validate-jwt-query-fix

2023-12-13 17:57:12 +03:00 · 2023-12-13 17:57:12 +03:00 · d15633af0f
commit d15633af0f
parent d8375f39d3
3 changed files with 19 additions and 16 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@ -455,7 +455,7 @@ dependencies = [

 [[package]]
 name = "discoursio-presence"
-version = "0.2.14"
+version = "0.2.15"
 dependencies = [
 "actix-web",
 "futures",
--- a/Cargo.toml
+++ b/Cargo.toml
@ -1,6 +1,6 @@
 [package]
 name = "discoursio-presence"
-version = "0.2.14"
+version = "0.2.15"
 edition = "2021"

 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
--- a/src/data.rs
+++ b/src/data.rs
@ -1,4 +1,4 @@
-use reqwest::header::{HeaderMap, HeaderValue, AUTHORIZATION, CONTENT_TYPE};
+use reqwest::header::{HeaderMap, HeaderValue, CONTENT_TYPE};
 use reqwest::Client as HTTPClient;
 use serde_json::json;
 use std::collections::HashMap;
@ -9,19 +9,22 @@ use crate::SSEMessageData;

 pub async fn get_auth_id(token: &str) -> Result<i32, Box<dyn Error>> {
    let auth_api_base = env::var("AUTH_URL")?;
-    let (query_name, query_type) = match auth_api_base.contains("auth.discours.io") {
-        true => ("session", "query"),    // authorizer
-        _ => ("getSession", "mutation"), // v2
-    };
-    let operation = "GetUserId";
    let mut headers = HeaderMap::new();
-    headers.insert(AUTHORIZATION, HeaderValue::from_str(token)?);
    headers.insert(CONTENT_TYPE, HeaderValue::from_static("application/json"));

    let gql = json!({
-        "query": format!("{} {} {{ {} {{ user {{ id }} }} }}", query_type, operation, query_name),
-        "operationName": operation,
-        "variables": HashMap::<String, String>::new()
+        "query": r#"query ValidateJWTToken($params: ValidateJWTTokenInput) {
+            validate_jwt_token(params: $params) {
+                is_valid
+                claims
+            }
+        }"#,
+        "variables": {
+            "params": {
+                "token_type": "access_token",
+                "token": token,
+            }
+        }
    });

    let client = HTTPClient::new();
@ -36,9 +39,9 @@ pub async fn get_auth_id(token: &str) -> Result<i32, Box<dyn Error>> {
        let r: HashMap<String, serde_json::Value> = response.json().await?;
        let user_id = r
            .get("data")
-            .and_then(|data| data.get(query_name))
-            .and_then(|query| query.get("user"))
-            .and_then(|user| user.get("id"))
+            .and_then(|data| data.get("validate_jwt_token"))
+            .and_then(|query| query.get("clams"))
+            .and_then(|claims| claims.get("sub"))
            .and_then(|id| id.as_i64());

        match user_id {