Revision control
Copy as Markdown
Other Tools
// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
// Copyright by contributors to this project.
// SPDX-License-Identifier: (Apache-2.0 OR MIT)
use crate::{identity::CredentialType, identity::SigningIdentity, time::MlsTime};
use alloc::vec;
use alloc::vec::Vec;
pub use mls_rs_core::identity::BasicCredential;
use mls_rs_core::{error::IntoAnyError, extension::ExtensionList, identity::IdentityProvider};
#[derive(Debug)]
#[cfg_attr(feature = "std", derive(thiserror::Error))]
#[cfg_attr(feature = "std", error("unsupported credential type found: {0:?}"))]
/// Error returned in the event that a non-basic
/// credential is passed to a [`BasicIdentityProvider`].
pub struct BasicIdentityProviderError(CredentialType);
impl IntoAnyError for BasicIdentityProviderError {
#[cfg(feature = "std")]
fn into_dyn_error(self) -> Result<Box<dyn std::error::Error + Send + Sync>, Self> {
Ok(self.into())
}
}
impl BasicIdentityProviderError {
pub fn credential_type(&self) -> CredentialType {
self.0
}
}
#[derive(Clone, Debug, Default)]
/// An always-valid identity provider that works with [`BasicCredential`].
///
/// # Warning
///
/// This provider always returns `true` for `validate` as long as the
/// [`SigningIdentity`] used contains a [`BasicCredential`]. It is only
/// recommended to use this provider for testing purposes.
pub struct BasicIdentityProvider;
impl BasicIdentityProvider {
pub fn new() -> Self {
Self
}
}
fn resolve_basic_identity(
signing_id: &SigningIdentity,
) -> Result<&BasicCredential, BasicIdentityProviderError> {
signing_id
.credential
.as_basic()
.ok_or_else(|| BasicIdentityProviderError(signing_id.credential.credential_type()))
}
#[cfg_attr(not(mls_build_async), maybe_async::must_be_sync)]
#[cfg_attr(mls_build_async, maybe_async::must_be_async)]
impl IdentityProvider for BasicIdentityProvider {
type Error = BasicIdentityProviderError;
async fn validate_member(
&self,
signing_identity: &SigningIdentity,
_timestamp: Option<MlsTime>,
_extensions: Option<&ExtensionList>,
) -> Result<(), Self::Error> {
resolve_basic_identity(signing_identity).map(|_| ())
}
async fn validate_external_sender(
&self,
signing_identity: &SigningIdentity,
_timestamp: Option<MlsTime>,
_extensions: Option<&ExtensionList>,
) -> Result<(), Self::Error> {
resolve_basic_identity(signing_identity).map(|_| ())
}
async fn identity(
&self,
signing_identity: &SigningIdentity,
_extensions: &ExtensionList,
) -> Result<Vec<u8>, Self::Error> {
resolve_basic_identity(signing_identity).map(|b| b.identifier.to_vec())
}
async fn valid_successor(
&self,
predecessor: &SigningIdentity,
successor: &SigningIdentity,
_extensions: &ExtensionList,
) -> Result<bool, Self::Error> {
Ok(resolve_basic_identity(predecessor)? == resolve_basic_identity(successor)?)
}
fn supported_types(&self) -> Vec<CredentialType> {
vec![BasicCredential::credential_type()]
}
}