diff --git a/Cargo.lock b/Cargo.lock index dd1f9a5..6c17de3 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -755,7 +755,7 @@ dependencies = [ [[package]] name = "dropshot-authorization-header" -version = "0.4.0-alpha.4" +version = "0.4.0-alpha.5" dependencies = [ "async-trait", "base64", @@ -3574,7 +3574,7 @@ dependencies = [ [[package]] name = "v-api" -version = "0.4.0-alpha.4" +version = "0.4.0-alpha.5" dependencies = [ "anyhow", "async-trait", @@ -3622,7 +3622,7 @@ dependencies = [ [[package]] name = "v-api-param" -version = "0.4.0-alpha.4" +version = "0.4.0-alpha.5" dependencies = [ "secrecy", "serde", @@ -3633,7 +3633,7 @@ dependencies = [ [[package]] name = "v-api-permission-derive" -version = "0.4.0-alpha.4" +version = "0.4.0-alpha.5" dependencies = [ "heck", "newtype-uuid", @@ -3650,7 +3650,7 @@ dependencies = [ [[package]] name = "v-cli-sdk" -version = "0.4.0-alpha.4" +version = "0.4.0-alpha.5" dependencies = [ "anyhow", "clap", @@ -3672,7 +3672,7 @@ dependencies = [ [[package]] name = "v-model" -version = "0.4.0-alpha.4" +version = "0.4.0-alpha.5" dependencies = [ "async-bb8-diesel", "async-trait", @@ -4266,7 +4266,7 @@ checksum = "1ffae5123b2d3fc086436f8834ae3ab053a283cfac8fe0a0b8eaae044768a4c4" [[package]] name = "xtask" -version = "0.4.0-alpha.4" +version = "0.4.0-alpha.5" dependencies = [ "clap", "regex", diff --git a/Cargo.toml b/Cargo.toml index 06e45da..3e8e4bd 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -12,7 +12,7 @@ resolver = "2" [workspace.package] publish = true edition = "2024" -version = "0.4.0-alpha.4" +version = "0.4.0-alpha.5" [workspace.dependencies] anyhow = "1.0" diff --git a/v-api/src/endpoints/login/magic_link/mod.rs b/v-api/src/endpoints/login/magic_link/mod.rs index b2050e8..a03683e 100644 --- a/v-api/src/endpoints/login/magic_link/mod.rs +++ b/v-api/src/endpoints/login/magic_link/mod.rs @@ -25,10 +25,9 @@ use crate::{ authn::{Verify, key::RawKey}, context::magic_link::{MagicLinkSendError, MagicLinkTransitionError}, endpoints::login::{ExternalUserId, UserInfo}, - permissions::{VAppPermission, VPermission}, + permissions::VAppPermission, response::{ResourceError, bad_request, internal_error, to_internal_error}, }; -use v_model::permissions::AsScope; pub mod client; @@ -101,7 +100,7 @@ where // Validate scope. An empty scope means no permissions. // Use the special scope "full" to request all permissions. - if let Err(err) = VPermission::from_scope_arg(&scope) { + if let Err(err) = T::from_scope_arg(&scope) { tracing::warn!(?err, ?scope, "Client submitted an invalid scope"); return Err(bad_request(format!("Invalid scope: {}", scope))); } diff --git a/v-api/src/endpoints/login/oauth/flow/code.rs b/v-api/src/endpoints/login/oauth/flow/code.rs index 99393ae..5c59109 100644 --- a/v-api/src/endpoints/login/oauth/flow/code.rs +++ b/v-api/src/endpoints/login/oauth/flow/code.rs @@ -26,8 +26,7 @@ use tracing::instrument; use uuid::Uuid; use v_model::{ LoginAttempt, LoginAttemptId, NewLoginAttempt, OAuthClient, OAuthClientId, - permissions::{AsScope, PermissionStorage}, - schema_ext::LoginAttemptState, + permissions::PermissionStorage, schema_ext::LoginAttemptState, }; use super::super::{OAuthProvider, OAuthProviderNameParam}; @@ -40,7 +39,7 @@ use crate::{ oauth::{CheckOAuthClient, OAuthProviderAuthorizationCodePkceInfo}, }, error::ApiError, - permissions::{VAppPermission, VPermission}, + permissions::VAppPermission, response::bad_request, secrets::OpenApiSecretString, util::{ @@ -277,7 +276,7 @@ where // Check that the passed in scopes are valid. A None scope means no permissions. // Use the special scope "full" to request all permissions. if let Some(ref scope) = query.scope - && let Err(err) = VPermission::from_scope_arg(scope) + && let Err(err) = T::from_scope_arg(scope) { tracing::warn!(?err, ?scope, "Client submitted an invalid scope"); Err(OAuthError::new( diff --git a/v-api/src/endpoints/login/oauth/flow/device_token.rs b/v-api/src/endpoints/login/oauth/flow/device_token.rs index 659db7b..5f0f13b 100644 --- a/v-api/src/endpoints/login/oauth/flow/device_token.rs +++ b/v-api/src/endpoints/login/oauth/flow/device_token.rs @@ -18,20 +18,13 @@ use std::ops::Add; use tap::TapFallible; use tracing::instrument; use url::Url; -use v_model::{ - NewLoginAttempt, OAuthClientId, - permissions::{AsScope, PermissionStorage}, -}; +use v_model::{NewLoginAttempt, OAuthClientId, permissions::PermissionStorage}; use super::super::OAuthProviderNameParam; use crate::endpoints::login::UserInfoProvider; use crate::{ - context::ApiContext, - endpoints::login::LoginError, - error::ApiError, - permissions::{VAppPermission, VPermission}, - response::internal_error, - util::response::bad_request, + context::ApiContext, endpoints::login::LoginError, error::ApiError, + permissions::VAppPermission, response::internal_error, util::response::bad_request, }; use super::complete_exchange; @@ -135,7 +128,7 @@ where // An omitted scope means no permissions let scope = body.scope.unwrap_or_default(); - if let Err(err) = VPermission::from_scope_arg(&scope) { + if let Err(err) = T::from_scope_arg(&scope) { tracing::warn!(?err, ?scope, "Client submitted an invalid scope"); return Ok(error_response( StatusCode::BAD_REQUEST,