xeen
/
auth-server
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Clean up error reporting a little

This commit is contained in:
Alex Wright 2019-08-03 20:29:10 +02:00
parent 9f8c47712a
commit c3cb0b9cd5
1 changed files with 27 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
src/main.rs
View File

@ -1,5 +1,4 @@
// #![deny(warnings)] #![deny(warnings)]
// extern crate futures;
extern crate base64; extern crate base64;
extern crate hyper; extern crate hyper;
extern crate ldap3; extern crate ldap3;
@ -29,6 +28,9 @@ struct BasicAuthentication {
pub enum AuthError { pub enum AuthError {
Parse, Parse,
Decode, Decode,
LdapBind,
LdapConnection,
LdapSearch,
} }
impl FromStr for BasicAuthentication { impl FromStr for BasicAuthentication {
@ -53,19 +55,20 @@ impl FromStr for BasicAuthentication {
#[derive(Debug)] #[derive(Debug)]
struct LdapUser { struct LdapUser {
pub dn: String, pub dn: String,
pub mail: Vec<String>,
pub services: Vec<String>, pub services: Vec<String>,
} }
fn auth_user(auth: &BasicAuthentication) -> Result<LdapUser, AuthError> { fn auth_user(auth: &BasicAuthentication) -> Result<LdapUser, AuthError> {
let ldap = match LdapConn::new("ldap://192.168.122.61:389") { let ldap = match LdapConn::new("ldap://192.168.122.61:389") {
Ok(conn) => conn, Ok(conn) => conn,
Err(err) => panic!(err), Err(_err) => return Err(AuthError::LdapConnection),
}; };
let base = format!("uid={},ou=people,dc=xeentech,dc=com", auth.username); let base = format!("uid={},ou=people,dc=xeentech,dc=com", auth.username);
match ldap.simple_bind(&base, &auth.password).unwrap().success() { match ldap.simple_bind(&base, &auth.password).unwrap().success() {
Ok(ldap) => println!("Connected and authenticated"), Ok(_ldap) => println!("Connected and authenticated"),
Err(err) => panic!("Failed to bind with dn+password"), Err(_err) => return Err(AuthError::LdapBind),
}; };
let filter = format!("(uid={})", auth.username); let filter = format!("(uid={})", auth.username);
@ -74,7 +77,7 @@ fn auth_user(auth: &BasicAuthentication) -> Result<LdapUser, AuthError> {
let (rs, _) = result.success().unwrap(); let (rs, _) = result.success().unwrap();
rs rs
}, },
Err(err) => panic!("Search failed? {:?}", err), Err(_err) => return Err(AuthError::LdapSearch),
}; };
// Grab the first, if any, result and discard the rest // Grab the first, if any, result and discard the rest
@ -85,11 +88,12 @@ fn auth_user(auth: &BasicAuthentication) -> Result<LdapUser, AuthError> {
}; };
let mail = match se.attrs.get("mail") { let mail = match se.attrs.get("mail") {
Some(mail) => mail.to_vec(), Some(mail) => mail.to_vec(),
None => [].to_ved(), None => [].to_vec(),
}; };
Ok(LdapUser { Ok(LdapUser {
dn: base, dn: base,
mail: mail,
services: services, services: services,
}) })
} }
@ -120,12 +124,26 @@ fn auth_handler(req: Request<Body>) -> Response<Body> {
let user = auth_user(&auth); let user = auth_user(&auth);
user user
}); });
let user = worker.join().expect("ldap thread threw?"); let user = match worker.join().unwrap() {
Ok(ldap_user) => ldap_user,
Err(AuthError::LdapBind) => {
return Response::builder()
.status(StatusCode::UNAUTHORIZED)
.body(Body::from("LDAP bind failed"))
.unwrap();
},
_ => {
return Response::builder()
.status(StatusCode::INTERNAL_SERVER_ERROR)
.body(Body::from("Something is broken"))
.unwrap();
}
};
Response::new(Body::from(format!("BasicAuthentication {:?}", user))) Response::new(Body::from(format!("BasicAuthentication {:?}", user)))
} }
fn hello(req: Request<Body>) -> Response<Body> { fn hello(_req: Request<Body>) -> Response<Body> {
Response::new(Body::from("Hi!")) Response::new(Body::from("Hi!"))
} }