Hyper 1.x

Cargo.toml

@@ -57,7 +57,7 @@ oauth2-types = { path = "./crates/oauth2-types/", version = "=0.9.0" }
 
 # GraphQL server
 [workspace.dependencies.async-graphql]
-version = "6.0.11"
+version = "7.0.6"
 features = ["chrono", "url", "tracing"]
 
 # Utility to write and implement async traits
@@ -68,6 +68,19 @@ version = "0.1.80"
 [workspace.dependencies.anyhow]
 version = "1.0.86"
 
+# HTTP router
+[workspace.dependencies.axum]
+version = "0.7.5"
+
+# Extra utilities for Axum
+[workspace.dependencies.axum-extra]
+version = "0.9.3"
+features = ["cookie-private", "cookie-key-expansion", "typed-header"]
+
+# Bytes
+[workspace.dependencies.bytes]
+version = "1.6.0"
+
 # UTF-8 paths
 [workspace.dependencies.camino]
 version = "1.1.7"
@@ -90,30 +103,47 @@ features = ["env", "yaml", "test"]
 
 # HTTP headers
 [workspace.dependencies.headers]
-version = "0.3.9"
+version = "0.4.0"
 
 # HTTP request/response
 [workspace.dependencies.http]
-version = "0.2.12"
+version = "1.1.0"
 
 # HTTP body trait
 [workspace.dependencies.http-body]
-version = "0.4.6"
+version = "1.0.0"
 
-# HTTP client
+# http-body utilities
+[workspace.dependencies.http-body-util]
+version = "0.1.2"
+
+# HTTP client and server
 [workspace.dependencies.hyper]
-version = "0.14.29"
-features = ["client", "http1", "http2", "stream", "runtime"]
+version = "1.4.0"
+features = ["client", "http1", "http2"]
+
+# Additional Hyper utilties
+[workspace.dependencies.hyper-util]
+version = "0.1.6"
+features = [
+    "client",
+    "server",
+    "server-auto",
+    "service",
+    "http1",
+    "http2",
+    "tokio",
+]
 
 # Hyper Rustls support
 [workspace.dependencies.hyper-rustls]
-version = "0.25.0"
+version = "0.27.2"
 features = ["http1", "http2"]
 default-features = false
 
 # Email sending
 [workspace.dependencies.lettre]
-version = "=0.11.4"
+version = "0.11.7"
 default-features = false
 features = [
     "tokio1-rustls-tls",
@@ -127,33 +157,48 @@ features = [
 
 # Templates
 [workspace.dependencies.minijinja]
-version = "2.0.2"
+version = "2.0.3"
 
 # Random values
 [workspace.dependencies.rand]
 version = "0.8.5"
 
 # TLS stack
 [workspace.dependencies.rustls]
-version = "0.22.4"
+version = "0.23.10"
 
 # Use platform-specific verifier for TLS
 [workspace.dependencies.rustls-platform-verifier]
-version = "0.2.0"
+version = "0.3.2"
 
 # JSON Schema generation
 [workspace.dependencies.schemars]
 version = "0.8.21"
 features = ["url", "chrono", "preserve_order"]
 
+# Sentry error tracking
+[workspace.dependencies.sentry]
+version = "0.34.0"
+default-features = false
+features = ["backtrace", "contexts", "panic", "tower"]
+
+# Sentry tower layer
+[workspace.dependencies.sentry-tower]
+version = "0.34.0"
+features = ["http"]
+
+# Sentry tracing integration
+[workspace.dependencies.sentry-tracing]
+version = "0.34.0"
+
 # Serialization and deserialization
 [workspace.dependencies.serde]
 version = "1.0.203"
 features = ["derive"] # Most of the time, if we need serde, we need derive
 
 # JSON serialization and deserialization
 [workspace.dependencies.serde_json]
-version = "1.0.119"
+version = "1.0.120"
 features = ["preserve_order"]
 
 # SQL database support
@@ -183,6 +228,11 @@ features = ["full"]
 version = "0.4.13"
 features = ["util"]
 
+# Tower HTTP layers
+[workspace.dependencies.tower-http]
+version = "0.5.2"
+features = ["cors", "fs", "add-extension"]
+
 # Logging and tracing
 [workspace.dependencies.tracing]
 version = "0.1.40"
@@ -195,7 +245,6 @@ version = "0.23.0"
 features = ["trace", "metrics"]
 [workspace.dependencies.opentelemetry-http]
 version = "0.12.0"
-features = ["hyper", "tokio"]
 [workspace.dependencies.opentelemetry-semantic-conventions]
 version = "0.15.0"
 [workspace.dependencies.tracing-opentelemetry]

crates/axum-utils/Cargo.toml

@@ -13,18 +13,21 @@ workspace = true
 
 [dependencies]
 async-trait.workspace = true
-axum = { version = "0.6.20", features = ["headers"] }
-axum-extra = { version = "0.8.0", features = ["cookie-private", "cookie-key-expansion"] }
+axum.workspace = true
+axum-extra.workspace = true
+bytes.workspace = true
 chrono.workspace = true
 data-encoding = "2.6.0"
 futures-util = "0.3.30"
 headers.workspace = true
 http.workspace = true
 http-body.workspace = true
+http-body-util.workspace = true
+hyper-util.workspace = true
 icu_locid = "1.4.0"
 mime = "0.3.17"
 rand.workspace = true
-sentry = { version = "0.31.8", default-features = false }
+sentry.workspace = true
 serde.workspace = true
 serde_with = "3.8.2"
 serde_urlencoded = "0.7.1"

crates/axum-utils/src/client_authorization.rs

@@ -16,14 +16,14 @@ use std::collections::HashMap;
 
 use async_trait::async_trait;
 use axum::{
-    body::HttpBody,
     extract::{
-        rejection::{FailedToDeserializeForm, FormRejection, TypedHeaderRejectionReason},
-        Form, FromRequest, FromRequestParts, TypedHeader,
+        rejection::{FailedToDeserializeForm, FormRejection},
+        Form, FromRequest, FromRequestParts,
     },
     response::IntoResponse,
     BoxError, Json,
 };
+use axum_extra::typed_header::{TypedHeader, TypedHeaderRejectionReason};
 use headers::{authorization::Basic, Authorization};
 use http::{Request, StatusCode};
 use mas_data_model::{Client, JwksOrJwksUri};
@@ -337,18 +337,18 @@ impl IntoResponse for ClientAuthorizationError {
 }
 
 #[async_trait]
-impl<S, B, F> FromRequest<S, B> for ClientAuthorization<F>
+impl<S, F> FromRequest<S> for ClientAuthorization<F>
 where
     F: DeserializeOwned,
-    B: HttpBody + Send + 'static,
-    B::Data: Send,
-    B::Error: Into<BoxError>,
     S: Send + Sync,
 {
     type Rejection = ClientAuthorizationError;
 
     #[allow(clippy::too_many_lines)]
-    async fn from_request(req: Request<B>, state: &S) -> Result<Self, Self::Rejection> {
+    async fn from_request(
+        req: Request<axum::body::Body>,
+        state: &S,
+    ) -> Result<Self, Self::Rejection> {
         // Split the request into parts so we can extract some headers
         let (mut parts, body) = req.into_parts();
 
@@ -489,7 +489,7 @@ where
 
 #[cfg(test)]
 mod tests {
-    use axum::body::{Bytes, Full};
+    use axum::body::Body;
     use http::{Method, Request};
 
     use super::*;
@@ -502,7 +502,7 @@ mod tests {
                 http::header::CONTENT_TYPE,
                 mime::APPLICATION_WWW_FORM_URLENCODED.as_ref(),
             )
-            .body(Full::<Bytes>::new("client_id=client-id&foo=bar".into()))
+            .body(Body::new("client_id=client-id&foo=bar".to_owned()))
             .unwrap();
 
         assert_eq!(
@@ -530,7 +530,7 @@ mod tests {
                 http::header::AUTHORIZATION,
                 "Basic Y2xpZW50LWlkOmNsaWVudC1zZWNyZXQ=",
             )
-            .body(Full::<Bytes>::new("foo=bar".into()))
+            .body(Body::new("foo=bar".to_owned()))
             .unwrap();
 
         assert_eq!(
@@ -557,7 +557,7 @@ mod tests {
                 http::header::AUTHORIZATION,
                 "Basic Y2xpZW50LWlkOmNsaWVudC1zZWNyZXQ=",
             )
-            .body(Full::<Bytes>::new("client_id=client-id&foo=bar".into()))
+            .body(Body::new("client_id=client-id&foo=bar".to_owned()))
             .unwrap();
 
         assert_eq!(
@@ -584,7 +584,7 @@ mod tests {
                 http::header::AUTHORIZATION,
                 "Basic Y2xpZW50LWlkOmNsaWVudC1zZWNyZXQ=",
             )
-            .body(Full::<Bytes>::new("client_id=mismatch-id&foo=bar".into()))
+            .body(Body::new("client_id=mismatch-id&foo=bar".to_owned()))
             .unwrap();
 
         assert!(matches!(
@@ -600,7 +600,7 @@ mod tests {
                 mime::APPLICATION_WWW_FORM_URLENCODED.as_ref(),
             )
             .header(http::header::AUTHORIZATION, "Basic invalid")
-            .body(Full::<Bytes>::new("foo=bar".into()))
+            .body(Body::new("foo=bar".to_owned()))
             .unwrap();
 
         assert!(matches!(
@@ -617,8 +617,8 @@ mod tests {
                 http::header::CONTENT_TYPE,
                 mime::APPLICATION_WWW_FORM_URLENCODED.as_ref(),
             )
-            .body(Full::<Bytes>::new(
-                "client_id=client-id&client_secret=client-secret&foo=bar".into(),
+            .body(Body::new(
+                "client_id=client-id&client_secret=client-secret&foo=bar".to_owned(),
             ))
             .unwrap();
 
@@ -640,7 +640,7 @@ mod tests {
     async fn client_assertion_test() {
         // Signed with client_secret = "client-secret"
         let jwt = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJjbGllbnQtaWQiLCJzdWIiOiJjbGllbnQtaWQiLCJhdWQiOiJodHRwczovL2V4YW1wbGUuY29tL29hdXRoMi9pbnRyb3NwZWN0IiwianRpIjoiYWFiYmNjIiwiZXhwIjoxNTE2MjM5MzIyLCJpYXQiOjE1MTYyMzkwMjJ9.XTaACG_Rww0GPecSZvkbem-AczNy9LLNBueCLCiQajU";
-        let body = Bytes::from(format!(
+        let body = Body::new(format!(
             "client_assertion_type={JWT_BEARER_CLIENT_ASSERTION}&client_assertion={jwt}&foo=bar",
         ));
 
@@ -650,7 +650,7 @@ mod tests {
                 http::header::CONTENT_TYPE,
                 mime::APPLICATION_WWW_FORM_URLENCODED.as_ref(),
             )
-            .body(Full::new(body))
+            .body(body)
             .unwrap();
 
         let authz = ClientAuthorization::<serde_json::Value>::from_request(req, &())

crates/axum-utils/src/fancy_error.rs

@@ -15,8 +15,9 @@
 use axum::{
     http::StatusCode,
     response::{IntoResponse, Response},
-    Extension, TypedHeader,
+    Extension,
 };
+use axum_extra::typed_header::TypedHeader;
 use headers::ContentType;
 use mas_templates::ErrorContext;
 

crates/axum-utils/src/http_client_factory.rs

@@ -1,4 +1,4 @@
-// Copyright 2022 The Matrix.org Foundation C.I.C.
+// Copyright 2022-2024 The Matrix.org Foundation C.I.C.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -12,7 +12,8 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-use axum::body::Full;
+use http_body_util::Full;
+use hyper_util::rt::TokioExecutor;
 use mas_http::{
     make_traced_connector, BodyToBytesResponseLayer, Client, ClientLayer, ClientService,
     HttpService, TracedClient, TracedConnector,
@@ -50,7 +51,7 @@ impl HttpClientFactory {
         B: axum::body::HttpBody + Send,
         B::Data: Send,
     {
-        let client = Client::builder().build(self.traced_connector.clone());
+        let client = Client::builder(TokioExecutor::new()).build(self.traced_connector.clone());
         self.client_layer
             .clone()
             .with_category(category)

crates/axum-utils/src/jwt.rs

@@ -12,10 +12,8 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-use axum::{
-    response::{IntoResponse, Response},
-    TypedHeader,
-};
+use axum::response::{IntoResponse, Response};
+use axum_extra::typed_header::TypedHeader;
 use headers::ContentType;
 use mas_jose::jwt::Jwt;
 use mime::Mime;

crates/axum-utils/src/user_authorization.rs

@@ -16,14 +16,13 @@ use std::{collections::HashMap, error::Error};
 
 use async_trait::async_trait;
 use axum::{
-    body::HttpBody,
     extract::{
-        rejection::{FailedToDeserializeForm, FormRejection, TypedHeaderRejectionReason},
-        Form, FromRequest, FromRequestParts, TypedHeader,
+        rejection::{FailedToDeserializeForm, FormRejection},
+        Form, FromRequest, FromRequestParts,
     },
     response::{IntoResponse, Response},
-    BoxError,
 };
+use axum_extra::typed_header::{TypedHeader, TypedHeaderRejectionReason};
 use headers::{authorization::Bearer, Authorization, Header, HeaderMapExt, HeaderName};
 use http::{header::WWW_AUTHENTICATE, HeaderMap, HeaderValue, Request, StatusCode};
 use mas_data_model::Session;
@@ -289,17 +288,17 @@ where
 }
 
 #[async_trait]
-impl<S, B, F> FromRequest<S, B> for UserAuthorization<F>
+impl<S, F> FromRequest<S> for UserAuthorization<F>
 where
     F: DeserializeOwned,
-    B: HttpBody + Send + 'static,
-    B::Data: Send,
-    B::Error: Into<BoxError>,
     S: Send + Sync,
 {
     type Rejection = UserAuthorizationError;
 
-    async fn from_request(req: Request<B>, state: &S) -> Result<Self, Self::Rejection> {
+    async fn from_request(
+        req: Request<axum::body::Body>,
+        state: &S,
+    ) -> Result<Self, Self::Rejection> {
         let (mut parts, body) = req.into_parts();
         let header =
             TypedHeader::<Authorization<Bearer>>::from_request_parts(&mut parts, state).await;