Create service for parsing Basic Authorization

4 files changed, 76 insertions, 1 deletions

diff --git a/Cargo.lock b/Cargo.lock
index 4d05ec5..c51cb79 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -28,6 +28,7 @@ dependencies = [
  "actix-codec",
  "actix-rt",
  "actix-service",
+ "actix-tls",
  "actix-utils",
  "ahash 0.8.3",
  "base64 0.21.0",
@@ -121,6 +122,24 @@ dependencies = [
 ]
 
 [[package]]
+name = "actix-tls"
+version = "3.0.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9fde0cf292f7cdc7f070803cb9a0d45c018441321a78b1042ffbbb81ec333297"
+dependencies = [
+ "actix-codec",
+ "actix-rt",
+ "actix-service",
+ "actix-utils",
+ "futures-core",
+ "log",
+ "pin-project-lite",
+ "tokio-rustls",
+ "tokio-util",
+ "webpki-roots",
+]
+
+[[package]]
 name = "actix-utils"
 version = "3.0.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -143,6 +162,7 @@ dependencies = [
  "actix-rt",
  "actix-server",
  "actix-service",
+ "actix-tls",
  "actix-utils",
  "actix-web-codegen",
  "ahash 0.7.6",
@@ -1613,6 +1633,7 @@ name = "rust-pw-server"
 version = "0.1.0"
 dependencies = [
  "actix-web",
+ "base64 0.21.0",
  "dotenv",
  "exun",
  "grass",
@@ -1624,6 +1645,7 @@ dependencies = [
  "rust-argon2",
  "rust-ini",
  "serde",
+ "serde_urlencoded",
  "sqlx",
  "tera",
  "thiserror",
diff --git a/Cargo.toml b/Cargo.toml
index 5195d8b..532fc6e 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -6,7 +6,7 @@ edition = "2021"
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
 
 [dependencies]
-actix-web = "4"
+actix-web = { version = "4", features = ["rustls"] }
 tera = "1"
 serde = "1"
 thiserror = "1"
@@ -15,12 +15,14 @@ uuid = { version = "1", features = [ "v4", "fast-rng", "serde" ] }
 url = { version = "2", features = ["serde"] }
 raise = "2"
 exun = "0.1"
+base64 = "0.21"
 rust-ini = "0.18"
 dotenv = "0.15"
 parking_lot = "0.12"
 grass = "0.12"
 unic-langid = { version = "0.9", features = ["serde"] }
 rand = "0.8"
+serde_urlencoded = "0.7"
 sqlx = { version = "0.6", features = [ "runtime-actix-rustls", "mysql", "uuid", "offline" ] }
 log = "0.4"
 hex = "0.4"
diff --git a/src/services/authorization.rs b/src/services/authorization.rs
new file mode 100644
index 0000000..b9d57ae
--- /dev/null
+++ b/src/services/authorization.rs
@@ -0,0 +1,50 @@
+use base64::Engine;
+use raise::yeet;
+use thiserror::Error;
+
+#[derive(Debug, Clone, Copy, PartialEq, Eq, Hash, Error)]
+pub enum ParseBasicError {
+	#[error("Basic Authorization is required")]
+	NotBasic,
+	#[error("No credentials were provided for authorization")]
+	NoCredentials,
+	#[error("The credentials provided were not base64")]
+	InvalidBase64,
+	#[error("The decoded base64 credentials were not UTF-8")]
+	NotUtf8,
+	#[error("A colon (:) must be used to delimit the username and password")]
+	NoColon,
+}
+
+/// Returns a username and a password from a Basic authorization header
+pub fn parse_basic(value: &str) -> Result<(Box<str>, Box<str>), ParseBasicError> {
+	if !value.starts_with("Basic") {
+		yeet!(ParseBasicError::NotBasic);
+	}
+
+	let value: String = value
+		.chars()
+		.skip(5)
+		.skip_while(|ch| ch.is_whitespace())
+		.collect();
+
+	if value.is_empty() {
+		yeet!(ParseBasicError::NoCredentials);
+	}
+
+	let Ok(bytes) = base64::engine::general_purpose::STANDARD.decode(value) else {
+		yeet!(ParseBasicError::InvalidBase64)
+	};
+
+	let Ok(value) = String::from_utf8(bytes) else {
+		yeet!(ParseBasicError::NotUtf8)
+	};
+
+	let mut parts = value.split(':');
+	let username = parts.next().unwrap();
+	let Some(password) = parts.next() else {
+		yeet!(ParseBasicError::NoColon)
+	};
+
+	Ok((Box::from(username), Box::from(password)))
+}
diff --git a/src/services/mod.rs b/src/services/mod.rs
index 09d2159..deab694 100644
--- a/src/services/mod.rs
+++ b/src/services/mod.rs
@@ -1,3 +1,4 @@
+pub mod authorization;
 pub mod crypto;
 pub mod db;
 pub mod id;