common/rust/identity_ext: unify identity parsing into a single crate

Summary: The `secure_utils` crate from common/rust/secure_utils was moved to rust-shed, the remaining crates in that folder are being refactored here into a single crate `identity_ext` for clarity. Reviewed By: StanislavGlebik Differential Revision: D21549861 fbshipit-source-id: 4da6566a09ba7a772e8062632f9d7520af2e09e6
2024-10-09 08:18:15 +03:00 · 2020-06-03 13:05:44 -07:00 · 2020-06-03 13:05:44 -07:00 · 8efc16b157
commit 8efc16b157
parent 3d1587c3da
4 changed files with 5 additions and 6 deletions
--- a/eden/mononoke/apiserver/src/middleware/core_context.rs
+++ b/eden/mononoke/apiserver/src/middleware/core_context.rs
@ -17,7 +17,7 @@ use anyhow::{format_err, Error};
 use context::{CoreContext, SessionContainer};
 use fbinit::FacebookInit;
 use identity::Identity;
-use json_encoded::get_identities;
+use identity_ext::json::get_identities;
 use openssl::x509::X509;
 use percent_encoding::percent_decode;
 use scuba_ext::ScubaSampleBuilder;
@ -76,7 +76,7 @@ fn extract_client_identities(cert: &X509, headers: &HeaderMap) -> Result<Vec<Ide
    const PROXY_IDENTITY_DATA: &str = "proxygen";
    const PROXY_IDENTITY_HEADER: &str = "x-fb-validated-client-encoded-identity";

-    let cert_identities = x509::identity::get_identities(&cert)?;
+    let cert_identities = identity_ext::x509::get_identities(&cert)?;

    let cert_is_trusted_proxy = cert_identities.iter().any(|identity| {
        identity.get_type() == PROXY_IDENTITY_TYPE && identity.get_data() == PROXY_IDENTITY_DATA
--- a/eden/mononoke/gotham_ext/src/middleware/client_identity.rs
+++ b/eden/mononoke/gotham_ext/src/middleware/client_identity.rs
@ -9,7 +9,7 @@ use gotham::state::{client_addr, FromState, State};
 use gotham_derive::StateData;
 use hyper::header::HeaderMap;
 use hyper::{Body, Response};
-use json_encoded::get_identities;
+use identity_ext::json::get_identities;
 use lazy_static::lazy_static;
 use percent_encoding::percent_decode;
 use permission_checker::{MononokeIdentity, MononokeIdentitySet};
--- a/eden/mononoke/gotham_ext/src/socket_data.rs
+++ b/eden/mononoke/gotham_ext/src/socket_data.rs
@ -10,7 +10,6 @@ use gotham::{socket_data::SocketData, state::State};
 use gotham_derive::StateData;
 use openssl::ssl::SslRef;
 use permission_checker::{MononokeIdentity, MononokeIdentitySet};
-use x509::identity;

 pub struct TlsSocketData {
    identities: Option<TlsCertificateIdentities>,
@ -86,7 +85,7 @@ pub struct TlsCertificateIdentities {
 impl TlsCertificateIdentities {
    pub fn from_ssl(ssl: &SslRef) -> Option<Self> {
        let peer_certificate = ssl.peer_certificate()?;
-        let identities = identity::get_identities(&peer_certificate)
+        let identities = identity_ext::x509::get_identities(&peer_certificate)
            .ok()?
            .into_iter()
            .filter_map(|id| MononokeIdentity::try_from_identity(&id).ok())
--- a/eden/mononoke/server/repo_listener/src/connection_acceptor.rs
+++ b/eden/mononoke/server/repo_listener/src/connection_acceptor.rs
@ -176,7 +176,7 @@ fn accept(
                    Some(cert) => {
                        #[cfg(fbcode_build)]
                        {
-                            ::x509::identity::get_identities(&cert).and_then(
+                            ::identity_ext::x509::get_identities(&cert).and_then(
                                |identities| -> Result<MononokeIdentitySet> {
                                    identities
                                        .into_iter()