switch to uuid parsing for tokens

2025-01-03 17:13:48 +01:00 · 2023-02-24 05:07:37 +01:00 · 2023-02-24 05:07:37 +01:00 · a470d4eeb0
commit a470d4eeb0
parent 795c9870e8
3 changed files with 22 additions and 7 deletions
--- a/bffhd/authentication/fabfire_bin/server.rs
+++ b/bffhd/authentication/fabfire_bin/server.rs
@ -14,6 +14,7 @@ use std::convert::TryFrom;
 use std::fmt::{Debug, Display, Formatter};
 use std::io::Write;
 use std::sync::Arc;
+use uuid::Uuid;

 use crate::authentication::fabfire::FabFireCardKey;
 use crate::CONFIG;
@ -361,8 +362,11 @@ impl Authentication for FabFire {
                    Ok(_) => {
                        match apdu_response.body {
                            Some(data) => {
-                                let authid = hex::encode(data)
-                                    .trim_matches(char::from(0))
+                                let data = data.get(..16).ok_or(FabFireError::ParseError)?;
+                                let authid = uuid::Uuid::from_slice(data)
+                                    .unwrap()
+                                    .to_hyphenated()
+                                    .encode_lower(&mut Uuid::encode_buffer())
                                    .to_string();
                                let prov = ThisProvider::<AuthId>::with(&authid);
                                let key = session
--- a/bffhd/authentication/mod.rs
+++ b/bffhd/authentication/mod.rs
@ -32,7 +32,10 @@ impl SessionCallback for Callback {
    ) -> Result<(), SessionError> {
        if let Some(authid) = context.get_ref::<AuthId>() {
            request.satisfy_with::<FabFireCardKey, _>(|| {
-                let user = self.users.get_user_by_token(authid).ok_or(CallbackError::NoValue)?;
+                let user = self
+                    .users
+                    .get_user_by_token(authid)
+                    .ok_or(CallbackError::NoValue)?;
                let kv = user
                    .userdata
                    .kv
--- a/bffhd/capnp/user.rs
+++ b/bffhd/capnp/user.rs
@ -235,8 +235,12 @@ impl card_d_e_s_fire_e_v2::Server for User {
        let card_key = pry!(params.get_auth_key());
        let token = pry!(params.get_token());

-        let token: Cow<'_, str> = if let Ok(url) = std::str::from_utf8(token) {
-            Cow::Borrowed(url)
+        let token: Cow<'_, str> = if let Ok(uuid) = Uuid::from_slice(token) {
+            Cow::Owned(
+                uuid.to_hyphenated()
+                    .encode_lower(&mut Uuid::encode_buffer())
+                    .to_string(),
+            )
        } else {
            Cow::Owned(hex::encode(token))
        };
@ -310,8 +314,12 @@ impl card_d_e_s_fire_e_v2::Server for User {
        let params = pry!(params.get());
        let token = pry!(params.get_token());

-        let token: Cow<'_, str> = if let Ok(url) = std::str::from_utf8(token) {
-            Cow::Borrowed(url)
+        let token: Cow<'_, str> = if let Ok(uuid) = Uuid::from_slice(token) {
+            Cow::Owned(
+                uuid.to_hyphenated()
+                    .encode_lower(&mut Uuid::encode_buffer())
+                    .to_string(),
+            )
        } else {
            Cow::Owned(hex::encode(token))
        };