| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071 |
- use crate::{
- key::{HMacType, KeyType},
- schema, UIDCError,
- };
- use microrm::prelude::*;
- pub fn create(
- lease: &mut microrm::ConnectionLease,
- realm: µrm::Stored<schema::Realm>,
- name: &String,
- key_type: KeyType,
- ) -> Result<(), UIDCError> {
- let rng = ring::rand::SystemRandom::new();
- let client_secret: [u8; 32] = ring::rand::generate(&rng).unwrap().expose();
- realm.clients.insert(
- lease,
- schema::Client {
- realm: realm.id(),
- shortname: name.into(),
- secret: base64::encode(client_secret),
- access_key_type: key_type.into(),
- refresh_key_type: KeyType::HMac(HMacType::Sha256).into_serialized(),
- direct_grant_enabled: false,
- redirects: Default::default(),
- scopes: Default::default(),
- },
- )?;
- Ok(())
- }
- pub fn rotate_secret(
- lease: &mut microrm::ConnectionLease,
- realm: µrm::Stored<schema::Realm>,
- name: &str,
- ) -> Result<(), UIDCError> {
- let rng = ring::rand::SystemRandom::new();
- let client_secret: [u8; 32] = ring::rand::generate(&rng).unwrap().expose();
- let mut client = realm
- .clients
- .with(schema::Client::Shortname, name)
- .first()
- .get(lease)?
- .ok_or(UIDCError::Abort("no such client"))?;
- client.secret = base64::encode(client_secret);
- client.sync(lease)?;
- Ok(())
- }
- pub fn add_redirect(
- lease: &mut microrm::ConnectionLease,
- realm: µrm::Stored<schema::Realm>,
- name: &str,
- pattern: &str,
- ) -> Result<(), UIDCError> {
- let Some(client) = realm.clients.keyed((realm.id(), name)).get(lease)? else {
- return Err(UIDCError::Abort("no such client"));
- };
- client.redirects.insert(
- lease,
- schema::ClientRedirect {
- redirect_pattern: pattern.into(),
- },
- )?;
- Ok(())
- }
|
