Add Authorization header

yoshuawuyts · yoshuawuyts · commit 08f7472fc406 · 2020-10-01T16:06:42.000+02:00
diff --git a/src/auth/authentication_scheme.rs b/src/auth/authentication_scheme.rs
@@ -1,10 +1,10 @@
 use std::fmt::{self, Display};
 use std::str::FromStr;
 
-use crate::bail;
+use crate::format_err;
 
 /// HTTP Mutual Authentication Algorithms
-#[derive(Debug, PartialEq, Eq)]
+#[derive(Debug, PartialEq, Eq, Clone, Copy)]
 #[non_exhaustive]
 pub enum AuthenticationScheme {
     /// [RFC7617](https://tools.ietf.org/html/rfc7617) Basic auth
@@ -13,13 +13,13 @@ pub enum AuthenticationScheme {
     Bearer,
     /// [RFC7616](https://tools.ietf.org/html/rfc7616) Digest auth
     Digest,
-    /// [RFC7486](https://tools.ietf.org/html/rfc7486) HTTP Origin-Bound Authentication
+    /// [RFC7486](https://tools.ietf.org/html/rfc7486) HTTP Origin-Bound Authentication (HOBA)
     Hoba,
     /// [RFC8120](https://tools.ietf.org/html/rfc8120) Mutual auth
     Mutual,
     /// [RFC4559](https://tools.ietf.org/html/rfc4559) Negotiate auth
     Negotiate,
-    /// [RFC5849](https://tools.ietf.org/html/rfc5849) Oauth
+    /// [RFC5849](https://tools.ietf.org/html/rfc5849) OAuth
     OAuth,
     /// [RFC7804](https://tools.ietf.org/html/rfc7804) SCRAM SHA1 auth
     ScramSha1,
@@ -64,7 +64,11 @@ impl FromStr for AuthenticationScheme {
             "scram-sha-1" => Ok(Self::ScramSha1),
             "scram-sha-256" => Ok(Self::ScramSha256),
             "vapid" => Ok(Self::Vapid),
-            s => bail!("`{}` is not a recognized authentication scheme", s),
+            s => {
+                let mut err = format_err!("`{}` is not a recognized authentication scheme", s);
+                err.set_status(400);
+                Err(err)
+            }
         }
     }
 }
diff --git a/src/auth/authorization.rs b/src/auth/authorization.rs
@@ -1,3 +1,132 @@
+use crate::auth::AuthenticationScheme;
+use crate::bail;
+use crate::headers::{HeaderName, HeaderValue, Headers, AUTHORIZATION};
+
 /// Credentials to authenticate a user agent with a server.
+///
+/// # Specifications
+///
+/// - [RFC 7235, section 4.2: Authorization](https://tools.ietf.org/html/rfc7232#section-3.4)
+///
+/// # Examples
+///
+/// ```
+/// # fn main() -> http_types::Result<()> {
+/// #
+/// use http_types::Response;
+/// use http_types::auth::{AuthenticationScheme, Authorization};
+///
+/// let scheme = AuthenticationScheme::Basic;
+/// let credentials = "0xdeadbeef202020";
+/// let authz = Authorization::new(scheme, credentials.into());
+///
+/// let mut res = Response::new(200);
+/// authz.apply(&mut res);
+///
+/// let authz = Authorization::from_headers(res)?.unwrap();
+///
+/// assert_eq!(authz.scheme(), AuthenticationScheme::Basic);
+/// assert_eq!(authz.credentials(), credentials);
+/// #
+/// # Ok(()) }
+/// ```
 #[derive(Debug)]
-pub struct Authorization;
+pub struct Authorization {
+    scheme: AuthenticationScheme,
+    credentials: String,
+}
+
+impl Authorization {
+    /// Create a new instance of `Authorization`.
+    pub fn new(scheme: AuthenticationScheme, credentials: String) -> Self {
+        Self {
+            scheme,
+            credentials,
+        }
+    }
+
+    /// Create a new instance from headers.
+    pub fn from_headers(headers: impl AsRef<Headers>) -> crate::Result<Option<Self>> {
+        let headers = match headers.as_ref().get(AUTHORIZATION) {
+            Some(headers) => headers,
+            None => return Ok(None),
+        };
+
+        // If we successfully parsed the header then there's always at least one
+        // entry. We want the last entry.
+        let value = headers.iter().last().unwrap();
+
+        let mut iter = value.as_str().splitn(2, ' ');
+        let scheme = iter.next();
+        let credential = iter.next();
+        let (scheme, credentials) = match (scheme, credential) {
+            (None, _) => bail!("Could not find scheme"),
+            (Some(_), None) => bail!("Could not find credentials"),
+            (Some(scheme), Some(credentials)) => (scheme.parse()?, credentials.to_owned()),
+        };
+
+        Ok(Some(Self {
+            scheme,
+            credentials,
+        }))
+    }
+
+    /// Sets the `If-Match` header.
+    pub fn apply(&self, mut headers: impl AsMut<Headers>) {
+        headers.as_mut().insert(self.name(), self.value());
+    }
+
+    /// Get the `HeaderName`.
+    pub fn name(&self) -> HeaderName {
+        AUTHORIZATION
+    }
+
+    /// Get the `HeaderValue`.
+    pub fn value(&self) -> HeaderValue {
+        let output = format!("{} {}", self.scheme, self.credentials);
+
+        // SAFETY: the internal string is validated to be ASCII.
+        unsafe { HeaderValue::from_bytes_unchecked(output.into()) }
+    }
+
+    /// Get the authorization scheme.
+    pub fn scheme(&self) -> AuthenticationScheme {
+        self.scheme
+    }
+
+    /// Get the authorization credentials.
+    pub fn credentials(&self) -> &str {
+        self.credentials.as_str()
+    }
+}
+
+#[cfg(test)]
+mod test {
+    use super::*;
+    use crate::headers::Headers;
+
+    #[test]
+    fn smoke() -> crate::Result<()> {
+        let scheme = AuthenticationScheme::Basic;
+        let credentials = "0xdeadbeef202020";
+        let authz = Authorization::new(scheme, credentials.into());
+
+        let mut headers = Headers::new();
+        authz.apply(&mut headers);
+
+        let authz = Authorization::from_headers(headers)?.unwrap();
+
+        assert_eq!(authz.scheme(), AuthenticationScheme::Basic);
+        assert_eq!(authz.credentials(), credentials);
+        Ok(())
+    }
+
+    #[test]
+    fn bad_request_on_parse_error() -> crate::Result<()> {
+        let mut headers = Headers::new();
+        headers.insert(AUTHORIZATION, "<nori ate the tag. yum.>");
+        let err = Authorization::from_headers(headers).unwrap_err();
+        assert_eq!(err.status(), 400);
+        Ok(())
+    }
+}
