From 53c868691a09b84d71f724d23a09d1fb89368792 Mon Sep 17 00:00:00 2001
From: Vika <vika@fireburn.ru>
Date: Mon, 19 Sep 2022 19:01:06 +0300
Subject: Make webauthn and openssl optional

---
 kittybox-rs/src/indieauth/mod.rs | 19 ++++++++++++++++---
 1 file changed, 16 insertions(+), 3 deletions(-)

(limited to 'kittybox-rs/src/indieauth/mod.rs')

diff --git a/kittybox-rs/src/indieauth/mod.rs b/kittybox-rs/src/indieauth/mod.rs
index adf669e..67f4a43 100644
--- a/kittybox-rs/src/indieauth/mod.rs
+++ b/kittybox-rs/src/indieauth/mod.rs
@@ -17,6 +17,7 @@ use kittybox_indieauth::{
 };
 
 pub mod backend;
+#[cfg(feature = "webauthn")]
 mod webauthn;
 use backend::AuthBackend;
 
@@ -111,6 +112,7 @@ async fn authorization_endpoint_get<A: AuthBackend, D: Storage + 'static>(
 #[serde(untagged)]
 enum Credential {
     Password(String),
+    #[cfg(feature = "webauthn")]
     WebAuthn(::webauthn::prelude::PublicKeyCredential)
 }
 
@@ -128,6 +130,7 @@ async fn verify_credential<A: AuthBackend>(
 ) -> std::io::Result<bool> {
     match credential {
         Credential::Password(password) => auth.verify_password(website, password).await,
+        #[cfg(feature = "webauthn")]
         Credential::WebAuthn(credential) => webauthn::verify(
             auth,
             website,
@@ -145,8 +148,12 @@ async fn authorization_endpoint_confirm<A: AuthBackend>(
     cookies: CookieJar,
 ) -> Response {
     tracing::debug!("Received authorization confirmation from user");
+    #[cfg(feature = "webauthn")]
     let challenge_id = cookies.get(webauthn::CHALLENGE_ID_COOKIE)
         .map(|cookie| cookie.value());
+    #[cfg(not(feature = "webauthn"))]
+    let challenge_id = None;
+
     let website = format!("https://{}/", host).parse().unwrap();
     let AuthorizationConfirmation {
         authorization_method: credential,
@@ -195,6 +202,7 @@ async fn authorization_endpoint_confirm<A: AuthBackend>(
     // opaque response instead that is completely useless
     (StatusCode::NO_CONTENT,
      [("Location", location.as_str())],
+     #[cfg(feature = "webauthn")]
      cookies.remove(Cookie::named(webauthn::CHALLENGE_ID_COOKIE))
     )
         .into_response()
@@ -309,7 +317,7 @@ async fn token_endpoint_post<A: AuthBackend, D: Storage + 'static>(
                 .unwrap()
                 .as_secs()
                 .into()
-        }    
+        }
     }
 
     #[inline]
@@ -521,7 +529,7 @@ async fn token_endpoint_post<A: AuthBackend, D: Storage + 'static>(
                 tracing::error!("Error revoking refresh token: {}", err);
                 return StatusCode::INTERNAL_SERVER_ERROR.into_response();
             }
-            
+
             GrantResponse::AccessToken {
                 me: data.me,
                 profile,
@@ -695,8 +703,13 @@ pub fn router<A: AuthBackend, D: Storage + 'static>(backend: A, db: D) -> axum::
                 .route(
                     "/userinfo",
                     get(userinfo_endpoint_get::<A, D>))
+
                 .route("/webauthn/pre_register",
-                       get(webauthn::webauthn_pre_register::<A, D>))
+                       get(
+                           #[cfg(feature = "webauthn")] webauthn::webauthn_pre_register::<A, D>,
+                           #[cfg(not(feature = "webauthn"))] || async { axum::http::StatusCode::NOT_FOUND }
+                       )
+                )
                 .layer(tower_http::cors::CorsLayer::new()
                        .allow_methods([
                            axum::http::Method::GET,
-- 
cgit 1.4.1