mirror of
https://github.com/facebook/sapling.git
synced 2024-10-09 08:18:15 +03:00
common/rust/identity_ext: unify identity parsing into a single crate
Summary: The `secure_utils` crate from common/rust/secure_utils was moved to rust-shed, the remaining crates in that folder are being refactored here into a single crate `identity_ext` for clarity. Reviewed By: StanislavGlebik Differential Revision: D21549861 fbshipit-source-id: 4da6566a09ba7a772e8062632f9d7520af2e09e6
This commit is contained in:
parent
3d1587c3da
commit
8efc16b157
@ -17,7 +17,7 @@ use anyhow::{format_err, Error};
|
||||
use context::{CoreContext, SessionContainer};
|
||||
use fbinit::FacebookInit;
|
||||
use identity::Identity;
|
||||
use json_encoded::get_identities;
|
||||
use identity_ext::json::get_identities;
|
||||
use openssl::x509::X509;
|
||||
use percent_encoding::percent_decode;
|
||||
use scuba_ext::ScubaSampleBuilder;
|
||||
@ -76,7 +76,7 @@ fn extract_client_identities(cert: &X509, headers: &HeaderMap) -> Result<Vec<Ide
|
||||
const PROXY_IDENTITY_DATA: &str = "proxygen";
|
||||
const PROXY_IDENTITY_HEADER: &str = "x-fb-validated-client-encoded-identity";
|
||||
|
||||
let cert_identities = x509::identity::get_identities(&cert)?;
|
||||
let cert_identities = identity_ext::x509::get_identities(&cert)?;
|
||||
|
||||
let cert_is_trusted_proxy = cert_identities.iter().any(|identity| {
|
||||
identity.get_type() == PROXY_IDENTITY_TYPE && identity.get_data() == PROXY_IDENTITY_DATA
|
||||
|
@ -9,7 +9,7 @@ use gotham::state::{client_addr, FromState, State};
|
||||
use gotham_derive::StateData;
|
||||
use hyper::header::HeaderMap;
|
||||
use hyper::{Body, Response};
|
||||
use json_encoded::get_identities;
|
||||
use identity_ext::json::get_identities;
|
||||
use lazy_static::lazy_static;
|
||||
use percent_encoding::percent_decode;
|
||||
use permission_checker::{MononokeIdentity, MononokeIdentitySet};
|
||||
|
@ -10,7 +10,6 @@ use gotham::{socket_data::SocketData, state::State};
|
||||
use gotham_derive::StateData;
|
||||
use openssl::ssl::SslRef;
|
||||
use permission_checker::{MononokeIdentity, MononokeIdentitySet};
|
||||
use x509::identity;
|
||||
|
||||
pub struct TlsSocketData {
|
||||
identities: Option<TlsCertificateIdentities>,
|
||||
@ -86,7 +85,7 @@ pub struct TlsCertificateIdentities {
|
||||
impl TlsCertificateIdentities {
|
||||
pub fn from_ssl(ssl: &SslRef) -> Option<Self> {
|
||||
let peer_certificate = ssl.peer_certificate()?;
|
||||
let identities = identity::get_identities(&peer_certificate)
|
||||
let identities = identity_ext::x509::get_identities(&peer_certificate)
|
||||
.ok()?
|
||||
.into_iter()
|
||||
.filter_map(|id| MononokeIdentity::try_from_identity(&id).ok())
|
||||
|
@ -176,7 +176,7 @@ fn accept(
|
||||
Some(cert) => {
|
||||
#[cfg(fbcode_build)]
|
||||
{
|
||||
::x509::identity::get_identities(&cert).and_then(
|
||||
::identity_ext::x509::get_identities(&cert).and_then(
|
||||
|identities| -> Result<MononokeIdentitySet> {
|
||||
identities
|
||||
.into_iter()
|
||||
|
Loading…
Reference in New Issue
Block a user