Merge branch 'tim/2fa' into 'master'

2FA

See merge request TankerHQ/sdk-rust!28

Author: Jeremy T

src/core.rs

@@ -84,9 +84,16 @@ impl Core {
     ///
     /// # Arguments
     /// * `verification` - The verification to use for identity registration
-    pub async fn register_identity(&self, verification: &Verification) -> Result<(), Error> {
+    pub async fn register_identity(
+        &self,
+        verification: &Verification,
+        options: &VerificationOptions,
+    ) -> Result<Option<String>, Error> {
         let verif_wrapper = verification.to_cverification_wrapper();
-        unsafe { ctanker::register_identity(self.ctanker, verif_wrapper.as_cverification()).await }
+        unsafe {
+            ctanker::register_identity(self.ctanker, verif_wrapper.as_cverification(), options)
+                .await
+        }
     }
 
     /// Verifies the user's identity with which [start()](Self::start) has been called, and starts the session.
@@ -95,9 +102,15 @@ impl Core {
     ///
     /// # Arguments
     /// * `verification` - The verification to use
-    pub async fn verify_identity(&self, verification: &Verification) -> Result<(), Error> {
+    pub async fn verify_identity(
+        &self,
+        verification: &Verification,
+        options: &VerificationOptions,
+    ) -> Result<Option<String>, Error> {
         let verif_wrapper = verification.to_cverification_wrapper();
-        unsafe { ctanker::verify_identity(self.ctanker, verif_wrapper.as_cverification()).await }
+        unsafe {
+            ctanker::verify_identity(self.ctanker, verif_wrapper.as_cverification(), options).await
+        }
     }
 
     /// Attaches a provisional identity to the user.
@@ -129,10 +142,19 @@ impl Core {
     ///
     /// # Arguments
     /// * `verification` - The verification to set
-    pub async fn set_verification_method(&self, verification: &Verification) -> Result<(), Error> {
+    pub async fn set_verification_method(
+        &self,
+        verification: &Verification,
+        options: &VerificationOptions,
+    ) -> Result<Option<String>, Error> {
         let verif_wrapper = verification.to_cverification_wrapper();
         unsafe {
-            ctanker::set_verification_method(self.ctanker, verif_wrapper.as_cverification()).await
+            ctanker::set_verification_method(
+                self.ctanker,
+                verif_wrapper.as_cverification(),
+                options,
+            )
+            .await
         }
     }
 

src/ctanker.rs

@@ -1,8 +1,10 @@
 mod cfuture;
+
 pub use cfuture::*;
 use std::marker::PhantomData;
 
 mod cstream;
+
 pub use cstream::*;
 
 pub use self::bindings::tanker_future;
@@ -18,12 +20,13 @@ pub type LogHandlerCallback = Box<dyn Fn(LogRecord) + Send>;
 
 use crate::{
     AttachResult, Device, EncryptionOptions, Error, ErrorCode, LogRecord, LogRecordLevel, Options,
-    SharingOptions, Status, VerificationMethod,
+    SharingOptions, Status, VerificationMethod, VerificationOptions,
 };
 use lazy_static::lazy_static;
 use std::convert::TryFrom;
 use std::ffi::{c_void, CStr, CString};
 use std::os::raw::c_char;
+use std::ptr::NonNull;
 use std::sync::{Mutex, Once};
 
 static RUST_SDK_VERSION: &str = env!("CARGO_PKG_VERSION");
@@ -152,17 +155,47 @@ pub async unsafe fn generate_verification_key(ctanker: CTankerPtr) -> Result<Str
 pub async unsafe fn register_identity(
     ctanker: CTankerPtr,
     verification: *const CVerification,
-) -> Result<(), Error> {
-    let fut = unsafe { CFuture::<c_void>::new(tanker_register_identity(ctanker, verification)) };
-    fut.await.map(|_| ())
+    options: &VerificationOptions,
+) -> Result<Option<String>, Error> {
+    let c_options = tanker_verification_options {
+        version: 1,
+        with_session_token: options.with_session_token,
+    };
+    let fut = unsafe {
+        CFuture::<c_void>::new(tanker_register_identity(ctanker, verification, &c_options))
+    };
+    let token_str_ptr = fut.await? as *mut i8;
+    Ok(NonNull::new(token_str_ptr).map(|str_ptr| {
+        let str = CStr::from_ptr(str_ptr.as_ptr())
+            .to_str()
+            .unwrap()
+            .to_owned();
+        free_buffer(str_ptr.as_ptr() as *mut c_void);
+        str
+    }))
 }
 
 pub async unsafe fn verify_identity(
     ctanker: CTankerPtr,
     verification: *const CVerification,
-) -> Result<(), Error> {
-    let fut = unsafe { CFuture::<c_void>::new(tanker_verify_identity(ctanker, verification)) };
-    fut.await.map(|_| ())
+    options: &VerificationOptions,
+) -> Result<Option<String>, Error> {
+    let c_options = tanker_verification_options {
+        version: 1,
+        with_session_token: options.with_session_token,
+    };
+    let fut = unsafe {
+        CFuture::<c_void>::new(tanker_verify_identity(ctanker, verification, &c_options))
+    };
+    let token_str_ptr = fut.await? as *mut i8;
+    Ok(NonNull::new(token_str_ptr).map(|str_ptr| {
+        let str = CStr::from_ptr(str_ptr.as_ptr())
+            .to_str()
+            .unwrap()
+            .to_owned();
+        free_buffer(str_ptr.as_ptr() as *mut c_void);
+        str
+    }))
 }
 
 pub async unsafe fn verify_provisional_identity(
@@ -176,10 +209,28 @@ pub async unsafe fn verify_provisional_identity(
 pub async unsafe fn set_verification_method(
     ctanker: CTankerPtr,
     verification: *const CVerification,
-) -> Result<(), Error> {
-    let fut =
-        unsafe { CFuture::<c_void>::new(tanker_set_verification_method(ctanker, verification)) };
-    fut.await.map(|_| ())
+    options: &VerificationOptions,
+) -> Result<Option<String>, Error> {
+    let c_options = tanker_verification_options {
+        version: 1,
+        with_session_token: options.with_session_token,
+    };
+    let fut = unsafe {
+        CFuture::<c_void>::new(tanker_set_verification_method(
+            ctanker,
+            verification,
+            &c_options,
+        ))
+    };
+    let token_str_ptr = fut.await? as *mut i8;
+    Ok(NonNull::new(token_str_ptr).map(|str_ptr| {
+        let str = CStr::from_ptr(str_ptr.as_ptr())
+            .to_str()
+            .unwrap()
+            .to_owned();
+        free_buffer(str_ptr.as_ptr() as *mut c_void);
+        str
+    }))
 }
 
 pub async unsafe fn get_verification_methods(

src/lib.rs

@@ -18,6 +18,9 @@ pub use types::*;
 mod sharing_options;
 pub use sharing_options::{EncryptionOptions, SharingOptions};
 
+mod verification_options;
+pub use verification_options::VerificationOptions;
+
 mod verification_methods;
 pub use verification_methods::*;
 

src/verification_options.rs

@@ -0,0 +1,26 @@
+/// Extra options used during identity verification
+#[derive(Debug, Clone)]
+#[non_exhaustive]
+pub struct VerificationOptions {
+    pub(crate) with_session_token: bool,
+}
+
+impl VerificationOptions {
+    pub fn new() -> Self {
+        Default::default()
+    }
+
+    /// Requests to create a Session Token on verification
+    pub fn with_session_token(mut self) -> Self {
+        self.with_session_token = true;
+        self
+    }
+}
+
+impl Default for VerificationOptions {
+    fn default() -> Self {
+        Self {
+            with_session_token: false,
+        }
+    }
+}

tests/identity/admin.rs

@@ -87,6 +87,7 @@ impl Admin {
         id: &str,
         oidc_client_id: Option<&str>,
         oidc_provider: Option<&str>,
+        with_session_token: Option<bool>,
     ) -> Result<(), Error> {
         let url = self.make_url(id);
         let mut json = serde_json::Map::<_, _>::new();
@@ -96,6 +97,12 @@ impl Admin {
         if let Some(oidc_provider) = oidc_provider {
             json.insert("oidc_provider".to_owned(), oidc_provider.into());
         }
+        if let Some(with_session_token) = with_session_token {
+            json.insert(
+                "session_certificates_enabled".to_owned(),
+                with_session_token.into(),
+            );
+        }
         let json: Value = json.into();
 
         admin_rest_request(self.client.patch(&url).json(&json)).await?;

tests/identity/test_app.rs

@@ -9,7 +9,7 @@ use crate::identity::{create_identity, create_provisional_identity, get_public_i
 use futures::executor::block_on;
 use rand::distributions::Alphanumeric;
 use rand::Rng;
-use tankersdk::{Core, Error, LogRecordLevel, Options, Status, Verification};
+use tankersdk::{Core, Error, LogRecordLevel, Options, Status, Verification, VerificationOptions};
 
 pub struct TestApp {
     config: Config,
@@ -53,6 +53,18 @@ impl TestApp {
         &self.app.id
     }
 
+    pub fn url(&self) -> &str {
+        &self.config.api_url
+    }
+
+    pub fn trustchaind_url(&self) -> &str {
+        &self.config.trustchain_url
+    }
+
+    pub fn auth_token(&self) -> &str {
+        &self.app.auth_token
+    }
+
     pub async fn get_verification_code(&self, email: &str) -> Result<String, Error> {
         self.app.get_verification_code(email).await
     }
@@ -61,9 +73,15 @@ impl TestApp {
         &self,
         oidc_client_id: Option<&str>,
         oidc_provider: Option<&str>,
+        with_session_token: Option<bool>,
     ) -> Result<(), Error> {
         self.admin
-            .app_update(&self.app.id, oidc_client_id, oidc_provider)
+            .app_update(
+                &self.app.id,
+                oidc_client_id,
+                oidc_provider,
+                with_session_token,
+            )
             .await
     }
 
@@ -93,7 +111,9 @@ impl TestApp {
 
         let key = tanker.generate_verification_key().await?;
         let verif = Verification::VerificationKey(key);
-        tanker.register_identity(&verif).await?;
+        tanker
+            .register_identity(&verif, &VerificationOptions::new())
+            .await?;
         assert_eq!(tanker.status(), Status::Ready);
 
         Ok(tanker)

tests/tanker_tests.rs

@@ -41,7 +41,9 @@ async fn start_stop_session() -> Result<(), Error> {
     assert_eq!(status, Status::IdentityRegistrationNeeded);
 
     let passphrase = Verification::Passphrase("pass".into());
-    tanker.register_identity(&passphrase).await?;
+    tanker
+        .register_identity(&passphrase, &VerificationOptions::new())
+        .await?;
     assert_eq!(tanker.status(), Status::Ready);
 
     tanker.stop().await?;
@@ -210,7 +212,8 @@ async fn attach_provisional_with_single_verif() -> Result<(), Error> {
         email: bob_email.clone(),
         verification_code: app.get_verification_code(&bob_email).await?,
     };
-    bob.register_identity(&verif).await?;
+    bob.register_identity(&verif, &VerificationOptions::new())
+        .await?;
 
     let attach_result = bob.attach_provisional_identity(&bob_provisional).await?;
     assert_eq!(attach_result.status, Status::Ready);