Skip to content

Commit

Permalink
Expand LoginMethod to nest user / service account
Browse files Browse the repository at this point in the history
  • Loading branch information
@Hinton
Hinton committed Sep 18, 2023
1 parent 45d77e0 commit 7684f02
Show file tree
Hide file tree
Showing 5 changed files with 62 additions and 43 deletions.
6 changes: 3 additions & 3 deletions crates/bitwarden/src/auth/login/access_token.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ use crate::{
api::{request::AccessTokenRequest, response::IdentityTokenResponse},
login::{response::two_factor::TwoFactorProviders, PasswordLoginResponse},
},
client::{AccessToken, LoginMethod},
client::{AccessToken, LoginMethod, ServiceAccountLoginMethod},
crypto::{EncString, SymmetricCryptoKey},
error::{Error, Result},
util::{decode_token, BASE64_ENGINE},
Expand Down Expand Up @@ -59,11 +59,11 @@ pub(crate) async fn access_token_login(
r.access_token.clone(),
r.refresh_token.clone(),
r.expires_in,
LoginMethod::AccessToken {
LoginMethod::ServiceAccount(ServiceAccountLoginMethod::AccessToken {
service_account_id: access_token.service_account_id,
client_secret: access_token.client_secret,
organization_id,
},
}),
);

client.initialize_crypto_single_key(encryption_key);
Expand Down
6 changes: 3 additions & 3 deletions crates/bitwarden/src/auth/login/api_key.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ use crate::{
PasswordLoginResponse,
},
},
client::LoginMethod,
client::{LoginMethod, UserLoginMethod},
crypto::EncString,
error::{Error, Result},
util::decode_token,
Expand All @@ -32,10 +32,10 @@ pub(crate) async fn api_key_login(
r.access_token.clone(),
r.refresh_token.clone(),
r.expires_in,
LoginMethod::ApiKey {
LoginMethod::User(UserLoginMethod::ApiKey {
client_id: input.client_id.to_owned(),
client_secret: input.client_secret.to_owned(),
},
}),
);

let access_token_obj = decode_token(&r.access_token)?;
Expand Down
6 changes: 4 additions & 2 deletions crates/bitwarden/src/auth/login/password.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,8 @@ pub(crate) async fn password_login(
client: &mut Client,
input: &PasswordLoginRequest,
) -> Result<PasswordLoginResponse> {
use crate::client::UserLoginMethod;

info!("password logging in");
debug!("{:#?}, {:#?}", client, input);

Expand All @@ -40,9 +42,9 @@ pub(crate) async fn password_login(
r.access_token.clone(),
r.refresh_token.clone(),
r.expires_in,
LoginMethod::Username {
LoginMethod::User(UserLoginMethod::Username {
client_id: "web".to_owned(),
},
}),
);

let user_key = EncString::from_str(r.key.as_deref().unwrap()).unwrap();
Expand Down
61 changes: 32 additions & 29 deletions crates/bitwarden/src/auth/renew.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ use std::time::{Duration, Instant};
use crate::auth::api::request::ApiTokenRequest;
use crate::{
auth::api::{request::AccessTokenRequest, response::IdentityTokenResponse},
client::{Client, LoginMethod},
client::{Client, LoginMethod, ServiceAccountLoginMethod, UserLoginMethod},
error::{Error, Result},
};

Expand All @@ -18,37 +18,40 @@ pub(crate) async fn renew_token(client: &mut Client) -> Result<()> {

let res = match login_method {
#[cfg(feature = "internal")]
LoginMethod::Username { client_id } => {
let refresh = client
.refresh_token
.as_deref()
.ok_or(Error::NotAuthenticated)?;
LoginMethod::User(u) => match u {
UserLoginMethod::Username { client_id } => {
let refresh = client
.refresh_token
.as_deref()
.ok_or(Error::NotAuthenticated)?;

crate::auth::api::request::RenewTokenRequest::new(
refresh.to_owned(),
client_id.to_owned(),
)
.send(&client.__api_configurations)
.await?
}
#[cfg(feature = "internal")]
LoginMethod::ApiKey {
client_id,
client_secret,
} => {
ApiTokenRequest::new(client_id, client_secret)
.send(&client.__api_configurations)
.await?
}
LoginMethod::AccessToken {
service_account_id,
client_secret,
..
} => {
AccessTokenRequest::new(*service_account_id, client_secret)
crate::auth::api::request::RenewTokenRequest::new(
refresh.to_owned(),
client_id.to_owned(),
)
.send(&client.__api_configurations)
.await?
}
}
UserLoginMethod::ApiKey {
client_id,
client_secret,
} => {
ApiTokenRequest::new(client_id, client_secret)
.send(&client.__api_configurations)
.await?
}
},
LoginMethod::ServiceAccount(s) => match s {
ServiceAccountLoginMethod::AccessToken {
service_account_id,
client_secret,
..
} => {
AccessTokenRequest::new(*service_account_id, client_secret)
.send(&client.__api_configurations)
.await?
}
},
};

match res {
Expand Down
26 changes: 20 additions & 6 deletions crates/bitwarden/src/client/client.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,12 +42,25 @@ pub(crate) struct ApiConfigurations {
#[derive(Debug, Clone)]
pub(crate) enum LoginMethod {
#[cfg(feature = "internal")]
Username { client_id: String },
#[cfg(feature = "internal")]
User(UserLoginMethod),
// TODO: Organizations supports api key
// Organization(OrganizationLoginMethod),
ServiceAccount(ServiceAccountLoginMethod),
}

#[derive(Debug, Clone)]
pub(crate) enum UserLoginMethod {
Username {
client_id: String,
},
ApiKey {
client_id: String,
client_secret: String,
},
}

#[derive(Debug, Clone)]
pub(crate) enum ServiceAccountLoginMethod {
AccessToken {
service_account_id: Uuid,
client_secret: String,
Expand Down Expand Up @@ -170,10 +183,11 @@ impl Client {
}

pub fn get_access_token_organization(&self) -> Option<Uuid> {
match &self.login_method {
Some(LoginMethod::AccessToken {
organization_id, ..
}) => Some(*organization_id),
match self.login_method {
Some(LoginMethod::ServiceAccount(ServiceAccountLoginMethod::AccessToken {
organization_id,
..
})) => return Some(organization_id),
_ => None,
}
}
Expand Down

0 comments on commit 7684f02

Please sign in to comment.