1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116
// Copyright (c) 2024 Emmanuel Gil Peyrot <linkmauve@linkmauve.fr>
//
// This Source Code Form is subject to the terms of the Mozilla Public
// License, v. 2.0. If a copy of the MPL was not distributed with this
// file, You can obtain one at http://mozilla.org/MPL/2.0/.
use xso::{FromXml, IntoXml};
use crate::date::DateTime;
use crate::ns;
generate_elem_id!(
/// A `<mechanism/>` element, describing one mechanism allowed by the server to authenticate.
Mechanism, "mechanism", FAST
);
// TODO: Replace this with a proper bool once we can derive FromXml and IntoXml on FastQuery.
generate_attribute!(
/// Whether TLS zero-roundtrip is possible.
Tls0Rtt, "tls-0rtt", bool
);
generate_element!(
/// This is the `<fast/>` element sent by the server as a SASL2 inline feature.
FastQuery, "fast", FAST,
attributes: [
/// Whether TLS zero-roundtrip is possible.
tls_0rtt: Default<Tls0Rtt> = "tls-0rtt",
],
children: [
/// A list of `<mechanism/>` elements, listing all server allowed mechanisms.
mechanisms: Vec<Mechanism> = ("mechanism", FAST) => Mechanism
]
);
/// This is the `<fast/>` element the client MUST include within its SASL2 authentication request.
#[derive(FromXml, IntoXml, Debug, Clone, PartialEq)]
#[xml(namespace = ns::FAST, name = "fast")]
pub struct FastResponse {
/// Servers MUST reject any authentication requests received via TLS 0-RTT payloads that do not
/// include a 'count' attribute, or where the count is less than or equal to a count that has
/// already been processed for this token. This protects against replay attacks that 0-RTT is
/// susceptible to.
#[xml(attribute)]
pub count: u32,
/// If true and the client has successfully authenticated, the server MUST invalidate the
/// token.
#[xml(attribute(default))]
pub invalidate: bool,
}
/// This is the `<request-token/>` element sent by the client in the SASL2 authenticate step.
#[derive(FromXml, IntoXml, Debug, Clone, PartialEq)]
#[xml(namespace = ns::FAST, name = "request-token")]
pub struct RequestToken {
/// This element MUST contain a 'mechanism' attribute, the value of which MUST be one of the
/// FAST mechanisms advertised by the server.
#[xml(attribute)]
pub mechanism: String,
}
/// This is the `<token/>` element sent by the server on successful SASL2 authentication containing
/// a `<request-token/>` element.
#[derive(FromXml, IntoXml, Debug, Clone, PartialEq)]
#[xml(namespace = ns::FAST, name = "token")]
pub struct Token {
/// The secret token to be used for subsequent authentications, as generated by the server.
#[xml(attribute)]
pub token: String,
/// The timestamp at which the token will expire.
#[xml(attribute)]
pub expiry: DateTime,
}
#[cfg(test)]
mod tests {
use super::*;
use crate::Element;
use std::str::FromStr;
#[test]
fn test_simple() {
let elem: Element = "<fast xmlns='urn:xmpp:fast:0'><mechanism>FOO-BAR</mechanism></fast>"
.parse()
.unwrap();
let request = FastQuery::try_from(elem).unwrap();
assert_eq!(request.tls_0rtt, Tls0Rtt::False);
assert_eq!(request.mechanisms, [Mechanism(String::from("FOO-BAR"))]);
let elem: Element = "<fast xmlns='urn:xmpp:fast:0' count='123'/>"
.parse()
.unwrap();
let response = FastResponse::try_from(elem).unwrap();
assert_eq!(response.count, 123);
assert_eq!(response.invalidate, false);
let elem: Element = "<request-token xmlns='urn:xmpp:fast:0' mechanism='FOO-BAR'/>"
.parse()
.unwrap();
let request_token = RequestToken::try_from(elem).unwrap();
assert_eq!(request_token.mechanism, "FOO-BAR");
let elem: Element =
"<token xmlns='urn:xmpp:fast:0' token='ABCD' expiry='2024-06-30T17:13:57+02:00'/>"
.parse()
.unwrap();
let token = Token::try_from(elem).unwrap();
assert_eq!(token.token, "ABCD");
assert_eq!(
token.expiry,
DateTime::from_str("2024-06-30T17:13:57+02:00").unwrap()
);
}
}