From 5f1d07a62baa4b00208f1e251624876275a1fb63 Mon Sep 17 00:00:00 2001 From: Jesse Luehrs Date: Wed, 27 Nov 2019 01:29:25 -0500 Subject: split oauth_response into two different messages the local client needs to receive the code and send it directly to the server, which handles the rest of the oauth flow (because the client doesn't have the server's oauth configuration, so it can't do the exchange itself), but the web client needs to receive the code and exchange it for a token and send that token to the server (because the server doesn't have the web server's oauth configuration, so it can't do the exchange itself) --- teleterm/src/client.rs | 2 +- teleterm/src/protocol.rs | 47 ++++++++++++++++++++++++++++++++++++----------- teleterm/src/server.rs | 4 ++-- 3 files changed, 39 insertions(+), 14 deletions(-) diff --git a/teleterm/src/client.rs b/teleterm/src/client.rs index 2eae185..473cb9b 100644 --- a/teleterm/src/client.rs +++ b/teleterm/src/client.rs @@ -373,7 +373,7 @@ impl return Err(Error::ParseHttpRequestMissingCode); }; Ok(( - crate::protocol::Message::oauth_response(&code), + crate::protocol::Message::oauth_response_code(&code), lines.into_inner().into_inner(), )) }) diff --git a/teleterm/src/protocol.rs b/teleterm/src/protocol.rs index 85aee31..bbd14d2 100644 --- a/teleterm/src/protocol.rs +++ b/teleterm/src/protocol.rs @@ -248,7 +248,8 @@ pub enum MessageType { Resize, LoggedIn, OauthRequest, - OauthResponse, + OauthResponseCode, + OauthResponseToken, } impl std::convert::TryFrom for MessageType { @@ -268,7 +269,8 @@ impl std::convert::TryFrom for MessageType { 9 => Self::Resize, 10 => Self::LoggedIn, 11 => Self::OauthRequest, - 12 => Self::OauthResponse, + 12 => Self::OauthResponseCode, + 13 => Self::OauthResponseToken, _ => return Err(Error::InvalidMessageType { ty: n }), }) } @@ -310,9 +312,12 @@ pub enum Message { url: String, id: String, }, - OauthResponse { + OauthResponseCode { code: String, }, + OauthResponseToken { + token: String, + }, } impl Message { @@ -384,12 +389,18 @@ impl Message { } } - pub fn oauth_response(code: &str) -> Self { - Self::OauthResponse { + pub fn oauth_response_code(code: &str) -> Self { + Self::OauthResponseCode { code: code.to_string(), } } + pub fn oauth_response_token(token: &str) -> Self { + Self::OauthResponseToken { + token: token.to_string(), + } + } + pub fn message_type(&self) -> MessageType { match self { Self::Login { .. } => MessageType::Login, @@ -404,7 +415,10 @@ impl Message { Self::Resize { .. } => MessageType::Resize, Self::LoggedIn { .. } => MessageType::LoggedIn, Self::OauthRequest { .. } => MessageType::OauthRequest, - Self::OauthResponse { .. } => MessageType::OauthResponse, + Self::OauthResponseCode { .. } => MessageType::OauthResponseCode, + Self::OauthResponseToken { .. } => { + MessageType::OauthResponseToken + } } } @@ -445,8 +459,11 @@ impl Message { // these are security-sensitive, keep them out of logs Self::OauthRequest { .. } => "OauthRequest {{ .. }}".to_string(), - Self::OauthResponse { .. } => { - "OauthResponse {{ .. }}".to_string() + Self::OauthResponseCode { .. } => { + "OauthResponseCode {{ .. }}".to_string() + } + Self::OauthResponseToken { .. } => { + "OauthResponseToken {{ .. }}".to_string() } _ => format!("{:?}", self), @@ -631,9 +648,12 @@ impl From<&Message> for Packet { write_str(url, &mut data); write_str(id, &mut data); } - Message::OauthResponse { code } => { + Message::OauthResponseCode { code } => { write_str(code, &mut data); } + Message::OauthResponseToken { token } => { + write_str(token, &mut data); + } } Self { ty, data } @@ -820,10 +840,15 @@ impl std::convert::TryFrom for Message { (Self::OauthRequest { url, id }, data) } - MessageType::OauthResponse => { + MessageType::OauthResponseCode => { let (code, data) = read_str(data)?; - (Self::OauthResponse { code }, data) + (Self::OauthResponseCode { code }, data) + } + MessageType::OauthResponseToken => { + let (token, data) = read_str(data)?; + + (Self::OauthResponseToken { token }, data) } }; diff --git a/teleterm/src/server.rs b/teleterm/src/server.rs index 0278709..97659f4 100644 --- a/teleterm/src/server.rs +++ b/teleterm/src/server.rs @@ -627,7 +627,7 @@ impl > { let client = conn.oauth_client.take().ok_or_else(|| { Error::UnexpectedMessage { - message: crate::protocol::Message::oauth_response(code), + message: crate::protocol::Message::oauth_response_code(code), } })?; @@ -688,7 +688,7 @@ impl >, > { match message { - crate::protocol::Message::OauthResponse { code } => { + crate::protocol::Message::OauthResponseCode { code } => { self.handle_message_oauth_response(conn, &code) } m => Err(Error::UnauthenticatedMessage { message: m }), -- cgit v1.2.3