validate-jwt-query-fix

2023-12-13 17:57:12 +03:00
parent d8375f39d3
commit d15633af0f
3 changed files with 19 additions and 16 deletions
--- a/src/data.rs
+++ b/src/data.rs
@@ -1,4 +1,4 @@
-use reqwest::header::{HeaderMap, HeaderValue, AUTHORIZATION, CONTENT_TYPE};
+use reqwest::header::{HeaderMap, HeaderValue, CONTENT_TYPE};
 use reqwest::Client as HTTPClient;
 use serde_json::json;
 use std::collections::HashMap;
@@ -9,19 +9,22 @@ use crate::SSEMessageData;

 pub async fn get_auth_id(token: &str) -> Result<i32, Box<dyn Error>> {
    let auth_api_base = env::var("AUTH_URL")?;
-    let (query_name, query_type) = match auth_api_base.contains("auth.discours.io") {
-        true => ("session", "query"),    // authorizer
-        _ => ("getSession", "mutation"), // v2
-    };
-    let operation = "GetUserId";
    let mut headers = HeaderMap::new();
-    headers.insert(AUTHORIZATION, HeaderValue::from_str(token)?);
    headers.insert(CONTENT_TYPE, HeaderValue::from_static("application/json"));

    let gql = json!({
-        "query": format!("{} {} {{ {} {{ user {{ id }} }} }}", query_type, operation, query_name),
-        "operationName": operation,
-        "variables": HashMap::<String, String>::new()
+        "query": r#"query ValidateJWTToken($params: ValidateJWTTokenInput) {
+            validate_jwt_token(params: $params) {
+                is_valid
+                claims
+            }
+        }"#,
+        "variables": {
+            "params": {
+                "token_type": "access_token",
+                "token": token,
+            }
+        }
    });

    let client = HTTPClient::new();
@@ -36,9 +39,9 @@ pub async fn get_auth_id(token: &str) -> Result<i32, Box<dyn Error>> {
        let r: HashMap<String, serde_json::Value> = response.json().await?;
        let user_id = r
            .get("data")
-            .and_then(|data| data.get(query_name))
-            .and_then(|query| query.get("user"))
-            .and_then(|user| user.get("id"))
+            .and_then(|data| data.get("validate_jwt_token"))
+            .and_then(|query| query.get("clams"))
+            .and_then(|claims| claims.get("sub"))
            .and_then(|id| id.as_i64());

        match user_id {
@@ -117,7 +120,7 @@ pub async fn is_fitting(
        // TODO: check all community subscribers if no then
        // TODO: check all topics subscribers if no then
        // TODO: check all authors subscribers
-        
+
        Ok(true)
    } else if message_data.entity == "chat" {
        // payload is Chat