diff --git a/server/src/auth/server/providers/mod.rs b/server/src/auth/server/providers/mod.rs deleted file mode 100644 index b9bfe88..0000000 --- a/server/src/auth/server/providers/mod.rs +++ /dev/null @@ -1,66 +0,0 @@ -pub mod slack; -use self::grpc_defs::JwtInfo; - -pub use super::{db, grpc_defs, settings::BurrowAuthServerConfig}; -use anyhow::{anyhow, Result}; -use jwt_simple::{ - claims::{Claims, NoCustomClaims}, - prelude::{Duration, Ed25519KeyPair, EdDSAKeyPairLike, EdDSAPublicKeyLike}, -}; -use serde::{Deserialize, Serialize}; - -pub type KeypairT = Ed25519KeyPair; - -#[derive(Serialize, Deserialize, Default, Debug, PartialEq, Eq, Clone)] -pub struct OpenIdUser { - pub sub: String, - pub name: String, -} - -#[derive(Serialize, Deserialize, Debug)] -struct OpenIDCustomField { - pub name: String, -} - -impl OpenIdUser { - pub fn try_from_jwt(jwt_info: &JwtInfo, keypair: &KeypairT) -> Result { - let claims = keypair - .public_key() - .verify_token::(&jwt_info.jwt, None)?; - Ok(Self { - sub: claims.subject.ok_or(anyhow!("No Subject!"))?, - name: claims.custom.name, - }) - } -} - -impl JwtInfo { - fn try_from_oid(oid_user: OpenIdUser, keypair: &KeypairT) -> Result { - let claims = Claims::with_custom_claims( - OpenIDCustomField { name: oid_user.name }, - Duration::from_days(10), - ) - .with_subject(oid_user.sub); - let jwt = keypair.sign(claims)?; - Ok(Self { jwt }) - } -} - -#[cfg(test)] -mod tests { - use super::*; - - #[test] - fn test_jwt() -> Result<()> { - let key_pair = Ed25519KeyPair::generate(); - let sample_usr = OpenIdUser { - sub: "Spanish".into(), - name: "Inquisition".into(), - }; - let encoded = JwtInfo::try_from_oid(sample_usr.clone(), &key_pair)?; - println!("{}", encoded.jwt); - let decoded = OpenIdUser::try_from_jwt(&encoded, &key_pair)?; - assert_eq!(decoded, sample_usr); - Ok(()) - } -} diff --git a/server/src/build.rs b/server/src/build.rs deleted file mode 100644 index 8b13789..0000000 --- a/server/src/build.rs +++ /dev/null @@ -1 +0,0 @@ - diff --git a/server/src/main.rs b/server/src/main.rs index 60f3081..49d2b8d 100644 --- a/server/src/main.rs +++ b/server/src/main.rs @@ -1,6 +1,50 @@ pub mod client; pub mod server; +use anyhow::Result; +use clap::{Args, Parser, Subcommand}; +use server::providers::gen_keypem; -fn main() { - println!("Hello, world!"); +#[derive(Parser)] +#[command(name = "Burrow Server")] +#[command(author = "Hack Club ")] +#[command(version = "0.1")] +#[command( + about = "Server for hosting auth logic of Burrow", + long_about = "Burrow is a 🚀 blazingly fast 🚀 tool designed to penetrate unnecessarily restrictive firewalls, providing teenagers worldwide with secure, less-filtered, and safe access to the internet! +It's being built by teenagers from Hack Club, in public! Check it out: https://github.com/hackclub/burrow +Spotted a bug? Please open an issue! https://github.com/hackclub/burrow/issues/new" +)] +struct Cli { + #[command(subcommand)] + command: Commands, +} + +#[derive(Subcommand)] +enum Commands { + StartServer, + #[command(name = "genkeys")] + GenKeys(GenKeyArgs), +} + +#[derive(Args)] +pub struct GenKeyArgs { + #[arg(short, long, default_value = "false")] + pub raw: bool, +} + +#[tokio::main] +async fn main() -> Result<()> { + let cli = Cli::parse(); + match &cli.command { + Commands::GenKeys(args) => { + let pem = gen_keypem(); + if args.raw { + println!(r"{pem:?}"); + } else { + println!("Generated PEM:\n{pem}") + } + } + Commands::StartServer => todo!(), + }; + Ok(()) } diff --git a/server/src/server/grpc_server.rs b/server/src/server/grpc_server.rs index 3061e7a..d710529 100644 --- a/server/src/server/grpc_server.rs +++ b/server/src/server/grpc_server.rs @@ -1,5 +1,6 @@ use std::sync::Arc; +use jwt_simple::prelude::Ed25519KeyPair; use tonic::{Request, Response, Status}; use super::providers::{KeypairT, OpenIdUser}; @@ -18,6 +19,17 @@ struct BurrowGrpcServer { jwt_keypair: Arc, } +impl BurrowGrpcServer { + pub fn new() -> anyhow::Result { + let config = BurrowAuthServerConfig::new_dotenv()?; + let jwt_keypair = Ed25519KeyPair::from_pem(&config.jwt_pem)?; + Ok(Self { + config: Arc::new(config), + jwt_keypair: Arc::new(jwt_keypair), + }) + } +} + #[tonic::async_trait] impl BurrowWeb for BurrowGrpcServer { async fn slack_auth( diff --git a/server/src/server/providers/mod.rs b/server/src/server/providers/mod.rs index b9bfe88..2bf7098 100644 --- a/server/src/server/providers/mod.rs +++ b/server/src/server/providers/mod.rs @@ -46,6 +46,16 @@ impl JwtInfo { } } +pub fn gen_keypem() -> String { + let keypair = KeypairT::generate(); + keypair.to_pem() +} + +pub fn parse_keypem(pem: &String) -> Result { + let keypair = KeypairT::from_pem(&pem)?; + Ok(keypair) +} + #[cfg(test)] mod tests { use super::*; diff --git a/server/src/server/settings.rs b/server/src/server/settings.rs index 3baa59b..9275518 100644 --- a/server/src/server/settings.rs +++ b/server/src/server/settings.rs @@ -3,8 +3,7 @@ use serde::Deserialize; #[derive(Debug, Deserialize)] pub struct BurrowAuthServerConfig { - jwt_secret_key: String, - jwt_public_key: String, + pub jwt_pem: String, } impl BurrowAuthServerConfig {