From ed34a5251f13bbded0aa15719887db4924b351eb Mon Sep 17 00:00:00 2001
From: benj <benj@rse8.com>
Date: Mon, 22 May 2023 15:47:06 -0700
Subject: update credential API to include sessions

This change updates the credential API to include sessions as just another
credential type. It adds the ApiToken type and enables revocation of
credentials. Updates were also made to the Identity API which now includes a
list of new credentials added to an Identity.

This change also migrates off the hacky ENV configuration paradigm and includes
a new config.toml file specified by the SECD_CONFIG_PATH env var. No default is
currently provided.

Clippy updates and code cleanup.
---
 crates/secd/src/client/store/mod.rs | 84 ++++---------------------------------
 1 file changed, 9 insertions(+), 75 deletions(-)

(limited to 'crates/secd/src/client/store/mod.rs')

diff --git a/crates/secd/src/client/store/mod.rs b/crates/secd/src/client/store/mod.rs
index 7bf01d5..6c42dba 100644
--- a/crates/secd/src/client/store/mod.rs
+++ b/crates/secd/src/client/store/mod.rs
@@ -6,8 +6,8 @@ use std::sync::Arc;
 use uuid::Uuid;
 
 use crate::{
-    util, Address, AddressType, AddressValidation, Credential, CredentialId, CredentialType,
-    Identity, IdentityId, Session,
+    Address, AddressType, AddressValidation, Credential, CredentialId, CredentialType, Identity,
+    IdentityId,
 };
 
 use self::sql_db::SqlClient;
@@ -60,21 +60,13 @@ pub(crate) struct IdentityLens<'a> {
     pub id: Option<&'a Uuid>,
     pub address_type: Option<&'a AddressType>,
     pub validated_address: Option<bool>,
-    pub session_token_hash: Option<Vec<u8>>,
 }
 impl<'a> Lens for IdentityLens<'a> {}
 
-pub(crate) struct SessionLens<'a> {
-    pub token_hash: Option<&'a Vec<u8>>,
-    pub identity_id: Option<&'a IdentityId>,
-}
-impl<'a> Lens for SessionLens<'a> {}
-
 pub(crate) struct CredentialLens<'a> {
     pub id: Option<CredentialId>,
     pub identity_id: Option<IdentityId>,
     pub t: Option<&'a CredentialType>,
-    pub restrict_by_key: Option<bool>,
 }
 impl<'a> Lens for CredentialLens<'a> {}
 
@@ -94,7 +86,7 @@ impl<'a> Storable<'a> for Address {
         store: Arc<dyn Store>,
         lens: &'a Self::Lens,
     ) -> Result<Vec<Self::Item>, StoreError> {
-        let typ = lens.t.map(|at| at.to_string().clone());
+        let typ = lens.t.map(|at| at.to_string());
         let typ = typ.as_deref();
 
         let val = lens.t.and_then(|at| at.get_value());
@@ -151,53 +143,17 @@ impl<'a> Storable<'a> for Identity {
 
         Ok(match store.get_type() {
             StoreType::Postgres { c } => {
-                c.find_identity(
-                    lens.id,
-                    val,
-                    lens.validated_address,
-                    &lens.session_token_hash,
-                )
-                .await?
+                c.find_identity(lens.id, val, lens.validated_address)
+                    .await?
             }
             StoreType::Sqlite { c } => {
-                c.find_identity(
-                    lens.id,
-                    val,
-                    lens.validated_address,
-                    &lens.session_token_hash,
-                )
-                .await?
+                c.find_identity(lens.id, val, lens.validated_address)
+                    .await?
             }
         })
     }
 }
 
-#[async_trait]
-impl<'a> Storable<'a> for Session {
-    type Item = Session;
-    type Lens = SessionLens<'a>;
-
-    async fn write(&self, store: Arc<dyn Store>) -> Result<(), StoreError> {
-        let token_hash = util::hash(&self.token);
-        match store.get_type() {
-            StoreType::Postgres { c } => c.write_session(self, &token_hash).await?,
-            StoreType::Sqlite { c } => c.write_session(self, &token_hash).await?,
-        }
-        Ok(())
-    }
-    async fn find(
-        store: Arc<dyn Store>,
-        lens: &'a Self::Lens,
-    ) -> Result<Vec<Self::Item>, StoreError> {
-        let token = lens.token_hash.map(|t| t.clone()).unwrap_or(vec![]);
-
-        Ok(match store.get_type() {
-            StoreType::Postgres { c } => c.find_session(token, lens.identity_id).await?,
-            StoreType::Sqlite { c } => c.find_session(token, lens.identity_id).await?,
-        })
-    }
-}
-
 #[async_trait]
 impl<'a> Storable<'a> for Credential {
     type Item = Credential;
@@ -217,31 +173,9 @@ impl<'a> Storable<'a> for Credential {
     ) -> Result<Vec<Self::Item>, StoreError> {
         Ok(match store.get_type() {
             StoreType::Postgres { c } => {
-                c.find_credential(
-                    lens.id,
-                    lens.identity_id,
-                    lens.t,
-                    if let Some(true) = lens.restrict_by_key {
-                        true
-                    } else {
-                        false
-                    },
-                )
-                .await?
-            }
-            StoreType::Sqlite { c } => {
-                c.find_credential(
-                    lens.id,
-                    lens.identity_id,
-                    lens.t,
-                    if let Some(true) = lens.restrict_by_key {
-                        true
-                    } else {
-                        false
-                    },
-                )
-                .await?
+                c.find_credential(lens.id, lens.identity_id, lens.t).await?
             }
+            StoreType::Sqlite { c } => c.find_credential(lens.id, lens.identity_id, lens.t).await?,
         })
     }
 }
-- 
cgit v1.2.3