beenull/ffsend
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Remove obsolete authentication signature in some API actions

Browse source
This commit is contained in:
timvisee 2018-04-02 15:01:56 +02:00
parent 35ea5ecf16
commit b930a842ef
No known key found for this signature in database
GPG key ID: 109CBA0BF74036C2
3 changed files with 3 additions and 55 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
api/src/action/info.rs
View file

@ -7,16 +7,12 @@ use reqwest::{
Error as ReqwestError,
StatusCode,
};
use reqwest::header::Authorization;
use serde_json;
use api::data::{
Error as DataError,
OwnedData,
};
use crypto::b64;
use crypto::key_set::KeySet;
use crypto::sig::signature_encoded;
use ext::status_code::StatusCodeExt;
use file::remote_file::RemoteFile;
@ -45,25 +41,17 @@ impl<'a> Info<'a> {
/// Invoke the info action.
pub fn invoke(mut self, client: &Client) -> Result<InfoResponse, Error> {
// Create a key set for the file
let key = KeySet::from(self.file, None);
// Fetch the authentication nonce if not set yet
if self.nonce.is_empty() {
self.nonce = self.fetch_auth_nonce(client)?;
}
// Compute a signature
let sig = signature_encoded(key.auth_key().unwrap(), &self.nonce)
.map_err(|_| PrepareError::ComputeSignature)?;
// Create owned data, to send to the server for authentication
let data = OwnedData::from(InfoData::new(), &self.file)
.map_err(|err| -> PrepareError { err.into() })?;
// Send the info request
self.fetch_info(client, data, sig)
.map_err(|err| err.into())
self.fetch_info(client, data).map_err(|err| err.into())
}
/// Fetch the authentication nonce for the file from the remote server.
@ -108,15 +96,11 @@ impl<'a> Info<'a> {
&self,
client: &Client,
data: OwnedData<InfoData>,
sig: String,
) -> Result<InfoResponse, InfoError> {
// Get the info URL, and send the request
let url = self.file.api_info_url();
let mut response = client.post(url)
.json(&data)
.header(Authorization(
format!("send-v1 {}", sig)
))
.send()
.map_err(|_| InfoError::Request)?;
@ -237,10 +221,6 @@ pub enum PrepareError {
#[fail(display = "Failed to authenticate")]
Auth(#[cause] AuthError),
/// An error occurred while computing the cryptographic signature.
#[fail(display = "Failed to compute cryptographic signature")]
ComputeSignature,
/// An error occurred while building the info data that will be
/// send to the server.
#[fail(display = "Invalid parameters")]

20
api/src/action/params.rs
View file

@ -1,15 +1,12 @@
// TODO: define redirect policy
use reqwest::{Client, StatusCode};
use reqwest::header::Authorization;
use api::data::{
Error as DataError,
OwnedData,
};
use crypto::b64;
use crypto::key_set::KeySet;
use crypto::sig::signature_encoded;
use ext::status_code::StatusCodeExt;
use file::remote_file::RemoteFile;
@ -57,24 +54,17 @@ impl<'a> Params<'a> {
pub fn invoke(mut self, client: &Client) -> Result<(), Error> {
// TODO: validate that the parameters object isn't empty
// Create a key set for the file
let key = KeySet::from(self.file, None);
// Fetch the authentication nonce if not set yet
if self.nonce.is_empty() {
self.nonce = self.fetch_auth_nonce(client)?;
}
// Compute a signature
let sig = signature_encoded(key.auth_key().unwrap(), &self.nonce)
.map_err(|_| PrepareError::ComputeSignature)?;
// Wrap the parameters data
let data = OwnedData::from(self.params.clone(), &self.file)
.map_err(|err| -> PrepareError { err.into() })?;
// Send the request to change the parameters
self.change_params(client, data, sig)
self.change_params(client, data)
.map_err(|err| err.into())
}
@ -122,15 +112,11 @@ impl<'a> Params<'a> {
&self,
client: &Client,
data: OwnedData<ParamsData>,
sig: String,
) -> Result<(), ChangeError> {
// Get the params URL, and send the change
let url = self.file.api_params_url();
let response = client.post(url)
.json(&data)
.header(Authorization(
format!("send-v1 {}", sig)
))
.send()
.map_err(|_| ChangeError::Request)?;
@ -265,10 +251,6 @@ pub enum PrepareError {
#[fail(display = "Failed to authenticate")]
Auth(#[cause] AuthError),
/// An error occurred while computing the cryptographic signature.
#[fail(display = "Failed to compute cryptographic signature")]
ComputeSignature,
/// An error occurred while building the parameter data that will be send
/// to the server.
#[fail(display = "Invalid parameters")]

16
api/src/action/password.rs
View file

@ -1,7 +1,6 @@
// TODO: define redirect policy
use reqwest::{Client, StatusCode};
use reqwest::header::Authorization;
use api::data::{
Error as DataError,
@ -9,7 +8,6 @@ use api::data::{
};
use crypto::b64;
use crypto::key_set::KeySet;
use crypto::sig::signature_encoded;
use ext::status_code::StatusCodeExt;
use file::remote_file::RemoteFile;
@ -53,10 +51,6 @@ impl<'a> Password<'a> {
self.nonce = self.fetch_auth_nonce(client)?;
}
// Compute a signature
let sig = signature_encoded(key.auth_key().unwrap(), &self.nonce)
.map_err(|_| PrepareError::ComputeSignature)?;
// Derive a new authentication key
key.derive_auth_password(self.password, &self.file.download_url(true));
@ -65,7 +59,7 @@ impl<'a> Password<'a> {
.map_err(|err| -> PrepareError { err.into() })?;
// Send the request to change the password
self.change_password(client, data, sig)
self.change_password(client, data)
.map_err(|err| err.into())
}
@ -113,15 +107,11 @@ impl<'a> Password<'a> {
&self,
client: &Client,
data: OwnedData<PasswordData>,
sig: String,
) -> Result<(), ChangeError> {
// Get the password URL, and send the change
let url = self.file.api_password_url();
let response = client.post(url)
.json(&data)
.header(Authorization(
format!("send-v1 {}", sig)
))
.send()
.map_err(|_| ChangeError::Request)?;
@ -193,10 +183,6 @@ pub enum PrepareError {
#[fail(display = "Failed to authenticate")]
Auth(#[cause] AuthError),
/// An error occurred while computing the cryptographic signature.
#[fail(display = "Failed to compute cryptographic signature")]
ComputeSignature,
/// Some error occurred while building the data that will be sent.
/// The owner token might possibly be missing, the wrapped error will
/// describe this further.