rust/hyperswitch
1
0
Fork 0
mirror of https://github.com/juspay/hyperswitch.git synced 2025-10-28 04:04:55 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: encrypt PII fields before saving it in the database (#1043)

Browse Source 
Co-authored-by: Nishant Joshi <nishant.joshi@juspay.in>
This commit is contained in:
Kartikeya Hegde
2023-05-30 13:43:17 +05:30
committed by GitHub
parent 77e60c82fa
commit fa392c40a8
107 changed files with 3818 additions and 1267 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
crates/router/src/services/authentication.rs
View File

@ -17,7 +17,7 @@ use crate::{
db::StorageInterface,
routes::app::AppStateInfo,
services::api,
types::storage,
types::domain,
utils::OptionExt,
};
@ -31,7 +31,7 @@ impl AuthInfo for () {
}
}
impl AuthInfo for storage::MerchantAccount {
impl AuthInfo for domain::MerchantAccount {
fn get_merchant_id(&self) -> Option<&str> {
Some(&self.merchant_id)
}
@ -70,7 +70,7 @@ where
}
#[async_trait]
impl<A> AuthenticateAndFetch<storage::MerchantAccount, A> for ApiKeyAuth
impl<A> AuthenticateAndFetch<domain::MerchantAccount, A> for ApiKeyAuth
where
A: AppStateInfo + Sync,
{
@ -78,7 +78,7 @@ where
&self,
request_headers: &HeaderMap,
state: &A,
) -> RouterResult<storage::MerchantAccount> {
) -> RouterResult<domain::MerchantAccount> {
let api_key = get_api_key(request_headers)
.change_context(errors::ApiErrorResponse::Unauthorized)?
.trim();
@ -194,7 +194,7 @@ where
pub struct MerchantIdAuth(pub String);
#[async_trait]
impl<A> AuthenticateAndFetch<storage::MerchantAccount, A> for MerchantIdAuth
impl<A> AuthenticateAndFetch<domain::MerchantAccount, A> for MerchantIdAuth
where
A: AppStateInfo + Sync,
{
@ -202,7 +202,7 @@ where
&self,
_request_headers: &HeaderMap,
state: &A,
) -> RouterResult<storage::MerchantAccount> {
) -> RouterResult<domain::MerchantAccount> {
state
.store()
.find_merchant_account_by_merchant_id(self.0.as_ref())
@ -221,7 +221,7 @@ where
pub struct PublishableKeyAuth;
#[async_trait]
impl<A> AuthenticateAndFetch<storage::MerchantAccount, A> for PublishableKeyAuth
impl<A> AuthenticateAndFetch<domain::MerchantAccount, A> for PublishableKeyAuth
where
A: AppStateInfo + Sync,
{
@ -229,7 +229,7 @@ where
&self,
request_headers: &HeaderMap,
state: &A,
) -> RouterResult<storage::MerchantAccount> {
) -> RouterResult<domain::MerchantAccount> {
let publishable_key =
get_api_key(request_headers).change_context(errors::ApiErrorResponse::Unauthorized)?;
state
@ -279,7 +279,7 @@ struct JwtAuthPayloadFetchMerchantAccount {
}
#[async_trait]
impl<A> AuthenticateAndFetch<storage::MerchantAccount, A> for JWTAuth
impl<A> AuthenticateAndFetch<domain::MerchantAccount, A> for JWTAuth
where
A: AppStateInfo + Sync,
{
@ -287,7 +287,7 @@ where
&self,
request_headers: &HeaderMap,
state: &A,
) -> RouterResult<storage::MerchantAccount> {
) -> RouterResult<domain::MerchantAccount> {
let mut token = get_jwt(request_headers)?;
token = strip_jwt_token(token)?;
let payload = decode_jwt::<JwtAuthPayloadFetchMerchantAccount>(token, state).await?;
@ -337,7 +337,7 @@ where
pub fn get_auth_type_and_flow<A: AppStateInfo + Sync>(
headers: &HeaderMap,
) -> RouterResult<(
Box<dyn AuthenticateAndFetch<storage::MerchantAccount, A>>,
Box<dyn AuthenticateAndFetch<domain::MerchantAccount, A>>,
api::AuthFlow,
)> {
let api_key = get_api_key(headers)?;
@ -352,13 +352,13 @@ pub fn check_client_secret_and_get_auth<T>(
headers: &HeaderMap,
payload: &impl ClientSecretFetch,
) -> RouterResult<(
Box<dyn AuthenticateAndFetch<storage::MerchantAccount, T>>,
Box<dyn AuthenticateAndFetch<domain::MerchantAccount, T>>,
api::AuthFlow,
)>
where
T: AppStateInfo,
ApiKeyAuth: AuthenticateAndFetch<storage::MerchantAccount, T>,
PublishableKeyAuth: AuthenticateAndFetch<storage::MerchantAccount, T>,
ApiKeyAuth: AuthenticateAndFetch<domain::MerchantAccount, T>,
PublishableKeyAuth: AuthenticateAndFetch<domain::MerchantAccount, T>,
{
let api_key = get_api_key(headers)?;
@ -386,7 +386,7 @@ pub async fn is_ephemeral_auth<A: AppStateInfo + Sync>(
headers: &HeaderMap,
db: &dyn StorageInterface,
customer_id: &str,
) -> RouterResult<Box<dyn AuthenticateAndFetch<storage::MerchantAccount, A>>> {
) -> RouterResult<Box<dyn AuthenticateAndFetch<domain::MerchantAccount, A>>> {
let api_key = get_api_key(headers)?;
if !api_key.starts_with("epk") {