diff options
| -rw-r--r-- | src/config.rs | 4 | ||||
| -rw-r--r-- | src/login/ldap_provider.rs | 22 | ||||
| -rw-r--r-- | src/login/static_provider.rs | 4 |
3 files changed, 4 insertions, 26 deletions
diff --git a/src/config.rs b/src/config.rs index 5bd7380..85d38aa 100644 --- a/src/config.rs +++ b/src/config.rs @@ -79,8 +79,6 @@ pub struct LoginLdapConfig { pub username_attr: String, #[serde(default = "default_mail_attr")] pub mail_attr: String, - pub user_secret_attr: String, - pub alternate_user_secrets_attr: Option<String>, // Storage related thing #[serde(flatten)] @@ -140,7 +138,7 @@ pub enum AnyConfig { } // --- -pub fn read_config<'a, T: Deserialize<'a>>(config_file: PathBuf) -> Result<T> { +pub fn read_config<T: serde::de::DeserializeOwned>(config_file: PathBuf) -> Result<T> { let mut file = std::fs::OpenOptions::new() .read(true) .open(config_file.as_path())?; diff --git a/src/login/ldap_provider.rs b/src/login/ldap_provider.rs index 561b1c2..f72b289 100644 --- a/src/login/ldap_provider.rs +++ b/src/login/ldap_provider.rs @@ -19,8 +19,6 @@ pub struct LdapLoginProvider { mail_attr: String, storage_specific: StorageSpecific, - user_secret_attr: String, - alternate_user_secrets_attr: Option<String>, } enum BucketSource { @@ -50,13 +48,8 @@ impl LdapLoginProvider { let mut attrs_to_retrieve = vec![ config.username_attr.clone(), config.mail_attr.clone(), - config.user_secret_attr.clone(), ]; - if let Some(a) = &config.alternate_user_secrets_attr { - attrs_to_retrieve.push(a.clone()); - } - // storage specific let specific = match config.storage { LdapStorage::InMemory => StorageSpecific::InMemory, @@ -86,8 +79,6 @@ impl LdapLoginProvider { username_attr: config.username_attr, mail_attr: config.mail_attr, storage_specific: specific, - user_secret_attr: config.user_secret_attr, - alternate_user_secrets_attr: config.alternate_user_secrets_attr, }) } @@ -165,20 +156,9 @@ impl LoginProvider for LdapLoginProvider { debug!("Ldap login with user name {} successfull", username); let storage = self.storage_creds_from_ldap_user(&user)?; - - let user_secret = get_attr(&user, &self.user_secret_attr)?; - let alternate_user_secrets = match &self.alternate_user_secrets_attr { - None => vec![], - Some(a) => user.attrs.get(a).cloned().unwrap_or_default(), - }; - let user_secrets = UserSecrets { - user_secret, - alternate_user_secrets, - }; - drop(ldap); - let keys = CryptoKeys::open(&storage, &user_secrets, password).await?; + let keys = CryptoKeys::open(&storage, password).await?; Ok(Credentials { storage, keys }) } diff --git a/src/login/static_provider.rs b/src/login/static_provider.rs index 3f6a840..d0a4624 100644 --- a/src/login/static_provider.rs +++ b/src/login/static_provider.rs @@ -30,7 +30,7 @@ impl StaticLoginProvider { } pub fn update_user_list(&mut self) -> Result<()> { - let ulist: UserList = read_config(self.user_list)?; + let ulist: UserList = read_config(self.user_list.clone())?; let users = ulist .into_iter() @@ -76,7 +76,7 @@ impl LoginProvider for StaticLoginProvider { }), }; - let keys = match user.crypto_root { /*(&user.master_key, &user.secret_key) {*/ + let keys = match &user.crypto_root { /*(&user.master_key, &user.secret_key) {*/ CryptographyRoot::InPlace { master_key: m, secret_key: s } => { let master_key = Key::from_slice(&base64::decode(m)?).ok_or(anyhow!("Invalid master key"))?; |