Merge pull request #6 from fiji-flo/cache

Global cache, save nicks hach, update deps.

Author: fiji-flo

Cargo.lock

@@ -14,10 +14,10 @@ cis_profile = { git = "https://github.com/fiji-flo/cis_profile-rust", branch = "
 oauth2 = "2.0.0-beta.2"
 url = "1.7.2"
 base64 = "0.10.1"
-rand = "0.6.5"
+rand = "0.7"
 actix-web = { version = "1.0", features = ["ssl"] }
 actix-cors = "0.1"
-actix-session = "0.1"
+actix-session = "0.2"
 failure = "0.1.5"
 config = "0.9.3"
 serde = "1.0.80"

Cargo.toml

@@ -1,7 +1,7 @@
 export RUSTUP_HOME=/usr/local/rustup
 export CARGO_HOME=/usr/local/cargo
 export PATH=/usr/local/cargo/bin:$PATH
-export RUST_VERSION=1.35.0
+export RUST_VERSION=1.36.0
 
 
 set -eux

ci/install_deps.sh

@@ -41,10 +41,11 @@ pub struct Auth {
     state: String,
 }
 
-#[derive(Deserialize)]
+#[derive(Deserialize, Debug)]
 pub struct BugZillaUser {
     id: String,
     login: String,
+    nick: Option<String>,
 }
 
 fn redirect(client: web::Data<Arc<BasicClient>>, session: Session) -> impl Responder {
@@ -102,10 +103,15 @@ fn auth<T: AsyncCisClientTrait + 'static>(
                 res.json::<BugZillaUser>().map_err(Into::into)
             })
             .and_then(move |j| {
-                info!("login: {}, id: {}", j.login, j.id);
+                info!(
+                    "login: {}, id: {}, nick: {}",
+                    j.login,
+                    j.id,
+                    j.nick.as_ref().map(|s| s.as_str()).unwrap_or_default()
+                );
                 get.get_user_by(&get_uid, &GetBy::UserId, None)
                     .and_then(move |profile: Profile| {
-                        update_bugzilla(j.id, j.login, profile, get.get_secret_store())
+                        update_bugzilla(j.id, j.login, j.nick, profile, get.get_secret_store())
                             .into_future()
                             .map_err(Into::into)
                     })

src/bugzilla/app.rs

@@ -160,6 +160,7 @@ fn auth<T: AsyncCisClientTrait + 'static>(
                                 j.node_id,
                                 format!("{}", j.id),
                                 j.email,
+                                j.login,
                                 profile,
                                 get.get_secret_store(),
                             )
@@ -191,13 +192,13 @@ pub fn github_app<T: AsyncCisClientTrait + 'static>(
     github: &GitHub,
     whoami: &WhoAmI,
     secret: &[u8],
+    ttl_cache: Arc<RwLock<TtlCache<String, String>>>,
     cis_client: T,
 ) -> impl HttpServiceFactory {
     let github_client_id = ClientId::new(github.client_id.clone());
     let github_client_secret = ClientSecret::new(github.client_secret.clone());
     let auth_url = AuthUrl::new(Url::parse(AUTH_URL).expect("Invalid authorization endpoint URL"));
     let token_url = TokenUrl::new(Url::parse(TOKEN_URL).expect("Invalid token endpoint URL"));
-    let ttl_cache = Arc::new(RwLock::new(TtlCache::<String, String>::new(2000)));
 
     let client = Arc::new(
         BasicClient::new(

src/github/app.rs

@@ -28,6 +28,9 @@ use crate::github::app::github_app;
 use actix_web::middleware::Logger;
 use actix_web::web;
 use actix_web::App;
+use std::sync::Arc;
+use std::sync::RwLock;
+use ttl_cache::TtlCache;
 
 use actix_web::HttpServer;
 use failure::Error;
@@ -40,6 +43,7 @@ fn main() -> Result<(), Error> {
     let client = cis_client::CisClient::from_settings(&s.cis)?;
     info!("initialized cis_client");
     let secret = base64::decode(&s.whoami.secret)?;
+    let ttl_cache = Arc::new(RwLock::new(TtlCache::<String, String>::new(2000)));
     HttpServer::new(move || {
         App::new()
             .wrap(Logger::default().exclude("/healthz"))
@@ -49,6 +53,7 @@ fn main() -> Result<(), Error> {
                         &s.providers.github,
                         &s.whoami,
                         &secret,
+                        Arc::clone(&ttl_cache),
                         client.clone(),
                     ))
                     .service(bugzilla_app(

src/main.rs

@@ -3,33 +3,46 @@ use chrono::Utc;
 use cis_profile::crypto::SecretStore;
 use cis_profile::crypto::Signer;
 use cis_profile::schema::Display;
+use cis_profile::schema::KeyValue;
 use cis_profile::schema::Profile;
 use cis_profile::schema::PublisherAuthority;
 use cis_profile::schema::StandardAttributeString;
+use cis_profile::schema::StandardAttributeValues;
 use failure::Error;
 
+fn create_usernames_key(typ: &str) -> String {
+    format!("HACK#{}", typ)
+}
+
 pub fn update_github(
     github_v4_id: String,
     github_v3_id: String,
     github_email: Option<String>,
+    github_login: String,
     mut profile: Profile,
     store: &SecretStore,
 ) -> Result<Profile, Error> {
     let now = &Utc::now().to_rfc3339_opts(SecondsFormat::Secs, true);
-    update_and_sign(
+    update_and_sign_string_field(
         &mut profile.identities.github_id_v3,
         github_v3_id,
         store,
         &now,
     )?;
-    update_and_sign(
+    update_and_sign_string_field(
         &mut profile.identities.github_id_v4,
         github_v4_id,
         store,
         &now,
     )?;
+    update_and_sign_values_field(
+        &mut profile.usernames,
+        vec![(create_usernames_key("GITHUB"), github_login)],
+        store,
+        &now,
+    )?;
     if let Some(email) = github_email {
-        update_and_sign(
+        update_and_sign_string_field(
             &mut profile.identities.github_primary_email,
             email,
             store,
@@ -42,26 +55,52 @@ pub fn update_github(
 pub fn update_bugzilla(
     bugzilla_id: String,
     bugzilla_email: String,
+    bugzilla_nick: Option<String>,
     mut profile: Profile,
     store: &SecretStore,
 ) -> Result<Profile, Error> {
     let now = &Utc::now().to_rfc3339_opts(SecondsFormat::Secs, true);
-    update_and_sign(
+    update_and_sign_string_field(
         &mut profile.identities.bugzilla_mozilla_org_id,
         bugzilla_id,
         store,
         &now,
     )?;
-    update_and_sign(
+    update_and_sign_string_field(
         &mut profile.identities.bugzilla_mozilla_org_primary_email,
-        bugzilla_email,
+        bugzilla_email.clone(),
         store,
         &now,
     )?;
+
+    let mut kv_pairs = vec![(create_usernames_key("BMOMAIL"), bugzilla_email)];
+    if let Some(nick) = bugzilla_nick {
+        kv_pairs.push((create_usernames_key("BMONICK"), nick));
+    }
+    update_and_sign_values_field(&mut profile.usernames, kv_pairs, store, &now)?;
     Ok(profile)
 }
 
-fn update_and_sign(
+fn update_and_sign_values_field(
+    field: &mut StandardAttributeValues,
+    kv_pairs: Vec<(String, String)>,
+    store: &SecretStore,
+    now: &str,
+) -> Result<(), Error> {
+    if let Some(KeyValue(ref mut values)) = &mut field.values {
+        for (k, v) in kv_pairs.into_iter() {
+            values.insert(k, Some(v));
+        }
+    }
+    if field.metadata.display.is_none() {
+        field.metadata.display = Some(Display::Staff);
+    }
+    field.metadata.last_modified = now.to_owned();
+    field.signature.publisher.name = PublisherAuthority::Mozilliansorg;
+    store.sign_attribute(field)
+}
+
+fn update_and_sign_string_field(
     field: &mut StandardAttributeString,
     value: String,
     store: &SecretStore,