kanidm_proto/internal/
mod.rs

1//! Kanidm internal elements
2//!
3//! Items defined in this module *may* change between releases without notice.
4
5use crate::constants::{
6    CONTENT_TYPE_GIF, CONTENT_TYPE_JPG, CONTENT_TYPE_PNG, CONTENT_TYPE_SVG, CONTENT_TYPE_WEBP,
7};
8use clap::ValueEnum;
9use serde::{Deserialize, Serialize};
10use std::fmt;
11use std::str::FromStr;
12use url::Url;
13use utoipa::ToSchema;
14use uuid::Uuid;
15
16use num_enum::TryFromPrimitive;
17
18mod credupdate;
19mod error;
20mod raw;
21mod token;
22
23pub use self::credupdate::*;
24pub use self::error::*;
25pub use self::raw::*;
26pub use self::token::*;
27
28pub const COOKIE_AUTH_SESSION_ID: &str = "auth-session-id";
29pub const COOKIE_BEARER_TOKEN: &str = "bearer";
30pub const COOKIE_CU_SESSION_TOKEN: &str = "cu-session-token";
31pub const COOKIE_USERNAME: &str = "username";
32pub const COOKIE_OAUTH2_REQ: &str = "o2-authreq";
33
34#[derive(Debug, Serialize, Deserialize, Clone, ToSchema)]
35/// This is a description of a linked or connected application for a user. This is
36/// used in the UI to render applications on the dashboard for a user to access.
37pub enum AppLink {
38    Oauth2 {
39        name: String,
40        display_name: String,
41        redirect_url: Url,
42        // Whether this oauth2 resource has an image.
43        has_image: bool,
44    },
45}
46
47#[derive(
48    Debug, Serialize, Deserialize, Copy, Clone, Ord, PartialOrd, Eq, PartialEq, Hash, ToSchema,
49)]
50#[serde(rename_all = "lowercase")]
51#[derive(TryFromPrimitive)]
52#[repr(u16)]
53pub enum UiHint {
54    ExperimentalFeatures = 0,
55    PosixAccount = 1,
56    CredentialUpdate = 2,
57    SynchronisedAccount = 3,
58}
59
60impl fmt::Display for UiHint {
61    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
62        match self {
63            UiHint::PosixAccount => write!(f, "PosixAccount"),
64            UiHint::CredentialUpdate => write!(f, "CredentialUpdate"),
65            UiHint::ExperimentalFeatures => write!(f, "ExperimentalFeatures"),
66            UiHint::SynchronisedAccount => write!(f, "SynchronisedAccount"),
67        }
68    }
69}
70
71impl FromStr for UiHint {
72    type Err = ();
73
74    fn from_str(s: &str) -> Result<Self, Self::Err> {
75        match s {
76            "CredentialUpdate" => Ok(UiHint::CredentialUpdate),
77            "PosixAccount" => Ok(UiHint::PosixAccount),
78            "ExperimentalFeatures" => Ok(UiHint::ExperimentalFeatures),
79            "SynchronisedAccount" => Ok(UiHint::SynchronisedAccount),
80            _ => Err(()),
81        }
82    }
83}
84
85// State machine states and transitions for the identity verification system feature!
86#[derive(Serialize, Deserialize, Clone, Debug, PartialEq, ToSchema)]
87pub enum IdentifyUserRequest {
88    Start,
89    SubmitCode { other_totp: u32 },
90    DisplayCode,
91}
92
93#[derive(Serialize, Deserialize, Clone, Debug, PartialEq, ToSchema)]
94pub enum IdentifyUserResponse {
95    IdentityVerificationUnavailable,
96    IdentityVerificationAvailable,
97    ProvideCode { step: u32, totp: u32 },
98    WaitForCode,
99    Success,
100    CodeFailure,
101}
102
103#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize, Hash, Ord, PartialOrd, ValueEnum)]
104#[serde(rename_all = "lowercase")]
105pub enum ImageType {
106    Png,
107    Jpg,
108    Gif,
109    Svg,
110    Webp,
111}
112
113impl TryFrom<&str> for ImageType {
114    type Error = &'static str;
115    /// ```
116    /// use kanidm_proto::internal::ImageType;
117    /// assert_eq!(ImageType::try_from("png").unwrap(), ImageType::Png);
118    /// assert!(ImageType::try_from("krabs").is_err());
119    /// ```
120    fn try_from(value: &str) -> Result<Self, &'static str> {
121        #[allow(clippy::panic)]
122        match value {
123            "png" => Ok(Self::Png),
124            "jpg" => Ok(Self::Jpg),
125            "jpeg" => Ok(Self::Jpg), // ugh I hate this
126            "gif" => Ok(Self::Gif),
127            "svg" => Ok(Self::Svg),
128            "webp" => Ok(Self::Webp),
129            _ => Err("Invalid image type!"),
130        }
131    }
132}
133
134impl ImageType {
135    pub fn try_from_content_type(content_type: &str) -> Result<Self, String> {
136        let content_type = content_type.to_lowercase();
137        match content_type.as_str() {
138            CONTENT_TYPE_JPG => Ok(ImageType::Jpg),
139            CONTENT_TYPE_PNG => Ok(ImageType::Png),
140            CONTENT_TYPE_GIF => Ok(ImageType::Gif),
141            CONTENT_TYPE_WEBP => Ok(ImageType::Webp),
142            CONTENT_TYPE_SVG => Ok(ImageType::Svg),
143            _ => Err(format!("Invalid content type: {content_type}")),
144        }
145    }
146
147    pub fn as_content_type_str(&self) -> &'static str {
148        match &self {
149            ImageType::Jpg => CONTENT_TYPE_JPG,
150            ImageType::Png => CONTENT_TYPE_PNG,
151            ImageType::Gif => CONTENT_TYPE_GIF,
152            ImageType::Webp => CONTENT_TYPE_WEBP,
153            ImageType::Svg => CONTENT_TYPE_SVG,
154        }
155    }
156}
157
158#[derive(Clone, PartialEq, Eq, Serialize, Deserialize, Debug, PartialOrd, Ord, Hash)]
159pub struct ImageValue {
160    pub filename: String,
161    pub filetype: ImageType,
162    pub contents: Vec<u8>,
163}
164
165impl TryFrom<&str> for ImageValue {
166    type Error = String;
167    fn try_from(s: &str) -> Result<Self, String> {
168        serde_json::from_str(s).map_err(|e| format!("Failed to decode ImageValue from {s} - {e:?}"))
169    }
170}
171
172impl ImageValue {
173    pub fn new(filename: String, filetype: ImageType, contents: Vec<u8>) -> Self {
174        Self {
175            filename,
176            filetype,
177            contents,
178        }
179    }
180}
181
182#[repr(u32)]
183#[derive(Debug, Copy, Clone, Deserialize, Default, Eq, PartialEq)]
184#[serde(rename_all = "lowercase")]
185/// Filesystem type object, used for tuning database parameters.
186pub enum FsType {
187    Zfs = 65536,
188    #[default]
189    #[serde(other)]
190    /// The default setting, if not set to "zfs"
191    Generic = 4096,
192}
193
194impl FsType {
195    pub fn checkpoint_pages(&self) -> u32 {
196        match self {
197            FsType::Generic => 2048,
198            FsType::Zfs => 256,
199        }
200    }
201}
202
203impl TryFrom<&str> for FsType {
204    type Error = ();
205
206    fn try_from(s: &str) -> Result<Self, Self::Error> {
207        match s {
208            "zfs" => Ok(FsType::Zfs),
209            "generic" => Ok(FsType::Generic),
210            _ => Err(()),
211        }
212    }
213}
214
215#[derive(Debug, Serialize, Deserialize, Clone, Copy, ToSchema)]
216pub enum Oauth2ClaimMapJoin {
217    #[serde(rename = "csv")]
218    Csv,
219    #[serde(rename = "ssv")]
220    Ssv,
221    #[serde(rename = "array")]
222    Array,
223}
224
225#[derive(Debug, Serialize, Deserialize, Clone)]
226pub struct DomainInfo {
227    pub name: String,
228    pub displayname: String,
229    pub uuid: Uuid,
230    pub level: u32,
231}
232
233#[derive(Debug, Serialize, Deserialize, Clone)]
234pub struct DomainUpgradeCheckReport {
235    pub name: String,
236    pub uuid: Uuid,
237    pub current_level: u32,
238    pub upgrade_level: u32,
239    pub report_items: Vec<DomainUpgradeCheckItem>,
240}
241
242#[derive(Debug, Serialize, Deserialize, Clone, PartialEq)]
243pub enum DomainUpgradeCheckStatus {
244    Pass6To7Gidnumber,
245    Fail6To7Gidnumber,
246
247    Pass7To8SecurityKeys,
248    Fail7To8SecurityKeys,
249
250    Pass7To8Oauth2StrictRedirectUri,
251    Fail7To8Oauth2StrictRedirectUri,
252}
253
254#[derive(Debug, Serialize, Deserialize, Clone)]
255pub struct DomainUpgradeCheckItem {
256    pub from_level: u32,
257    pub to_level: u32,
258    pub status: DomainUpgradeCheckStatus,
259    pub affected_entries: Vec<String>,
260}
261
262#[test]
263fn test_fstype_deser() {
264    assert_eq!(FsType::try_from("zfs"), Ok(FsType::Zfs));
265    assert_eq!(FsType::try_from("generic"), Ok(FsType::Generic));
266    assert_eq!(FsType::try_from(" "), Err(()));
267    assert_eq!(FsType::try_from("crab🦀"), Err(()));
268}