fix: Make offline mode handle non-Unleash tokens as valid secrets (#67)

Unleash · Feb 15, 2023 · 8ef7a33 · 8ef7a33
1 parent ab8e5ea
commit 8ef7a33
Show file tree

Hide file tree

Showing 2 changed files with 31 additions and 7 deletions.
diff --git a/server/src/main.rs b/server/src/main.rs
@@ -29,6 +29,7 @@ use utoipa::OpenApi;
 async fn main() -> Result<(), anyhow::Error> {
     dotenv::dotenv().ok();
     let args = CliArgs::parse();
+    let mode_arg = args.clone().mode;
     let http_args = args.clone().http;
     let (metrics_handler, request_metrics) = prom_metrics::instantiate(None);
     let repo_info = build_source_and_sink(args).await.unwrap();
@@ -51,6 +52,7 @@ async fn main() -> Result<(), anyhow::Error> {
             .allow_any_method();
         let mut app = App::new()
             .app_data(edge_source)
+            .app_data(web::Data::new(mode_arg.clone()))
             .app_data(web::Data::from(metrics_cache.clone()));
         if validator.is_some() {
             app = app.app_data(web::Data::from(validator.clone().unwrap()))

diff --git a/server/src/types.rs b/server/src/types.rs
@@ -5,7 +5,9 @@ use std::{
     str::FromStr,
 };
 
+use crate::cli::EdgeMode;
 use crate::error::EdgeError;
+use actix_web::web::Data;
 use actix_web::{
     dev::Payload,
     http::header::{EntityTag, HeaderValue},
@@ -125,11 +127,29 @@ impl FromRequest for EdgeToken {
 
     fn from_request(req: &HttpRequest, _payload: &mut Payload) -> Self::Future {
         let value = req.headers().get("Authorization");
-        let key = match value {
-            Some(v) => EdgeToken::try_from(v.clone()),
-            None => Err(EdgeError::AuthorizationDenied),
-        };
-        ready(key)
+        if let Some(data_mode) = req.app_data::<Data<EdgeMode>>() {
+            let mode = data_mode.clone().into_inner();
+            let key = match *mode {
+                EdgeMode::Offline(_) => match value {
+                    Some(v) => match v.to_str() {
+                        Ok(value) => Ok(EdgeToken::offline_token(value)),
+                        Err(_) => Err(EdgeError::AuthorizationDenied),
+                    },
+                    None => Err(EdgeError::AuthorizationDenied),
+                },
+                EdgeMode::Edge(_) => match value {
+                    Some(v) => EdgeToken::try_from(v.clone()),
+                    None => Err(EdgeError::AuthorizationDenied),
+                },
+            };
+            ready(key)
+        } else {
+            let key = match value {
+                Some(v) => EdgeToken::try_from(v.clone()),
+                None => Err(EdgeError::AuthorizationDenied),
+            };
+            ready(key)
+        }
     }
 }
 
@@ -194,9 +214,11 @@ impl FromStr for EdgeToken {
 
 impl EdgeToken {
     pub fn offline_token(s: &str) -> Self {
-        EdgeToken::try_from(s.to_string())
+        let mut token = EdgeToken::try_from(s.to_string())
             .ok()
-            .unwrap_or_else(|| EdgeToken::no_project_or_environment(s))
+            .unwrap_or_else(|| EdgeToken::no_project_or_environment(s));
+        token.status = TokenValidationStatus::Validated;
+        token
     }
 }