openstack-experimental
diff --git a/‎src/token/backend/fernet.rs‎
Lines changed: 7 additions & 0 deletions b/‎src/token/backend/fernet.rs‎
Lines changed: 7 additions & 0 deletions
diff --git a/‎src/token/backend/fernet/domain_scoped.rs‎
Lines changed: 97 additions & 0 deletions b/‎src/token/backend/fernet/domain_scoped.rs‎
Lines changed: 97 additions & 0 deletions
diff --git a/‎src/token/backend/fernet/federation_domain_scoped.rs‎
Lines changed: 110 additions & 0 deletions b/‎src/token/backend/fernet/federation_domain_scoped.rs‎
Lines changed: 110 additions & 0 deletions
diff --git a/‎src/token/backend/fernet/federation_project_scoped.rs‎
Lines changed: 110 additions & 0 deletions b/‎src/token/backend/fernet/federation_project_scoped.rs‎
Lines changed: 110 additions & 0 deletions
@@ -45,8 +45,15 @@ use crate::token::{
 use utils::FernetUtils;
 
 mod application_credential;
+mod domain_scoped;
+mod federation_domain_scoped;
+mod federation_project_scoped;
+mod federation_unscoped;
+mod project_scoped;
 mod restricted;
+mod system_scoped;
 mod trust;
+mod unscoped;
 pub mod utils;
 
 #[derive(Clone)]
 
@@ -0,0 +1,97 @@
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// SPDX-License-Identifier: Apache-2.0
+
+use rmp::{decode::read_pfix, encode::write_pfix};
+use std::io::Write;
+
+use crate::token::{
+    backend::fernet::{FernetTokenProvider, MsgPackToken, utils},
+    error::TokenProviderError,
+    types::DomainScopePayload,
+};
+
+impl MsgPackToken for DomainScopePayload {
+    type Token = Self;
+
+    fn assemble<W: Write>(
+        &self,
+        wd: &mut W,
+        fernet_provider: &FernetTokenProvider,
+    ) -> Result<(), TokenProviderError> {
+        utils::write_uuid(wd, &self.user_id)?;
+        write_pfix(
+            wd,
+            fernet_provider.encode_auth_methods(self.methods.clone())?,
+        )
+        .map_err(|x| TokenProviderError::RmpEncode(x.to_string()))?;
+        utils::write_uuid(wd, &self.domain_id)?;
+        utils::write_time(wd, self.expires_at)?;
+        utils::write_audit_ids(wd, self.audit_ids.clone())?;
+
+        Ok(())
+    }
+
+    fn disassemble(
+        rd: &mut &[u8],
+        fernet_provider: &FernetTokenProvider,
+    ) -> Result<Self::Token, TokenProviderError> {
+        // Order of reading is important
+        let user_id = utils::read_uuid(rd)?;
+        let methods: Vec<String> = fernet_provider
+            .decode_auth_methods(read_pfix(rd)?)?
+            .into_iter()
+            .collect();
+        let domain_id = utils::read_uuid(rd)?;
+        let expires_at = utils::read_time(rd)?;
+        let audit_ids: Vec<String> = utils::read_audit_ids(rd)?.into_iter().collect();
+        Ok(Self {
+            user_id,
+            methods,
+            expires_at,
+            audit_ids,
+            domain_id,
+            ..Default::default()
+        })
+    }
+}
+
+#[cfg(test)]
+mod tests {
+    use chrono::{Local, SubsecRound};
+    use uuid::Uuid;
+
+    use super::*;
+    use crate::token::tests::setup_config;
+
+    #[test]
+    fn test_roundtrip() {
+        let token = DomainScopePayload {
+            user_id: Uuid::new_v4().simple().to_string(),
+            methods: vec!["password".into()],
+            domain_id: Uuid::new_v4().simple().to_string(),
+            audit_ids: vec!["Zm9vCg".into()],
+            expires_at: Local::now().trunc_subsecs(0).into(),
+            ..Default::default()
+        };
+
+        let provider = FernetTokenProvider::new(setup_config());
+
+        let mut buf = vec![];
+        token.assemble(&mut buf, &provider).unwrap();
+        let encoded_buf = buf.clone();
+        let decoded =
+            DomainScopePayload::disassemble(&mut encoded_buf.as_slice(), &provider).unwrap();
+        assert_eq!(token, decoded);
+    }
+}
@@ -0,0 +1,110 @@
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// SPDX-License-Identifier: Apache-2.0
+
+use rmp::{decode::read_pfix, encode::write_pfix};
+use std::io::Write;
+
+use crate::token::{
+    backend::fernet::{FernetTokenProvider, MsgPackToken, utils},
+    error::TokenProviderError,
+    types::FederationDomainScopePayload,
+};
+
+impl MsgPackToken for FederationDomainScopePayload {
+    type Token = Self;
+
+    fn assemble<W: Write>(
+        &self,
+        wd: &mut W,
+        fernet_provider: &FernetTokenProvider,
+    ) -> Result<(), TokenProviderError> {
+        utils::write_uuid(wd, &self.user_id)?;
+        write_pfix(
+            wd,
+            fernet_provider.encode_auth_methods(self.methods.clone())?,
+        )
+        .map_err(|x| TokenProviderError::RmpEncode(x.to_string()))?;
+        utils::write_uuid(wd, &self.domain_id)?;
+        utils::write_list_of_uuids(wd, self.group_ids.iter())?;
+        utils::write_uuid(wd, &self.idp_id)?;
+        utils::write_str(wd, &self.protocol_id)?;
+        utils::write_time(wd, self.expires_at)?;
+        utils::write_audit_ids(wd, self.audit_ids.clone())?;
+
+        Ok(())
+    }
+
+    fn disassemble(
+        rd: &mut &[u8],
+        fernet_provider: &FernetTokenProvider,
+    ) -> Result<Self::Token, TokenProviderError> {
+        // Order of reading is important
+        let user_id = utils::read_uuid(rd)?;
+        let methods: Vec<String> = fernet_provider
+            .decode_auth_methods(read_pfix(rd)?)?
+            .into_iter()
+            .collect();
+        let domain_id = utils::read_uuid(rd)?;
+        let group_ids = utils::read_list_of_uuids(rd)?;
+        let idp_id = utils::read_uuid(rd)?;
+        let protocol_id = utils::read_str(rd)?;
+        let expires_at = utils::read_time(rd)?;
+        let audit_ids: Vec<String> = utils::read_audit_ids(rd)?.into_iter().collect();
+        Ok(Self {
+            user_id,
+            methods,
+            expires_at,
+            audit_ids,
+            domain_id,
+            group_ids: group_ids.into_iter().collect(),
+            idp_id,
+            protocol_id,
+            ..Default::default()
+        })
+    }
+}
+
+#[cfg(test)]
+mod tests {
+    use chrono::{Local, SubsecRound};
+    use uuid::Uuid;
+
+    use super::*;
+    use crate::token::tests::setup_config;
+
+    #[test]
+    fn test_roundtrip() {
+        let token = FederationDomainScopePayload {
+            user_id: Uuid::new_v4().simple().to_string(),
+            methods: vec!["openid".into()],
+            audit_ids: vec!["Zm9vCg".into()],
+            expires_at: Local::now().trunc_subsecs(0).into(),
+            domain_id: "pid".into(),
+            group_ids: vec!["g1".into()],
+            idp_id: "idp_id".into(),
+            protocol_id: "proto".into(),
+            ..Default::default()
+        };
+
+        let provider = FernetTokenProvider::new(setup_config());
+
+        let mut buf = vec![];
+        token.assemble(&mut buf, &provider).unwrap();
+        let encoded_buf = buf.clone();
+        let decoded =
+            FederationDomainScopePayload::disassemble(&mut encoded_buf.as_slice(), &provider)
+                .unwrap();
+        assert_eq!(token, decoded);
+    }
+}
@@ -0,0 +1,110 @@
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// SPDX-License-Identifier: Apache-2.0
+
+use rmp::{decode::read_pfix, encode::write_pfix};
+use std::io::Write;
+
+use crate::token::{
+    backend::fernet::{FernetTokenProvider, MsgPackToken, utils},
+    error::TokenProviderError,
+    types::FederationProjectScopePayload,
+};
+
+impl MsgPackToken for FederationProjectScopePayload {
+    type Token = Self;
+
+    fn assemble<W: Write>(
+        &self,
+        wd: &mut W,
+        fernet_provider: &FernetTokenProvider,
+    ) -> Result<(), TokenProviderError> {
+        utils::write_uuid(wd, &self.user_id)?;
+        write_pfix(
+            wd,
+            fernet_provider.encode_auth_methods(self.methods.clone())?,
+        )
+        .map_err(|x| TokenProviderError::RmpEncode(x.to_string()))?;
+        utils::write_uuid(wd, &self.project_id)?;
+        utils::write_list_of_uuids(wd, self.group_ids.iter())?;
+        utils::write_uuid(wd, &self.idp_id)?;
+        utils::write_str(wd, &self.protocol_id)?;
+        utils::write_time(wd, self.expires_at)?;
+        utils::write_audit_ids(wd, self.audit_ids.clone())?;
+
+        Ok(())
+    }
+
+    fn disassemble(
+        rd: &mut &[u8],
+        fernet_provider: &FernetTokenProvider,
+    ) -> Result<Self::Token, TokenProviderError> {
+        // Order of reading is important
+        let user_id = utils::read_uuid(rd)?;
+        let methods: Vec<String> = fernet_provider
+            .decode_auth_methods(read_pfix(rd)?)?
+            .into_iter()
+            .collect();
+        let project_id = utils::read_uuid(rd)?;
+        let group_ids = utils::read_list_of_uuids(rd)?;
+        let idp_id = utils::read_uuid(rd)?;
+        let protocol_id = utils::read_str(rd)?;
+        let expires_at = utils::read_time(rd)?;
+        let audit_ids: Vec<String> = utils::read_audit_ids(rd)?.into_iter().collect();
+        Ok(Self {
+            user_id,
+            methods,
+            expires_at,
+            audit_ids,
+            project_id,
+            group_ids: group_ids.into_iter().collect(),
+            idp_id,
+            protocol_id,
+            ..Default::default()
+        })
+    }
+}
+
+#[cfg(test)]
+mod tests {
+    use chrono::{Local, SubsecRound};
+    use uuid::Uuid;
+
+    use super::*;
+    use crate::token::tests::setup_config;
+
+    #[test]
+    fn test_roundtrip() {
+        let token = FederationProjectScopePayload {
+            user_id: Uuid::new_v4().simple().to_string(),
+            methods: vec!["openid".into()],
+            audit_ids: vec!["Zm9vCg".into()],
+            expires_at: Local::now().trunc_subsecs(0).into(),
+            project_id: "pid".into(),
+            group_ids: vec!["g1".into()],
+            idp_id: "idp_id".into(),
+            protocol_id: "proto".into(),
+            ..Default::default()
+        };
+
+        let provider = FernetTokenProvider::new(setup_config());
+
+        let mut buf = vec![];
+        token.assemble(&mut buf, &provider).unwrap();
+        let encoded_buf = buf.clone();
+        let decoded =
+            FederationProjectScopePayload::disassemble(&mut encoded_buf.as_slice(), &provider)
+                .unwrap();
+        assert_eq!(token, decoded);
+    }
+}