From bcd5923d64dc2d366920819b72de644738da9b00 Mon Sep 17 00:00:00 2001 From: Andrew Sunada Date: Mon, 23 Sep 2019 15:41:44 -0700 Subject: [PATCH 01/16] feat(IAM-170): adding slack to whoami --- Cargo.lock | 230 ++++++++++++++++++++++++++++------------------- Cargo.toml | 4 +- proxy/proxy.js | 24 ++--- src/main.rs | 17 ++-- src/settings.rs | 9 ++ src/slack/app.rs | 201 +++++++++++++++++++++++++++++++++++++++++ src/slack/mod.rs | 1 + src/update.rs | 12 +++ 8 files changed, 390 insertions(+), 108 deletions(-) create mode 100644 src/slack/app.rs create mode 100644 src/slack/mod.rs diff --git a/Cargo.lock b/Cargo.lock index 9f69a23..2eddb09 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -22,15 +22,16 @@ dependencies = [ "actix-service 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)", "actix-utils 0.4.5 (registry+https://github.com/rust-lang/crates.io-index)", "derive_more 0.15.0 (registry+https://github.com/rust-lang/crates.io-index)", - "either 1.5.2 (registry+https://github.com/rust-lang/crates.io-index)", + "either 1.5.3 (registry+https://github.com/rust-lang/crates.io-index)", "futures 0.1.29 (registry+https://github.com/rust-lang/crates.io-index)", "http 0.1.18 (registry+https://github.com/rust-lang/crates.io-index)", "log 0.4.8 (registry+https://github.com/rust-lang/crates.io-index)", - "openssl 0.10.24 (registry+https://github.com/rust-lang/crates.io-index)", + "rustls 0.15.2 (registry+https://github.com/rust-lang/crates.io-index)", "tokio-current-thread 0.1.6 (registry+https://github.com/rust-lang/crates.io-index)", - "tokio-openssl 0.3.0 (registry+https://github.com/rust-lang/crates.io-index)", + "tokio-rustls 0.9.3 (registry+https://github.com/rust-lang/crates.io-index)", "tokio-tcp 0.1.3 (registry+https://github.com/rust-lang/crates.io-index)", "trust-dns-resolver 0.11.1 (registry+https://github.com/rust-lang/crates.io-index)", + "webpki 0.19.1 (registry+https://github.com/rust-lang/crates.io-index)", ] [[package]] @@ -62,8 +63,8 @@ dependencies = [ "chrono 0.4.9 (registry+https://github.com/rust-lang/crates.io-index)", "copyless 0.1.4 (registry+https://github.com/rust-lang/crates.io-index)", "derive_more 0.15.0 (registry+https://github.com/rust-lang/crates.io-index)", - "either 1.5.2 (registry+https://github.com/rust-lang/crates.io-index)", - "encoding_rs 0.8.19 (registry+https://github.com/rust-lang/crates.io-index)", + "either 1.5.3 (registry+https://github.com/rust-lang/crates.io-index)", + "encoding_rs 0.8.20 (registry+https://github.com/rust-lang/crates.io-index)", "failure 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)", "flate2 1.0.11 (registry+https://github.com/rust-lang/crates.io-index)", "futures 0.1.29 (registry+https://github.com/rust-lang/crates.io-index)", @@ -76,12 +77,12 @@ dependencies = [ "lazy_static 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)", "log 0.4.8 (registry+https://github.com/rust-lang/crates.io-index)", "mime 0.3.14 (registry+https://github.com/rust-lang/crates.io-index)", - "openssl 0.10.24 (registry+https://github.com/rust-lang/crates.io-index)", "percent-encoding 2.1.0 (registry+https://github.com/rust-lang/crates.io-index)", - "rand 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)", + "rand 0.7.1 (registry+https://github.com/rust-lang/crates.io-index)", "regex 1.3.1 (registry+https://github.com/rust-lang/crates.io-index)", "ring 0.14.6 (registry+https://github.com/rust-lang/crates.io-index)", - "serde 1.0.100 (registry+https://github.com/rust-lang/crates.io-index)", + "rustls 0.15.2 (registry+https://github.com/rust-lang/crates.io-index)", + "serde 1.0.101 (registry+https://github.com/rust-lang/crates.io-index)", "serde_json 1.0.40 (registry+https://github.com/rust-lang/crates.io-index)", "serde_urlencoded 0.6.1 (registry+https://github.com/rust-lang/crates.io-index)", "sha1 0.6.0 (registry+https://github.com/rust-lang/crates.io-index)", @@ -91,6 +92,7 @@ dependencies = [ "tokio-tcp 0.1.3 (registry+https://github.com/rust-lang/crates.io-index)", "tokio-timer 0.2.11 (registry+https://github.com/rust-lang/crates.io-index)", "trust-dns-resolver 0.11.1 (registry+https://github.com/rust-lang/crates.io-index)", + "webpki-roots 0.16.0 (registry+https://github.com/rust-lang/crates.io-index)", ] [[package]] @@ -102,7 +104,7 @@ dependencies = [ "http 0.1.18 (registry+https://github.com/rust-lang/crates.io-index)", "log 0.4.8 (registry+https://github.com/rust-lang/crates.io-index)", "regex 1.3.1 (registry+https://github.com/rust-lang/crates.io-index)", - "serde 1.0.100 (registry+https://github.com/rust-lang/crates.io-index)", + "serde 1.0.101 (registry+https://github.com/rust-lang/crates.io-index)", "string 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)", ] @@ -133,14 +135,16 @@ dependencies = [ "mio 0.6.19 (registry+https://github.com/rust-lang/crates.io-index)", "net2 0.2.33 (registry+https://github.com/rust-lang/crates.io-index)", "num_cpus 1.10.1 (registry+https://github.com/rust-lang/crates.io-index)", - "openssl 0.10.24 (registry+https://github.com/rust-lang/crates.io-index)", + "rustls 0.15.2 (registry+https://github.com/rust-lang/crates.io-index)", "slab 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)", "tokio-io 0.1.12 (registry+https://github.com/rust-lang/crates.io-index)", - "tokio-openssl 0.3.0 (registry+https://github.com/rust-lang/crates.io-index)", "tokio-reactor 0.1.9 (registry+https://github.com/rust-lang/crates.io-index)", + "tokio-rustls 0.9.3 (registry+https://github.com/rust-lang/crates.io-index)", "tokio-signal 0.2.7 (registry+https://github.com/rust-lang/crates.io-index)", "tokio-tcp 0.1.3 (registry+https://github.com/rust-lang/crates.io-index)", "tokio-timer 0.2.11 (registry+https://github.com/rust-lang/crates.io-index)", + "webpki 0.19.1 (registry+https://github.com/rust-lang/crates.io-index)", + "webpki-roots 0.16.0 (registry+https://github.com/rust-lang/crates.io-index)", ] [[package]] @@ -149,8 +153,9 @@ version = "0.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" dependencies = [ "futures 0.1.29 (registry+https://github.com/rust-lang/crates.io-index)", + "rustls 0.15.2 (registry+https://github.com/rust-lang/crates.io-index)", "tokio-io 0.1.12 (registry+https://github.com/rust-lang/crates.io-index)", - "tokio-openssl 0.3.0 (registry+https://github.com/rust-lang/crates.io-index)", + "tokio-rustls 0.9.3 (registry+https://github.com/rust-lang/crates.io-index)", "tokio-tcp 0.1.3 (registry+https://github.com/rust-lang/crates.io-index)", ] @@ -173,7 +178,7 @@ dependencies = [ "derive_more 0.15.0 (registry+https://github.com/rust-lang/crates.io-index)", "futures 0.1.29 (registry+https://github.com/rust-lang/crates.io-index)", "hashbrown 0.5.0 (registry+https://github.com/rust-lang/crates.io-index)", - "serde 1.0.100 (registry+https://github.com/rust-lang/crates.io-index)", + "serde 1.0.101 (registry+https://github.com/rust-lang/crates.io-index)", "serde_json 1.0.40 (registry+https://github.com/rust-lang/crates.io-index)", "time 0.1.42 (registry+https://github.com/rust-lang/crates.io-index)", ] @@ -200,7 +205,7 @@ dependencies = [ "actix-codec 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)", "actix-service 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)", "bytes 0.4.12 (registry+https://github.com/rust-lang/crates.io-index)", - "either 1.5.2 (registry+https://github.com/rust-lang/crates.io-index)", + "either 1.5.3 (registry+https://github.com/rust-lang/crates.io-index)", "futures 0.1.29 (registry+https://github.com/rust-lang/crates.io-index)", "log 0.4.8 (registry+https://github.com/rust-lang/crates.io-index)", "tokio-current-thread 0.1.6 (registry+https://github.com/rust-lang/crates.io-index)", @@ -222,19 +227,19 @@ dependencies = [ "actix-threadpool 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)", "actix-utils 0.4.5 (registry+https://github.com/rust-lang/crates.io-index)", "actix-web-codegen 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)", - "awc 0.2.5 (registry+https://github.com/rust-lang/crates.io-index)", + "awc 0.2.6 (registry+https://github.com/rust-lang/crates.io-index)", "bytes 0.4.12 (registry+https://github.com/rust-lang/crates.io-index)", "derive_more 0.15.0 (registry+https://github.com/rust-lang/crates.io-index)", - "encoding_rs 0.8.19 (registry+https://github.com/rust-lang/crates.io-index)", + "encoding_rs 0.8.20 (registry+https://github.com/rust-lang/crates.io-index)", "futures 0.1.29 (registry+https://github.com/rust-lang/crates.io-index)", "hashbrown 0.5.0 (registry+https://github.com/rust-lang/crates.io-index)", "log 0.4.8 (registry+https://github.com/rust-lang/crates.io-index)", "mime 0.3.14 (registry+https://github.com/rust-lang/crates.io-index)", "net2 0.2.33 (registry+https://github.com/rust-lang/crates.io-index)", - "openssl 0.10.24 (registry+https://github.com/rust-lang/crates.io-index)", "parking_lot 0.9.0 (registry+https://github.com/rust-lang/crates.io-index)", "regex 1.3.1 (registry+https://github.com/rust-lang/crates.io-index)", - "serde 1.0.100 (registry+https://github.com/rust-lang/crates.io-index)", + "rustls 0.15.2 (registry+https://github.com/rust-lang/crates.io-index)", + "serde 1.0.101 (registry+https://github.com/rust-lang/crates.io-index)", "serde_json 1.0.40 (registry+https://github.com/rust-lang/crates.io-index)", "serde_urlencoded 0.6.1 (registry+https://github.com/rust-lang/crates.io-index)", "time 0.1.42 (registry+https://github.com/rust-lang/crates.io-index)", @@ -297,7 +302,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" [[package]] name = "awc" -version = "0.2.5" +version = "0.2.6" source = "registry+https://github.com/rust-lang/crates.io-index" dependencies = [ "actix-codec 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)", @@ -309,10 +314,10 @@ dependencies = [ "futures 0.1.29 (registry+https://github.com/rust-lang/crates.io-index)", "log 0.4.8 (registry+https://github.com/rust-lang/crates.io-index)", "mime 0.3.14 (registry+https://github.com/rust-lang/crates.io-index)", - "openssl 0.10.24 (registry+https://github.com/rust-lang/crates.io-index)", "percent-encoding 2.1.0 (registry+https://github.com/rust-lang/crates.io-index)", - "rand 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)", - "serde 1.0.100 (registry+https://github.com/rust-lang/crates.io-index)", + "rand 0.7.1 (registry+https://github.com/rust-lang/crates.io-index)", + "rustls 0.15.2 (registry+https://github.com/rust-lang/crates.io-index)", + "serde 1.0.101 (registry+https://github.com/rust-lang/crates.io-index)", "serde_json 1.0.40 (registry+https://github.com/rust-lang/crates.io-index)", "serde_urlencoded 0.6.1 (registry+https://github.com/rust-lang/crates.io-index)", "tokio-timer 0.2.11 (registry+https://github.com/rust-lang/crates.io-index)", @@ -365,8 +370,8 @@ dependencies = [ "lazy_static 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)", "num 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)", "ring 0.14.6 (registry+https://github.com/rust-lang/crates.io-index)", - "serde 1.0.100 (registry+https://github.com/rust-lang/crates.io-index)", - "serde_derive 1.0.100 (registry+https://github.com/rust-lang/crates.io-index)", + "serde 1.0.101 (registry+https://github.com/rust-lang/crates.io-index)", + "serde_derive 1.0.101 (registry+https://github.com/rust-lang/crates.io-index)", "serde_json 1.0.40 (registry+https://github.com/rust-lang/crates.io-index)", "untrusted 0.6.2 (registry+https://github.com/rust-lang/crates.io-index)", "url 1.7.2 (registry+https://github.com/rust-lang/crates.io-index)", @@ -430,7 +435,7 @@ version = "0.4.12" source = "registry+https://github.com/rust-lang/crates.io-index" dependencies = [ "byteorder 1.3.2 (registry+https://github.com/rust-lang/crates.io-index)", - "either 1.5.2 (registry+https://github.com/rust-lang/crates.io-index)", + "either 1.5.3 (registry+https://github.com/rust-lang/crates.io-index)", "iovec 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)", ] @@ -461,7 +466,7 @@ dependencies = [ "libc 0.2.62 (registry+https://github.com/rust-lang/crates.io-index)", "num-integer 0.1.41 (registry+https://github.com/rust-lang/crates.io-index)", "num-traits 0.2.8 (registry+https://github.com/rust-lang/crates.io-index)", - "serde 1.0.100 (registry+https://github.com/rust-lang/crates.io-index)", + "serde 1.0.101 (registry+https://github.com/rust-lang/crates.io-index)", "time 0.1.42 (registry+https://github.com/rust-lang/crates.io-index)", ] @@ -487,8 +492,8 @@ dependencies = [ "futures 0.1.29 (registry+https://github.com/rust-lang/crates.io-index)", "percent-encoding 1.0.1 (registry+https://github.com/rust-lang/crates.io-index)", "reqwest 0.9.20 (registry+https://github.com/rust-lang/crates.io-index)", - "serde 1.0.100 (registry+https://github.com/rust-lang/crates.io-index)", - "serde_derive 1.0.100 (registry+https://github.com/rust-lang/crates.io-index)", + "serde 1.0.101 (registry+https://github.com/rust-lang/crates.io-index)", + "serde_derive 1.0.101 (registry+https://github.com/rust-lang/crates.io-index)", "serde_json 1.0.40 (registry+https://github.com/rust-lang/crates.io-index)", "shared-expiry-get 0.0.1 (registry+https://github.com/rust-lang/crates.io-index)", "tokio 0.1.22 (registry+https://github.com/rust-lang/crates.io-index)", @@ -511,8 +516,8 @@ dependencies = [ "ring 0.14.6 (registry+https://github.com/rust-lang/crates.io-index)", "rusoto_core 0.40.0 (registry+https://github.com/rust-lang/crates.io-index)", "rusoto_ssm 0.40.0 (registry+https://github.com/rust-lang/crates.io-index)", - "serde 1.0.100 (registry+https://github.com/rust-lang/crates.io-index)", - "serde_derive 1.0.100 (registry+https://github.com/rust-lang/crates.io-index)", + "serde 1.0.101 (registry+https://github.com/rust-lang/crates.io-index)", + "serde_derive 1.0.101 (registry+https://github.com/rust-lang/crates.io-index)", "serde_json 1.0.40 (registry+https://github.com/rust-lang/crates.io-index)", "untrusted 0.6.2 (registry+https://github.com/rust-lang/crates.io-index)", ] @@ -533,7 +538,7 @@ dependencies = [ "lazy_static 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)", "nom 4.2.3 (registry+https://github.com/rust-lang/crates.io-index)", "rust-ini 0.13.0 (registry+https://github.com/rust-lang/crates.io-index)", - "serde 1.0.100 (registry+https://github.com/rust-lang/crates.io-index)", + "serde 1.0.101 (registry+https://github.com/rust-lang/crates.io-index)", "serde-hjson 0.8.2 (registry+https://github.com/rust-lang/crates.io-index)", "serde_json 1.0.40 (registry+https://github.com/rust-lang/crates.io-index)", "toml 0.4.10 (registry+https://github.com/rust-lang/crates.io-index)", @@ -564,7 +569,7 @@ dependencies = [ "idna 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)", "log 0.4.8 (registry+https://github.com/rust-lang/crates.io-index)", "publicsuffix 1.5.3 (registry+https://github.com/rust-lang/crates.io-index)", - "serde 1.0.100 (registry+https://github.com/rust-lang/crates.io-index)", + "serde 1.0.101 (registry+https://github.com/rust-lang/crates.io-index)", "serde_json 1.0.40 (registry+https://github.com/rust-lang/crates.io-index)", "time 0.1.42 (registry+https://github.com/rust-lang/crates.io-index)", "try_from 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)", @@ -655,7 +660,7 @@ dependencies = [ "libc 0.2.62 (registry+https://github.com/rust-lang/crates.io-index)", "openssl-probe 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)", "openssl-sys 0.9.49 (registry+https://github.com/rust-lang/crates.io-index)", - "schannel 0.1.15 (registry+https://github.com/rust-lang/crates.io-index)", + "schannel 0.1.16 (registry+https://github.com/rust-lang/crates.io-index)", "socket2 0.3.11 (registry+https://github.com/rust-lang/crates.io-index)", "winapi 0.3.8 (registry+https://github.com/rust-lang/crates.io-index)", ] @@ -727,10 +732,10 @@ dependencies = [ "failure 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)", "futures 0.1.29 (registry+https://github.com/rust-lang/crates.io-index)", "log 0.4.8 (registry+https://github.com/rust-lang/crates.io-index)", - "oauth2 2.0.0-beta.3 (registry+https://github.com/rust-lang/crates.io-index)", - "rand 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)", - "serde 1.0.100 (registry+https://github.com/rust-lang/crates.io-index)", - "serde_derive 1.0.100 (registry+https://github.com/rust-lang/crates.io-index)", + "oauth2 2.0.0 (registry+https://github.com/rust-lang/crates.io-index)", + "rand 0.7.1 (registry+https://github.com/rust-lang/crates.io-index)", + "serde 1.0.101 (registry+https://github.com/rust-lang/crates.io-index)", + "serde_derive 1.0.101 (registry+https://github.com/rust-lang/crates.io-index)", "serde_json 1.0.40 (registry+https://github.com/rust-lang/crates.io-index)", "ttl_cache 0.5.1 (registry+https://github.com/rust-lang/crates.io-index)", "url 1.7.2 (registry+https://github.com/rust-lang/crates.io-index)", @@ -753,12 +758,12 @@ source = "registry+https://github.com/rust-lang/crates.io-index" [[package]] name = "either" -version = "1.5.2" +version = "1.5.3" source = "registry+https://github.com/rust-lang/crates.io-index" [[package]] name = "encoding_rs" -version = "0.8.19" +version = "0.8.20" source = "registry+https://github.com/rust-lang/crates.io-index" dependencies = [ "cfg-if 0.1.9 (registry+https://github.com/rust-lang/crates.io-index)", @@ -981,7 +986,7 @@ dependencies = [ [[package]] name = "hyper" -version = "0.12.34" +version = "0.12.35" source = "registry+https://github.com/rust-lang/crates.io-index" dependencies = [ "bytes 0.4.12 (registry+https://github.com/rust-lang/crates.io-index)", @@ -1015,7 +1020,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" dependencies = [ "bytes 0.4.12 (registry+https://github.com/rust-lang/crates.io-index)", "futures 0.1.29 (registry+https://github.com/rust-lang/crates.io-index)", - "hyper 0.12.34 (registry+https://github.com/rust-lang/crates.io-index)", + "hyper 0.12.35 (registry+https://github.com/rust-lang/crates.io-index)", "native-tls 0.2.3 (registry+https://github.com/rust-lang/crates.io-index)", "tokio-io 0.1.12 (registry+https://github.com/rust-lang/crates.io-index)", ] @@ -1045,7 +1050,7 @@ name = "indexmap" version = "1.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" dependencies = [ - "serde 1.0.100 (registry+https://github.com/rust-lang/crates.io-index)", + "serde 1.0.101 (registry+https://github.com/rust-lang/crates.io-index)", ] [[package]] @@ -1082,8 +1087,8 @@ dependencies = [ "fnv 1.0.6 (registry+https://github.com/rust-lang/crates.io-index)", "indexmap 1.2.0 (registry+https://github.com/rust-lang/crates.io-index)", "juniper_codegen 0.13.2 (registry+https://github.com/rust-lang/crates.io-index)", - "serde 1.0.100 (registry+https://github.com/rust-lang/crates.io-index)", - "serde_derive 1.0.100 (registry+https://github.com/rust-lang/crates.io-index)", + "serde 1.0.101 (registry+https://github.com/rust-lang/crates.io-index)", + "serde_derive 1.0.101 (registry+https://github.com/rust-lang/crates.io-index)", "url 1.7.2 (registry+https://github.com/rust-lang/crates.io-index)", "uuid 0.7.4 (registry+https://github.com/rust-lang/crates.io-index)", ] @@ -1310,7 +1315,7 @@ dependencies = [ "openssl 0.10.24 (registry+https://github.com/rust-lang/crates.io-index)", "openssl-probe 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)", "openssl-sys 0.9.49 (registry+https://github.com/rust-lang/crates.io-index)", - "schannel 0.1.15 (registry+https://github.com/rust-lang/crates.io-index)", + "schannel 0.1.16 (registry+https://github.com/rust-lang/crates.io-index)", "security-framework 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)", "security-framework-sys 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)", "tempfile 3.1.0 (registry+https://github.com/rust-lang/crates.io-index)", @@ -1428,7 +1433,7 @@ dependencies = [ [[package]] name = "oauth2" -version = "2.0.0-beta.3" +version = "2.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" dependencies = [ "base64 0.9.3 (registry+https://github.com/rust-lang/crates.io-index)", @@ -1436,8 +1441,8 @@ dependencies = [ "failure 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)", "failure_derive 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)", "rand 0.6.5 (registry+https://github.com/rust-lang/crates.io-index)", - "serde 1.0.100 (registry+https://github.com/rust-lang/crates.io-index)", - "serde_derive 1.0.100 (registry+https://github.com/rust-lang/crates.io-index)", + "serde 1.0.101 (registry+https://github.com/rust-lang/crates.io-index)", + "serde_derive 1.0.101 (registry+https://github.com/rust-lang/crates.io-index)", "serde_json 1.0.40 (registry+https://github.com/rust-lang/crates.io-index)", "sha2 0.7.1 (registry+https://github.com/rust-lang/crates.io-index)", "url 1.7.2 (registry+https://github.com/rust-lang/crates.io-index)", @@ -1632,7 +1637,7 @@ dependencies = [ [[package]] name = "rand" -version = "0.7.0" +version = "0.7.1" source = "registry+https://github.com/rust-lang/crates.io-index" dependencies = [ "getrandom 0.1.12 (registry+https://github.com/rust-lang/crates.io-index)", @@ -1802,17 +1807,17 @@ dependencies = [ "bytes 0.4.12 (registry+https://github.com/rust-lang/crates.io-index)", "cookie 0.12.0 (registry+https://github.com/rust-lang/crates.io-index)", "cookie_store 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)", - "encoding_rs 0.8.19 (registry+https://github.com/rust-lang/crates.io-index)", + "encoding_rs 0.8.20 (registry+https://github.com/rust-lang/crates.io-index)", "flate2 1.0.11 (registry+https://github.com/rust-lang/crates.io-index)", "futures 0.1.29 (registry+https://github.com/rust-lang/crates.io-index)", "http 0.1.18 (registry+https://github.com/rust-lang/crates.io-index)", - "hyper 0.12.34 (registry+https://github.com/rust-lang/crates.io-index)", + "hyper 0.12.35 (registry+https://github.com/rust-lang/crates.io-index)", "hyper-tls 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)", "log 0.4.8 (registry+https://github.com/rust-lang/crates.io-index)", "mime 0.3.14 (registry+https://github.com/rust-lang/crates.io-index)", "mime_guess 2.0.1 (registry+https://github.com/rust-lang/crates.io-index)", "native-tls 0.2.3 (registry+https://github.com/rust-lang/crates.io-index)", - "serde 1.0.100 (registry+https://github.com/rust-lang/crates.io-index)", + "serde 1.0.101 (registry+https://github.com/rust-lang/crates.io-index)", "serde_json 1.0.40 (registry+https://github.com/rust-lang/crates.io-index)", "serde_urlencoded 0.5.5 (registry+https://github.com/rust-lang/crates.io-index)", "time 0.1.42 (registry+https://github.com/rust-lang/crates.io-index)", @@ -1859,15 +1864,15 @@ dependencies = [ "hex 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)", "hmac 0.5.0 (registry+https://github.com/rust-lang/crates.io-index)", "http 0.1.18 (registry+https://github.com/rust-lang/crates.io-index)", - "hyper 0.12.34 (registry+https://github.com/rust-lang/crates.io-index)", + "hyper 0.12.35 (registry+https://github.com/rust-lang/crates.io-index)", "hyper-tls 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)", "lazy_static 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)", "log 0.4.8 (registry+https://github.com/rust-lang/crates.io-index)", "md5 0.3.8 (registry+https://github.com/rust-lang/crates.io-index)", "rusoto_credential 0.40.0 (registry+https://github.com/rust-lang/crates.io-index)", "rustc_version 0.2.3 (registry+https://github.com/rust-lang/crates.io-index)", - "serde 1.0.100 (registry+https://github.com/rust-lang/crates.io-index)", - "serde_derive 1.0.100 (registry+https://github.com/rust-lang/crates.io-index)", + "serde 1.0.101 (registry+https://github.com/rust-lang/crates.io-index)", + "serde_derive 1.0.101 (registry+https://github.com/rust-lang/crates.io-index)", "serde_json 1.0.40 (registry+https://github.com/rust-lang/crates.io-index)", "sha2 0.7.1 (registry+https://github.com/rust-lang/crates.io-index)", "time 0.1.42 (registry+https://github.com/rust-lang/crates.io-index)", @@ -1885,10 +1890,10 @@ dependencies = [ "chrono 0.4.9 (registry+https://github.com/rust-lang/crates.io-index)", "dirs 1.0.5 (registry+https://github.com/rust-lang/crates.io-index)", "futures 0.1.29 (registry+https://github.com/rust-lang/crates.io-index)", - "hyper 0.12.34 (registry+https://github.com/rust-lang/crates.io-index)", + "hyper 0.12.35 (registry+https://github.com/rust-lang/crates.io-index)", "regex 1.3.1 (registry+https://github.com/rust-lang/crates.io-index)", - "serde 1.0.100 (registry+https://github.com/rust-lang/crates.io-index)", - "serde_derive 1.0.100 (registry+https://github.com/rust-lang/crates.io-index)", + "serde 1.0.101 (registry+https://github.com/rust-lang/crates.io-index)", + "serde_derive 1.0.101 (registry+https://github.com/rust-lang/crates.io-index)", "serde_json 1.0.40 (registry+https://github.com/rust-lang/crates.io-index)", "shlex 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)", "tokio-process 0.2.4 (registry+https://github.com/rust-lang/crates.io-index)", @@ -1903,8 +1908,8 @@ dependencies = [ "bytes 0.4.12 (registry+https://github.com/rust-lang/crates.io-index)", "futures 0.1.29 (registry+https://github.com/rust-lang/crates.io-index)", "rusoto_core 0.40.0 (registry+https://github.com/rust-lang/crates.io-index)", - "serde 1.0.100 (registry+https://github.com/rust-lang/crates.io-index)", - "serde_derive 1.0.100 (registry+https://github.com/rust-lang/crates.io-index)", + "serde 1.0.101 (registry+https://github.com/rust-lang/crates.io-index)", + "serde_derive 1.0.101 (registry+https://github.com/rust-lang/crates.io-index)", "serde_json 1.0.40 (registry+https://github.com/rust-lang/crates.io-index)", ] @@ -1936,6 +1941,19 @@ dependencies = [ "semver 0.9.0 (registry+https://github.com/rust-lang/crates.io-index)", ] +[[package]] +name = "rustls" +version = "0.15.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +dependencies = [ + "base64 0.10.1 (registry+https://github.com/rust-lang/crates.io-index)", + "log 0.4.8 (registry+https://github.com/rust-lang/crates.io-index)", + "ring 0.14.6 (registry+https://github.com/rust-lang/crates.io-index)", + "sct 0.5.0 (registry+https://github.com/rust-lang/crates.io-index)", + "untrusted 0.6.2 (registry+https://github.com/rust-lang/crates.io-index)", + "webpki 0.19.1 (registry+https://github.com/rust-lang/crates.io-index)", +] + [[package]] name = "ryu" version = "1.0.0" @@ -1948,7 +1966,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" [[package]] name = "schannel" -version = "0.1.15" +version = "0.1.16" source = "registry+https://github.com/rust-lang/crates.io-index" dependencies = [ "lazy_static 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)", @@ -1965,6 +1983,15 @@ name = "scopeguard" version = "1.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" +[[package]] +name = "sct" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +dependencies = [ + "ring 0.14.6 (registry+https://github.com/rust-lang/crates.io-index)", + "untrusted 0.6.2 (registry+https://github.com/rust-lang/crates.io-index)", +] + [[package]] name = "security-framework" version = "0.3.1" @@ -2004,10 +2031,10 @@ source = "registry+https://github.com/rust-lang/crates.io-index" [[package]] name = "serde" -version = "1.0.100" +version = "1.0.101" source = "registry+https://github.com/rust-lang/crates.io-index" dependencies = [ - "serde_derive 1.0.100 (registry+https://github.com/rust-lang/crates.io-index)", + "serde_derive 1.0.101 (registry+https://github.com/rust-lang/crates.io-index)", ] [[package]] @@ -2024,7 +2051,7 @@ dependencies = [ [[package]] name = "serde_derive" -version = "1.0.100" +version = "1.0.101" source = "registry+https://github.com/rust-lang/crates.io-index" dependencies = [ "proc-macro2 1.0.3 (registry+https://github.com/rust-lang/crates.io-index)", @@ -2040,7 +2067,7 @@ dependencies = [ "indexmap 1.2.0 (registry+https://github.com/rust-lang/crates.io-index)", "itoa 0.4.4 (registry+https://github.com/rust-lang/crates.io-index)", "ryu 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)", - "serde 1.0.100 (registry+https://github.com/rust-lang/crates.io-index)", + "serde 1.0.101 (registry+https://github.com/rust-lang/crates.io-index)", ] [[package]] @@ -2058,7 +2085,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" dependencies = [ "dtoa 0.4.4 (registry+https://github.com/rust-lang/crates.io-index)", "itoa 0.4.4 (registry+https://github.com/rust-lang/crates.io-index)", - "serde 1.0.100 (registry+https://github.com/rust-lang/crates.io-index)", + "serde 1.0.101 (registry+https://github.com/rust-lang/crates.io-index)", "url 1.7.2 (registry+https://github.com/rust-lang/crates.io-index)", ] @@ -2069,7 +2096,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" dependencies = [ "dtoa 0.4.4 (registry+https://github.com/rust-lang/crates.io-index)", "itoa 0.4.4 (registry+https://github.com/rust-lang/crates.io-index)", - "serde 1.0.100 (registry+https://github.com/rust-lang/crates.io-index)", + "serde 1.0.101 (registry+https://github.com/rust-lang/crates.io-index)", "url 2.1.0 (registry+https://github.com/rust-lang/crates.io-index)", ] @@ -2200,7 +2227,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" dependencies = [ "cfg-if 0.1.9 (registry+https://github.com/rust-lang/crates.io-index)", "libc 0.2.62 (registry+https://github.com/rust-lang/crates.io-index)", - "rand 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)", + "rand 0.7.1 (registry+https://github.com/rust-lang/crates.io-index)", "redox_syscall 0.1.56 (registry+https://github.com/rust-lang/crates.io-index)", "remove_dir_all 0.5.2 (registry+https://github.com/rust-lang/crates.io-index)", "winapi 0.3.8 (registry+https://github.com/rust-lang/crates.io-index)", @@ -2269,7 +2296,7 @@ version = "0.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" dependencies = [ "bytes 0.4.12 (registry+https://github.com/rust-lang/crates.io-index)", - "either 1.5.2 (registry+https://github.com/rust-lang/crates.io-index)", + "either 1.5.3 (registry+https://github.com/rust-lang/crates.io-index)", "futures 0.1.29 (registry+https://github.com/rust-lang/crates.io-index)", ] @@ -2321,16 +2348,6 @@ dependencies = [ "log 0.4.8 (registry+https://github.com/rust-lang/crates.io-index)", ] -[[package]] -name = "tokio-openssl" -version = "0.3.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -dependencies = [ - "futures 0.1.29 (registry+https://github.com/rust-lang/crates.io-index)", - "openssl 0.10.24 (registry+https://github.com/rust-lang/crates.io-index)", - "tokio-io 0.1.12 (registry+https://github.com/rust-lang/crates.io-index)", -] - [[package]] name = "tokio-process" version = "0.2.4" @@ -2367,6 +2384,17 @@ dependencies = [ "tokio-sync 0.1.6 (registry+https://github.com/rust-lang/crates.io-index)", ] +[[package]] +name = "tokio-rustls" +version = "0.9.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +dependencies = [ + "futures 0.1.29 (registry+https://github.com/rust-lang/crates.io-index)", + "rustls 0.15.2 (registry+https://github.com/rust-lang/crates.io-index)", + "tokio-io 0.1.12 (registry+https://github.com/rust-lang/crates.io-index)", + "webpki 0.19.1 (registry+https://github.com/rust-lang/crates.io-index)", +] + [[package]] name = "tokio-signal" version = "0.2.7" @@ -2468,7 +2496,7 @@ name = "toml" version = "0.4.10" source = "registry+https://github.com/rust-lang/crates.io-index" dependencies = [ - "serde 1.0.100 (registry+https://github.com/rust-lang/crates.io-index)", + "serde 1.0.101 (registry+https://github.com/rust-lang/crates.io-index)", ] [[package]] @@ -2631,6 +2659,24 @@ name = "wasi" version = "0.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" +[[package]] +name = "webpki" +version = "0.19.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +dependencies = [ + "ring 0.14.6 (registry+https://github.com/rust-lang/crates.io-index)", + "untrusted 0.6.2 (registry+https://github.com/rust-lang/crates.io-index)", +] + +[[package]] +name = "webpki-roots" +version = "0.16.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +dependencies = [ + "untrusted 0.6.2 (registry+https://github.com/rust-lang/crates.io-index)", + "webpki 0.19.1 (registry+https://github.com/rust-lang/crates.io-index)", +] + [[package]] name = "widestring" version = "0.4.0" @@ -2745,7 +2791,7 @@ dependencies = [ "checksum arrayvec 0.4.11 (registry+https://github.com/rust-lang/crates.io-index)" = "b8d73f9beda665eaa98ab9e4f7442bd4e7de6652587de55b2525e52e29c1b0ba" "checksum atty 0.2.13 (registry+https://github.com/rust-lang/crates.io-index)" = "1803c647a3ec87095e7ae7acfca019e98de5ec9a7d01343f611cf3152ed71a90" "checksum autocfg 0.1.6 (registry+https://github.com/rust-lang/crates.io-index)" = "b671c8fb71b457dd4ae18c4ba1e59aa81793daacc361d82fcd410cef0d491875" -"checksum awc 0.2.5 (registry+https://github.com/rust-lang/crates.io-index)" = "2afcdd17a546c03d43c43e10d2598b76adca7605b0214322fd6bbfee5f2f6d03" +"checksum awc 0.2.6 (registry+https://github.com/rust-lang/crates.io-index)" = "78c9c1e32d6084343b3857eacb1f43aaefb93a816e15aae4685bc3c0a9052964" "checksum backtrace 0.3.37 (registry+https://github.com/rust-lang/crates.io-index)" = "5180c5a20655b14a819b652fd2378fa5f1697b6c9ddad3e695c2f9cedf6df4e2" "checksum backtrace-sys 0.1.31 (registry+https://github.com/rust-lang/crates.io-index)" = "82a830b4ef2d1124a711c71d263c5abdc710ef8e907bd508c88be475cebc422b" "checksum base64 0.10.1 (registry+https://github.com/rust-lang/crates.io-index)" = "0b25d992356d2eb0ed82172f5248873db5560c4721f564b13cb5193bda5e668e" @@ -2788,8 +2834,8 @@ dependencies = [ "checksum digest 0.7.6 (registry+https://github.com/rust-lang/crates.io-index)" = "03b072242a8cbaf9c145665af9d250c59af3b958f83ed6824e13533cf76d5b90" "checksum dirs 1.0.5 (registry+https://github.com/rust-lang/crates.io-index)" = "3fd78930633bd1c6e35c4b42b1df7b0cbc6bc191146e512bb3bedf243fcc3901" "checksum dtoa 0.4.4 (registry+https://github.com/rust-lang/crates.io-index)" = "ea57b42383d091c85abcc2706240b94ab2a8fa1fc81c10ff23c4de06e2a90b5e" -"checksum either 1.5.2 (registry+https://github.com/rust-lang/crates.io-index)" = "5527cfe0d098f36e3f8839852688e63c8fff1c90b2b405aef730615f9a7bcf7b" -"checksum encoding_rs 0.8.19 (registry+https://github.com/rust-lang/crates.io-index)" = "79906e1ad1f7f8bc48864fcc6ffd58336fb5992e627bf61928099cb25fdf4314" +"checksum either 1.5.3 (registry+https://github.com/rust-lang/crates.io-index)" = "bb1f6b1ce1c140482ea30ddd3335fc0024ac7ee112895426e0a629a6c20adfe3" +"checksum encoding_rs 0.8.20 (registry+https://github.com/rust-lang/crates.io-index)" = "87240518927716f79692c2ed85bfe6e98196d18c6401ec75355760233a7e12e9" "checksum enum-as-inner 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)" = "3d58266c97445680766be408285e798d3401c6d4c378ec5552e78737e681e37d" "checksum env_logger 0.6.2 (registry+https://github.com/rust-lang/crates.io-index)" = "aafcde04e90a5226a6443b7aabdb016ba2f8307c847d524724bd9b346dd1a2d3" "checksum error-chain 0.12.1 (registry+https://github.com/rust-lang/crates.io-index)" = "3ab49e9dcb602294bc42f9a7dfc9bc6e936fca4418ea300dbfb84fe16de0b7d9" @@ -2816,7 +2862,7 @@ dependencies = [ "checksum http-body 0.1.0 (registry+https://github.com/rust-lang/crates.io-index)" = "6741c859c1b2463a423a1dbce98d418e6c3c3fc720fb0d45528657320920292d" "checksum httparse 1.3.4 (registry+https://github.com/rust-lang/crates.io-index)" = "cd179ae861f0c2e53da70d892f5f3029f9594be0c41dc5269cd371691b1dc2f9" "checksum humantime 1.3.0 (registry+https://github.com/rust-lang/crates.io-index)" = "df004cfca50ef23c36850aaaa59ad52cc70d0e90243c3c7737a4dd32dc7a3c4f" -"checksum hyper 0.12.34 (registry+https://github.com/rust-lang/crates.io-index)" = "898a87371a3999b2f731b9af636cd76aa20de10e69c2daf3e71388326b619fe0" +"checksum hyper 0.12.35 (registry+https://github.com/rust-lang/crates.io-index)" = "9dbe6ed1438e1f8ad955a4701e9a944938e9519f6888d12d8558b645e247d5f6" "checksum hyper-tls 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)" = "3a800d6aa50af4b5850b2b0f659625ce9504df908e9733b635720483be26174f" "checksum idna 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)" = "38f09e0f0b1fb55fdee1f17470ad800da77af5186a1a76c026b679358b7e844e" "checksum idna 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "02e2673c30ee86b5b96a9cb52ad15718aa1f966f5ab9ad54a8b95d5ca33120a9" @@ -2864,7 +2910,7 @@ dependencies = [ "checksum num-traits 0.1.43 (registry+https://github.com/rust-lang/crates.io-index)" = "92e5113e9fd4cc14ded8e499429f396a20f98c772a47cc8622a736e1ec843c31" "checksum num-traits 0.2.8 (registry+https://github.com/rust-lang/crates.io-index)" = "6ba9a427cfca2be13aa6f6403b0b7e7368fe982bfa16fccc450ce74c46cd9b32" "checksum num_cpus 1.10.1 (registry+https://github.com/rust-lang/crates.io-index)" = "bcef43580c035376c0705c42792c294b66974abbfd2789b511784023f71f3273" -"checksum oauth2 2.0.0-beta.3 (registry+https://github.com/rust-lang/crates.io-index)" = "74ba388129499452d6e2cea5976ad4d308ba55d5007e1eb2e466796e2f113239" +"checksum oauth2 2.0.0 (registry+https://github.com/rust-lang/crates.io-index)" = "5b782199cf581a36bdee16efd40f12f10a5aefb8864ed16417a8dc8a4c25f13b" "checksum openssl 0.10.24 (registry+https://github.com/rust-lang/crates.io-index)" = "8152bb5a9b5b721538462336e3bef9a539f892715e5037fda0f984577311af15" "checksum openssl-probe 0.1.2 (registry+https://github.com/rust-lang/crates.io-index)" = "77af24da69f9d9341038eba93a073b1fdaaa1b788221b00a69bce9e762cb32de" "checksum openssl-src 111.6.0+1.1.1d (registry+https://github.com/rust-lang/crates.io-index)" = "b9c2da1de8a7a3f860919c01540b03a6db16de042405a8a07a5e9d0b4b825d9c" @@ -2886,7 +2932,7 @@ dependencies = [ "checksum quote 0.6.13 (registry+https://github.com/rust-lang/crates.io-index)" = "6ce23b6b870e8f94f81fb0a363d65d86675884b34a09043c81e5562f11c1f8e1" "checksum quote 1.0.2 (registry+https://github.com/rust-lang/crates.io-index)" = "053a8c8bcc71fcce321828dc897a98ab9760bef03a4fc36693c231e5b3216cfe" "checksum rand 0.6.5 (registry+https://github.com/rust-lang/crates.io-index)" = "6d71dacdc3c88c1fde3885a3be3fbab9f35724e6ce99467f7d9c5026132184ca" -"checksum rand 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)" = "d47eab0e83d9693d40f825f86948aa16eff6750ead4bdffc4ab95b8b3a7f052c" +"checksum rand 0.7.1 (registry+https://github.com/rust-lang/crates.io-index)" = "59cea0d944b32347a1863e95942fd6ebdb486afb4f038119494f2860380c1d51" "checksum rand_chacha 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "556d3a1ca6600bfcbab7c7c91ccb085ac7fbbcd70e008a98742e7847f4f7bcef" "checksum rand_chacha 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)" = "03a2a90da8c7523f554344f921aa97283eadf6ac484a6d2a7d0212fa7f8d6853" "checksum rand_core 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)" = "7a6fdeb83b075e8266dcc8762c22776f6877a63111121f5f8c7411e5be7eed4b" @@ -2915,19 +2961,21 @@ dependencies = [ "checksum rust-ini 0.13.0 (registry+https://github.com/rust-lang/crates.io-index)" = "3e52c148ef37f8c375d49d5a73aa70713125b7f19095948a923f80afdeb22ec2" "checksum rustc-demangle 0.1.16 (registry+https://github.com/rust-lang/crates.io-index)" = "4c691c0e608126e00913e33f0ccf3727d5fc84573623b8d65b2df340b5201783" "checksum rustc_version 0.2.3 (registry+https://github.com/rust-lang/crates.io-index)" = "138e3e0acb6c9fb258b19b67cb8abd63c00679d2851805ea151465464fe9030a" +"checksum rustls 0.15.2 (registry+https://github.com/rust-lang/crates.io-index)" = "f271e3552cd835fa28c541c34a7e8fdd8cdff09d77fe4eb8f6c42e87a11b096e" "checksum ryu 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)" = "c92464b447c0ee8c4fb3824ecc8383b81717b9f1e74ba2e72540aef7b9f82997" "checksum safemem 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)" = "d2b08423011dae9a5ca23f07cf57dac3857f5c885d352b76f6d95f4aea9434d0" -"checksum schannel 0.1.15 (registry+https://github.com/rust-lang/crates.io-index)" = "f2f6abf258d99c3c1c5c2131d99d064e94b7b3dd5f416483057f308fea253339" +"checksum schannel 0.1.16 (registry+https://github.com/rust-lang/crates.io-index)" = "87f550b06b6cba9c8b8be3ee73f391990116bf527450d2556e9b9ce263b9a021" "checksum scopeguard 0.3.3 (registry+https://github.com/rust-lang/crates.io-index)" = "94258f53601af11e6a49f722422f6e3425c52b06245a5cf9bc09908b174f5e27" "checksum scopeguard 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)" = "b42e15e59b18a828bbf5c58ea01debb36b9b096346de35d941dcb89009f24a0d" +"checksum sct 0.5.0 (registry+https://github.com/rust-lang/crates.io-index)" = "2f5adf8fbd58e1b1b52699dc8bed2630faecb6d8c7bee77d009d6bbe4af569b9" "checksum security-framework 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)" = "eee63d0f4a9ec776eeb30e220f0bc1e092c3ad744b2a379e3993070364d3adc2" "checksum security-framework-sys 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)" = "9636f8989cbf61385ae4824b98c1aaa54c994d7d8b41f11c601ed799f0549a56" "checksum semver 0.9.0 (registry+https://github.com/rust-lang/crates.io-index)" = "1d7eb9ef2c18661902cc47e535f9bc51b78acd254da71d375c2f6720d9a40403" "checksum semver-parser 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)" = "388a1df253eca08550bef6c72392cfe7c30914bf41df5269b68cbd6ff8f570a3" "checksum serde 0.8.23 (registry+https://github.com/rust-lang/crates.io-index)" = "9dad3f759919b92c3068c696c15c3d17238234498bbdcc80f2c469606f948ac8" -"checksum serde 1.0.100 (registry+https://github.com/rust-lang/crates.io-index)" = "f4473e8506b213730ff2061073b48fa51dcc66349219e2e7c5608f0296a1d95a" +"checksum serde 1.0.101 (registry+https://github.com/rust-lang/crates.io-index)" = "9796c9b7ba2ffe7a9ce53c2287dfc48080f4b2b362fcc245a259b3a7201119dd" "checksum serde-hjson 0.8.2 (registry+https://github.com/rust-lang/crates.io-index)" = "0b833c5ad67d52ced5f5938b2980f32a9c1c5ef047f0b4fb3127e7a423c76153" -"checksum serde_derive 1.0.100 (registry+https://github.com/rust-lang/crates.io-index)" = "11e410fde43e157d789fc290d26bc940778ad0fdd47836426fbac36573710dbb" +"checksum serde_derive 1.0.101 (registry+https://github.com/rust-lang/crates.io-index)" = "4b133a43a1ecd55d4086bd5b4dc6c1751c68b1bfbeba7a5040442022c7e7c02e" "checksum serde_json 1.0.40 (registry+https://github.com/rust-lang/crates.io-index)" = "051c49229f282f7c6f3813f8286cc1e3323e8051823fce42c7ea80fe13521704" "checksum serde_test 0.8.23 (registry+https://github.com/rust-lang/crates.io-index)" = "110b3dbdf8607ec493c22d5d947753282f3bae73c0f56d322af1e8c78e4c23d5" "checksum serde_urlencoded 0.5.5 (registry+https://github.com/rust-lang/crates.io-index)" = "642dd69105886af2efd227f75a520ec9b44a820d65bc133a9131f7d229fd165a" @@ -2959,9 +3007,9 @@ dependencies = [ "checksum tokio-executor 0.1.8 (registry+https://github.com/rust-lang/crates.io-index)" = "0f27ee0e6db01c5f0b2973824547ce7e637b2ed79b891a9677b0de9bd532b6ac" "checksum tokio-fs 0.1.6 (registry+https://github.com/rust-lang/crates.io-index)" = "3fe6dc22b08d6993916647d108a1a7d15b9cd29c4f4496c62b92c45b5041b7af" "checksum tokio-io 0.1.12 (registry+https://github.com/rust-lang/crates.io-index)" = "5090db468dad16e1a7a54c8c67280c5e4b544f3d3e018f0b913b400261f85926" -"checksum tokio-openssl 0.3.0 (registry+https://github.com/rust-lang/crates.io-index)" = "771d6246b170ae108d67d9963c23f31a579016c016d73bd4bd7d6ef0252afda7" "checksum tokio-process 0.2.4 (registry+https://github.com/rust-lang/crates.io-index)" = "afbd6ef1b8cc2bd2c2b580d882774d443ebb1c6ceefe35ba9ea4ab586c89dbe8" "checksum tokio-reactor 0.1.9 (registry+https://github.com/rust-lang/crates.io-index)" = "6af16bfac7e112bea8b0442542161bfc41cbfa4466b580bdda7d18cb88b911ce" +"checksum tokio-rustls 0.9.3 (registry+https://github.com/rust-lang/crates.io-index)" = "1600e90b2602df28ff54ae842519b408fbb25378c3c5aee1b795593e9263dc80" "checksum tokio-signal 0.2.7 (registry+https://github.com/rust-lang/crates.io-index)" = "dd6dc5276ea05ce379a16de90083ec80836440d5ef8a6a39545a3207373b8296" "checksum tokio-sync 0.1.6 (registry+https://github.com/rust-lang/crates.io-index)" = "2162248ff317e2bc713b261f242b69dbb838b85248ed20bb21df56d60ea4cae7" "checksum tokio-tcp 0.1.3 (registry+https://github.com/rust-lang/crates.io-index)" = "1d14b10654be682ac43efee27401d792507e30fd8d26389e1da3b185de2e4119" @@ -2989,6 +3037,8 @@ dependencies = [ "checksum version_check 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)" = "914b1a6776c4c929a602fafd8bc742e06365d4bcbe48c30f9cca5824f70dc9dd" "checksum want 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "b6395efa4784b027708f7451087e647ec73cc74f5d9bc2e418404248d679a230" "checksum wasi 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)" = "b89c3ce4ce14bdc6fb6beaf9ec7928ca331de5df7e5ea278375642a2f478570d" +"checksum webpki 0.19.1 (registry+https://github.com/rust-lang/crates.io-index)" = "4f7e1cd7900a3a6b65a3e8780c51a3e6b59c0e2c55c6dc69578c288d69f7d082" +"checksum webpki-roots 0.16.0 (registry+https://github.com/rust-lang/crates.io-index)" = "c10fa4212003ba19a564f25cd8ab572c6791f99a03cc219c13ed35ccab00de0e" "checksum widestring 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "effc0e4ff8085673ea7b9b2e3c73f6bd4d118810c9009ed8f1e16bd96c331db6" "checksum winapi 0.2.8 (registry+https://github.com/rust-lang/crates.io-index)" = "167dc9d6949a9b857f3451275e911c3f44255842c1f7a76f33c55103a909087a" "checksum winapi 0.3.8 (registry+https://github.com/rust-lang/crates.io-index)" = "8093091eeb260906a183e6ae1abdba2ef5ef2257a21801128899c3fc699229c6" diff --git a/Cargo.toml b/Cargo.toml index e0c3df1..7019ff5 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -15,7 +15,7 @@ oauth2 = "2.0.0-beta.3" url = "1.7" base64 = "0.10.1" rand = "0.7" -actix-web = { version = "1.0", features = ["ssl"] } +actix-web = { version = "1.0", features = ["rust-tls"] } actix-cors = "0.1" actix-session = "0.2" failure = "0.1.5" @@ -27,4 +27,4 @@ futures = "0.1" chrono = "0.4.6" env_logger = "0.6.1" log = "0.4.6" -ttl_cache = "0.5.1" +ttl_cache = "0.5.1" \ No newline at end of file diff --git a/proxy/proxy.js b/proxy/proxy.js index ed47f77..887c5f7 100644 --- a/proxy/proxy.js +++ b/proxy/proxy.js @@ -1,16 +1,18 @@ -const fs = require('fs'); +const fs = require('fs'); const httpProxy = require('http-proxy'); // // Create the HTTPS proxy server listening on port 8000 // -httpProxy.createServer({ - target: { - host: '127.0.0.1', - port: 8084, - }, - ssl: { - key: fs.readFileSync(process.env["DP_HTTPS_KEY"], 'utf8'), - cert: fs.readFileSync(process.env["DP_HTTPS_CERT"], 'utf8') - } -}).listen(443); \ No newline at end of file +httpProxy + .createServer({ + target: { + host: '127.0.0.1', + port: 8084, + }, + ssl: { + key: fs.readFileSync(process.env['DP_HTTPS_KEY'], 'utf8'), + cert: fs.readFileSync(process.env['DP_HTTPS_CERT'], 'utf8'), + }, + }) + .listen(443); diff --git a/src/main.rs b/src/main.rs index 3221e75..d015f37 100644 --- a/src/main.rs +++ b/src/main.rs @@ -5,31 +5,32 @@ mod bugzilla; mod github; mod healthz; mod settings; +mod slack; mod update; mod userid; use crate::bugzilla::app::bugzilla_app; use crate::github::app::github_app; +use crate::slack::app::slack_app; use actix_web::middleware::Logger; use actix_web::web; use actix_web::App; +use actix_web::HttpServer; +use failure::Error; use log::info; use std::sync::Arc; use std::sync::RwLock; use ttl_cache::TtlCache; -use actix_web::HttpServer; -use failure::Error; - fn main() -> Result<(), Error> { std::env::set_var("RUST_LOG", "info"); env_logger::init(); info!("starting dino-park-whoami"); let s = settings::Settings::new()?; let client = cis_client::CisClient::from_settings(&s.cis)?; - info!("initialized cis_client"); let secret = base64::decode(&s.whoami.secret)?; let ttl_cache = Arc::new(RwLock::new(TtlCache::::new(2000))); + HttpServer::new(move || { App::new() .wrap(Logger::default().exclude("/healthz")) @@ -47,11 +48,17 @@ fn main() -> Result<(), Error> { &s.whoami, &secret, client.clone(), + )) + .service(slack_app( + &s.providers.slack, + &secret, + Arc::clone(&ttl_cache), + client.clone(), )), ) .service(healthz::healthz_app()) }) - .bind("0.0.0.0:8084")? + .bind("127.0.0.1:8084")? .run() .map_err(Into::into) } diff --git a/src/settings.rs b/src/settings.rs index 27dc0e7..0fec4a3 100644 --- a/src/settings.rs +++ b/src/settings.rs @@ -15,10 +15,19 @@ pub struct GitHub { pub client_secret: String, } +#[derive(Debug, Deserialize, Clone)] +pub struct Slack { + pub client_id: String, + pub client_secret: String, + pub scope: String, + pub redirect_uri: String, +} + #[derive(Debug, Deserialize, Clone)] pub struct Providers { pub github: GitHub, pub bugzilla: BugZilla, + pub slack: Slack, } #[derive(Debug, Deserialize, Clone)] diff --git a/src/slack/app.rs b/src/slack/app.rs new file mode 100644 index 0000000..c583051 --- /dev/null +++ b/src/slack/app.rs @@ -0,0 +1,201 @@ +use crate::settings::Slack; +use crate::update::update_slack; +use crate::userid::UserId; +use actix_cors::Cors; +use actix_session::CookieSession; +use actix_session::Session; +use actix_web::client::Client; +use actix_web::cookie::SameSite; +use actix_web::dev::HttpServiceFactory; +use actix_web::http; +use actix_web::web; +use actix_web::Error; +use actix_web::HttpResponse; +use actix_web::Responder; +use cis_client::getby::GetBy; +use cis_client::AsyncCisClientTrait; +use cis_profile::schema::Profile; +use futures::future; +use futures::Future; +use futures::IntoFuture; +use log::info; +use oauth2::basic::BasicClient; +use oauth2::prelude::*; +use oauth2::AuthUrl; +use oauth2::ClientId; +use oauth2::ClientSecret; +use oauth2::CsrfToken; +use oauth2::RedirectUrl; +use oauth2::Scope; +use oauth2::TokenUrl; +use std::sync::Arc; +use std::sync::RwLock; +use ttl_cache::TtlCache; +use url::Url; + +const AUTH_URL: &str = "https://slack.com/oauth/authorize"; +const TOKEN_URL: &str = "https://slack.com/api/oauth.access"; + +#[derive(Deserialize)] +pub struct Auth { + code: String, + state: String, +} + +#[derive(Deserialize, Serialize, Debug)] +pub struct SlackUser { + name: String, + id: String, +} + +#[derive(Deserialize, Serialize, Debug)] +pub struct SlackTeam { + id: String, +} + +#[derive(Deserialize, Debug)] +pub struct SlackTokenResponse { + ok: bool, + access_token: String, + scope: String, + user: SlackUser, + team: SlackTeam, +} + +fn redirect(client: web::Data>, session: Session) -> impl Responder { + let (authorize_url, csrf_state) = client.authorize_url(CsrfToken::new_random); + info!("Setting csrf_state: {}", csrf_state.secret().clone()); + session + .set("csrf_state", csrf_state.secret().clone()) + .map(|_| { + HttpResponse::Found() + .header(http::header::LOCATION, authorize_url.to_string()) + .finish() + }) +} + +fn auth( + cis_client: web::Data, + user_id: UserId, + query: web::Query, + slack_auth_params: web::Data, + session: Session, +) -> Box> { + let code = query.code.clone(); + let state = CsrfToken::new(query.state.clone()); + let slack_token_url = format!( + "{}{}&code={}", + TOKEN_URL, + slack_auth_params.to_string(), + code + ); + if let Some(ref must_state) = session.get::("csrf_state").unwrap() { + if must_state != state.secret() { + return Box::new(future::ok( + HttpResponse::Found() + .header(http::header::LOCATION, "/e?identityAdded=error") + .finish(), + )); + } + } else { + return Box::new(future::ok( + HttpResponse::Found() + .header(http::header::LOCATION, "/e?identityAdded=error") + .finish(), + )); + } + let get = cis_client.clone(); + let get_uid = user_id.user_id.clone(); + return Box::new( + Client::default() + .get(slack_token_url) + .header(http::header::USER_AGENT, "whoami") + .send() + .map_err(Into::into) + .and_then(|mut res| res.json::().map_err(Into::into)) + .and_then(move |j| { + get.get_user_by(&get_uid, &GetBy::UserId, None) + .and_then(move |profile: Profile| { + update_slack( + format!("slack://user?team={}&id={}", j.team.id, j.user.id), + j.user.name, + profile, + get.get_secret_store(), + ) + .into_future() + .map_err(Into::into) + }) + .map_err(Into::into) + }) + .and_then(move |profile: Profile| { + cis_client + .update_user(&user_id.user_id, profile) + .map_err(Into::into) + }) + .and_then(|_| { + HttpResponse::Found() + .header( + http::header::LOCATION, + "https://dinopark.k8s.dev.sso.allizom.org/e?identityAdded=slack", + ) + .finish() + }), + ); +} + +pub fn slack_app( + slack: &Slack, + secret: &[u8], + ttl_cache: Arc>>, + cis_client: T, +) -> impl HttpServiceFactory { + let slack_client_id = ClientId::new(slack.client_id.clone()); + let slack_client_secret = ClientSecret::new(slack.client_secret.clone()); + let slack_auth_params = format!( + "?client_id={}&client_secret={}&redirect_uri={}", + &slack.client_id, &slack.client_secret, &slack.redirect_uri + ); + let auth_url = AuthUrl::new(Url::parse(AUTH_URL).expect("Invalid authorization endpoint URL")); + let token_url = TokenUrl::new( + Url::parse(&format!("{}{}", TOKEN_URL, slack_auth_params)) + .expect("Invalid token endpoint URL"), + ); + + let client = Arc::new( + BasicClient::new( + slack_client_id, + Some(slack_client_secret), + auth_url, + Some(token_url), + ) + .add_scope(Scope::new(slack.scope.to_string())) + .set_redirect_url(RedirectUrl::new( + Url::parse(&slack.redirect_uri).expect("Invalid redirect URL"), + )), + ); + + web::scope("/slack/") + .wrap( + Cors::new() + .allowed_methods(vec!["GET", "POST"]) + .allowed_headers(vec![http::header::AUTHORIZATION, http::header::ACCEPT]) + .allowed_header(http::header::CONTENT_TYPE) + .max_age(3600), + ) + .wrap( + CookieSession::private(secret) + .name("dpw_s") + .path("/whoami/slack") + .domain("d48ba8fa.ngrok.io") //whoami.domain.clone()) + .same_site(SameSite::Lax) + .http_only(true) + .secure(false) + .max_age(300), + ) + .data(client) + .data(cis_client) + .data(ttl_cache) + .data(slack_auth_params) + .service(web::resource("/add").route(web::get().to(redirect))) + .service(web::resource("/auth").route(web::get().to_async(auth::))) +} diff --git a/src/slack/mod.rs b/src/slack/mod.rs new file mode 100644 index 0000000..309be62 --- /dev/null +++ b/src/slack/mod.rs @@ -0,0 +1 @@ +pub mod app; diff --git a/src/update.rs b/src/update.rs index 03c8ec0..db3120c 100644 --- a/src/update.rs +++ b/src/update.rs @@ -83,6 +83,18 @@ pub fn update_bugzilla( Ok(profile) } +pub fn update_slack( + slack_uri: String, + slack_username: String, + mut profile: Profile, + store: &SecretStore, +) -> Result { + let now = &Utc::now().to_rfc3339_opts(SecondsFormat::Secs, true); + let uris_kv_pairs = vec![(format!("EA#SLACK#n"), format!("{}#{}", slack_uri, slack_username))]; + update_and_sign_values_field(&mut profile.uris, uris_kv_pairs, store, &now)?; + Ok(profile) +} + fn update_and_sign_values_field( field: &mut StandardAttributeValues, kv_pairs: Vec<(String, String)>, From 8d490044aac684a777a302049fc04ced31cebb82 Mon Sep 17 00:00:00 2001 From: Andrew Sunada Date: Mon, 23 Sep 2019 15:45:25 -0700 Subject: [PATCH 02/16] fix(IAM-170): replacing urls --- src/main.rs | 1 + src/slack/app.rs | 9 ++++----- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/src/main.rs b/src/main.rs index d015f37..656a775 100644 --- a/src/main.rs +++ b/src/main.rs @@ -51,6 +51,7 @@ fn main() -> Result<(), Error> { )) .service(slack_app( &s.providers.slack, + &s.whoami, &secret, Arc::clone(&ttl_cache), client.clone(), diff --git a/src/slack/app.rs b/src/slack/app.rs index c583051..90ef4a4 100644 --- a/src/slack/app.rs +++ b/src/slack/app.rs @@ -1,4 +1,5 @@ use crate::settings::Slack; +use crate::settings::WhoAmI; use crate::update::update_slack; use crate::userid::UserId; use actix_cors::Cors; @@ -134,10 +135,7 @@ fn auth( }) .and_then(|_| { HttpResponse::Found() - .header( - http::header::LOCATION, - "https://dinopark.k8s.dev.sso.allizom.org/e?identityAdded=slack", - ) + .header(http::header::LOCATION, "/e?identityAdded=slack") .finish() }), ); @@ -145,6 +143,7 @@ fn auth( pub fn slack_app( slack: &Slack, + whoami: &WhoAmI, secret: &[u8], ttl_cache: Arc>>, cis_client: T, @@ -186,7 +185,7 @@ pub fn slack_app( CookieSession::private(secret) .name("dpw_s") .path("/whoami/slack") - .domain("d48ba8fa.ngrok.io") //whoami.domain.clone()) + .domain(whoami.domain.clone()) .same_site(SameSite::Lax) .http_only(true) .secure(false) From ade98a462ecb69dc4c1e20db6c2fe67c9369954b Mon Sep 17 00:00:00 2001 From: Andrew Sunada Date: Tue, 24 Sep 2019 17:16:21 -0700 Subject: [PATCH 03/16] feat(IAM-170): updating url with direct message link --- src/settings.rs | 1 + src/slack/app.rs | 28 +++++++++++++++++++++------- src/update.rs | 5 ++++- 3 files changed, 26 insertions(+), 8 deletions(-) diff --git a/src/settings.rs b/src/settings.rs index 0fec4a3..4f2b150 100644 --- a/src/settings.rs +++ b/src/settings.rs @@ -21,6 +21,7 @@ pub struct Slack { pub client_secret: String, pub scope: String, pub redirect_uri: String, + pub direct_message_uri: String, } #[derive(Debug, Deserialize, Clone)] diff --git a/src/slack/app.rs b/src/slack/app.rs index 90ef4a4..71c37a6 100644 --- a/src/slack/app.rs +++ b/src/slack/app.rs @@ -54,6 +54,12 @@ pub struct SlackTeam { id: String, } +#[derive(Deserialize, Serialize, Debug)] +pub struct SlackUriData { + slack_auth_params: String, + direct_message_uri: String, +} + #[derive(Deserialize, Debug)] pub struct SlackTokenResponse { ok: bool, @@ -79,7 +85,7 @@ fn auth( cis_client: web::Data, user_id: UserId, query: web::Query, - slack_auth_params: web::Data, + slack_uri_data: web::Data, session: Session, ) -> Box> { let code = query.code.clone(); @@ -87,7 +93,7 @@ fn auth( let slack_token_url = format!( "{}{}&code={}", TOKEN_URL, - slack_auth_params.to_string(), + slack_uri_data.slack_auth_params.to_string(), code ); if let Some(ref must_state) = session.get::("csrf_state").unwrap() { @@ -107,18 +113,22 @@ fn auth( } let get = cis_client.clone(); let get_uid = user_id.user_id.clone(); - return Box::new( + Box::new( Client::default() .get(slack_token_url) .header(http::header::USER_AGENT, "whoami") .send() .map_err(Into::into) - .and_then(|mut res| res.json::().map_err(Into::into)) + .and_then(move |mut res| res.json::().map_err(Into::into)) .and_then(move |j| { get.get_user_by(&get_uid, &GetBy::UserId, None) .and_then(move |profile: Profile| { update_slack( - format!("slack://user?team={}&id={}", j.team.id, j.user.id), + format!( + "{}{}", + slack_uri_data.direct_message_uri.to_string(), + j.user.id + ), j.user.name, profile, get.get_secret_store(), @@ -138,7 +148,7 @@ fn auth( .header(http::header::LOCATION, "/e?identityAdded=slack") .finish() }), - ); + ) } pub fn slack_app( @@ -172,6 +182,10 @@ pub fn slack_app( Url::parse(&slack.redirect_uri).expect("Invalid redirect URL"), )), ); + let slack_uri_data: SlackUriData = SlackUriData { + slack_auth_params, + direct_message_uri: slack.direct_message_uri.to_string(), + }; web::scope("/slack/") .wrap( @@ -194,7 +208,7 @@ pub fn slack_app( .data(client) .data(cis_client) .data(ttl_cache) - .data(slack_auth_params) + .data(slack_uri_data) .service(web::resource("/add").route(web::get().to(redirect))) .service(web::resource("/auth").route(web::get().to_async(auth::))) } diff --git a/src/update.rs b/src/update.rs index db3120c..c3c8116 100644 --- a/src/update.rs +++ b/src/update.rs @@ -90,7 +90,10 @@ pub fn update_slack( store: &SecretStore, ) -> Result { let now = &Utc::now().to_rfc3339_opts(SecondsFormat::Secs, true); - let uris_kv_pairs = vec![(format!("EA#SLACK#n"), format!("{}#{}", slack_uri, slack_username))]; + let uris_kv_pairs = vec![( + "EA#SLACK#n".to_string(), + format!("{}#{}", slack_uri, slack_username), + )]; update_and_sign_values_field(&mut profile.uris, uris_kv_pairs, store, &now)?; Ok(profile) } From 3983e862c5904101fedb0bf0055df2fe5b65af9e Mon Sep 17 00:00:00 2001 From: Andrew Sunada Date: Tue, 24 Sep 2019 17:17:39 -0700 Subject: [PATCH 04/16] fix(IAM-170): fixing domain --- src/main.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main.rs b/src/main.rs index 656a775..129b335 100644 --- a/src/main.rs +++ b/src/main.rs @@ -59,7 +59,7 @@ fn main() -> Result<(), Error> { ) .service(healthz::healthz_app()) }) - .bind("127.0.0.1:8084")? + .bind("0.0.0.0:8084")? .run() .map_err(Into::into) } From b1eee450047d0378015bd4e8db3afc3a8186be6c Mon Sep 17 00:00:00 2001 From: Andrew Sunada Date: Tue, 1 Oct 2019 16:16:04 -0700 Subject: [PATCH 05/16] feat(IAM-170): enabling slack to add web app direct message storage --- src/settings.rs | 6 +- src/slack/app.rs | 195 +++++++++++++++++++++++++++++++++++++++++------ 2 files changed, 176 insertions(+), 25 deletions(-) diff --git a/src/settings.rs b/src/settings.rs index 4f2b150..c830da5 100644 --- a/src/settings.rs +++ b/src/settings.rs @@ -19,8 +19,10 @@ pub struct GitHub { pub struct Slack { pub client_id: String, pub client_secret: String, - pub scope: String, - pub redirect_uri: String, + pub identity_scope: String, + pub im_scope: String, + pub identity_redirect_uri: String, + pub im_redirect_uri: String, pub direct_message_uri: String, } diff --git a/src/slack/app.rs b/src/slack/app.rs index 71c37a6..0a8b44d 100644 --- a/src/slack/app.rs +++ b/src/slack/app.rs @@ -19,7 +19,6 @@ use cis_profile::schema::Profile; use futures::future; use futures::Future; use futures::IntoFuture; -use log::info; use oauth2::basic::BasicClient; use oauth2::prelude::*; use oauth2::AuthUrl; @@ -29,6 +28,7 @@ use oauth2::CsrfToken; use oauth2::RedirectUrl; use oauth2::Scope; use oauth2::TokenUrl; +use serde_json::json; use std::sync::Arc; use std::sync::RwLock; use ttl_cache::TtlCache; @@ -36,6 +36,8 @@ use url::Url; const AUTH_URL: &str = "https://slack.com/oauth/authorize"; const TOKEN_URL: &str = "https://slack.com/api/oauth.access"; +const OPEN_DM_URL: &str = "https://slack.com/api/im.open"; +const USERS_IDENTITY_URL: &str = "https://slack.com/api/users.identity"; #[derive(Deserialize)] pub struct Auth { @@ -49,31 +51,108 @@ pub struct SlackUser { id: String, } -#[derive(Deserialize, Serialize, Debug)] -pub struct SlackTeam { +impl Clone for SlackUser { + fn clone(&self) -> SlackUser { + SlackUser { + name: self.name.to_string(), + id: self.id.to_string(), + } + } +} + +#[derive(Deserialize, Serialize, Debug, Clone)] +pub struct SlackIDData { id: String, } +#[derive(Deserialize, Serialize, Debug)] +pub struct SlackChannelUserData { + channel: SlackIDData, + user: SlackUser, +} + +#[derive(Deserialize, Serialize, Debug)] +pub struct SlackUserTokenData { + token: String, + user: SlackUser, +} + #[derive(Deserialize, Serialize, Debug)] pub struct SlackUriData { slack_auth_params: String, direct_message_uri: String, } -#[derive(Deserialize, Debug)] +#[derive(Deserialize, Serialize, Debug)] +pub struct SlackIMResponse { + ok: bool, + channel: SlackIDData, +} + +#[derive(Deserialize, Debug, Clone)] pub struct SlackTokenResponse { ok: bool, access_token: String, scope: String, + user_id: String, + team_id: String, + team_name: String, +} + +#[derive(Deserialize, Debug, Clone)] +pub struct SlackUserResponse { + ok: bool, user: SlackUser, - team: SlackTeam, + team: SlackIDData, } -fn redirect(client: web::Data>, session: Session) -> impl Responder { - let (authorize_url, csrf_state) = client.authorize_url(CsrfToken::new_random); - info!("Setting csrf_state: {}", csrf_state.secret().clone()); +#[derive(Debug)] +pub struct SlackClientHandlers { + im: Arc, + identity: Arc, +} + +/** + * First redirect that handles getting authorization for identity scopes + */ +fn redirect_identity(client: web::Data, session: Session) -> impl Responder { + let (authorize_url, csrf_state) = client.identity.authorize_url(CsrfToken::new_random); session - .set("csrf_state", csrf_state.secret().clone()) + .set("identity_csrf_state", csrf_state.secret().clone()) + .map(|_| { + HttpResponse::Found() + .header(http::header::LOCATION, authorize_url.to_string()) + .finish() + }) +} + +/** + * Second redirect that handles getting authorization for opening a channel for a direct message + */ +fn redirect_im( + client: web::Data, + session: Session, + query: web::Query, +) -> impl Responder { + let (authorize_url, csrf_state) = client.im.authorize_url(CsrfToken::new_random); + let state = CsrfToken::new(query.state.clone()); + if let Some(ref must_state) = session.get::("identity_csrf_state").unwrap() { + if must_state != state.secret() { + return session.set("im_csrf_state", "").map(|_| { + HttpResponse::Found() + .header(http::header::LOCATION, "/e?identityAdded=error") + .finish() + }); + } + } else { + return session.set("im_csrf_state", "").map(|_| { + HttpResponse::Found() + .header(http::header::LOCATION, "/e?identityAdded=error") + .finish() + }); + } + session + .set("im_csrf_state", csrf_state.secret().clone()) .map(|_| { HttpResponse::Found() .header(http::header::LOCATION, authorize_url.to_string()) @@ -96,7 +175,9 @@ fn auth( slack_uri_data.slack_auth_params.to_string(), code ); - if let Some(ref must_state) = session.get::("csrf_state").unwrap() { + + // Check state token from im_crsf_state + if let Some(ref must_state) = session.get::("im_csrf_state").unwrap() { if must_state != state.secret() { return Box::new(future::ok( HttpResponse::Found() @@ -113,6 +194,8 @@ fn auth( } let get = cis_client.clone(); let get_uid = user_id.user_id.clone(); + + // Begin slack requests by grabbing the user_id, and access_token Box::new( Client::default() .get(slack_token_url) @@ -121,15 +204,55 @@ fn auth( .map_err(Into::into) .and_then(move |mut res| res.json::().map_err(Into::into)) .and_then(move |j| { + let user_uri = format!("{}?token={}", USERS_IDENTITY_URL, j.access_token.clone()); + // Now that we have the access_token, go get the user data: name, id + Client::default() + .get(user_uri) + .header("Content-type", "application/json; charset=utf-8") + .header( + "Authorization", + format!("Bearer {}", j.access_token.clone()), + ) + .send() + .map_err(Into::into) + .and_then(move |mut s| s.json::().map_err(Into::into)) + .and_then(move |sur| { + Ok(SlackUserTokenData { + token: j.access_token, + user: sur.user, + }) + }) + }) + .and_then(move |sutd| { + // Now that we have the access_token and user data, go open a direct message channel and save the channel id + Client::default() + .post(OPEN_DM_URL) + .header("Content-type", "application/json; charset=utf-8") + .header("Authorization", format!("Bearer {}", sutd.token)) + .send_json(&json!({ + "token": sutd.token.clone(), + "user": sutd.user.id.clone(), + })) + .map_err(Into::into) + .and_then(move |mut s| s.json::().map_err(Into::into)) + .and_then(move |simr| { + Ok(SlackChannelUserData { + channel: simr.channel, + user: sutd.user, + }) + }) + }) + .and_then(move |scu_data| { + // Now that we have the access_token, user data, and channel id, go put it in the profile get.get_user_by(&get_uid, &GetBy::UserId, None) .and_then(move |profile: Profile| { update_slack( format!( "{}{}", slack_uri_data.direct_message_uri.to_string(), - j.user.id + scu_data.channel.id ), - j.user.name, + scu_data.user.name.clone(), profile, get.get_secret_store(), ) @@ -139,6 +262,7 @@ fn auth( .map_err(Into::into) }) .and_then(move |profile: Profile| { + // Now finally save the updated user profile cis_client .update_user(&user_id.user_id, profile) .map_err(Into::into) @@ -160,30 +284,54 @@ pub fn slack_app( ) -> impl HttpServiceFactory { let slack_client_id = ClientId::new(slack.client_id.clone()); let slack_client_secret = ClientSecret::new(slack.client_secret.clone()); - let slack_auth_params = format!( + let identity_slack_auth_params = format!( + "?client_id={}&client_secret={}&redirect_uri={}", + &slack.client_id, &slack.client_secret, &slack.identity_redirect_uri + ); + let im_slack_auth_params = format!( "?client_id={}&client_secret={}&redirect_uri={}", - &slack.client_id, &slack.client_secret, &slack.redirect_uri + &slack.client_id, &slack.client_secret, &slack.im_redirect_uri ); let auth_url = AuthUrl::new(Url::parse(AUTH_URL).expect("Invalid authorization endpoint URL")); - let token_url = TokenUrl::new( - Url::parse(&format!("{}{}", TOKEN_URL, slack_auth_params)) + let identity_token_url = TokenUrl::new( + Url::parse(&format!("{}{}", TOKEN_URL, identity_slack_auth_params)) + .expect("Invalid token endpoint URL"), + ); + let im_token_url = TokenUrl::new( + Url::parse(&format!("{}{}", TOKEN_URL, im_slack_auth_params)) .expect("Invalid token endpoint URL"), ); - let client = Arc::new( + let identity_client = Arc::new( + BasicClient::new( + slack_client_id.clone(), + Some(slack_client_secret.clone()), + auth_url.clone(), + Some(identity_token_url), + ) + .add_scope(Scope::new(slack.identity_scope.to_string())) + .set_redirect_url(RedirectUrl::new( + Url::parse(&slack.identity_redirect_uri).expect("Invalid redirect URL"), + )), + ); + let im_client = Arc::new( BasicClient::new( slack_client_id, Some(slack_client_secret), auth_url, - Some(token_url), + Some(im_token_url), ) - .add_scope(Scope::new(slack.scope.to_string())) + .add_scope(Scope::new(slack.im_scope.to_string())) .set_redirect_url(RedirectUrl::new( - Url::parse(&slack.redirect_uri).expect("Invalid redirect URL"), + Url::parse(&slack.im_redirect_uri).expect("Invalid redirect URL"), )), ); + let client_data_handlers: SlackClientHandlers = SlackClientHandlers { + im: im_client, + identity: identity_client, + }; let slack_uri_data: SlackUriData = SlackUriData { - slack_auth_params, + slack_auth_params: im_slack_auth_params, direct_message_uri: slack.direct_message_uri.to_string(), }; @@ -205,10 +353,11 @@ pub fn slack_app( .secure(false) .max_age(300), ) - .data(client) + .data(client_data_handlers) .data(cis_client) .data(ttl_cache) .data(slack_uri_data) - .service(web::resource("/add").route(web::get().to(redirect))) + .service(web::resource("/add").route(web::get().to(redirect_identity))) + .service(web::resource("/add/im").route(web::get().to(redirect_im))) .service(web::resource("/auth").route(web::get().to_async(auth::))) } From 4aa692c6846b392f61d606df0f095ba82edb8527 Mon Sep 17 00:00:00 2001 From: Andrew Sunada Date: Wed, 2 Oct 2019 13:16:55 -0700 Subject: [PATCH 06/16] chore(IAM-170): code cleanups --- src/main.rs | 1 - src/slack/app.rs | 18 ++++++------------ 2 files changed, 6 insertions(+), 13 deletions(-) diff --git a/src/main.rs b/src/main.rs index 129b335..d740ad2 100644 --- a/src/main.rs +++ b/src/main.rs @@ -53,7 +53,6 @@ fn main() -> Result<(), Error> { &s.providers.slack, &s.whoami, &secret, - Arc::clone(&ttl_cache), client.clone(), )), ) diff --git a/src/slack/app.rs b/src/slack/app.rs index 0a8b44d..34b9ed0 100644 --- a/src/slack/app.rs +++ b/src/slack/app.rs @@ -30,8 +30,6 @@ use oauth2::Scope; use oauth2::TokenUrl; use serde_json::json; use std::sync::Arc; -use std::sync::RwLock; -use ttl_cache::TtlCache; use url::Url; const AUTH_URL: &str = "https://slack.com/oauth/authorize"; @@ -167,13 +165,12 @@ fn auth( slack_uri_data: web::Data, session: Session, ) -> Box> { - let code = query.code.clone(); let state = CsrfToken::new(query.state.clone()); let slack_token_url = format!( "{}{}&code={}", TOKEN_URL, - slack_uri_data.slack_auth_params.to_string(), - code + slack_uri_data.slack_auth_params, + query.code.clone() ); // Check state token from im_crsf_state @@ -249,8 +246,7 @@ fn auth( update_slack( format!( "{}{}", - slack_uri_data.direct_message_uri.to_string(), - scu_data.channel.id + slack_uri_data.direct_message_uri, scu_data.channel.id ), scu_data.user.name.clone(), profile, @@ -279,7 +275,6 @@ pub fn slack_app( slack: &Slack, whoami: &WhoAmI, secret: &[u8], - ttl_cache: Arc>>, cis_client: T, ) -> impl HttpServiceFactory { let slack_client_id = ClientId::new(slack.client_id.clone()); @@ -309,7 +304,7 @@ pub fn slack_app( auth_url.clone(), Some(identity_token_url), ) - .add_scope(Scope::new(slack.identity_scope.to_string())) + .add_scope(Scope::new(slack.identity_scope.clone())) .set_redirect_url(RedirectUrl::new( Url::parse(&slack.identity_redirect_uri).expect("Invalid redirect URL"), )), @@ -321,7 +316,7 @@ pub fn slack_app( auth_url, Some(im_token_url), ) - .add_scope(Scope::new(slack.im_scope.to_string())) + .add_scope(Scope::new(slack.im_scope.clone())) .set_redirect_url(RedirectUrl::new( Url::parse(&slack.im_redirect_uri).expect("Invalid redirect URL"), )), @@ -332,7 +327,7 @@ pub fn slack_app( }; let slack_uri_data: SlackUriData = SlackUriData { slack_auth_params: im_slack_auth_params, - direct_message_uri: slack.direct_message_uri.to_string(), + direct_message_uri: slack.direct_message_uri.clone(), }; web::scope("/slack/") @@ -355,7 +350,6 @@ pub fn slack_app( ) .data(client_data_handlers) .data(cis_client) - .data(ttl_cache) .data(slack_uri_data) .service(web::resource("/add").route(web::get().to(redirect_identity))) .service(web::resource("/add/im").route(web::get().to(redirect_im))) From 858666ead1ce16b98efb8ee431fdeae187f0e2bb Mon Sep 17 00:00:00 2001 From: Andrew Sunada Date: Wed, 9 Oct 2019 13:43:43 -0700 Subject: [PATCH 07/16] feat(IAM-170): updating update_slack to include previous value --- src/update.rs | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/src/update.rs b/src/update.rs index c3c8116..ae4ef32 100644 --- a/src/update.rs +++ b/src/update.rs @@ -90,10 +90,17 @@ pub fn update_slack( store: &SecretStore, ) -> Result { let now = &Utc::now().to_rfc3339_opts(SecondsFormat::Secs, true); - let uris_kv_pairs = vec![( - "EA#SLACK#n".to_string(), - format!("{}#{}", slack_uri, slack_username), - )]; + let mut key_val: String = String::from("EA#SLACK#n"); + if let Some(KeyValue(ref mut values)) = &mut profile.uris.values { + for (k, _) in values.into_iter() { + if k.contains("#SLACK#") { + let last_char = k.chars().last().unwrap(); + key_val = String::from("EA#SLACK#"); + key_val.push(last_char); + } + } + } + let uris_kv_pairs = vec![(key_val, format!("{}#{}", slack_uri, slack_username))]; update_and_sign_values_field(&mut profile.uris, uris_kv_pairs, store, &now)?; Ok(profile) } From dace62ad095061c2b0156dd261a457bc413c2921 Mon Sep 17 00:00:00 2001 From: Andrew Sunada Date: Mon, 14 Oct 2019 13:34:49 -0700 Subject: [PATCH 08/16] chore(IAM-170): adding changes for clippy --- src/update.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/update.rs b/src/update.rs index ae4ef32..895b48e 100644 --- a/src/update.rs +++ b/src/update.rs @@ -92,7 +92,7 @@ pub fn update_slack( let now = &Utc::now().to_rfc3339_opts(SecondsFormat::Secs, true); let mut key_val: String = String::from("EA#SLACK#n"); if let Some(KeyValue(ref mut values)) = &mut profile.uris.values { - for (k, _) in values.into_iter() { + for (k, _) in values.iter_mut() { if k.contains("#SLACK#") { let last_char = k.chars().last().unwrap(); key_val = String::from("EA#SLACK#"); From dde3d51c1625a70e705b43b6ac177e27f9bbde12 Mon Sep 17 00:00:00 2001 From: Andrew Sunada Date: Mon, 14 Oct 2019 16:55:38 -0700 Subject: [PATCH 09/16] chore(IAM-170): moving reponses to helper functions --- src/main.rs | 1 + src/slack/app.rs | 58 +++++++++++++++++++----------------------------- 2 files changed, 24 insertions(+), 35 deletions(-) diff --git a/src/main.rs b/src/main.rs index d740ad2..ea9b072 100644 --- a/src/main.rs +++ b/src/main.rs @@ -28,6 +28,7 @@ fn main() -> Result<(), Error> { info!("starting dino-park-whoami"); let s = settings::Settings::new()?; let client = cis_client::CisClient::from_settings(&s.cis)?; + info!("initialized cis_client"); let secret = base64::decode(&s.whoami.secret)?; let ttl_cache = Arc::new(RwLock::new(TtlCache::::new(2000))); diff --git a/src/slack/app.rs b/src/slack/app.rs index 34b9ed0..3adaba1 100644 --- a/src/slack/app.rs +++ b/src/slack/app.rs @@ -110,6 +110,18 @@ pub struct SlackClientHandlers { identity: Arc, } +fn send_response(url: &str) -> HttpResponse { + HttpResponse::Found() + .header(http::header::LOCATION, url) + .finish() +} + +fn send_error_response() -> HttpResponse { + HttpResponse::Found() + .header(http::header::LOCATION, "/e?identityAdded=error") + .finish() +} + /** * First redirect that handles getting authorization for identity scopes */ @@ -117,11 +129,7 @@ fn redirect_identity(client: web::Data, session: Session) - let (authorize_url, csrf_state) = client.identity.authorize_url(CsrfToken::new_random); session .set("identity_csrf_state", csrf_state.secret().clone()) - .map(|_| { - HttpResponse::Found() - .header(http::header::LOCATION, authorize_url.to_string()) - .finish() - }) + .map(|_| send_response(&authorize_url.to_string())) } /** @@ -136,26 +144,18 @@ fn redirect_im( let state = CsrfToken::new(query.state.clone()); if let Some(ref must_state) = session.get::("identity_csrf_state").unwrap() { if must_state != state.secret() { - return session.set("im_csrf_state", "").map(|_| { - HttpResponse::Found() - .header(http::header::LOCATION, "/e?identityAdded=error") - .finish() - }); + return session + .set("im_csrf_state", "") + .map(|_| send_error_response()); } } else { - return session.set("im_csrf_state", "").map(|_| { - HttpResponse::Found() - .header(http::header::LOCATION, "/e?identityAdded=error") - .finish() - }); + return session + .set("im_csrf_state", "") + .map(|_| send_error_response()); } session .set("im_csrf_state", csrf_state.secret().clone()) - .map(|_| { - HttpResponse::Found() - .header(http::header::LOCATION, authorize_url.to_string()) - .finish() - }) + .map(|_| send_response(&authorize_url.to_string())) } fn auth( @@ -176,18 +176,10 @@ fn auth( // Check state token from im_crsf_state if let Some(ref must_state) = session.get::("im_csrf_state").unwrap() { if must_state != state.secret() { - return Box::new(future::ok( - HttpResponse::Found() - .header(http::header::LOCATION, "/e?identityAdded=error") - .finish(), - )); + return Box::new(future::ok(send_error_response())); } } else { - return Box::new(future::ok( - HttpResponse::Found() - .header(http::header::LOCATION, "/e?identityAdded=error") - .finish(), - )); + return Box::new(future::ok(send_error_response())); } let get = cis_client.clone(); let get_uid = user_id.user_id.clone(); @@ -263,11 +255,7 @@ fn auth( .update_user(&user_id.user_id, profile) .map_err(Into::into) }) - .and_then(|_| { - HttpResponse::Found() - .header(http::header::LOCATION, "/e?identityAdded=slack") - .finish() - }), + .and_then(|_| send_response("/e?identityAdded=slack")), ) } From 103f820b890422ffdbddb05ebc3e8301d7859a6f Mon Sep 17 00:00:00 2001 From: Andrew Sunada Date: Tue, 15 Oct 2019 13:40:07 -0700 Subject: [PATCH 10/16] chore(IAM-170): updating send_response --- src/slack/app.rs | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/src/slack/app.rs b/src/slack/app.rs index 3adaba1..71b943c 100644 --- a/src/slack/app.rs +++ b/src/slack/app.rs @@ -117,9 +117,7 @@ fn send_response(url: &str) -> HttpResponse { } fn send_error_response() -> HttpResponse { - HttpResponse::Found() - .header(http::header::LOCATION, "/e?identityAdded=error") - .finish() + send_response("/e?identityAdded=error") } /** @@ -330,7 +328,7 @@ pub fn slack_app( CookieSession::private(secret) .name("dpw_s") .path("/whoami/slack") - .domain(whoami.domain.clone()) + .domain("1c2529c8.ngrok.io") //whoami.domain.clone()) .same_site(SameSite::Lax) .http_only(true) .secure(false) From 806ae69522100864618ed63d213be9eb6524ea5e Mon Sep 17 00:00:00 2001 From: Andrew Sunada Date: Tue, 15 Oct 2019 13:56:39 -0700 Subject: [PATCH 11/16] fix(IAM-170): removing mistake --- src/slack/app.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/slack/app.rs b/src/slack/app.rs index 71b943c..434eb94 100644 --- a/src/slack/app.rs +++ b/src/slack/app.rs @@ -328,7 +328,7 @@ pub fn slack_app( CookieSession::private(secret) .name("dpw_s") .path("/whoami/slack") - .domain("1c2529c8.ngrok.io") //whoami.domain.clone()) + .domain(whoami.domain.clone()) .same_site(SameSite::Lax) .http_only(true) .secure(false) From 8bfda9792843bf91e95ab8bcbf223d7bfda881dd Mon Sep 17 00:00:00 2001 From: Andrew Sunada Date: Thu, 17 Oct 2019 18:19:22 -0700 Subject: [PATCH 12/16] fix(IAM-170): updating slack for bot scope --- src/slack/app.rs | 125 ++++++++++++++++++++++++++++++++--------------- 1 file changed, 85 insertions(+), 40 deletions(-) diff --git a/src/slack/app.rs b/src/slack/app.rs index 434eb94..850ce0e 100644 --- a/src/slack/app.rs +++ b/src/slack/app.rs @@ -70,14 +70,16 @@ pub struct SlackChannelUserData { } #[derive(Deserialize, Serialize, Debug)] -pub struct SlackUserTokenData { - token: String, +pub struct SlackTokenData { + user_token: String, + bot_token: String, user: SlackUser, } #[derive(Deserialize, Serialize, Debug)] pub struct SlackUriData { - slack_auth_params: String, + im_slack_auth_params: String, + identity_slack_auth_params: String, direct_message_uri: String, } @@ -88,13 +90,25 @@ pub struct SlackIMResponse { } #[derive(Deserialize, Debug, Clone)] -pub struct SlackTokenResponse { +pub struct SlackUserTokenResponse { ok: bool, access_token: String, scope: String, user_id: String, team_id: String, - team_name: String, +} + +#[derive(Deserialize, Debug, Clone)] +pub struct SlackBotResponse { + bot_user_id: String, + bot_access_token: String, +} + +#[derive(Deserialize, Debug, Clone)] +pub struct SlackBotTokenResponse { + ok: bool, + bot: SlackBotResponse, + scope: String, } #[derive(Deserialize, Debug, Clone)] @@ -130,33 +144,52 @@ fn redirect_identity(client: web::Data, session: Session) - .map(|_| send_response(&authorize_url.to_string())) } -/** - * Second redirect that handles getting authorization for opening a channel for a direct message - */ -fn redirect_im( - client: web::Data, - session: Session, +fn auth_identity( query: web::Query, -) -> impl Responder { - let (authorize_url, csrf_state) = client.im.authorize_url(CsrfToken::new_random); + slack_uri_data: web::Data, + session: Session, + client: web::Data, +) -> Box> { let state = CsrfToken::new(query.state.clone()); + let slack_token_url = format!( + "{}{}&code={}", + TOKEN_URL, + slack_uri_data.identity_slack_auth_params, + query.code.clone() + ); + // Check state token from im_crsf_state if let Some(ref must_state) = session.get::("identity_csrf_state").unwrap() { if must_state != state.secret() { - return session - .set("im_csrf_state", "") - .map(|_| send_error_response()); + println!("Error: Identity csrf state mismatch"); + return Box::new(future::ok(send_error_response())); } } else { - return session - .set("im_csrf_state", "") - .map(|_| send_error_response()); + println!("Error: Missing identity csrf state"); + return Box::new(future::ok(send_error_response())); } - session - .set("im_csrf_state", csrf_state.secret().clone()) - .map(|_| send_response(&authorize_url.to_string())) + + // Begin slack requests by grabbing the user_id, and access_token + Box::new( + Client::default() + .get(slack_token_url) + .header(http::header::USER_AGENT, "whoami") + .send() + .map_err(Into::into) + .and_then(move |mut res| res.json::().map_err(Into::into)) + .and_then(move |sur| { + let (authorize_url, csrf_state) = client.im.authorize_url(CsrfToken::new_random); + session + .set("im_csrf_state", csrf_state.secret().clone()) + .map_err(|err| println!("{:?}", err)) + .ok(); + session + .set("user_token", sur.access_token.clone()) + .map(|_| send_response(&authorize_url.to_string())) + }), + ) } -fn auth( +fn auth_im( cis_client: web::Data, user_id: UserId, query: web::Query, @@ -164,24 +197,35 @@ fn auth( session: Session, ) -> Box> { let state = CsrfToken::new(query.state.clone()); + let user_token; let slack_token_url = format!( "{}{}&code={}", TOKEN_URL, - slack_uri_data.slack_auth_params, + slack_uri_data.im_slack_auth_params, query.code.clone() ); - // Check state token from im_crsf_state if let Some(ref must_state) = session.get::("im_csrf_state").unwrap() { if must_state != state.secret() { + println!( + "Error: Mismatched im_csrf_state {:?}, {:?}", + must_state.clone(), + state.secret().clone() + ); return Box::new(future::ok(send_error_response())); } } else { + println!("Error: Missing im_csrf_state"); + return Box::new(future::ok(send_error_response())); + } + if let Some(ref state_user_token) = session.get::("user_token").unwrap() { + user_token = state_user_token.clone(); + } else { + println!("Error: Missing user_token from session"); return Box::new(future::ok(send_error_response())); } let get = cis_client.clone(); let get_uid = user_id.user_id.clone(); - // Begin slack requests by grabbing the user_id, and access_token Box::new( Client::default() @@ -189,23 +233,21 @@ fn auth( .header(http::header::USER_AGENT, "whoami") .send() .map_err(Into::into) - .and_then(move |mut res| res.json::().map_err(Into::into)) + .and_then(move |mut res| res.json::().map_err(Into::into)) .and_then(move |j| { - let user_uri = format!("{}?token={}", USERS_IDENTITY_URL, j.access_token.clone()); + let user_uri = format!("{}?token={}", USERS_IDENTITY_URL, user_token.clone()); // Now that we have the access_token, go get the user data: name, id Client::default() .get(user_uri) .header("Content-type", "application/json; charset=utf-8") - .header( - "Authorization", - format!("Bearer {}", j.access_token.clone()), - ) + .header("Authorization", format!("Bearer {}", user_token.clone())) .send() .map_err(Into::into) .and_then(move |mut s| s.json::().map_err(Into::into)) .and_then(move |sur| { - Ok(SlackUserTokenData { - token: j.access_token, + Ok(SlackTokenData { + user_token: user_token.to_string(), + bot_token: j.bot.bot_access_token.clone(), user: sur.user, }) }) @@ -215,9 +257,12 @@ fn auth( Client::default() .post(OPEN_DM_URL) .header("Content-type", "application/json; charset=utf-8") - .header("Authorization", format!("Bearer {}", sutd.token)) + .header( + "Authorization", + format!("Bearer {}", sutd.user_token.clone()), + ) .send_json(&json!({ - "token": sutd.token.clone(), + "token": sutd.user_token.clone(), "user": sutd.user.id.clone(), })) .map_err(Into::into) @@ -282,7 +327,6 @@ pub fn slack_app( Url::parse(&format!("{}{}", TOKEN_URL, im_slack_auth_params)) .expect("Invalid token endpoint URL"), ); - let identity_client = Arc::new( BasicClient::new( slack_client_id.clone(), @@ -312,7 +356,8 @@ pub fn slack_app( identity: identity_client, }; let slack_uri_data: SlackUriData = SlackUriData { - slack_auth_params: im_slack_auth_params, + identity_slack_auth_params, + im_slack_auth_params, direct_message_uri: slack.direct_message_uri.clone(), }; @@ -338,6 +383,6 @@ pub fn slack_app( .data(cis_client) .data(slack_uri_data) .service(web::resource("/add").route(web::get().to(redirect_identity))) - .service(web::resource("/add/im").route(web::get().to(redirect_im))) - .service(web::resource("/auth").route(web::get().to_async(auth::))) + .service(web::resource("/auth/identity").route(web::get().to_async(auth_identity::))) + .service(web::resource("/auth/im").route(web::get().to_async(auth_im::))) } From 77090b6745673eed448995b52517e217e8cd01d2 Mon Sep 17 00:00:00 2001 From: Florian Merz Date: Sun, 20 Oct 2019 19:11:33 +0200 Subject: [PATCH 13/16] use only identity information for slack --- src/settings.rs | 2 - src/slack/app.rs | 205 +++-------------------------------------------- 2 files changed, 11 insertions(+), 196 deletions(-) diff --git a/src/settings.rs b/src/settings.rs index c830da5..7c4aaf5 100644 --- a/src/settings.rs +++ b/src/settings.rs @@ -20,9 +20,7 @@ pub struct Slack { pub client_id: String, pub client_secret: String, pub identity_scope: String, - pub im_scope: String, pub identity_redirect_uri: String, - pub im_redirect_uri: String, pub direct_message_uri: String, } diff --git a/src/slack/app.rs b/src/slack/app.rs index 850ce0e..6d1168e 100644 --- a/src/slack/app.rs +++ b/src/slack/app.rs @@ -28,14 +28,11 @@ use oauth2::CsrfToken; use oauth2::RedirectUrl; use oauth2::Scope; use oauth2::TokenUrl; -use serde_json::json; use std::sync::Arc; use url::Url; const AUTH_URL: &str = "https://slack.com/oauth/authorize"; const TOKEN_URL: &str = "https://slack.com/api/oauth.access"; -const OPEN_DM_URL: &str = "https://slack.com/api/im.open"; -const USERS_IDENTITY_URL: &str = "https://slack.com/api/users.identity"; #[derive(Deserialize)] pub struct Auth { @@ -43,52 +40,18 @@ pub struct Auth { state: String, } -#[derive(Deserialize, Serialize, Debug)] +#[derive(Deserialize, Serialize, Debug, Clone)] pub struct SlackUser { name: String, id: String, } -impl Clone for SlackUser { - fn clone(&self) -> SlackUser { - SlackUser { - name: self.name.to_string(), - id: self.id.to_string(), - } - } -} - -#[derive(Deserialize, Serialize, Debug, Clone)] -pub struct SlackIDData { - id: String, -} - -#[derive(Deserialize, Serialize, Debug)] -pub struct SlackChannelUserData { - channel: SlackIDData, - user: SlackUser, -} - -#[derive(Deserialize, Serialize, Debug)] -pub struct SlackTokenData { - user_token: String, - bot_token: String, - user: SlackUser, -} - #[derive(Deserialize, Serialize, Debug)] pub struct SlackUriData { - im_slack_auth_params: String, identity_slack_auth_params: String, direct_message_uri: String, } -#[derive(Deserialize, Serialize, Debug)] -pub struct SlackIMResponse { - ok: bool, - channel: SlackIDData, -} - #[derive(Deserialize, Debug, Clone)] pub struct SlackUserTokenResponse { ok: bool, @@ -96,32 +59,7 @@ pub struct SlackUserTokenResponse { scope: String, user_id: String, team_id: String, -} - -#[derive(Deserialize, Debug, Clone)] -pub struct SlackBotResponse { - bot_user_id: String, - bot_access_token: String, -} - -#[derive(Deserialize, Debug, Clone)] -pub struct SlackBotTokenResponse { - ok: bool, - bot: SlackBotResponse, - scope: String, -} - -#[derive(Deserialize, Debug, Clone)] -pub struct SlackUserResponse { - ok: bool, user: SlackUser, - team: SlackIDData, -} - -#[derive(Debug)] -pub struct SlackClientHandlers { - im: Arc, - identity: Arc, } fn send_response(url: &str) -> HttpResponse { @@ -137,18 +75,19 @@ fn send_error_response() -> HttpResponse { /** * First redirect that handles getting authorization for identity scopes */ -fn redirect_identity(client: web::Data, session: Session) -> impl Responder { - let (authorize_url, csrf_state) = client.identity.authorize_url(CsrfToken::new_random); +fn redirect_identity(client: web::Data>, session: Session) -> impl Responder { + let (authorize_url, csrf_state) = client.authorize_url(CsrfToken::new_random); session .set("identity_csrf_state", csrf_state.secret().clone()) .map(|_| send_response(&authorize_url.to_string())) } fn auth_identity( + cis_client: web::Data, + user_id: UserId, query: web::Query, slack_uri_data: web::Data, session: Session, - client: web::Data, ) -> Box> { let state = CsrfToken::new(query.state.clone()); let slack_token_url = format!( @@ -168,62 +107,6 @@ fn auth_identity( return Box::new(future::ok(send_error_response())); } - // Begin slack requests by grabbing the user_id, and access_token - Box::new( - Client::default() - .get(slack_token_url) - .header(http::header::USER_AGENT, "whoami") - .send() - .map_err(Into::into) - .and_then(move |mut res| res.json::().map_err(Into::into)) - .and_then(move |sur| { - let (authorize_url, csrf_state) = client.im.authorize_url(CsrfToken::new_random); - session - .set("im_csrf_state", csrf_state.secret().clone()) - .map_err(|err| println!("{:?}", err)) - .ok(); - session - .set("user_token", sur.access_token.clone()) - .map(|_| send_response(&authorize_url.to_string())) - }), - ) -} - -fn auth_im( - cis_client: web::Data, - user_id: UserId, - query: web::Query, - slack_uri_data: web::Data, - session: Session, -) -> Box> { - let state = CsrfToken::new(query.state.clone()); - let user_token; - let slack_token_url = format!( - "{}{}&code={}", - TOKEN_URL, - slack_uri_data.im_slack_auth_params, - query.code.clone() - ); - // Check state token from im_crsf_state - if let Some(ref must_state) = session.get::("im_csrf_state").unwrap() { - if must_state != state.secret() { - println!( - "Error: Mismatched im_csrf_state {:?}, {:?}", - must_state.clone(), - state.secret().clone() - ); - return Box::new(future::ok(send_error_response())); - } - } else { - println!("Error: Missing im_csrf_state"); - return Box::new(future::ok(send_error_response())); - } - if let Some(ref state_user_token) = session.get::("user_token").unwrap() { - user_token = state_user_token.clone(); - } else { - println!("Error: Missing user_token from session"); - return Box::new(future::ok(send_error_response())); - } let get = cis_client.clone(); let get_uid = user_id.user_id.clone(); // Begin slack requests by grabbing the user_id, and access_token @@ -233,57 +116,17 @@ fn auth_im( .header(http::header::USER_AGENT, "whoami") .send() .map_err(Into::into) - .and_then(move |mut res| res.json::().map_err(Into::into)) - .and_then(move |j| { - let user_uri = format!("{}?token={}", USERS_IDENTITY_URL, user_token.clone()); - // Now that we have the access_token, go get the user data: name, id - Client::default() - .get(user_uri) - .header("Content-type", "application/json; charset=utf-8") - .header("Authorization", format!("Bearer {}", user_token.clone())) - .send() - .map_err(Into::into) - .and_then(move |mut s| s.json::().map_err(Into::into)) - .and_then(move |sur| { - Ok(SlackTokenData { - user_token: user_token.to_string(), - bot_token: j.bot.bot_access_token.clone(), - user: sur.user, - }) - }) - }) - .and_then(move |sutd| { - // Now that we have the access_token and user data, go open a direct message channel and save the channel id - Client::default() - .post(OPEN_DM_URL) - .header("Content-type", "application/json; charset=utf-8") - .header( - "Authorization", - format!("Bearer {}", sutd.user_token.clone()), - ) - .send_json(&json!({ - "token": sutd.user_token.clone(), - "user": sutd.user.id.clone(), - })) - .map_err(Into::into) - .and_then(move |mut s| s.json::().map_err(Into::into)) - .and_then(move |simr| { - Ok(SlackChannelUserData { - channel: simr.channel, - user: sutd.user, - }) - }) - }) - .and_then(move |scu_data| { + .and_then(move |mut res| res.json::().map_err(Into::into)) + .and_then(move |sur| { // Now that we have the access_token, user data, and channel id, go put it in the profile get.get_user_by(&get_uid, &GetBy::UserId, None) .and_then(move |profile: Profile| { update_slack( format!( - "{}{}", - slack_uri_data.direct_message_uri, scu_data.channel.id + "{}?channel={}&team={}", + slack_uri_data.direct_message_uri, sur.user_id, sur.team_id ), - scu_data.user.name.clone(), + sur.user.name.clone(), profile, get.get_secret_store(), ) @@ -314,19 +157,11 @@ pub fn slack_app( "?client_id={}&client_secret={}&redirect_uri={}", &slack.client_id, &slack.client_secret, &slack.identity_redirect_uri ); - let im_slack_auth_params = format!( - "?client_id={}&client_secret={}&redirect_uri={}", - &slack.client_id, &slack.client_secret, &slack.im_redirect_uri - ); let auth_url = AuthUrl::new(Url::parse(AUTH_URL).expect("Invalid authorization endpoint URL")); let identity_token_url = TokenUrl::new( Url::parse(&format!("{}{}", TOKEN_URL, identity_slack_auth_params)) .expect("Invalid token endpoint URL"), ); - let im_token_url = TokenUrl::new( - Url::parse(&format!("{}{}", TOKEN_URL, im_slack_auth_params)) - .expect("Invalid token endpoint URL"), - ); let identity_client = Arc::new( BasicClient::new( slack_client_id.clone(), @@ -339,25 +174,8 @@ pub fn slack_app( Url::parse(&slack.identity_redirect_uri).expect("Invalid redirect URL"), )), ); - let im_client = Arc::new( - BasicClient::new( - slack_client_id, - Some(slack_client_secret), - auth_url, - Some(im_token_url), - ) - .add_scope(Scope::new(slack.im_scope.clone())) - .set_redirect_url(RedirectUrl::new( - Url::parse(&slack.im_redirect_uri).expect("Invalid redirect URL"), - )), - ); - let client_data_handlers: SlackClientHandlers = SlackClientHandlers { - im: im_client, - identity: identity_client, - }; let slack_uri_data: SlackUriData = SlackUriData { identity_slack_auth_params, - im_slack_auth_params, direct_message_uri: slack.direct_message_uri.clone(), }; @@ -379,10 +197,9 @@ pub fn slack_app( .secure(false) .max_age(300), ) - .data(client_data_handlers) + .data(identity_client) .data(cis_client) .data(slack_uri_data) .service(web::resource("/add").route(web::get().to(redirect_identity))) .service(web::resource("/auth/identity").route(web::get().to_async(auth_identity::))) - .service(web::resource("/auth/im").route(web::get().to_async(auth_im::))) } From 22f0a6ead252e9d4df8ab40bb6c034fb0fbccdf8 Mon Sep 17 00:00:00 2001 From: Florian Merz Date: Mon, 21 Oct 2019 08:36:53 +0200 Subject: [PATCH 14/16] enforce slack team_id --- src/settings.rs | 1 + src/slack/app.rs | 7 +++++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/src/settings.rs b/src/settings.rs index 7c4aaf5..5f25123 100644 --- a/src/settings.rs +++ b/src/settings.rs @@ -22,6 +22,7 @@ pub struct Slack { pub identity_scope: String, pub identity_redirect_uri: String, pub direct_message_uri: String, + pub team_id: String, } #[derive(Debug, Deserialize, Clone)] diff --git a/src/slack/app.rs b/src/slack/app.rs index 6d1168e..915c65d 100644 --- a/src/slack/app.rs +++ b/src/slack/app.rs @@ -50,6 +50,7 @@ pub struct SlackUser { pub struct SlackUriData { identity_slack_auth_params: String, direct_message_uri: String, + team_id: String, } #[derive(Deserialize, Debug, Clone)] @@ -91,10 +92,11 @@ fn auth_identity( ) -> Box> { let state = CsrfToken::new(query.state.clone()); let slack_token_url = format!( - "{}{}&code={}", + "{}{}&code={}&team={}", TOKEN_URL, slack_uri_data.identity_slack_auth_params, - query.code.clone() + query.code.clone(), + slack_uri_data.team_id ); // Check state token from im_crsf_state if let Some(ref must_state) = session.get::("identity_csrf_state").unwrap() { @@ -177,6 +179,7 @@ pub fn slack_app( let slack_uri_data: SlackUriData = SlackUriData { identity_slack_auth_params, direct_message_uri: slack.direct_message_uri.clone(), + team_id: slack.team_id.clone(), }; web::scope("/slack/") From 673112c15498e7f521c544ec5ca3437769646f80 Mon Sep 17 00:00:00 2001 From: Florian Merz Date: Mon, 21 Oct 2019 15:38:44 +0200 Subject: [PATCH 15/16] error if team_id mismatches for now that ungraceful but at least we error --- src/slack/app.rs | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/src/slack/app.rs b/src/slack/app.rs index 915c65d..a597b7d 100644 --- a/src/slack/app.rs +++ b/src/slack/app.rs @@ -16,6 +16,7 @@ use actix_web::Responder; use cis_client::getby::GetBy; use cis_client::AsyncCisClientTrait; use cis_profile::schema::Profile; +use failure::format_err; use futures::future; use futures::Future; use futures::IntoFuture; @@ -111,6 +112,7 @@ fn auth_identity( let get = cis_client.clone(); let get_uid = user_id.user_id.clone(); + let enforced_team_id = slack_uri_data.team_id.clone(); // Begin slack requests by grabbing the user_id, and access_token Box::new( Client::default() @@ -119,6 +121,13 @@ fn auth_identity( .send() .map_err(Into::into) .and_then(move |mut res| res.json::().map_err(Into::into)) + .and_then(move |sur| { + if sur.team_id == enforced_team_id { + Ok(sur) + } else { + Err(format_err!("slack team_id missmatch").into()) + } + }) .and_then(move |sur| { // Now that we have the access_token, user data, and channel id, go put it in the profile get.get_user_by(&get_uid, &GetBy::UserId, None) From 992a295ad062f6fff8a968bc4d9cdb965a643490 Mon Sep 17 00:00:00 2001 From: Florian Merz Date: Tue, 22 Oct 2019 16:22:18 +0200 Subject: [PATCH 16/16] rm println --- src/slack/app.rs | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/slack/app.rs b/src/slack/app.rs index a597b7d..4c85437 100644 --- a/src/slack/app.rs +++ b/src/slack/app.rs @@ -20,6 +20,7 @@ use failure::format_err; use futures::future; use futures::Future; use futures::IntoFuture; +use log::error; use oauth2::basic::BasicClient; use oauth2::prelude::*; use oauth2::AuthUrl; @@ -102,11 +103,11 @@ fn auth_identity( // Check state token from im_crsf_state if let Some(ref must_state) = session.get::("identity_csrf_state").unwrap() { if must_state != state.secret() { - println!("Error: Identity csrf state mismatch"); + error!("Error: Identity csrf state mismatch"); return Box::new(future::ok(send_error_response())); } } else { - println!("Error: Missing identity csrf state"); + error!("Error: Missing identity csrf state"); return Box::new(future::ok(send_error_response())); }