Skip to content

Commit

Permalink
Avoid use unwrap. (#18)
Browse files Browse the repository at this point in the history 
* Use let match return pattern to avoid unwrap

* Format with fmt

* Nesting match
  • Loading branch information
@allevo
allevo authored Apr 28, 2024
1 parent ef61b64 commit be17f50
Showing 1 changed file with 41 additions and 40 deletions.
81 changes: 41 additions & 40 deletions src/handler.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,57 +39,58 @@ impl Handler {
async fn do_call(self, event: TokenAuthorizerEvent) -> Result<TokenAuthorizerResponse, Error> {
// TODO: custom metrics using EMF logs
// extract token from header
let token = parse_token_from_header(&event.authorization_token);
if let Err(e) = token {
tracing::info!(
"Failed to extract token fron header (header_value='{}'): {}",
event.authorization_token,
e
);
return Ok(TokenAuthorizerResponse::deny(&event.method_arn));
}
let token = token.unwrap();
let token = match parse_token_from_header(&event.authorization_token) {
Ok(token) => token,
Err(e) => {
tracing::info!(
"Failed to extract token fron header (header_value='{}'): {}",
event.authorization_token,
e
);
return Ok(TokenAuthorizerResponse::deny(&event.method_arn));
}
};

// parse token header
let token_header = decode_header(token);
if let Err(e) = token_header {
tracing::info!("Failed to parse token header (token='{}'): {}", token, e);
return Ok(TokenAuthorizerResponse::deny(&event.method_arn));
}
let token_header = token_header.unwrap();
let token_header = match decode_header(token) {
Ok(token_header) => token_header,
Err(e) => {
tracing::info!("Failed to parse token header (token='{}'): {}", token, e);
return Ok(TokenAuthorizerResponse::deny(&event.method_arn));
}
};

// validate the signing algorithm
if let Err(e) = self.accepted_signing_algorithms.assert(&token_header.alg) {
tracing::info!(e);
return Ok(TokenAuthorizerResponse::deny(&event.method_arn));
}

// retrieve token key
if token_header.kid.is_none() {
tracing::info!(
"Missing kid in token header (token_header='{:?}')",
token_header
);
return Ok(TokenAuthorizerResponse::deny(&event.method_arn));
}

// get the key from the storage
let key_id = token_header.kid.unwrap();
let key_result = self.keys.get(&key_id).await;
if let Err(e) = key_result {
tracing::info!("Failed to retrieve key (key_id='{}'): {}", key_id, e);
return Ok(TokenAuthorizerResponse::deny(&event.method_arn));
}
let key = key_result.unwrap();
let key = match token_header.kid {
Some(key_id) => match self.keys.get(&key_id).await {
Ok(key) => key,
Err(e) => {
tracing::info!("Failed to retrieve key (key_id='{}'): {}", key_id, e);
return Ok(TokenAuthorizerResponse::deny(&event.method_arn));
}
},
None => {
tracing::info!(
"Missing kid in token header (token_header='{:?}')",
token_header
);
return Ok(TokenAuthorizerResponse::deny(&event.method_arn));
}
};

// validate token and get payload
let token_payload =
decode::<serde_json::Value>(token, &key, &Validation::new(token_header.alg));
if let Err(e) = token_payload {
tracing::info!("Failed to validate token (token='{}'): {}", token, e);
return Ok(TokenAuthorizerResponse::deny(&event.method_arn));
}
let token_payload = token_payload.unwrap();
match decode::<serde_json::Value>(token, &key, &Validation::new(token_header.alg)) {
Ok(token_payload) => token_payload,
Err(e) => {
tracing::info!("Failed to validate token (token='{}'): {}", token, e);
return Ok(TokenAuthorizerResponse::deny(&event.method_arn));
}
};

// validate issuer
if let Err(e) = self.accepted_issuers.assert(&token_payload.claims) {
Expand Down

0 comments on commit be17f50

Please sign in to comment.