rust/hyperswitch
1
0
Fork 0
mirror of https://github.com/juspay/hyperswitch.git synced 2025-11-02 21:07:58 +08:00
Code Issues Packages Projects Releases Wiki Activity

refactor(auth): Pass profile_id from the auth to core functions (#5520)

Browse Source
This commit is contained in:
Mani Chandra
2024-08-05 16:44:23 +05:30
committed by GitHub
parent 3fea00c43e
commit 53b5551df7
5 changed files with 121 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
crates/router/src/routes/disputes.rs
View File

@ -43,7 +43,9 @@ pub async fn retrieve_dispute(
state, state,
&req, &req,
dispute_id, dispute_id,
|state, auth, req, _| disputes::retrieve_dispute(state, auth.merchant_account, None, req), |state, auth, req, _| {
disputes::retrieve_dispute(state, auth.merchant_account, auth.profile_id, req)
},
auth::auth_type( auth::auth_type(
&auth::HeaderAuth(auth::ApiKeyAuth), &auth::HeaderAuth(auth::ApiKeyAuth),
&auth::JWTAuth(Permission::DisputeRead), &auth::JWTAuth(Permission::DisputeRead),
@ -133,7 +135,13 @@ pub async fn accept_dispute(
&req, &req,
dispute_id, dispute_id,
|state, auth, req, _| { |state, auth, req, _| {
disputes::accept_dispute(state, auth.merchant_account, None, auth.key_store, req) disputes::accept_dispute(
state,
auth.merchant_account,
auth.profile_id,
auth.key_store,
req,
)
}, },
auth::auth_type( auth::auth_type(
&auth::HeaderAuth(auth::ApiKeyAuth), &auth::HeaderAuth(auth::ApiKeyAuth),
@ -170,7 +178,13 @@ pub async fn submit_dispute_evidence(
&req, &req,
json_payload.into_inner(), json_payload.into_inner(),
|state, auth, req, _| { |state, auth, req, _| {
disputes::submit_evidence(state, auth.merchant_account, None, auth.key_store, req) disputes::submit_evidence(
state,
auth.merchant_account,
auth.profile_id,
auth.key_store,
req,
)
}, },
auth::auth_type( auth::auth_type(
&auth::HeaderAuth(auth::ApiKeyAuth), &auth::HeaderAuth(auth::ApiKeyAuth),
@ -215,7 +229,13 @@ pub async fn attach_dispute_evidence(
&req, &req,
attach_evidence_request, attach_evidence_request,
|state, auth, req, _| { |state, auth, req, _| {
disputes::attach_evidence(state, auth.merchant_account, None, auth.key_store, req) disputes::attach_evidence(
state,
auth.merchant_account,
auth.profile_id,
auth.key_store,
req,
)
}, },
auth::auth_type( auth::auth_type(
&auth::HeaderAuth(auth::ApiKeyAuth), &auth::HeaderAuth(auth::ApiKeyAuth),
@ -258,7 +278,7 @@ pub async fn retrieve_dispute_evidence(
&req, &req,
dispute_id, dispute_id,
|state, auth, req, _| { |state, auth, req, _| {
disputes::retrieve_dispute_evidence(state, auth.merchant_account, None, req) disputes::retrieve_dispute_evidence(state, auth.merchant_account, auth.profile_id, req)
}, },
auth::auth_type( auth::auth_type(
&auth::HeaderAuth(auth::ApiKeyAuth), &auth::HeaderAuth(auth::ApiKeyAuth),

20
crates/router/src/routes/payments.rs
View File

@ -200,7 +200,7 @@ pub async fn payments_start(
state, state,
req_state, req_state,
auth.merchant_account, auth.merchant_account,
None, auth.profile_id,
auth.key_store, auth.key_store,
payments::operations::PaymentStart, payments::operations::PaymentStart,
req, req,
@ -276,7 +276,7 @@ pub async fn payments_retrieve(
state, state,
req_state, req_state,
auth.merchant_account, auth.merchant_account,
None, auth.profile_id,
auth.key_store, auth.key_store,
payments::PaymentStatus, payments::PaymentStatus,
req, req,
@ -350,7 +350,7 @@ pub async fn payments_retrieve_with_gateway_creds(
state, state,
req_state, req_state,
auth.merchant_account, auth.merchant_account,
None, auth.profile_id,
auth.key_store, auth.key_store,
payments::PaymentStatus, payments::PaymentStatus,
req, req,
@ -558,7 +558,7 @@ pub async fn payments_capture(
state, state,
req_state, req_state,
auth.merchant_account, auth.merchant_account,
None, auth.profile_id,
auth.key_store, auth.key_store,
payments::PaymentCapture, payments::PaymentCapture,
payload, payload,
@ -628,7 +628,7 @@ pub async fn payments_connector_session(
state, state,
req_state, req_state,
auth.merchant_account, auth.merchant_account,
None, auth.profile_id,
auth.key_store, auth.key_store,
payments::PaymentSession, payments::PaymentSession,
payload, payload,
@ -861,7 +861,7 @@ pub async fn payments_complete_authorize(
state.clone(), state.clone(),
req_state, req_state,
auth.merchant_account, auth.merchant_account,
None, auth.profile_id,
auth.key_store, auth.key_store,
payments::operations::payment_complete_authorize::CompleteAuthorize, payments::operations::payment_complete_authorize::CompleteAuthorize,
payment_confirm_req.clone(), payment_confirm_req.clone(),
@ -921,7 +921,7 @@ pub async fn payments_cancel(
state, state,
req_state, req_state,
auth.merchant_account, auth.merchant_account,
None, auth.profile_id,
auth.key_store, auth.key_store,
payments::PaymentCancel, payments::PaymentCancel,
req, req,
@ -1088,7 +1088,7 @@ pub async fn payments_approve(
state, state,
req_state, req_state,
auth.merchant_account, auth.merchant_account,
None, auth.profile_id,
auth.key_store, auth.key_store,
payments::PaymentApprove, payments::PaymentApprove,
payment_types::PaymentsCaptureRequest { payment_types::PaymentsCaptureRequest {
@ -1143,7 +1143,7 @@ pub async fn payments_reject(
state, state,
req_state, req_state,
auth.merchant_account, auth.merchant_account,
None, auth.profile_id,
auth.key_store, auth.key_store,
payments::PaymentReject, payments::PaymentReject,
payment_types::PaymentsCancelRequest { payment_types::PaymentsCancelRequest {
@ -1295,7 +1295,7 @@ pub async fn payments_incremental_authorization(
state, state,
req_state, req_state,
auth.merchant_account, auth.merchant_account,
None, auth.profile_id,
auth.key_store, auth.key_store,
payments::PaymentIncrementalAuthorization, payments::PaymentIncrementalAuthorization,
req, req,

8
crates/router/src/routes/payouts.rs
View File

@ -80,7 +80,13 @@ pub async fn payouts_retrieve(
&req, &req,
payout_retrieve_request, payout_retrieve_request,
|state, auth, req, _| { |state, auth, req, _| {
payouts_retrieve_core(state, auth.merchant_account, None, auth.key_store, req) payouts_retrieve_core(
state,
auth.merchant_account,
auth.profile_id,
auth.key_store,
req,
)
}, },
auth::auth_type( auth::auth_type(
&auth::HeaderAuth(auth::ApiKeyAuth), &auth::HeaderAuth(auth::ApiKeyAuth),

12
crates/router/src/routes/refunds.rs
View File

@ -37,7 +37,13 @@ pub async fn refunds_create(
&req, &req,
json_payload.into_inner(), json_payload.into_inner(),
|state, auth, req, _| { |state, auth, req, _| {
refund_create_core(state, auth.merchant_account, None, auth.key_store, req) refund_create_core(
state,
auth.merchant_account,
auth.profile_id,
auth.key_store,
req,
)
}, },
auth::auth_type( auth::auth_type(
&auth::HeaderAuth(auth::ApiKeyAuth), &auth::HeaderAuth(auth::ApiKeyAuth),
@ -94,7 +100,7 @@ pub async fn refunds_retrieve(
refund_response_wrapper( refund_response_wrapper(
state, state,
auth.merchant_account, auth.merchant_account,
None, auth.profile_id,
auth.key_store, auth.key_store,
refund_request, refund_request,
refund_retrieve_core, refund_retrieve_core,
@ -146,7 +152,7 @@ pub async fn refunds_retrieve_with_body(
refund_response_wrapper( refund_response_wrapper(
state, state,
auth.merchant_account, auth.merchant_account,
None, auth.profile_id,
auth.key_store, auth.key_store,
req, req,
refund_retrieve_core, refund_retrieve_core,

74
crates/router/src/services/authentication.rs
View File

@ -57,7 +57,7 @@ pub struct AuthenticationData {
pub profile_id: Option<String>, pub profile_id: Option<String>,
} }
#[derive(Clone)] #[derive(Clone, Debug)]
pub struct AuthenticationDataWithMultipleProfiles { pub struct AuthenticationDataWithMultipleProfiles {
pub merchant_account: domain::MerchantAccount, pub merchant_account: domain::MerchantAccount,
pub key_store: domain::MerchantKeyStore, pub key_store: domain::MerchantKeyStore,
@ -251,6 +251,12 @@ impl AuthInfo for AuthenticationData {
} }
} }
impl AuthInfo for AuthenticationDataWithMultipleProfiles {
fn get_merchant_id(&self) -> Option<&id_type::MerchantId> {
Some(self.merchant_account.get_id())
}
}
#[async_trait] #[async_trait]
pub trait AuthenticateAndFetch<T, A> pub trait AuthenticateAndFetch<T, A>
where where
@ -968,6 +974,65 @@ where
} }
} }
#[async_trait]
impl<A> AuthenticateAndFetch<AuthenticationData, A> for JWTAuthMerchantFromRoute
where
A: SessionStateInfo + Sync,
{
async fn authenticate_and_fetch(
&self,
request_headers: &HeaderMap,
state: &A,
) -> RouterResult<(AuthenticationData, AuthenticationType)> {
let payload = parse_jwt_payload::<A, AuthToken>(request_headers, state).await?;
if payload.check_in_blacklist(state).await? {
return Err(errors::ApiErrorResponse::InvalidJwtToken.into());
}
if payload.merchant_id != self.merchant_id {
return Err(report!(errors::ApiErrorResponse::InvalidJwtToken));
}
let permissions = authorization::get_permissions(state, &payload).await?;
authorization::check_authorization(&self.required_permission, &permissions)?;
let key_manager_state = &(&state.session_state()).into();
let key_store = state
.store()
.get_merchant_key_store_by_merchant_id(
key_manager_state,
&payload.merchant_id,
&state.store().get_master_key().to_vec().into(),
)
.await
.to_not_found_response(errors::ApiErrorResponse::InvalidJwtToken)
.attach_printable("Failed to fetch merchant key store for the merchant id")?;
let merchant = state
.store()
.find_merchant_account_by_merchant_id(
key_manager_state,
&payload.merchant_id,
&key_store,
)
.await
.to_not_found_response(errors::ApiErrorResponse::InvalidJwtToken)
.attach_printable("Failed to fetch merchant account for the merchant id")?;
let auth = AuthenticationData {
merchant_account: merchant,
key_store,
profile_id: payload.profile_id,
};
Ok((
auth.clone(),
AuthenticationType::MerchantJwt {
merchant_id: auth.merchant_account.get_id().clone(),
user_id: Some(payload.user_id),
},
))
}
}
pub struct JWTAuthMerchantOrProfileFromRoute { pub struct JWTAuthMerchantOrProfileFromRoute {
pub merchant_id_or_profile_id: String, pub merchant_id_or_profile_id: String,
pub required_permission: Permission, pub required_permission: Permission,
@ -1074,7 +1139,7 @@ where
&state.store().get_master_key().to_vec().into(), &state.store().get_master_key().to_vec().into(),
) )
.await .await
.change_context(errors::ApiErrorResponse::InvalidJwtToken) .to_not_found_response(errors::ApiErrorResponse::InvalidJwtToken)
.attach_printable("Failed to fetch merchant key store for the merchant id")?; .attach_printable("Failed to fetch merchant key store for the merchant id")?;
let merchant = state let merchant = state
@ -1085,7 +1150,8 @@ where
&key_store, &key_store,
) )
.await .await
.change_context(errors::ApiErrorResponse::InvalidJwtToken)?; .to_not_found_response(errors::ApiErrorResponse::InvalidJwtToken)
.attach_printable("Failed to fetch merchant account for the merchant id")?;
let auth = AuthenticationData { let auth = AuthenticationData {
merchant_account: merchant, merchant_account: merchant,
@ -1096,7 +1162,7 @@ where
auth.clone(), auth.clone(),
AuthenticationType::MerchantJwt { AuthenticationType::MerchantJwt {
merchant_id: auth.merchant_account.get_id().clone(), merchant_id: auth.merchant_account.get_id().clone(),
user_id: None, user_id: Some(payload.user_id),
}, },
)) ))
} }