1 // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
2 // Copyright by contributors to this project.
3 // SPDX-License-Identifier: (Apache-2.0 OR MIT)
4
5 use crate::{identity::CredentialType, identity::SigningIdentity, time::MlsTime};
6 use alloc::vec;
7 use alloc::vec::Vec;
8 pub use mls_rs_core::identity::BasicCredential;
9 use mls_rs_core::{error::IntoAnyError, extension::ExtensionList, identity::IdentityProvider};
10
11 #[derive(Debug)]
12 #[cfg_attr(feature = "std", derive(thiserror::Error))]
13 #[cfg_attr(feature = "std", error("unsupported credential type found: {0:?}"))]
14 /// Error returned in the event that a non-basic
15 /// credential is passed to a [`BasicIdentityProvider`].
16 pub struct BasicIdentityProviderError(CredentialType);
17
18 impl IntoAnyError for BasicIdentityProviderError {
19 #[cfg(feature = "std")]
into_dyn_error(self) -> Result<Box<dyn std::error::Error + Send + Sync>, Self>20 fn into_dyn_error(self) -> Result<Box<dyn std::error::Error + Send + Sync>, Self> {
21 Ok(self.into())
22 }
23 }
24
25 impl BasicIdentityProviderError {
credential_type(&self) -> CredentialType26 pub fn credential_type(&self) -> CredentialType {
27 self.0
28 }
29 }
30
31 #[derive(Clone, Debug, Default)]
32 /// An always-valid identity provider that works with [`BasicCredential`].
33 ///
34 /// # Warning
35 ///
36 /// This provider always returns `true` for `validate` as long as the
37 /// [`SigningIdentity`] used contains a [`BasicCredential`]. It is only
38 /// recommended to use this provider for testing purposes.
39 pub struct BasicIdentityProvider;
40
41 impl BasicIdentityProvider {
new() -> Self42 pub fn new() -> Self {
43 Self
44 }
45 }
46
resolve_basic_identity( signing_id: &SigningIdentity, ) -> Result<&BasicCredential, BasicIdentityProviderError>47 fn resolve_basic_identity(
48 signing_id: &SigningIdentity,
49 ) -> Result<&BasicCredential, BasicIdentityProviderError> {
50 signing_id
51 .credential
52 .as_basic()
53 .ok_or_else(|| BasicIdentityProviderError(signing_id.credential.credential_type()))
54 }
55
56 #[cfg_attr(not(mls_build_async), maybe_async::must_be_sync)]
57 #[cfg_attr(mls_build_async, maybe_async::must_be_async)]
58 impl IdentityProvider for BasicIdentityProvider {
59 type Error = BasicIdentityProviderError;
60
validate_member( &self, signing_identity: &SigningIdentity, _timestamp: Option<MlsTime>, _extensions: Option<&ExtensionList>, ) -> Result<(), Self::Error>61 async fn validate_member(
62 &self,
63 signing_identity: &SigningIdentity,
64 _timestamp: Option<MlsTime>,
65 _extensions: Option<&ExtensionList>,
66 ) -> Result<(), Self::Error> {
67 resolve_basic_identity(signing_identity).map(|_| ())
68 }
69
validate_external_sender( &self, signing_identity: &SigningIdentity, _timestamp: Option<MlsTime>, _extensions: Option<&ExtensionList>, ) -> Result<(), Self::Error>70 async fn validate_external_sender(
71 &self,
72 signing_identity: &SigningIdentity,
73 _timestamp: Option<MlsTime>,
74 _extensions: Option<&ExtensionList>,
75 ) -> Result<(), Self::Error> {
76 resolve_basic_identity(signing_identity).map(|_| ())
77 }
78
identity( &self, signing_identity: &SigningIdentity, _extensions: &ExtensionList, ) -> Result<Vec<u8>, Self::Error>79 async fn identity(
80 &self,
81 signing_identity: &SigningIdentity,
82 _extensions: &ExtensionList,
83 ) -> Result<Vec<u8>, Self::Error> {
84 resolve_basic_identity(signing_identity).map(|b| b.identifier.to_vec())
85 }
86
valid_successor( &self, predecessor: &SigningIdentity, successor: &SigningIdentity, _extensions: &ExtensionList, ) -> Result<bool, Self::Error>87 async fn valid_successor(
88 &self,
89 predecessor: &SigningIdentity,
90 successor: &SigningIdentity,
91 _extensions: &ExtensionList,
92 ) -> Result<bool, Self::Error> {
93 Ok(resolve_basic_identity(predecessor)? == resolve_basic_identity(successor)?)
94 }
95
supported_types(&self) -> Vec<CredentialType>96 fn supported_types(&self) -> Vec<CredentialType> {
97 vec![BasicCredential::credential_type()]
98 }
99 }
100