remove unused NoneOrApiKey, update processing of NoneOrRBAC auth (#2294)

Co-authored-by: Oleksandr Prokhorenko <[email protected]>

Author: Mr-Leshiy

catalyst-gateway/bin/src/service/common/auth/mod.rs

@@ -2,6 +2,5 @@
 
 pub(crate) mod api_key;
 pub(crate) mod none;
-pub(crate) mod none_or_api_key;
 pub(crate) mod none_or_rbac;
 pub(crate) mod rbac;

catalyst-gateway/bin/src/service/common/auth/none.rs

@@ -3,7 +3,7 @@
 //! Means the API Endpoint does not need to use any Auth.
 
 /// Endpoint can be used without any authorization.
-pub(crate) struct NoAuthorization();
+pub(crate) struct NoAuthorization;
 
 impl<'a> poem_openapi::ApiExtractor<'a> for NoAuthorization {
     type ParamRawType = ();
@@ -36,6 +36,6 @@ impl<'a> poem_openapi::ApiExtractor<'a> for NoAuthorization {
         _req: &'a poem::Request, _body: &mut poem::RequestBody,
         _param_opts: poem_openapi::ExtractParamOptions<Self::ParamType>,
     ) -> poem::Result<Self> {
-        Ok(Self())
+        Ok(Self)
     }
 }

catalyst-gateway/bin/src/service/common/auth/none_or_api_key.rs

@@ -1,11 +1,14 @@
 //! Either has No Authorization, or RBAC Token.
 
 use catalyst_types::id_uri::IdUri;
-use poem_openapi::SecurityScheme;
+use poem::{
+    web::headers::{authorization::Bearer, Authorization, HeaderMapExt},
+    Request, RequestBody,
+};
+use poem_openapi::{registry::Registry, ApiExtractor, ApiExtractorType, ExtractParamOptions};
 
 use super::{none::NoAuthorization, rbac::scheme::CatalystRBACSecurityScheme};
 
-#[derive(SecurityScheme)]
 #[allow(dead_code, clippy::upper_case_acronyms, clippy::large_enum_variant)]
 /// Endpoint allows Authorization with or without RBAC Token.
 pub(crate) enum NoneOrRBAC {
@@ -15,6 +18,36 @@ pub(crate) enum NoneOrRBAC {
     None(NoAuthorization),
 }
 
+impl<'a> ApiExtractor<'a> for NoneOrRBAC {
+    type ParamRawType = ();
+    type ParamType = ();
+
+    const TYPES: &'static [ApiExtractorType] = &[ApiExtractorType::SecurityScheme];
+
+    fn register(registry: &mut Registry) {
+        CatalystRBACSecurityScheme::register(registry);
+        NoAuthorization::register(registry);
+    }
+
+    fn security_schemes() -> Vec<&'static str> {
+        let mut schemas = Vec::new();
+        schemas.extend(CatalystRBACSecurityScheme::security_schemes());
+        schemas.extend(NoAuthorization::security_schemes());
+        schemas
+    }
+
+    async fn from_request(
+        req: &'a Request, body: &mut RequestBody, param_opts: ExtractParamOptions<Self::ParamType>,
+    ) -> poem::Result<Self> {
+        if req.headers().typed_get::<Authorization<Bearer>>().is_some() {
+            let auth = CatalystRBACSecurityScheme::from_request(req, body, param_opts).await?;
+            Ok(NoneOrRBAC::RBAC(auth))
+        } else {
+            Ok(NoneOrRBAC::None(NoAuthorization))
+        }
+    }
+}
+
 impl From<NoneOrRBAC> for Option<IdUri> {
     fn from(value: NoneOrRBAC) -> Self {
         match value {