cesar
/
ledger-prototype


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118
							//! Lock Token module
use borsh::{BorshDeserialize, BorshSerialize};
use chrono::{DateTime, Duration, Utc};
use hmac::{Hmac, Mac};
use rand::Rng;
use serde::{Deserialize, Serialize};
use sha2::Sha256;
use std::ops::Deref;

type HmacSha256 = Hmac<Sha256>;

crate::BinaryId!(TokenPayload, "token");
crate::BinaryId!(TokenSignature, "sig");

#[derive(thiserror::Error, Debug, Serialize)]
/// Error type
pub enum Error {
    /// Missing update token
    #[error("Missing update token")]
    MissingUpdateToken,

    /// Invalid signature
    #[error("Invalid signature")]
    InvalidSignature,

    /// I/O error
    #[error("IO error: {0}")]
    #[serde(serialize_with = "crate::serialize_error_to_string")]
    IO(#[from] std::io::Error),
}

#[derive(Debug)]
/// Lock Token Manager
pub struct TokenManager(pub Vec<u8>);

impl Default for TokenManager {
    fn default() -> Self {
        let mut rng = rand::thread_rng();
        let mut payload = [0u8; 10];
        rng.fill(&mut payload);
        Self(payload.to_vec())
    }
}

impl TokenManager {
    /// Checks if the given token is valid and still not expired
    pub fn verify(&self, token: Token, update_token: &Option<TokenPayload>) -> Result<(), Error> {
        if !token.is_valid() {
            return Ok(());
        }

        let update_token = if let Some(update_token) = update_token {
            update_token
        } else {
            return Err(Error::MissingUpdateToken);
        };

        let mut mac = HmacSha256::new_from_slice(&self.0).expect("HMAC can take key of any size");
        mac.update(update_token.deref());

        let result = mac.finalize().into_bytes();
        if &result[..] != *token.signature {
            Err(Error::InvalidSignature)
        } else {
            Ok(())
        }
    }

    /// Creates a new instance of the token
    pub fn new_token(&self, owner: String, duration: Duration) -> (Token, TokenPayload) {
        let mut rng = rand::thread_rng();
        let mut payload = [0u8; 32];
        rng.fill(&mut payload);

        let mut mac = HmacSha256::new_from_slice(&self.0).expect("HMAC can take key of any size");
        mac.update(&payload);

        let signature: [u8; 32] = mac.finalize().into_bytes().into();

        (
            // The token cannot be altered once it is commited, as the revision ID is the hash of
            // the entire content, therefore it is safer to only HMAC the
            Token {
                expires_at: Utc::now() + duration,
                owner,
                signature: signature.into(),
            },
            payload.into(),
        )
    }
}

#[derive(Serialize, Deserialize, BorshSerialize, BorshDeserialize, Clone, Debug, PartialEq)]
/// Inner token
///
/// This token has the transaction ID, the expiration date and the owner string. This is the data to
/// be signed by the HMAC and sent to the client.
pub struct Token {
    #[borsh(
        serialize_with = "crate::to_ts_microseconds",
        deserialize_with = "crate::from_ts_microseconds"
    )]
    expires_at: DateTime<Utc>,
    signature: TokenSignature,
    owner: String,
}

impl Token {
    /// Converts the token to bytes
    pub fn to_bytes(&self) -> Result<Vec<u8>, Error> {
        Ok(borsh::to_vec(&self)?)
    }

    /// Checks if the token is valid
    pub fn is_valid(&self) -> bool {
        self.expires_at > Utc::now()
    }
}