From 34f4817f194153c36a7ce26dfaebbe2e6133c9eb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=A9mi=20Bardon?= Date: Sat, 10 Aug 2024 20:19:09 +0200 Subject: [PATCH] =?UTF-8?q?=E2=9C=A8=20Add=20debug=20route=20to=20list=20r?= =?UTF-8?q?evoked=20tokens?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/orangutan-server/src/main.rs | 2 ++ src/orangutan-server/src/routes/debug_routes.rs | 17 +++++++++++++++++ 2 files changed, 19 insertions(+) diff --git a/src/orangutan-server/src/main.rs b/src/orangutan-server/src/main.rs index c3fac22..a6138a1 100644 --- a/src/orangutan-server/src/main.rs +++ b/src/orangutan-server/src/main.rs @@ -119,6 +119,8 @@ enum Error { UpdateContentError(#[from] update_content_routes::Error), #[error("Unauthorized")] Unauthorized, + #[error("Forbidden")] + Forbidden, #[cfg(feature = "templating")] #[error("Templating error: {0}")] TemplatingError(#[from] templating::Error), diff --git a/src/orangutan-server/src/routes/debug_routes.rs b/src/orangutan-server/src/routes/debug_routes.rs index 4ca681d..2f558a8 100644 --- a/src/orangutan-server/src/routes/debug_routes.rs +++ b/src/orangutan-server/src/routes/debug_routes.rs @@ -4,6 +4,7 @@ use chrono::{DateTime, Utc}; use lazy_static::lazy_static; use rocket::{get, http::CookieJar, routes, Route}; +use super::auth_routes::REVOKED_TOKENS; use crate::{request_guards::Token, Error}; lazy_static! { @@ -24,6 +25,7 @@ pub(super) fn routes() -> Vec { get_user_info, errors, access_logs, + revoked_tokens, ]; #[cfg(feature = "token-generator")] let routes = vec![routes, routes![ @@ -137,6 +139,21 @@ pub fn log_access( }) } +#[get("/_revoked-tokens")] +fn revoked_tokens(token: Token) -> Result { + if !token.profiles().contains(&"*".to_owned()) { + Err(Error::Forbidden)? + } + + let mut res = String::new(); + for token in REVOKED_TOKENS.read().unwrap().iter() { + res.push_str(std::str::from_utf8(token).unwrap_or("")); + res.push('\n'); + } + + Ok(res) +} + #[cfg(feature = "token-generator")] pub mod token_generator { use orangutan_refresh_token::RefreshToken;