diff options
Diffstat (limited to 'kittybox-rs/src/indieauth/mod.rs')
| -rw-r--r-- | kittybox-rs/src/indieauth/mod.rs | 19 |
1 files changed, 16 insertions, 3 deletions
diff --git a/kittybox-rs/src/indieauth/mod.rs b/kittybox-rs/src/indieauth/mod.rs index adf669e..67f4a43 100644 --- a/kittybox-rs/src/indieauth/mod.rs +++ b/kittybox-rs/src/indieauth/mod.rs @@ -17,6 +17,7 @@ use kittybox_indieauth::{ }; pub mod backend; +#[cfg(feature = "webauthn")] mod webauthn; use backend::AuthBackend; @@ -111,6 +112,7 @@ async fn authorization_endpoint_get<A: AuthBackend, D: Storage + 'static>( #[serde(untagged)] enum Credential { Password(String), + #[cfg(feature = "webauthn")] WebAuthn(::webauthn::prelude::PublicKeyCredential) } @@ -128,6 +130,7 @@ async fn verify_credential<A: AuthBackend>( ) -> std::io::Result<bool> { match credential { Credential::Password(password) => auth.verify_password(website, password).await, + #[cfg(feature = "webauthn")] Credential::WebAuthn(credential) => webauthn::verify( auth, website, @@ -145,8 +148,12 @@ async fn authorization_endpoint_confirm<A: AuthBackend>( cookies: CookieJar, ) -> Response { tracing::debug!("Received authorization confirmation from user"); + #[cfg(feature = "webauthn")] let challenge_id = cookies.get(webauthn::CHALLENGE_ID_COOKIE) .map(|cookie| cookie.value()); + #[cfg(not(feature = "webauthn"))] + let challenge_id = None; + let website = format!("https://{}/", host).parse().unwrap(); let AuthorizationConfirmation { authorization_method: credential, @@ -195,6 +202,7 @@ async fn authorization_endpoint_confirm<A: AuthBackend>( // opaque response instead that is completely useless (StatusCode::NO_CONTENT, [("Location", location.as_str())], + #[cfg(feature = "webauthn")] cookies.remove(Cookie::named(webauthn::CHALLENGE_ID_COOKIE)) ) .into_response() @@ -309,7 +317,7 @@ async fn token_endpoint_post<A: AuthBackend, D: Storage + 'static>( .unwrap() .as_secs() .into() - } + } } #[inline] @@ -521,7 +529,7 @@ async fn token_endpoint_post<A: AuthBackend, D: Storage + 'static>( tracing::error!("Error revoking refresh token: {}", err); return StatusCode::INTERNAL_SERVER_ERROR.into_response(); } - + GrantResponse::AccessToken { me: data.me, profile, @@ -695,8 +703,13 @@ pub fn router<A: AuthBackend, D: Storage + 'static>(backend: A, db: D) -> axum:: .route( "/userinfo", get(userinfo_endpoint_get::<A, D>)) + .route("/webauthn/pre_register", - get(webauthn::webauthn_pre_register::<A, D>)) + get( + #[cfg(feature = "webauthn")] webauthn::webauthn_pre_register::<A, D>, + #[cfg(not(feature = "webauthn"))] || async { axum::http::StatusCode::NOT_FOUND } + ) + ) .layer(tower_http::cors::CorsLayer::new() .allow_methods([ axum::http::Method::GET, |