yggdrasil/src/util/structs/token.rs

/*
 * Yggdrasil: Minecraft authentication server
 * Copyright (C) 2023 0xf8.dev@proton.me
 *
 * This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License along with this program. If not, see <https://www.gnu.org/licenses/>.
 */

use anyhow::Result;
use log::debug;
use serde::{Deserialize, Serialize};
use sqlx::Error;

use structs::account::Account;

use crate::*;

#[derive(Deserialize, Serialize, Debug)]
pub struct Token {
    pub id: i64,
    pub access: String,
    pub client: String,
    pub account: Account,
    pub issued: i64,
    pub expires: i64,
}

impl Token {
    pub async fn from_id(db: &Database, id: i64) -> Option<Self> {
        let record = sqlx::query_as!(TokenRaw, "SELECT * FROM tokens WHERE id = $1", id)
            .fetch_one(&db.pool)
            .await;

        match record {
            Ok(r) => Some(r.complete(db).await),
            Err(e) => { debug!("{e}"); None },
        }
    }

    pub async fn from_access_token(db: &Database, access: String) -> Option<Self> {
        let record = sqlx::query_as!(TokenRaw, "SELECT * FROM tokens WHERE access = $1", access)
            .fetch_one(&db.pool)
            .await;

        match record {
            Ok(r) => Some(r.complete(db).await),
            Err(e) => { debug!("{e}"); None },
        }
    }

    pub async fn from_client_token(db: &Database, client: String) -> Option<Self> {
        let record = sqlx::query_as!(TokenRaw, "SELECT * FROM tokens WHERE client = $1", client)
            .fetch_one(&db.pool)
            .await;

        match record {
            Ok(r) => Some(r.complete(db).await),
            Err(e) => { debug!("{e}"); None },
        }
    }

    pub fn random_token() -> String {
        random_string::generate(128, "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ_.")
    }

    pub fn rehyphenate(uuid: String) -> String {
        format!("{}-{}-{}-{}-{}",
                uuid[0..8].to_string(),
                uuid[8..12].to_string(),
                uuid[12..16].to_string(),
                uuid[16..20].to_string(),
                uuid[20..32].to_string()
        )
    }

    pub async fn new(db: &Database, account: Account, client_token: String) -> Option<Token> {
        let access_token = Self::random_token();
        let issued = (get_unix_timestamp() / 1000) as i64;
        let expires = issued + 604800;

        let record = sqlx::query!("INSERT INTO tokens(access, client, account, issued, expires) VALUES ($1, $2, $3, $4, $5) RETURNING *",
            access_token, client_token, account.id, issued, expires)
            .fetch_one(&db.pool)
            .await;

        match record {
            Ok(r) => Some(Token {
                id: r.id,
                access: access_token,
                client: client_token,
                account,
                issued,
                expires,
            }),
            Err(e) => { debug!("{e}"); None },
        }
    }

    pub async fn delete(&self, db: &Database) -> Result<()> {
        sqlx::query!("DELETE FROM tokens WHERE id = $1", self.id)
            .execute(&db.pool)
            .await?;

        Ok(())
    }

    pub async fn delete_all_from(db: &Database, account: Account) -> Result<()> {
        sqlx::query!("DELETE FROM tokens WHERE account = $1", account.id)
            .execute(&db.pool)
            .await?;

        Ok(())
    }

    async fn remove_expired(db: &Database) -> Result<()> {
        let time = (get_unix_timestamp() / 1000) as f64;
        sqlx::query!("DELETE FROM tokens WHERE expires <= $1", time)
            .execute(&db.pool)
            .await?;

        Ok(())
    }

    pub async fn validate_with(&self, db: &Database, client: String, allow_old: bool) -> Result<bool> {
        Self::remove_expired(db).await?;

        Ok({
            if self.client != client { return Ok(false) }
            else if !allow_old { get_unix_timestamp() / 1000 < (self.issued + 864000) as u128 }
            else { true }
        })
    }

    pub async fn validate(&self, db: &Database, allow_old: bool) -> Result<bool> {
        Self::remove_expired(db).await?;

        Ok({
            if !allow_old { get_unix_timestamp() / 1000 < (self.issued + 864000) as u128 }
            else { true }
        })
    }
}

pub struct TokenRaw {
    pub id: i64,
    pub access: String,
    pub client: String,
    pub account: i64,
    pub issued: i64,
    pub expires: i64
}

impl TokenRaw {
    pub async fn complete(self, db: &Database) -> Token {
        Token {
            id: self.id,
            access: self.access,
            client: self.client,
            account: Account::from_id(db, self.account).await.expect("Couldn't resolve token owner"),
            issued: self.issued,
            expires: self.expires,
        }
    }
}