diff --git a/changelog.d/5-internal/pr-3142 b/changelog.d/5-internal/pr-3142 new file mode 100644 index 0000000000..3b095c6ccf --- /dev/null +++ b/changelog.d/5-internal/pr-3142 @@ -0,0 +1 @@ +Rust library `rusty-jwt-tools` upgraded to latest version diff --git a/libs/jwt-tools/src/Data/Jwt/Tools.hs b/libs/jwt-tools/src/Data/Jwt/Tools.hs index 23360373fc..b858c38f3d 100644 --- a/libs/jwt-tools/src/Data/Jwt/Tools.hs +++ b/libs/jwt-tools/src/Data/Jwt/Tools.hs @@ -40,10 +40,8 @@ import Control.Exception import Control.Monad.Trans.Except import Data.ByteString.Conversion import Data.String.Conversions (cs) -import Foreign.C (CUChar (..)) import Foreign.C.String (CString, newCString, peekCString) import Foreign.Ptr (Ptr, nullPtr) -import Foreign.Storable (peek) import Imports import Network.HTTP.Types (StdMethod (..)) @@ -88,7 +86,7 @@ foreign import ccall unsafe "generate_dpop_access_token" foreign import ccall unsafe "free_dpop_access_token" free_dpop_access_token :: Ptr HsResult -> IO () -foreign import ccall unsafe "get_error" get_error :: Ptr HsResult -> Ptr CUChar +foreign import ccall unsafe "get_error" get_error :: Ptr HsResult -> Word8 foreign import ccall unsafe "get_token" get_token :: Ptr HsResult -> CString @@ -113,9 +111,9 @@ generateDpopAccessTokenFfi dpopProof user client domain nonce uri method maxSkew getErrorFfi :: Ptr HsResult -> IO (Maybe Word8) getErrorFfi ptr = do - let errorPtr = get_error ptr - if errorPtr /= nullPtr - then Just . fromIntegral <$> peek errorPtr + let err = get_error ptr + if err /= 0 + then pure $ Just err else pure Nothing getTokenFfi :: Ptr HsResult -> IO (Maybe String) diff --git a/libs/jwt-tools/test/Spec.hs b/libs/jwt-tools/test/Spec.hs index d39cb0b3e9..91f40a4be8 100644 --- a/libs/jwt-tools/test/Spec.hs +++ b/libs/jwt-tools/test/Spec.hs @@ -25,12 +25,12 @@ main :: IO () main = hspec $ do describe "generateDpopToken FFI when passing valid inputs" $ do it "should return an access token" $ do - actual <- callFFIWithValidValuesValidUntil2038 + actual <- runExceptT $ generateDpopToken proof uid cid domain nonce uri method maxSkewSecs expires now pem isRight actual `shouldBe` True - describe "generateDpopToken FFI when passing nonsense values" $ do - it "should return an error" $ do - actual <- callFFIWithNonsenseValues - isRight actual `shouldBe` False + describe "generateDpopToken FFI when passing a wrong nonce value" $ do + it "should return BackendNonceMismatchError" $ do + actual <- runExceptT $ generateDpopToken proof uid cid domain (Nonce "foobar") uri method maxSkewSecs expires now pem + actual `shouldBe` Left BackendNonceMismatchError describe "toResult" $ do it "should convert to correct error" $ do toResult Nothing (Just token) `shouldBe` Right (cs token) @@ -72,36 +72,7 @@ main = hspec $ do toResult (Just 18) (Just token) `shouldBe` Left ExpError toResult Nothing Nothing `shouldBe` Left UnknownError where - token :: String token = "eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJqb2UiLA0KICJleiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ.dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk" - -callFFIWithNonsenseValues :: IO (Either DPoPTokenGenerationError ByteString) -callFFIWithNonsenseValues = - runExceptT $ generateDpopToken proof uid cid domain nonce uri method maxSkewSecs expires now pem - where - proof = Proof "xxxx.yyyy.zzzz" - uid = UserId "8a6e8a6e-8a6e-8a6e-8a6e-8a6e8a6e8a6e" - cid = ClientId 8899 - domain = Domain "example.com" - nonce = Nonce "123" - uri = Uri "/foo" - method = POST - maxSkewSecs = MaxSkewSecs 1 - now = NowEpoch 5435234232 - expires = ExpiryEpoch $ 5435234232 + 360 - pem = - PemBundle $ - "-----BEGIN PRIVATE KEY-----\n\ - \MC4CAQAwBQYDK2VwBCIEIFANnxZLNE4p+GDzWzR3wm/v8x/0bxZYkCyke1aTRucX\n\ - \-----END PRIVATE KEY-----\n\ - \-----BEGIN PUBLIC KEY-----\n\ - \MCowBQYDK2VwAyEACPvhIdimF20tOPjbb+fXJrwS2RKDp7686T90AZ0+Th8=\n\ - \-----END PUBLIC KEY-----\n" - -callFFIWithValidValuesValidUntil2038 :: IO (Either DPoPTokenGenerationError ByteString) -callFFIWithValidValuesValidUntil2038 = - runExceptT $ generateDpopToken proof uid cid domain nonce uri method maxSkewSecs expires now pem - where proof = Proof "eyJhbGciOiJFZERTQSIsInR5cCI6ImRwb3Arand0IiwiandrIjp7Imt0eSI6Ik9LUCIsImNydiI6IkVkMjU1MTkiLCJ4IjoiZ0tYSHpIV3QtRUh1N2ZQbmlWMXFXWGV2Rmk1eFNKd3RNcHJlSjBjdTZ3SSJ9fQ.eyJpYXQiOjE2NzgxMDcwMDksImV4cCI6MjA4ODA3NTAwOSwibmJmIjoxNjc4MTA3MDA5LCJzdWIiOiJpbXBwOndpcmVhcHA9WXpWbE1qRTVNelpqTTJKak5EQXdOMkpsWTJJd1lXTm1OVGszTW1FMVlqTS9lYWZhMDI1NzMwM2Q0MDYwQHdpcmUuY29tIiwianRpIjoiMmQzNzAzYTItNTc4Yi00MmRjLWE2MGUtYmM0NzA3OWVkODk5Iiwibm9uY2UiOiJRV1J4T1VaUVpYVnNTMlJZYjBGS05sWkhXbGgwYUV4amJUUmpTM2M1U2xnIiwiaHRtIjoiUE9TVCIsImh0dSI6Imh0dHBzOi8vd2lyZS5leGFtcGxlLmNvbS9jbGllbnRzLzE2OTMxODQ4MzIyNTQ3NTMxODcyL2FjY2Vzcy10b2tlbiIsImNoYWwiOiJZVE5HTkRSNlRqZHFabGRRZUVGYWVrMTZWMmhqYXpCVmJ6UlFWVXRWUlZJIn0.0J2sx5y0ubZ4NwmQhbKXDj6i5UWTx3cvuTPKbeXXOJFDamr-iFtE6sOnAQT90kfTx1cEoIyDfoUkj3h5GEanAA" uid = UserId "c5e21936-c3bc-4007-becb-0acf5972a5b3" cid = ClientId 16931848322547531872 diff --git a/nix/pkgs/rusty_jwt_tools_ffi/add-Cargo.lock.patch b/nix/pkgs/rusty_jwt_tools_ffi/add-Cargo.lock.patch index 9de4d963b0..b02eaf68ad 100644 --- a/nix/pkgs/rusty_jwt_tools_ffi/add-Cargo.lock.patch +++ b/nix/pkgs/rusty_jwt_tools_ffi/add-Cargo.lock.patch @@ -1,6 +1,6 @@ -From 13a4229f8ae9f91f57a620a06aa1d6771aaad168 Mon Sep 17 00:00:00 2001 +From 1f48f0462f0d22f40d8ed1fa6c10511f8416220a Mon Sep 17 00:00:00 2001 From: Leif Battermann -Date: Wed, 1 Mar 2023 15:27:03 +0100 +Date: Thu, 9 Mar 2023 18:17:52 +0100 Subject: [PATCH] generate new cargo.lock --- @@ -10,7 +10,7 @@ Subject: [PATCH] generate new cargo.lock diff --git a/Cargo.lock b/Cargo.lock new file mode 100644 -index 0000000..1e1537b +index 0000000..55fa27d --- /dev/null +++ b/Cargo.lock @@ -0,0 +1,3006 @@ @@ -416,9 +416,9 @@ index 0000000..1e1537b + +[[package]] +name = "cxx" -+version = "1.0.91" ++version = "1.0.92" +source = "registry+https://github.com/rust-lang/crates.io-index" -+checksum = "86d3488e7665a7a483b57e25bdd90d0aeb2bc7608c8d0346acf2ad3f1caf1d62" ++checksum = "9a140f260e6f3f79013b8bfc65e7ce630c9ab4388c6a89c71e07226f49487b72" +dependencies = [ + "cc", + "cxxbridge-flags", @@ -428,9 +428,9 @@ index 0000000..1e1537b + +[[package]] +name = "cxx-build" -+version = "1.0.91" ++version = "1.0.92" +source = "registry+https://github.com/rust-lang/crates.io-index" -+checksum = "48fcaf066a053a41a81dfb14d57d99738b767febb8b735c3016e469fac5da690" ++checksum = "da6383f459341ea689374bf0a42979739dc421874f112ff26f829b8040b8e613" +dependencies = [ + "cc", + "codespan-reporting", @@ -443,15 +443,15 @@ index 0000000..1e1537b + +[[package]] +name = "cxxbridge-flags" -+version = "1.0.91" ++version = "1.0.92" +source = "registry+https://github.com/rust-lang/crates.io-index" -+checksum = "a2ef98b8b717a829ca5603af80e1f9e2e48013ab227b68ef37872ef84ee479bf" ++checksum = "90201c1a650e95ccff1c8c0bb5a343213bdd317c6e600a93075bca2eff54ec97" + +[[package]] +name = "cxxbridge-macro" -+version = "1.0.91" ++version = "1.0.92" +source = "registry+https://github.com/rust-lang/crates.io-index" -+checksum = "086c685979a698443656e5cf7856c95c642295a38599f12fb1ff76fb28d19892" ++checksum = "0b75aed41bb2e6367cae39e6326ef817a851db13c13e4f3263714ca3cfb8de56" +dependencies = [ + "proc-macro2", + "quote", @@ -1182,9 +1182,9 @@ index 0000000..1e1537b + +[[package]] +name = "itoa" -+version = "1.0.5" ++version = "1.0.6" +source = "registry+https://github.com/rust-lang/crates.io-index" -+checksum = "fad582f4b9e86b6caa621cabeb0963332d92eea04729ab12892c2533951e6440" ++checksum = "453ad9f582a441959e5f0d088b02ce04cfe8d51a8eaf077f12ac6d3e94164ca6" + +[[package]] +name = "josekit" @@ -1640,9 +1640,9 @@ index 0000000..1e1537b + +[[package]] +name = "prettyplease" -+version = "0.1.23" ++version = "0.1.24" +source = "registry+https://github.com/rust-lang/crates.io-index" -+checksum = "e97e3215779627f01ee256d2fad52f3d95e8e1c11e9fc6fd08f7cd455d5d5c78" ++checksum = "4ebcd279d20a4a0a2404a33056388e950504d891c855c7975b9a8fef75f3bf04" +dependencies = [ + "proc-macro2", + "syn", @@ -2017,9 +2017,9 @@ index 0000000..1e1537b + +[[package]] +name = "rustix" -+version = "0.36.8" ++version = "0.36.9" +source = "registry+https://github.com/rust-lang/crates.io-index" -+checksum = "f43abb88211988493c1abb44a70efa56ff0ce98f233b7b276146f1f3f7ba9644" ++checksum = "fd5c6ff11fecd55b40746d1995a02f2eb375bf8c00d192d521ee09f42bef37bc" +dependencies = [ + "bitflags", + "errno", @@ -2124,9 +2124,9 @@ index 0000000..1e1537b + +[[package]] +name = "ryu" -+version = "1.0.12" ++version = "1.0.13" +source = "registry+https://github.com/rust-lang/crates.io-index" -+checksum = "7b4b9743ed687d4b4bcedf9ff5eaa7398495ae14e61cba0a295704edbc7decde" ++checksum = "f91339c0467de62360649f8d3e185ca8de4224ff281f66000de5eb2a77a79041" + +[[package]] +name = "scoped-tls" @@ -2142,9 +2142,9 @@ index 0000000..1e1537b + +[[package]] +name = "scratch" -+version = "1.0.3" ++version = "1.0.5" +source = "registry+https://github.com/rust-lang/crates.io-index" -+checksum = "ddccb15bcce173023b3fedd9436f882a0739b8dfb45e4f6b6002bee5929f61b2" ++checksum = "1792db035ce95be60c3f8853017b3999209281c24e2ba5bc8e59bf97a0c590c1" + +[[package]] +name = "sct" @@ -2198,9 +2198,9 @@ index 0000000..1e1537b + +[[package]] +name = "serde_json" -+version = "1.0.93" ++version = "1.0.94" +source = "registry+https://github.com/rust-lang/crates.io-index" -+checksum = "cad406b69c91885b5107daf2c29572f6c8cdb3c66826821e286c533490c0bc76" ++checksum = "1c533a59c9d8a93a09c6ab31f0fd5e5f4dd1b8fc9434804029839884765d04ea" +dependencies = [ + "indexmap", + "itoa", @@ -2301,9 +2301,9 @@ index 0000000..1e1537b + +[[package]] +name = "socket2" -+version = "0.4.7" ++version = "0.4.9" +source = "registry+https://github.com/rust-lang/crates.io-index" -+checksum = "02e2d2db9033d13a1567121ddd7a095ee144db4e1ca1b1bda3419bc0da294ebd" ++checksum = "64a4a911eed85daf18834cfaa86a79b7d266ff93ff5ba14005426219480ed662" +dependencies = [ + "libc", + "winapi", @@ -2407,18 +2407,18 @@ index 0000000..1e1537b + +[[package]] +name = "thiserror" -+version = "1.0.38" ++version = "1.0.39" +source = "registry+https://github.com/rust-lang/crates.io-index" -+checksum = "6a9cd18aa97d5c45c6603caea1da6628790b37f7a34b6ca89522331c5180fed0" ++checksum = "a5ab016db510546d856297882807df8da66a16fb8c4101cb8b30054b0d5b2d9c" +dependencies = [ + "thiserror-impl", +] + +[[package]] +name = "thiserror-impl" -+version = "1.0.38" ++version = "1.0.39" +source = "registry+https://github.com/rust-lang/crates.io-index" -+checksum = "1fb327af4685e4d03fa8cbcf1716380da910eeb2bb8be417e7f9fd3fb164f36f" ++checksum = "5420d42e90af0c38c3290abcca25b9b3bdf379fc9f55c528f53a269d9c9a267e" +dependencies = [ + "proc-macro2", + "quote", @@ -2481,9 +2481,9 @@ index 0000000..1e1537b + +[[package]] +name = "tokio" -+version = "1.25.0" ++version = "1.26.0" +source = "registry+https://github.com/rust-lang/crates.io-index" -+checksum = "c8e00990ebabbe4c14c08aca901caed183ecd5c09562a12c824bb53d3c3fd3af" ++checksum = "03201d01c3c27a29c8a5cee5b55a93ddae1ccf6f08f65365c2c918f8c1b76f64" +dependencies = [ + "autocfg", + "bytes", @@ -2494,7 +2494,7 @@ index 0000000..1e1537b + "pin-project-lite", + "socket2", + "tokio-macros", -+ "windows-sys 0.42.0", ++ "windows-sys 0.45.0", +] + +[[package]] @@ -2601,9 +2601,9 @@ index 0000000..1e1537b + +[[package]] +name = "unicode-ident" -+version = "1.0.6" ++version = "1.0.8" +source = "registry+https://github.com/rust-lang/crates.io-index" -+checksum = "84a22b9f218b40614adcb3f4ff08b703773ad44fa9423e4e0d346d5db86e4ebc" ++checksum = "e5464a87b239f13a63a501f2701565754bae92d243d4bb7eb12f6d57d2269bf4" + +[[package]] +name = "unicode-normalization" diff --git a/nix/pkgs/rusty_jwt_tools_ffi/default.nix b/nix/pkgs/rusty_jwt_tools_ffi/default.nix index 04cd3597c7..a1b333d57d 100644 --- a/nix/pkgs/rusty_jwt_tools_ffi/default.nix +++ b/nix/pkgs/rusty_jwt_tools_ffi/default.nix @@ -14,11 +14,11 @@ rustPlatform.buildRustPackage rec { owner = "wireapp"; repo = "rusty-jwt-tools"; # if you update this, please generate a new Cargo.lock file es described below at `cargoPatches` - rev = "a68ed483f7e98613c0d5c3608c684f25225a58d3"; - sha256 = "sha256-+2fjwtG80l8Vt48QWKm4wevY7MQRAwuo4YFbjB+6w9I="; + rev = "c213978cf0552237dc71e255a83110b18ee95972"; + sha256 = "sha256-7jVKReJEXKui6BOJZ3Cm2ykcAVVaSXgKhsZuu3wJoH0="; }; doCheck = false; - cargoSha256 = "sha256-BHq28U3OzYCPNmfnxlmXsz9XYEy1kRiNrFM9OTnAkk0="; + cargoSha256 = "sha256-ylvsbpgwPfENz0TP0uM9kYLyx7NjQbUv9cpT5het+xE="; cargoDepsHook = '' mkdir -p rusty_jwt-tools_ffi-${version}-vendor.tar.gz/ring/.git '';