id`, `pem` FROM `profile_identity_gemini` WHERE `profile_id` = ?",
|
||||
)?;
|
||||
|
||||
let result = stmt.query_map([profile_id], |row| {
|
||||
Ok(Table {
|
||||
id: row.get(0)?,
|
||||
//profile_id: row.get(1)?,
|
||||
pem: row.get(2)?,
|
||||
})
|
||||
})?;
|
||||
|
||||
let mut records = Vec::new();
|
||||
|
||||
for record in result {
|
||||
let table = record?;
|
||||
records.push(table);
|
||||
}
|
||||
|
||||
Ok(records)
|
||||
}
|
Loading…
x
Reference in New Issue
Block a user