diff --git a/Cargo.lock b/Cargo.lock index a2a790595..41f6b27a4 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -129,9 +129,9 @@ dependencies = [ [[package]] name = "anyhow" -version = "1.0.83" +version = "1.0.86" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "25bdb32cbbdce2b519a9cd7df3a678443100e265d5e25ca763b7572a5104f5f3" +checksum = "b3d1d046238990b9cf5bcde22a3fb3584ee5cf65fb2765f454ed428c7a0063da" [[package]] name = "anymap2" @@ -232,7 +232,7 @@ checksum = "3b43422f69d8ff38f95f1b2bb76517c91589a924d1559a0e935d7c8ce0274c11" dependencies = [ "proc-macro2", "quote", - "syn 2.0.63", + "syn 2.0.65", ] [[package]] @@ -254,7 +254,7 @@ checksum = "16e62a023e7c117e27523144c5d2459f4397fcc3cab0085af8e2224f643a0193" dependencies = [ "proc-macro2", "quote", - "syn 2.0.63", + "syn 2.0.65", ] [[package]] @@ -265,7 +265,7 @@ checksum = "c6fa2087f2753a7da8cc1c0dbfcf89579dd57458e36769de5ac750b4671737ca" dependencies = [ "proc-macro2", "quote", - "syn 2.0.63", + "syn 2.0.65", ] [[package]] @@ -380,6 +380,28 @@ dependencies = [ "tokio", ] +[[package]] +name = "axum-extra" +version = "0.7.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a93e433be9382c737320af3924f7d5fc6f89c155cf2bf88949d8f5126fab283f" +dependencies = [ + "axum", + "axum-core", + "bytes", + "cookie 0.17.0", + "futures-util", + "http", + "http-body", + "mime", + "pin-project-lite", + "serde", + "tokio", + "tower", + "tower-layer", + "tower-service", +] + [[package]] name = "axum-macros" version = "0.3.8" @@ -389,7 +411,7 @@ dependencies = [ "heck 0.4.1", "proc-macro2", "quote", - "syn 2.0.63", + "syn 2.0.65", ] [[package]] @@ -505,7 +527,7 @@ dependencies = [ "regex", "rustc-hash", "shlex", - "syn 2.0.63", + "syn 2.0.65", "which", ] @@ -528,7 +550,7 @@ dependencies = [ "regex", "rustc-hash", "shlex", - "syn 2.0.63", + "syn 2.0.65", "which", ] @@ -647,9 +669,9 @@ checksum = "37b2a672a2cb129a2e41c10b1224bb368f9f37a2b16b612598138befd7b37eb5" [[package]] name = "cc" -version = "1.0.97" +version = "1.0.98" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "099a5357d84c4c61eb35fc8eafa9a79a902c2f76911e5747ced4e032edd8d9b4" +checksum = "41c270e7540d725e65ac7f1b212ac8ce349719624d7bcff99f8e2e488e8cf03f" [[package]] name = "cexpr" @@ -771,7 +793,7 @@ dependencies = [ "heck 0.5.0", "proc-macro2", "quote", - "syn 2.0.63", + "syn 2.0.65", ] [[package]] @@ -940,9 +962,9 @@ dependencies = [ [[package]] name = "crc32fast" -version = "1.4.0" +version = "1.4.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b3855a8a784b474f333699ef2bbca9db2c4a1f6d9088a90a2d25b1eb53111eaa" +checksum = "a97769d94ddab943e4510d138150169a2758b5ef3eb191a9ee688de3e23ef7b3" dependencies = [ "cfg-if", ] @@ -1009,9 +1031,9 @@ dependencies = [ [[package]] name = "crossbeam-channel" -version = "0.5.12" +version = "0.5.13" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ab3db02a9c5b5121e1e42fbdb1aeb65f5e02624cc58c43f2884c6ccac0b82f95" +checksum = "33480d6946193aa8033910124896ca395333cae7e2d1113d1fef6c3272217df2" dependencies = [ "crossbeam-utils", ] @@ -1046,9 +1068,9 @@ dependencies = [ [[package]] name = "crossbeam-utils" -version = "0.8.19" +version = "0.8.20" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "248e3bacc7dc6baa3b21e405ee045c3047101a49145e7e9eca583ab4c2ca5345" +checksum = "22ec99545bb0ed0ea7bb9b8e1e9122ea386ff8a48c0922e43f36d45ab09e0e80" [[package]] name = "crunchy" @@ -1100,6 +1122,7 @@ dependencies = [ "kanidm_proto", "kanidm_utils_users", "kanidmd_core", + "mimalloc", "opentelemetry", "opentelemetry_api", "prctl", @@ -1109,7 +1132,6 @@ dependencies = [ "serde_json", "sketching", "tempfile", - "tikv-jemallocator", "tokio", "tokio-util", "toml", @@ -1129,12 +1151,12 @@ dependencies = [ [[package]] name = "darling" -version = "0.20.8" +version = "0.20.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "54e36fcd13ed84ffdfda6f5be89b31287cbb80c439841fe69e04841435464391" +checksum = "83b2eb4d90d12bdda5ed17de686c2acb4c57914f8f921b8da7e112b5a36f3fe1" dependencies = [ - "darling_core 0.20.8", - "darling_macro 0.20.8", + "darling_core 0.20.9", + "darling_macro 0.20.9", ] [[package]] @@ -1153,16 +1175,16 @@ dependencies = [ [[package]] name = "darling_core" -version = "0.20.8" +version = "0.20.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9c2cf1c23a687a1feeb728783b993c4e1ad83d99f351801977dd809b48d0a70f" +checksum = "622687fe0bac72a04e5599029151f5796111b90f1baaa9b544d807a5e31cd120" dependencies = [ "fnv", "ident_case", "proc-macro2", "quote", - "strsim 0.10.0", - "syn 2.0.63", + "strsim 0.11.1", + "syn 2.0.65", ] [[package]] @@ -1178,13 +1200,13 @@ dependencies = [ [[package]] name = "darling_macro" -version = "0.20.8" +version = "0.20.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a668eda54683121533a393014d8692171709ff57a7d61f187b6e782719f8933f" +checksum = "733cabb43482b1a1b53eee8583c2b9e8684d592215ea83efd305dd31bc2f0178" dependencies = [ - "darling_core 0.20.8", + "darling_core 0.20.9", "quote", - "syn 2.0.63", + "syn 2.0.65", ] [[package]] @@ -1336,7 +1358,7 @@ checksum = "487585f4d0c6655fe74905e2504d8ad6908e4db67f744eb140876906c2f3175d" dependencies = [ "proc-macro2", "quote", - "syn 2.0.63", + "syn 2.0.65", ] [[package]] @@ -1359,9 +1381,9 @@ checksum = "0d6ef0072f8a535281e4876be788938b528e9a1d43900b82c2569af7da799125" [[package]] name = "either" -version = "1.11.0" +version = "1.12.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a47c1c47d2f5964e29c61246e81db715514cd532db6b5116a25ea3c03d6780a2" +checksum = "3dca9240753cf90908d7e4aac30f630662b02aebaa1b58a3cadabdb23385b58b" [[package]] name = "encode_unicode" @@ -1395,7 +1417,7 @@ checksum = "a1ab991c1362ac86c61ab6f556cff143daa22e5a15e4e189df818b2fd19fe65b" dependencies = [ "proc-macro2", "quote", - "syn 2.0.63", + "syn 2.0.65", ] [[package]] @@ -1415,7 +1437,7 @@ checksum = "5c785274071b1b420972453b306eeca06acf4633829db4223b58a2a8c5953bc4" dependencies = [ "proc-macro2", "quote", - "syn 2.0.63", + "syn 2.0.65", ] [[package]] @@ -1516,11 +1538,11 @@ checksum = "9fc0510504f03c51ada170672ac806f1f105a88aa97a5281117e1ddc3368e51a" [[package]] name = "fernet" -version = "0.2.1" +version = "0.2.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3364d69f691f3903b1a71605fa04f40a7c2d259f0f0512347e36d19a63debf1f" +checksum = "c66b725fe9483b9ee72ccaec072b15eb8ad95a3ae63a8c798d5748883b72fd33" dependencies = [ - "base64 0.21.7", + "base64 0.22.1", "byteorder", "getrandom", "openssl", @@ -1690,7 +1712,7 @@ checksum = "87750cf4b7a4c0625b1529e4c543c2182106e4dedc60a2a6455e00d212c489ac" dependencies = [ "proc-macro2", "quote", - "syn 2.0.63", + "syn 2.0.65", ] [[package]] @@ -1886,9 +1908,9 @@ dependencies = [ [[package]] name = "gix-date" -version = "0.8.5" +version = "0.8.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "180b130a4a41870edfbd36ce4169c7090bca70e195da783dea088dd973daa59c" +checksum = "367ee9093b0c2b04fd04c5c7c8b6a1082713534eab537597ae343663a518fa99" dependencies = [ "bstr", "itoa", @@ -2001,7 +2023,7 @@ checksum = "1dff438f14e67e7713ab9332f5fd18c8f20eb7eb249494f6c2bf170522224032" dependencies = [ "proc-macro2", "quote", - "syn 2.0.63", + "syn 2.0.65", ] [[package]] @@ -2797,9 +2819,9 @@ dependencies = [ [[package]] name = "instant" -version = "0.1.12" +version = "0.1.13" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7a5bbe824c507c5da5956355e86a746d82e0e1464f65d862cc5e71da70e94b2c" +checksum = "e0242819d153cba4b4b05a5a8f2a7e9bbf97b6055b2a002b395c96b5ff3c0222" dependencies = [ "cfg-if", ] @@ -3118,6 +3140,7 @@ dependencies = [ "libc", "libsqlite3-sys", "lru 0.8.1", + "mimalloc", "notify-debouncer-full", "prctl", "rpassword 7.3.1", @@ -3150,6 +3173,7 @@ dependencies = [ "axum", "axum-auth", "axum-csp", + "axum-extra", "axum-macros", "axum-server", "bytes", @@ -3260,7 +3284,7 @@ version = "1.3.0-dev" dependencies = [ "proc-macro2", "quote", - "syn 2.0.63", + "syn 2.0.65", ] [[package]] @@ -3472,9 +3496,9 @@ dependencies = [ [[package]] name = "libc" -version = "0.2.154" +version = "0.2.155" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ae743338b92ff9146ce83992f766a31066a91a8c84a45e0e9f21e7cf6de6d346" +checksum = "97b3888a4aecf77e811145cadf6eef5901f4782c53886191b2f693f24761847c" [[package]] name = "libloading" @@ -3486,6 +3510,16 @@ dependencies = [ "windows-targets 0.52.5", ] +[[package]] +name = "libmimalloc-sys" +version = "0.1.38" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0e7bb23d733dfcc8af652a78b7bf232f0e967710d044732185e561e47c0336b6" +dependencies = [ + "cc", + "libc", +] + [[package]] name = "libnss" version = "0.4.0" @@ -3540,9 +3574,9 @@ dependencies = [ [[package]] name = "linux-raw-sys" -version = "0.4.13" +version = "0.4.14" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "01cda141df6706de531b6c46c3a33ecca755538219bd484262fa09410c13539c" +checksum = "78b3ae25bc7c8c38cec158d1f2757ee79e9b3740fbc7ccf0e59e4b08d793fa89" [[package]] name = "lock_api" @@ -3645,6 +3679,15 @@ dependencies = [ "autocfg", ] +[[package]] +name = "mimalloc" +version = "0.1.42" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e9186d86b79b52f4a77af65604b51225e8db1d6ee7e3f41aec1e40829c71a176" +dependencies = [ + "libmimalloc-sys", +] + [[package]] name = "mime" version = "0.3.17" @@ -3669,9 +3712,9 @@ checksum = "68354c5c6bd36d73ff3feceb05efa59b6acb7626617f4962be322a825e61f79a" [[package]] name = "miniz_oxide" -version = "0.7.2" +version = "0.7.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9d811f3e15f28568be3407c8e7fdb6514c1cda3cb30683f15b6a1a1dc4ea14a7" +checksum = "87dfd01fe195c66b572b37921ad8803d010623c0aca821bea2302239d155cdae" dependencies = [ "adler", ] @@ -4036,7 +4079,7 @@ checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c" dependencies = [ "proc-macro2", "quote", - "syn 2.0.63", + "syn 2.0.65", ] [[package]] @@ -4180,11 +4223,11 @@ dependencies = [ "kanidm_client", "kanidm_proto", "mathru", + "mimalloc", "rand", "rand_chacha", "serde", "serde_json", - "tikv-jemallocator", "tokio", "toml", "tracing", @@ -4405,7 +4448,7 @@ checksum = "2f38a4412a78282e09a2cf38d195ea5420d15ba0602cb375210efbc877243965" dependencies = [ "proc-macro2", "quote", - "syn 2.0.63", + "syn 2.0.65", ] [[package]] @@ -4439,9 +4482,9 @@ checksum = "d231b230927b5e4ad203db57bbcbee2802f6bce620b1e4a9024a07d94e2907ec" [[package]] name = "plotters" -version = "0.3.5" +version = "0.3.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d2c224ba00d7cadd4d5c660deaf2098e5e80e07846537c51f9cfa4be50c1fd45" +checksum = "a15b6eccb8484002195a3e44fe65a4ce8e93a625797a063735536fd59cb01cf3" dependencies = [ "num-traits", "plotters-backend", @@ -4452,15 +4495,15 @@ dependencies = [ [[package]] name = "plotters-backend" -version = "0.3.5" +version = "0.3.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9e76628b4d3a7581389a35d5b6e2139607ad7c75b17aed325f210aa91f4a9609" +checksum = "414cec62c6634ae900ea1c56128dfe87cf63e7caece0852ec76aba307cebadb7" [[package]] name = "plotters-svg" -version = "0.3.5" +version = "0.3.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "38f6d39893cca0701371e3c27294f09797214b86f1fb951b89ade8ec04e2abab" +checksum = "81b30686a7d9c3e010b84284bdd26a29f2138574f52f5eb6f794fc0ad924e705" dependencies = [ "plotters-backend", ] @@ -4531,7 +4574,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5f12335488a2f3b0a83b14edad48dca9879ce89b2edd10e80237e4e852dd645e" dependencies = [ "proc-macro2", - "syn 2.0.63", + "syn 2.0.65", ] [[package]] @@ -4576,9 +4619,9 @@ checksum = "dc375e1527247fe1a97d8b7156678dfe7c1af2fc075c9a4db3690ecd2a148068" [[package]] name = "proc-macro2" -version = "1.0.82" +version = "1.0.83" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8ad3d49ab951a01fbaafe34f2ec74122942fe18a3f9814c3268f1bb72042131b" +checksum = "0b33eb56c327dec362a9e55b3ad14f9d2f0904fb5a5b03b513ab5465399e9f43" dependencies = [ "unicode-ident", ] @@ -4940,7 +4983,7 @@ dependencies = [ "quote", "rust-embed-utils", "shellexpand 3.1.0", - "syn 2.0.63", + "syn 2.0.65", "walkdir", ] @@ -4999,9 +5042,9 @@ dependencies = [ [[package]] name = "rustversion" -version = "1.0.16" +version = "1.0.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "092474d1a01ea8278f69e6a358998405fae5b8b963ddaeb2b0b04a128bf1dfb0" +checksum = "955d28af4278de8121b7ebeb796b6a45735dc01436d898801014aced2773a3d6" [[package]] name = "ryu" @@ -5119,9 +5162,9 @@ checksum = "61697e0a1c7e512e84a621326239844a24d8207b4669b41bc18b32ea5cbf988b" [[package]] name = "serde" -version = "1.0.201" +version = "1.0.202" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "780f1cebed1629e4753a1a38a3c72d30b97ec044f0aef68cb26650a3c5cf363c" +checksum = "226b61a0d411b2ba5ff6d7f73a476ac4f8bb900373459cd00fab8512828ba395" dependencies = [ "serde_derive", ] @@ -5179,13 +5222,13 @@ dependencies = [ [[package]] name = "serde_derive" -version = "1.0.201" +version = "1.0.202" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c5e405930b9796f1c00bee880d03fc7e0bb4b9a11afc776885ffe84320da2865" +checksum = "6048858004bcff69094cd972ed40a32500f153bd3be9f716b2eed2e8217c4838" dependencies = [ "proc-macro2", "quote", - "syn 2.0.63", + "syn 2.0.65", ] [[package]] @@ -5245,10 +5288,10 @@ version = "3.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "65569b702f41443e8bc8bbb1c5779bd0450bbe723b56198980e80ec45780bce2" dependencies = [ - "darling 0.20.8", + "darling 0.20.9", "proc-macro2", "quote", - "syn 2.0.63", + "syn 2.0.65", ] [[package]] @@ -5479,9 +5522,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.63" +version = "2.0.65" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bf5be731623ca1a1fb7d8be6f261a3be6d3e2337b8a1f97be944d020c8fcb704" +checksum = "d2863d96a84c6439701d7a38f9de935ec562c8832cc55d1dde0f513b52fad106" dependencies = [ "proc-macro2", "quote", @@ -5557,27 +5600,27 @@ version = "0.1.0" dependencies = [ "proc-macro2", "quote", - "syn 2.0.63", + "syn 2.0.65", ] [[package]] name = "thiserror" -version = "1.0.60" +version = "1.0.61" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "579e9083ca58dd9dcf91a9923bb9054071b9ebbd800b342194c9feb0ee89fc18" +checksum = "c546c80d6be4bc6a00c0f01730c08df82eaa7a7a61f11d656526506112cc1709" dependencies = [ "thiserror-impl", ] [[package]] name = "thiserror-impl" -version = "1.0.60" +version = "1.0.61" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e2470041c06ec3ac1ab38d0356a6119054dedaea53e12fbefc0de730a1c08524" +checksum = "46c3384250002a6d5af4d114f2845d37b57521033f30d5c3f46c4d70e1197533" dependencies = [ "proc-macro2", "quote", - "syn 2.0.63", + "syn 2.0.65", ] [[package]] @@ -5590,26 +5633,6 @@ dependencies = [ "once_cell", ] -[[package]] -name = "tikv-jemalloc-sys" -version = "0.5.4+5.3.0-patched" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9402443cb8fd499b6f327e40565234ff34dbda27460c5b47db0db77443dd85d1" -dependencies = [ - "cc", - "libc", -] - -[[package]] -name = "tikv-jemallocator" -version = "0.5.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "965fe0c26be5c56c94e38ba547249074803efd52adfb66de62107d95aab3eaca" -dependencies = [ - "libc", - "tikv-jemalloc-sys", -] - [[package]] name = "time" version = "0.3.36" @@ -5704,7 +5727,7 @@ checksum = "5b8a1e28f2deaa14e508979454cb3a223b10b938b45af148bc0986de36f1923b" dependencies = [ "proc-macro2", "quote", - "syn 2.0.63", + "syn 2.0.65", ] [[package]] @@ -5765,9 +5788,9 @@ dependencies = [ [[package]] name = "toml_datetime" -version = "0.6.5" +version = "0.6.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3550f4e9685620ac18a50ed434eb3aec30db8ba93b0287467bca5826ea25baf1" +checksum = "4badfd56924ae69bcc9039335b2e017639ce3f9b001c393c1b2d1ef846ce2cbf" [[package]] name = "toml_edit" @@ -5888,7 +5911,7 @@ checksum = "34704c8d6ebcbc939824180af020566b01a7c01f80641264eba0999f6c2b6be7" dependencies = [ "proc-macro2", "quote", - "syn 2.0.63", + "syn 2.0.65", ] [[package]] @@ -6133,7 +6156,7 @@ dependencies = [ "proc-macro2", "quote", "regex", - "syn 2.0.63", + "syn 2.0.65", "url", "uuid", ] @@ -6245,7 +6268,7 @@ dependencies = [ "once_cell", "proc-macro2", "quote", - "syn 2.0.63", + "syn 2.0.65", "wasm-bindgen-shared", ] @@ -6279,7 +6302,7 @@ checksum = "e94f17b526d0a461a191c78ea52bbce64071ed5c04c9ffe424dcb38f74171bb7" dependencies = [ "proc-macro2", "quote", - "syn 2.0.63", + "syn 2.0.65", "wasm-bindgen-backend", "wasm-bindgen-shared", ] @@ -6312,7 +6335,7 @@ checksum = "b7f89739351a2e03cb94beb799d47fb2cac01759b40ec441f7de39b00cbf7ef0" dependencies = [ "proc-macro2", "quote", - "syn 2.0.63", + "syn 2.0.65", ] [[package]] @@ -6852,7 +6875,7 @@ checksum = "15e934569e47891f7d9411f1a451d947a60e000ab3bd24fbb970f000387d1b3b" dependencies = [ "proc-macro2", "quote", - "syn 2.0.63", + "syn 2.0.65", ] [[package]] @@ -6872,7 +6895,7 @@ checksum = "ce36e65b0d2999d2aafac989fb249189a141aee1f53c612c1f37d72631959f69" dependencies = [ "proc-macro2", "quote", - "syn 2.0.63", + "syn 2.0.65", ] [[package]] diff --git a/Cargo.toml b/Cargo.toml index e58661767..31bfc338b 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -153,6 +153,7 @@ libsqlite3-sys = "^0.25.2" lodepng = "3.10.1" lru = "^0.8.1" mathru = "^0.13.0" +mimalloc = "0.1.42" notify-debouncer-full = { version = "0.1" } num_enum = "^0.5.11" oauth2_ext = { version = "^4.4.2", package = "oauth2", default-features = false } @@ -207,8 +208,6 @@ tempfile = "3.10.1" testkit-macros = { path = "./server/testkit-macros" } time = { version = "^0.3.34", features = ["formatting", "local-offset"] } -tikv-jemallocator = "0.5" - tokio = "^1.36.0" tokio-openssl = "^0.6.4" tokio-util = "^0.7.10" diff --git a/examples/insecure_server.toml b/examples/insecure_server.toml index 5ab73e590..2a69a7cec 100644 --- a/examples/insecure_server.toml +++ b/examples/insecure_server.toml @@ -5,7 +5,7 @@ db_fs_type = "zfs" db_path = "/tmp/kanidm/kanidm.db" tls_chain = "/tmp/kanidm/chain.pem" tls_key = "/tmp/kanidm/key.pem" -tls_client_ca = "/tmp/kanidm/client_ca" +# tls_client_ca = "/tmp/kanidm/client_ca" # The log level of the server. May be one of info, debug, trace # diff --git a/libs/client/src/lib.rs b/libs/client/src/lib.rs index b89ece5e0..b4a2fb71b 100644 --- a/libs/client/src/lib.rs +++ b/libs/client/src/lib.rs @@ -27,8 +27,7 @@ use std::time::Duration; use compact_jwt::Jwk; use kanidm_proto::constants::uri::V1_AUTH_VALID; use kanidm_proto::constants::{ - APPLICATION_JSON, ATTR_ENTRY_MANAGED_BY, ATTR_NAME, CLIENT_TOKEN_CACHE, KOPID, KSESSIONID, - KVERSION, + APPLICATION_JSON, ATTR_ENTRY_MANAGED_BY, ATTR_NAME, CLIENT_TOKEN_CACHE, KOPID, KVERSION, }; use kanidm_proto::internal::*; use kanidm_proto::v1::*; @@ -186,7 +185,6 @@ pub struct KanidmClient { pub(crate) origin: Url, pub(crate) builder: KanidmClientBuilder, pub(crate) bearer_token: RwLock>, - pub(crate) auth_session_id: RwLock>, pub(crate) check_version: Mutex, /// Where to store the tokens when you auth, only modify in testing. token_cache_path: String, @@ -528,7 +526,6 @@ impl KanidmClientBuilder { builder: self, bearer_token: RwLock::new(None), origin, - auth_session_id: RwLock::new(None), check_version: Mutex::new(true), token_cache_path, }) @@ -761,16 +758,6 @@ impl KanidmClient { } }; - // If we have a session header, set it now. - let response = { - let sguard = self.auth_session_id.read().await; - if let Some(sessionid) = &(*sguard) { - response.header(KSESSIONID, sessionid) - } else { - response - } - }; - let response = response .send() .await @@ -779,16 +766,6 @@ impl KanidmClient { self.expect_version(&response).await; // If we have a sessionid header in the response, get it now. - - let headers = response.headers(); - - { - let mut sguard = self.auth_session_id.write().await; - *sguard = headers - .get(KSESSIONID) - .and_then(|hv| hv.to_str().ok().map(str::to_string)); - } - let opid = self.get_kopid_from_response(&response); match response.status() { diff --git a/proto/src/internal/mod.rs b/proto/src/internal/mod.rs index 8edc4d900..90afd9b4e 100644 --- a/proto/src/internal/mod.rs +++ b/proto/src/internal/mod.rs @@ -24,6 +24,9 @@ pub use self::error::*; pub use self::raw::*; pub use self::token::*; +pub const COOKIE_AUTH_SESSION_ID: &str = "auth-session-id"; +pub const COOKIE_BEARER_TOKEN: &str = "bearer"; + #[derive(Debug, Serialize, Deserialize, Clone, ToSchema)] /// This is a description of a linked or connected application for a user. This is /// used in the UI to render applications on the dashboard for a user to access. diff --git a/proto/src/v1/auth.rs b/proto/src/v1/auth.rs index c20545da2..1bb83ec85 100644 --- a/proto/src/v1/auth.rs +++ b/proto/src/v1/auth.rs @@ -110,8 +110,10 @@ impl fmt::Display for AuthMech { #[derive(Debug, Serialize, Deserialize, Copy, Clone, ToSchema)] #[serde(rename_all = "lowercase")] pub enum AuthIssueSession { - // Previously supported other types beside token. + /// Issue a bearer token for this client. This is the default. Token, + /// Issue a cookie for this client. + Cookie, } /// A request for the next step of an authentication. diff --git a/server/core/Cargo.toml b/server/core/Cargo.toml index dc1fdfb5b..cc5d281b3 100644 --- a/server/core/Cargo.toml +++ b/server/core/Cargo.toml @@ -20,6 +20,7 @@ async-trait = { workspace = true } axum = { workspace = true } axum-auth = "0.4.1" axum-csp = { workspace = true } +axum-extra = { version = "0.7.7", features = ["cookie"] } axum-macros = "0.3.8" axum-server = { version = "0.5.1", features = ["tls-openssl"] } bytes = { workspace = true } diff --git a/server/core/src/https/extractors/mod.rs b/server/core/src/https/extractors/mod.rs index ce38e06c6..2ce9d3c09 100644 --- a/server/core/src/https/extractors/mod.rs +++ b/server/core/src/https/extractors/mod.rs @@ -7,8 +7,12 @@ use axum::{ }, RequestPartsExt, }; + +use axum_extra::extract::cookie::CookieJar; + use hyper::server::conn::AddrStream; use kanidm_proto::constants::X_FORWARDED_FOR; +use kanidm_proto::internal::COOKIE_BEARER_TOKEN; use kanidmd_lib::prelude::{ClientAuthInfo, ClientCertInfo, Source}; use compact_jwt::JwsCompact; @@ -156,7 +160,14 @@ impl FromRequestParts for VerifiedClientInformation { (None, None) } } else { - (None, None) + // Only if there are no credentials in bearer, do we examine cookies. + let jar = CookieJar::from_headers(&parts.headers); + + let value: Option<&str> = jar.get(COOKIE_BEARER_TOKEN).map(|c| c.value()); + + let maybe_bearer = value.and_then(|authz_data| JwsCompact::from_str(authz_data).ok()); + + (None, maybe_bearer) }; Ok(VerifiedClientInformation(ClientAuthInfo { diff --git a/server/core/src/https/mod.rs b/server/core/src/https/mod.rs index 70800f6ee..c2a8f35c8 100644 --- a/server/core/src/https/mod.rs +++ b/server/core/src/https/mod.rs @@ -25,12 +25,13 @@ use axum::response::Redirect; use axum::routing::*; use axum::Router; use axum_csp::{CspDirectiveType, CspValue}; -use axum_macros::FromRef; +use axum_extra::extract::cookie::CookieJar; use compact_jwt::{JwsCompact, JwsHs256Signer, JwsVerifier}; use hashbrown::HashMap; use hyper::server::accept::Accept; use hyper::server::conn::{AddrStream, Http}; use kanidm_proto::constants::KSESSIONID; +use kanidm_proto::internal::COOKIE_AUTH_SESSION_ID; use kanidmd_lib::idm::ClientCertInfo; use kanidmd_lib::status::StatusActor; use openssl::nid; @@ -57,7 +58,7 @@ use crate::CoreAction; use self::v1::SessionId; -#[derive(Clone, FromRef)] +#[derive(Clone)] pub struct ServerState { pub status_ref: &'static StatusActor, pub qe_w_ref: &'static QueryServerWriteV1, @@ -68,6 +69,9 @@ pub struct ServerState { pub js_files: JavaScriptFiles, pub(crate) trust_x_forward_for: bool, pub csp_header: HeaderValue, + pub domain: String, + // This is set to true by default, and is only false on integration tests. + pub secure_cookies: bool, } impl ServerState { @@ -85,15 +89,24 @@ impl ServerState { } } - fn get_current_auth_session_id(&self, headers: &HeaderMap) -> Option { + #[instrument(level = "trace", skip_all)] + fn get_current_auth_session_id(&self, headers: &HeaderMap, jar: &CookieJar) -> Option { // We see if there is a signed header copy first. headers .get(KSESSIONID) .and_then(|hv| { + trace!("trying header"); // Get the first header value. hv.to_str().ok() }) - .and_then(|s| self.reinflate_uuid_from_bytes(s)) + .or_else(|| { + trace!("trying cookie"); + jar.get(COOKIE_AUTH_SESSION_ID).map(|c| c.value()) + }) + .and_then(|s| { + trace!(id_jws = %s); + self.reinflate_uuid_from_bytes(s) + }) } } @@ -239,6 +252,8 @@ pub async fn create_https_server( js_files, trust_x_forward_for, csp_header: csp_header.finish(), + domain: config.domain.clone(), + secure_cookies: config.integration_test_config.is_none(), }; let static_routes = match config.role { diff --git a/server/core/src/https/v1.rs b/server/core/src/https/v1.rs index dcbe5a863..d0f268649 100644 --- a/server/core/src/https/v1.rs +++ b/server/core/src/https/v1.rs @@ -6,6 +6,7 @@ use axum::middleware::from_fn; use axum::response::{IntoResponse, Response}; use axum::routing::{delete, get, post, put}; use axum::{Extension, Json, Router}; +use axum_extra::extract::cookie::{Cookie, CookieJar, SameSite}; use compact_jwt::{Jwk, Jws, JwsSigner}; use kanidm_proto::constants::uri::V1_AUTH_VALID; use serde::{Deserialize, Serialize}; @@ -15,7 +16,8 @@ use uuid::Uuid; use kanidm_proto::internal::{ ApiToken, AppLink, CUIntentToken, CURequest, CUSessionToken, CUStatus, CreateRequest, CredentialStatus, DeleteRequest, IdentifyUserRequest, IdentifyUserResponse, ModifyRequest, - RadiusAuthToken, SearchRequest, SearchResponse, UserAuthToken, + RadiusAuthToken, SearchRequest, SearchResponse, UserAuthToken, COOKIE_AUTH_SESSION_ID, + COOKIE_BEARER_TOKEN, }; use kanidm_proto::v1::{ AccountUnixExtend, ApiTokenGenerate, AuthIssueSession, AuthRequest, AuthResponse, @@ -208,12 +210,14 @@ pub async fn logout( State(state): State, Extension(kopid): Extension, VerifiedClientInformation(client_auth_info): VerifiedClientInformation, -) -> Result, WebError> { + jar: CookieJar, +) -> Result { state .qe_w_ref .handle_logout(client_auth_info, kopid.eventid) .await .map(Json::from) + .map(|json| (jar, json).into_response()) .map_err(WebError::from) } @@ -2730,6 +2734,7 @@ pub async fn applinks_get( pub async fn reauth( State(state): State, VerifiedClientInformation(client_auth_info): VerifiedClientInformation, + jar: CookieJar, Extension(kopid): Extension, Json(obj): Json, ) -> Result { @@ -2739,7 +2744,7 @@ pub async fn reauth( .handle_reauth(client_auth_info, obj, kopid.eventid) .await; debug!("ReAuth result: {:?}", inter); - auth_session_state_management(state, inter) + auth_session_state_management(state, jar, inter) } #[utoipa::path( @@ -2757,6 +2762,7 @@ pub async fn reauth( pub async fn auth( State(state): State, VerifiedClientInformation(client_auth_info): VerifiedClientInformation, + jar: CookieJar, headers: HeaderMap, Extension(kopid): Extension, Json(obj): Json, @@ -2765,8 +2771,9 @@ pub async fn auth( // Do anything here first that's needed like getting the session details // out of the req cookie. - let maybe_sessionid = state.get_current_auth_session_id(&headers); + let maybe_sessionid = state.get_current_auth_session_id(&headers, &jar); debug!("Session ID: {:?}", maybe_sessionid); + // We probably need to know if we allocate the cookie, that this is a // new session, and in that case, anything *except* authrequest init is // invalid. @@ -2775,12 +2782,13 @@ pub async fn auth( .handle_auth(maybe_sessionid, obj, kopid.eventid, client_auth_info) .await; debug!("Auth result: {:?}", inter); - auth_session_state_management(state, inter) + auth_session_state_management(state, jar, inter) } #[instrument(skip(state))] fn auth_session_state_management( state: ServerState, + mut jar: CookieJar, inter: Result, ) -> Result { let mut auth_session_id_tok = None; @@ -2793,8 +2801,7 @@ fn auth_session_state_management( // Do some response/state management. match auth_state { AuthState::Choose(allowed) => { - debug!("🧩 -> AuthState::Choose"); // TODO: this should be ... less work - // Ensure the auth-session-id is set + debug!("🧩 -> AuthState::Choose"); let kref = &state.jws_signer; let jws = Jws::into_json(&SessionId { sessionid }).map_err(|e| { error!(?e); @@ -2835,6 +2842,24 @@ fn auth_session_state_management( match issue { AuthIssueSession::Token => Ok(ProtoAuthState::Success(token.to_string())), + AuthIssueSession::Cookie => { + // Update jar + let token_str = token.to_string(); + let mut bearer_cookie = + Cookie::new(COOKIE_BEARER_TOKEN, token_str.clone()); + bearer_cookie.set_secure(state.secure_cookies); + bearer_cookie.set_same_site(SameSite::Lax); + bearer_cookie.set_http_only(true); + // We set a domain here because it allows subdomains + // of the idm to share the cookie. If domain was incorrect + // then webauthn won't work anyway! + bearer_cookie.set_domain(state.domain.clone()); + bearer_cookie.set_path("/"); + jar = jar + .add(bearer_cookie) + .remove(Cookie::named(COOKIE_AUTH_SESSION_ID)); + Ok(ProtoAuthState::Success(token_str)) + } } } AuthState::Denied(reason) => { @@ -2849,7 +2874,23 @@ fn auth_session_state_management( // if the sessionid was injected into our cookie, set it in the header too. res.map(|response| { - let mut res = Json::from(response).into_response(); + jar = if let Some(token) = auth_session_id_tok.clone() { + let mut token_cookie = Cookie::new(COOKIE_AUTH_SESSION_ID, token); + token_cookie.set_secure(state.secure_cookies); + token_cookie.set_same_site(SameSite::Strict); + token_cookie.set_http_only(true); + // Not setting domains limits the cookie to precisely this + // url that was used. + // token_cookie.set_domain(state.domain.clone()); + jar.add(token_cookie) + } else { + jar + }; + + trace!(?jar); + + let mut res = (jar, Json::from(response)).into_response(); + match auth_session_id_tok { Some(tok) => { match HeaderValue::from_str(&tok) { diff --git a/server/core/src/lib.rs b/server/core/src/lib.rs index 6e668d0b2..f9b1df24b 100644 --- a/server/core/src/lib.rs +++ b/server/core/src/lib.rs @@ -39,7 +39,7 @@ use std::fmt::{Display, Formatter}; use std::sync::Arc; use crate::utils::touch_file_or_quit; -use compact_jwt::JwsHs256Signer; +use compact_jwt::{JwsHs256Signer, JwsSigner}; use kanidm_proto::internal::OperationError; use kanidmd_lib::be::{Backend, BackendConfig, BackendTransaction}; use kanidmd_lib::idm::ldap::LdapServer; @@ -853,7 +853,7 @@ pub async fn create_server_core( // Extract any configuration from the IDMS that we may need. // For now we just do this per run, but we need to extract this from the db later. let jws_signer = match JwsHs256Signer::generate_hs256() { - Ok(k) => k, + Ok(k) => k.set_sign_option_embed_kid(false), Err(e) => { error!("Unable to setup jws signer -> {:?}", e); return Err(()); diff --git a/server/daemon/Cargo.toml b/server/daemon/Cargo.toml index c5746552b..d956d67b9 100644 --- a/server/daemon/Cargo.toml +++ b/server/daemon/Cargo.toml @@ -28,6 +28,7 @@ fs2 = { workspace = true } futures = { workspace = true } clap = { workspace = true, features = ["env"] } +mimalloc = { workspace = true } reqwest = { workspace = true } serde = { workspace = true, features = ["derive"] } tokio = { workspace = true, features = ["rt-multi-thread", "macros", "signal"] } @@ -51,7 +52,6 @@ whoami = { workspace = true } [target.'cfg(not(target_family = "windows"))'.dependencies] kanidm_utils_users = { workspace = true } -tikv-jemallocator = { workspace = true } [build-dependencies] serde = { workspace = true, features = ["derive"] } diff --git a/server/daemon/src/main.rs b/server/daemon/src/main.rs index 2960803c6..908b70595 100644 --- a/server/daemon/src/main.rs +++ b/server/daemon/src/main.rs @@ -12,7 +12,7 @@ #[cfg(not(target_family = "windows"))] #[global_allocator] -static ALLOC: tikv_jemallocator::Jemalloc = tikv_jemallocator::Jemalloc; +static GLOBAL: mimalloc::MiMalloc = mimalloc::MiMalloc; use std::fs::{metadata, File}; // This works on both unix and windows. diff --git a/server/lib/src/server/migrations.rs b/server/lib/src/server/migrations.rs index b3a190208..e063df095 100644 --- a/server/lib/src/server/migrations.rs +++ b/server/lib/src/server/migrations.rs @@ -52,9 +52,9 @@ impl QueryServer { debug!(?db_domain_version, "Before setting internal domain info"); - // No domain info was present, so neither was the rest of the IDM. We need to bootstrap - // the base-schema here. if db_domain_version == 0 { + // No domain info was present, so neither was the rest of the IDM. We need to bootstrap + // the base-schema here. write_txn.initialise_schema_idm()?; write_txn.reload()?; @@ -64,6 +64,13 @@ impl QueryServer { // very early in the bootstrap process, and very few entries exist, // reindexing is very fast here. write_txn.reindex()?; + } else { + // Domain info was present, so we need to reflect that in our server + // domain structures. If we don't do this, the in memory domain level + // is stuck at 0 which can confuse init domain info below. + write_txn.force_domain_reload(); + + write_txn.reload()?; } // Indicate the schema is now ready, which allows dyngroups to work when they diff --git a/server/lib/src/server/mod.rs b/server/lib/src/server/mod.rs index af3fde323..e1256ef59 100644 --- a/server/lib/src/server/mod.rs +++ b/server/lib/src/server/mod.rs @@ -1898,6 +1898,10 @@ impl<'a> QueryServerWriteTransaction<'a> { self.changed_flags.insert(ChangeFlag::SCHEMA); } + fn force_domain_reload(&mut self) { + self.changed_flags.insert(ChangeFlag::DOMAIN); + } + pub(crate) fn upgrade_reindex(&mut self, v: i64) -> Result<(), OperationError> { self.be_txn.upgrade_reindex(v) } diff --git a/server/web_ui/login_flows/src/components.rs b/server/web_ui/login_flows/src/components.rs index 6c55d254d..7ec81bb20 100644 --- a/server/web_ui/login_flows/src/components.rs +++ b/server/web_ui/login_flows/src/components.rs @@ -22,8 +22,8 @@ use kanidmd_web_ui_shared::constants::{ URL_USER_HOME, }; use kanidmd_web_ui_shared::models::{ - self, clear_bearer_token, get_bearer_token, get_login_hint, pop_login_hint, - pop_login_remember_me, pop_return_location, push_login_remember_me, set_bearer_token, + self, get_login_hint, pop_login_hint, pop_login_remember_me, pop_return_location, + push_login_remember_me, }; use kanidmd_web_ui_shared::{do_request, error::FetchError, utils, RequestMethod}; use serde::Serialize; @@ -34,18 +34,6 @@ pub struct LoginApp { state: LoginState, } -impl Default for LoginApp { - fn default() -> Self { - Self { - state: LoginState::InitLogin { - enable: true, - remember_me: false, - username: String::new(), - }, - } - } -} - #[derive(PartialEq, Clone, Copy)] pub enum LoginWorkflow { Login, @@ -148,16 +136,11 @@ impl From for LoginAppMsg { } impl LoginApp { - /// Validate that the current auth token's OK - async fn fetch_session_valid() -> Result { - fetch_session_valid().await.map(|v| v.into()) - } - async fn auth_init(username: String) -> Result { let authreq = AuthRequest { step: AuthStep::Init2 { username, - issue: AuthIssueSession::Token, + issue: AuthIssueSession::Cookie, privileged: false, }, }; @@ -187,7 +170,7 @@ impl LoginApp { } async fn reauth_init() -> Result { - let issue = AuthIssueSession::Token; + let issue = AuthIssueSession::Cookie; let req_jsvalue = issue .serialize(&serde_wasm_bindgen::Serializer::json_compatible()) .expect("Failed to serialise request"); @@ -662,48 +645,30 @@ impl Component for LoginApp { let state = match workflow { LoginWorkflow::Login => { // let's check if they're already authenticated! - if get_bearer_token().is_some() { - ctx.link().send_future(async { - match Self::fetch_session_valid().await { - Ok(_) => { - console::info!( - "Already logged in, redirecting to user home page" - ); - let window = gloo_utils::window(); - window - .location() - .set_href(URL_USER_HOME) - .expect_throw(&["failed to set location to ", URL_USER_HOME].concat()); + ctx.link().send_future(async { + match fetch_session_valid().await { + Ok(SessionStatus::TokenValid) => { + console::info!("Already logged in, redirecting to user home page"); + let window = gloo_utils::window(); + window.location().set_href(URL_USER_HOME).expect_throw( + &["failed to set location to ", URL_USER_HOME].concat(), + ); - LoginAppMsg::AlreadyAuthenticated - } - Err(v) => { - console::error!( - "Error checking session validity, clearing token and returning to login page: {:?}", - v.as_string() - ); - clear_bearer_token(); - LoginAppMsg::Restart - } + LoginAppMsg::AlreadyAuthenticated } - }); - } - - if get_bearer_token().is_some() { - // We're already logged in, so we're going to redirect to the apps page. - return Self::default(); - } - - // Do we have a login hint? - let (username, remember_me) = get_login_hint() - .map(|user| (user, false)) - .or_else(|| models::get_login_remember_me().map(|user| (user, true))) - .unwrap_or_default(); + Err(_) | Ok(SessionStatus::LoginRequired) => LoginAppMsg::Restart, + Ok(SessionStatus::Error { emsg, kopid }) => { + LoginAppMsg::Error { emsg, kopid } + } + } + }); + // Disable the form while we wait. We either get to AlreadyAuthenticated, or + // Restart from the above async call. LoginState::InitLogin { - enable: true, - remember_me, - username, + enable: false, + remember_me: false, + username: String::new(), } } LoginWorkflow::Reauth => match get_login_hint() { @@ -1050,16 +1015,10 @@ impl Component for LoginApp { self.state = LoginState::Denied(reason); true } - AuthState::Success(bearer_token) => { - // Store the bearer here! - // We need to format the bearer onto it. - #[cfg(debug_assertions)] - console::info!( - "User has successfully authenticated, setting the bearer token" - ); - let bearer_token = format!("Bearer {}", bearer_token); - set_bearer_token(bearer_token); + AuthState::Success(_bearer_token) => { + // No need to store bearer, it is a cookie now. self.state = LoginState::Authenticated; + // No need to render, that's the next page's job. true } } diff --git a/server/web_ui/login_flows/src/oauth2.rs b/server/web_ui/login_flows/src/oauth2.rs index 9d11be36e..c0b26e63b 100644 --- a/server/web_ui/login_flows/src/oauth2.rs +++ b/server/web_ui/login_flows/src/oauth2.rs @@ -15,8 +15,8 @@ use yew_router::prelude::*; use super::router::LoginRoute; use kanidmd_web_ui_shared::models::{ - get_bearer_token, pop_oauth2_authorisation_request, push_login_hint, - push_oauth2_authorisation_request, push_return_location, + pop_oauth2_authorisation_request, push_login_hint, push_oauth2_authorisation_request, + push_return_location, }; use kanidmd_web_ui_shared::{do_request, error::FetchError, utils, RequestMethod}; @@ -166,12 +166,14 @@ impl Oauth2App { .set(CONTENT_TYPE, APPLICATION_JSON) .expect_throw("failed to set header"); + /* if let Some(bearer_token) = get_bearer_token() { request .headers() .set("authorization", &bearer_token) .expect_throw("failed to set authorisation header"); } + */ let window = utils::window(); let resp_value = JsFuture::from(window.fetch_with_request(&request)).await?; diff --git a/server/web_ui/pkg/external/bootstrap.bundle.min.js.br b/server/web_ui/pkg/external/bootstrap.bundle.min.js.br index 6d3d4db41..ee918e301 100644 Binary files a/server/web_ui/pkg/external/bootstrap.bundle.min.js.br and b/server/web_ui/pkg/external/bootstrap.bundle.min.js.br differ diff --git a/server/web_ui/pkg/external/bootstrap.bundle.min.js.map.br b/server/web_ui/pkg/external/bootstrap.bundle.min.js.map.br index c91af7cb3..b35035907 100644 Binary files a/server/web_ui/pkg/external/bootstrap.bundle.min.js.map.br and b/server/web_ui/pkg/external/bootstrap.bundle.min.js.map.br differ diff --git a/server/web_ui/pkg/external/bootstrap.min.css.br b/server/web_ui/pkg/external/bootstrap.min.css.br index bd7ee8f98..dad56ada6 100644 Binary files a/server/web_ui/pkg/external/bootstrap.min.css.br and b/server/web_ui/pkg/external/bootstrap.min.css.br differ diff --git a/server/web_ui/pkg/external/bootstrap.min.css.map.br b/server/web_ui/pkg/external/bootstrap.min.css.map.br index 68dbeec7c..ef170a3b6 100644 Binary files a/server/web_ui/pkg/external/bootstrap.min.css.map.br and b/server/web_ui/pkg/external/bootstrap.min.css.map.br differ diff --git a/server/web_ui/pkg/external/viz.js.br b/server/web_ui/pkg/external/viz.js.br index 176e9e134..4fed7f77a 100644 Binary files a/server/web_ui/pkg/external/viz.js.br and b/server/web_ui/pkg/external/viz.js.br differ diff --git a/server/web_ui/pkg/img/icon-accounts.svg.br b/server/web_ui/pkg/img/icon-accounts.svg.br index 93a0e1c3c..d08c1fd9b 100644 Binary files a/server/web_ui/pkg/img/icon-accounts.svg.br and b/server/web_ui/pkg/img/icon-accounts.svg.br differ diff --git a/server/web_ui/pkg/kanidmd_web_ui_admin.js b/server/web_ui/pkg/kanidmd_web_ui_admin.js index 79d05604f..593ec51ec 100644 --- a/server/web_ui/pkg/kanidmd_web_ui_admin.js +++ b/server/web_ui/pkg/kanidmd_web_ui_admin.js @@ -232,19 +232,19 @@ function addBorrowedObject(obj) { } function __wbg_adapter_38(arg0, arg1, arg2) { try { - wasm._dyn_core__ops__function__FnMut___A____Output___R_as_wasm_bindgen__closure__WasmClosure___describe__invoke__h669f989b94be751f(arg0, arg1, addBorrowedObject(arg2)); + wasm._dyn_core__ops__function__FnMut___A____Output___R_as_wasm_bindgen__closure__WasmClosure___describe__invoke__h5869fca7f8c0640c(arg0, arg1, addBorrowedObject(arg2)); } finally { heap[stack_pointer++] = undefined; } } function __wbg_adapter_41(arg0, arg1, arg2) { - wasm._dyn_core__ops__function__FnMut__A____Output___R_as_wasm_bindgen__closure__WasmClosure___describe__invoke__hec179d3e9a07fffa(arg0, arg1, addHeapObject(arg2)); + wasm._dyn_core__ops__function__FnMut__A____Output___R_as_wasm_bindgen__closure__WasmClosure___describe__invoke__h1aa6653248d58742(arg0, arg1, addHeapObject(arg2)); } function __wbg_adapter_44(arg0, arg1, arg2) { try { - wasm._dyn_core__ops__function__FnMut___A____Output___R_as_wasm_bindgen__closure__WasmClosure___describe__invoke__heeb70e791d5cf4d1(arg0, arg1, addBorrowedObject(arg2)); + wasm._dyn_core__ops__function__FnMut___A____Output___R_as_wasm_bindgen__closure__WasmClosure___describe__invoke__haed7e087111b3b75(arg0, arg1, addBorrowedObject(arg2)); } finally { heap[stack_pointer++] = undefined; } @@ -529,10 +529,6 @@ function __wbg_get_imports() { const ret = getObject(arg0).localStorage; return isLikeNone(ret) ? 0 : addHeapObject(ret); }, arguments) }; - imports.wbg.__wbg_sessionStorage_0a3bf8c7b2253d1a = function() { return handleError(function (arg0) { - const ret = getObject(arg0).sessionStorage; - return isLikeNone(ret) ? 0 : addHeapObject(ret); - }, arguments) }; imports.wbg.__wbg_fetch_c4b6afebdb1f918e = function(arg0, arg1) { const ret = getObject(arg0).fetch(getObject(arg1)); return addHeapObject(ret); @@ -595,19 +591,9 @@ function __wbg_get_imports() { imports.wbg.__wbg_setvalue_78cb4f1fef58ae98 = function(arg0, arg1, arg2) { getObject(arg0).value = getStringFromWasm0(arg1, arg2); }; - imports.wbg.__wbg_getItem_164e8e5265095b87 = function() { return handleError(function (arg0, arg1, arg2, arg3) { - const ret = getObject(arg1).getItem(getStringFromWasm0(arg2, arg3)); - var ptr1 = isLikeNone(ret) ? 0 : passStringToWasm0(ret, wasm.__wbindgen_malloc, wasm.__wbindgen_realloc); - var len1 = WASM_VECTOR_LEN; - getInt32Memory0()[arg0 / 4 + 1] = len1; - getInt32Memory0()[arg0 / 4 + 0] = ptr1; - }, arguments) }; imports.wbg.__wbg_removeItem_c0321116dc514363 = function() { return handleError(function (arg0, arg1, arg2) { getObject(arg0).removeItem(getStringFromWasm0(arg1, arg2)); }, arguments) }; - imports.wbg.__wbg_setItem_ba2bb41d73dac079 = function() { return handleError(function (arg0, arg1, arg2, arg3, arg4) { - getObject(arg0).setItem(getStringFromWasm0(arg1, arg2), getStringFromWasm0(arg3, arg4)); - }, arguments) }; imports.wbg.__wbg_value_d7f5bfbd9302c14b = function(arg0, arg1) { const ret = getObject(arg1).value; const ptr1 = passStringToWasm0(ret, wasm.__wbindgen_malloc, wasm.__wbindgen_realloc); @@ -700,13 +686,6 @@ function __wbg_get_imports() { getInt32Memory0()[arg0 / 4 + 1] = len1; getInt32Memory0()[arg0 / 4 + 0] = ptr1; }, arguments) }; - imports.wbg.__wbg_href_2edbae9e92cdfeff = function(arg0, arg1) { - const ret = getObject(arg1).href; - const ptr1 = passStringToWasm0(ret, wasm.__wbindgen_malloc, wasm.__wbindgen_realloc); - const len1 = WASM_VECTOR_LEN; - getInt32Memory0()[arg0 / 4 + 1] = len1; - getInt32Memory0()[arg0 / 4 + 0] = ptr1; - }; imports.wbg.__wbg_parentNode_6be3abff20e1a5fb = function(arg0) { const ret = getObject(arg0).parentNode; return isLikeNone(ret) ? 0 : addHeapObject(ret); @@ -776,6 +755,13 @@ function __wbg_get_imports() { imports.wbg.__wbg_pushState_b8e8d346f8bb33fd = function() { return handleError(function (arg0, arg1, arg2, arg3, arg4, arg5) { getObject(arg0).pushState(getObject(arg1), getStringFromWasm0(arg2, arg3), arg4 === 0 ? undefined : getStringFromWasm0(arg4, arg5)); }, arguments) }; + imports.wbg.__wbg_href_2edbae9e92cdfeff = function(arg0, arg1) { + const ret = getObject(arg1).href; + const ptr1 = passStringToWasm0(ret, wasm.__wbindgen_malloc, wasm.__wbindgen_realloc); + const len1 = WASM_VECTOR_LEN; + getInt32Memory0()[arg0 / 4 + 1] = len1; + getInt32Memory0()[arg0 / 4 + 0] = ptr1; + }; imports.wbg.__wbg_headers_abb199c3be8d817c = function(arg0) { const ret = getObject(arg0).headers; return addHeapObject(ret); @@ -906,28 +892,6 @@ function __wbg_get_imports() { const ret = result; return ret; }; - imports.wbg.__wbg_instanceof_Error_e20bb56fd5591a93 = function(arg0) { - let result; - try { - result = getObject(arg0) instanceof Error; - } catch (_) { - result = false; - } - const ret = result; - return ret; - }; - imports.wbg.__wbg_message_5bf28016c2b49cfb = function(arg0) { - const ret = getObject(arg0).message; - return addHeapObject(ret); - }; - imports.wbg.__wbg_name_e7429f0dda6079e2 = function(arg0) { - const ret = getObject(arg0).name; - return addHeapObject(ret); - }; - imports.wbg.__wbg_toString_ffe4c9ea3b3532e9 = function(arg0) { - const ret = getObject(arg0).toString(); - return addHeapObject(ret); - }; imports.wbg.__wbg_isSafeInteger_f7b04ef02296c4d2 = function(arg0) { const ret = Number.isSafeInteger(getObject(arg0)); return ret; @@ -999,16 +963,16 @@ function __wbg_get_imports() { const ret = wasm.memory; return addHeapObject(ret); }; - imports.wbg.__wbindgen_closure_wrapper1297 = function(arg0, arg1, arg2) { - const ret = makeMutClosure(arg0, arg1, 592, __wbg_adapter_38); + imports.wbg.__wbindgen_closure_wrapper1260 = function(arg0, arg1, arg2) { + const ret = makeMutClosure(arg0, arg1, 582, __wbg_adapter_38); return addHeapObject(ret); }; - imports.wbg.__wbindgen_closure_wrapper1408 = function(arg0, arg1, arg2) { - const ret = makeMutClosure(arg0, arg1, 639, __wbg_adapter_41); + imports.wbg.__wbindgen_closure_wrapper1368 = function(arg0, arg1, arg2) { + const ret = makeMutClosure(arg0, arg1, 630, __wbg_adapter_41); return addHeapObject(ret); }; - imports.wbg.__wbindgen_closure_wrapper1439 = function(arg0, arg1, arg2) { - const ret = makeMutClosure(arg0, arg1, 656, __wbg_adapter_44); + imports.wbg.__wbindgen_closure_wrapper1399 = function(arg0, arg1, arg2) { + const ret = makeMutClosure(arg0, arg1, 647, __wbg_adapter_44); return addHeapObject(ret); }; diff --git a/server/web_ui/pkg/kanidmd_web_ui_admin.js.br b/server/web_ui/pkg/kanidmd_web_ui_admin.js.br index 64b72c928..ae0b86a92 100644 Binary files a/server/web_ui/pkg/kanidmd_web_ui_admin.js.br and b/server/web_ui/pkg/kanidmd_web_ui_admin.js.br differ diff --git a/server/web_ui/pkg/kanidmd_web_ui_admin_bg.wasm b/server/web_ui/pkg/kanidmd_web_ui_admin_bg.wasm index fdf57d774..c467bc79d 100644 Binary files a/server/web_ui/pkg/kanidmd_web_ui_admin_bg.wasm and b/server/web_ui/pkg/kanidmd_web_ui_admin_bg.wasm differ diff --git a/server/web_ui/pkg/kanidmd_web_ui_admin_bg.wasm.br b/server/web_ui/pkg/kanidmd_web_ui_admin_bg.wasm.br index b90415ba6..08a087540 100644 Binary files a/server/web_ui/pkg/kanidmd_web_ui_admin_bg.wasm.br and b/server/web_ui/pkg/kanidmd_web_ui_admin_bg.wasm.br differ diff --git a/server/web_ui/pkg/kanidmd_web_ui_login_flows.js b/server/web_ui/pkg/kanidmd_web_ui_login_flows.js index 97275b7fa..bcc0b7835 100644 --- a/server/web_ui/pkg/kanidmd_web_ui_login_flows.js +++ b/server/web_ui/pkg/kanidmd_web_ui_login_flows.js @@ -239,19 +239,19 @@ function addBorrowedObject(obj) { } function __wbg_adapter_48(arg0, arg1, arg2) { try { - wasm._dyn_core__ops__function__FnMut___A____Output___R_as_wasm_bindgen__closure__WasmClosure___describe__invoke__hc006ce98f00d83e0(arg0, arg1, addBorrowedObject(arg2)); + wasm._dyn_core__ops__function__FnMut___A____Output___R_as_wasm_bindgen__closure__WasmClosure___describe__invoke__hde2cadb5f0b706d2(arg0, arg1, addBorrowedObject(arg2)); } finally { heap[stack_pointer++] = undefined; } } function __wbg_adapter_51(arg0, arg1, arg2) { - wasm._dyn_core__ops__function__FnMut__A____Output___R_as_wasm_bindgen__closure__WasmClosure___describe__invoke__hec179d3e9a07fffa(arg0, arg1, addHeapObject(arg2)); + wasm._dyn_core__ops__function__FnMut__A____Output___R_as_wasm_bindgen__closure__WasmClosure___describe__invoke__h1aa6653248d58742(arg0, arg1, addHeapObject(arg2)); } function __wbg_adapter_54(arg0, arg1, arg2) { try { - wasm._dyn_core__ops__function__FnMut___A____Output___R_as_wasm_bindgen__closure__WasmClosure___describe__invoke__h8e5f8844707a2983(arg0, arg1, addBorrowedObject(arg2)); + wasm._dyn_core__ops__function__FnMut___A____Output___R_as_wasm_bindgen__closure__WasmClosure___describe__invoke__h1adeb92879459ba7(arg0, arg1, addBorrowedObject(arg2)); } finally { heap[stack_pointer++] = undefined; } @@ -630,12 +630,6 @@ function __wbg_get_imports() { imports.wbg.__wbg_focus_39d4b8ba8ff9df14 = function() { return handleError(function (arg0) { getObject(arg0).focus(); }, arguments) }; - imports.wbg.__wbg_add_dcb05a8ba423bdac = function() { return handleError(function (arg0, arg1, arg2) { - getObject(arg0).add(getStringFromWasm0(arg1, arg2)); - }, arguments) }; - imports.wbg.__wbg_remove_698118fb25ab8150 = function() { return handleError(function (arg0, arg1, arg2) { - getObject(arg0).remove(getStringFromWasm0(arg1, arg2)); - }, arguments) }; imports.wbg.__wbg_href_2edbae9e92cdfeff = function(arg0, arg1) { const ret = getObject(arg1).href; const ptr1 = passStringToWasm0(ret, wasm.__wbindgen_malloc, wasm.__wbindgen_realloc); @@ -643,6 +637,12 @@ function __wbg_get_imports() { getInt32Memory0()[arg0 / 4 + 1] = len1; getInt32Memory0()[arg0 / 4 + 0] = ptr1; }; + imports.wbg.__wbg_add_dcb05a8ba423bdac = function() { return handleError(function (arg0, arg1, arg2) { + getObject(arg0).add(getStringFromWasm0(arg1, arg2)); + }, arguments) }; + imports.wbg.__wbg_remove_698118fb25ab8150 = function() { return handleError(function (arg0, arg1, arg2) { + getObject(arg0).remove(getStringFromWasm0(arg1, arg2)); + }, arguments) }; imports.wbg.__wbg_href_706b235ecfe6848c = function() { return handleError(function (arg0, arg1) { const ret = getObject(arg1).href; const ptr1 = passStringToWasm0(ret, wasm.__wbindgen_malloc, wasm.__wbindgen_realloc); @@ -1101,16 +1101,16 @@ function __wbg_get_imports() { const ret = wasm.memory; return addHeapObject(ret); }; - imports.wbg.__wbindgen_closure_wrapper1418 = function(arg0, arg1, arg2) { - const ret = makeMutClosure(arg0, arg1, 537, __wbg_adapter_48); + imports.wbg.__wbindgen_closure_wrapper1415 = function(arg0, arg1, arg2) { + const ret = makeMutClosure(arg0, arg1, 538, __wbg_adapter_48); return addHeapObject(ret); }; - imports.wbg.__wbindgen_closure_wrapper1729 = function(arg0, arg1, arg2) { - const ret = makeMutClosure(arg0, arg1, 626, __wbg_adapter_51); + imports.wbg.__wbindgen_closure_wrapper1726 = function(arg0, arg1, arg2) { + const ret = makeMutClosure(arg0, arg1, 627, __wbg_adapter_51); return addHeapObject(ret); }; - imports.wbg.__wbindgen_closure_wrapper1760 = function(arg0, arg1, arg2) { - const ret = makeMutClosure(arg0, arg1, 643, __wbg_adapter_54); + imports.wbg.__wbindgen_closure_wrapper1757 = function(arg0, arg1, arg2) { + const ret = makeMutClosure(arg0, arg1, 644, __wbg_adapter_54); return addHeapObject(ret); }; diff --git a/server/web_ui/pkg/kanidmd_web_ui_login_flows.js.br b/server/web_ui/pkg/kanidmd_web_ui_login_flows.js.br index d9455be54..f21580704 100644 Binary files a/server/web_ui/pkg/kanidmd_web_ui_login_flows.js.br and b/server/web_ui/pkg/kanidmd_web_ui_login_flows.js.br differ diff --git a/server/web_ui/pkg/kanidmd_web_ui_login_flows_bg.wasm b/server/web_ui/pkg/kanidmd_web_ui_login_flows_bg.wasm index 151be947f..f9c247742 100644 Binary files a/server/web_ui/pkg/kanidmd_web_ui_login_flows_bg.wasm and b/server/web_ui/pkg/kanidmd_web_ui_login_flows_bg.wasm differ diff --git a/server/web_ui/pkg/kanidmd_web_ui_login_flows_bg.wasm.br b/server/web_ui/pkg/kanidmd_web_ui_login_flows_bg.wasm.br index f2222ef6a..31b9ead73 100644 Binary files a/server/web_ui/pkg/kanidmd_web_ui_login_flows_bg.wasm.br and b/server/web_ui/pkg/kanidmd_web_ui_login_flows_bg.wasm.br differ diff --git a/server/web_ui/pkg/kanidmd_web_ui_user.js b/server/web_ui/pkg/kanidmd_web_ui_user.js index a6eeb91ea..5fa793812 100644 --- a/server/web_ui/pkg/kanidmd_web_ui_user.js +++ b/server/web_ui/pkg/kanidmd_web_ui_user.js @@ -232,7 +232,7 @@ function makeMutClosure(arg0, arg1, dtor, f) { return real; } function __wbg_adapter_48(arg0, arg1) { - wasm._dyn_core__ops__function__FnMut_____Output___R_as_wasm_bindgen__closure__WasmClosure___describe__invoke__ha7a71f5685f97bb7(arg0, arg1); + wasm._dyn_core__ops__function__FnMut_____Output___R_as_wasm_bindgen__closure__WasmClosure___describe__invoke__h96f7c6547f3957ee(arg0, arg1); } let stack_pointer = 128; @@ -244,19 +244,19 @@ function addBorrowedObject(obj) { } function __wbg_adapter_51(arg0, arg1, arg2) { try { - wasm._dyn_core__ops__function__FnMut___A____Output___R_as_wasm_bindgen__closure__WasmClosure___describe__invoke__hb09f5f6641eb5a79(arg0, arg1, addBorrowedObject(arg2)); + wasm._dyn_core__ops__function__FnMut___A____Output___R_as_wasm_bindgen__closure__WasmClosure___describe__invoke__hb105de8e9efc9ac9(arg0, arg1, addBorrowedObject(arg2)); } finally { heap[stack_pointer++] = undefined; } } function __wbg_adapter_54(arg0, arg1, arg2) { - wasm._dyn_core__ops__function__FnMut__A____Output___R_as_wasm_bindgen__closure__WasmClosure___describe__invoke__hec179d3e9a07fffa(arg0, arg1, addHeapObject(arg2)); + wasm._dyn_core__ops__function__FnMut__A____Output___R_as_wasm_bindgen__closure__WasmClosure___describe__invoke__h1aa6653248d58742(arg0, arg1, addHeapObject(arg2)); } function __wbg_adapter_57(arg0, arg1, arg2) { try { - wasm._dyn_core__ops__function__FnMut___A____Output___R_as_wasm_bindgen__closure__WasmClosure___describe__invoke__h7b56640cab7c6d87(arg0, arg1, addBorrowedObject(arg2)); + wasm._dyn_core__ops__function__FnMut___A____Output___R_as_wasm_bindgen__closure__WasmClosure___describe__invoke__he6ae5361a1f44a8b(arg0, arg1, addBorrowedObject(arg2)); } finally { heap[stack_pointer++] = undefined; } @@ -658,6 +658,13 @@ function __wbg_get_imports() { const ret = getObject(arg0).get(getStringFromWasm0(arg1, arg2)); return addHeapObject(ret); }; + imports.wbg.__wbg_href_2edbae9e92cdfeff = function(arg0, arg1) { + const ret = getObject(arg1).href; + const ptr1 = passStringToWasm0(ret, wasm.__wbindgen_malloc, wasm.__wbindgen_realloc); + const len1 = WASM_VECTOR_LEN; + getInt32Memory0()[arg0 / 4 + 1] = len1; + getInt32Memory0()[arg0 / 4 + 0] = ptr1; + }; imports.wbg.__wbg_addEventListener_4283b15b4f039eb5 = function() { return handleError(function (arg0, arg1, arg2, arg3, arg4) { getObject(arg0).addEventListener(getStringFromWasm0(arg1, arg2), getObject(arg3), getObject(arg4)); }, arguments) }; @@ -670,13 +677,6 @@ function __wbg_get_imports() { imports.wbg.__wbg_remove_698118fb25ab8150 = function() { return handleError(function (arg0, arg1, arg2) { getObject(arg0).remove(getStringFromWasm0(arg1, arg2)); }, arguments) }; - imports.wbg.__wbg_href_2edbae9e92cdfeff = function(arg0, arg1) { - const ret = getObject(arg1).href; - const ptr1 = passStringToWasm0(ret, wasm.__wbindgen_malloc, wasm.__wbindgen_realloc); - const len1 = WASM_VECTOR_LEN; - getInt32Memory0()[arg0 / 4 + 1] = len1; - getInt32Memory0()[arg0 / 4 + 0] = ptr1; - }; imports.wbg.__wbg_href_706b235ecfe6848c = function() { return handleError(function (arg0, arg1) { const ret = getObject(arg1).href; const ptr1 = passStringToWasm0(ret, wasm.__wbindgen_malloc, wasm.__wbindgen_realloc); @@ -1149,18 +1149,18 @@ function __wbg_get_imports() { return addHeapObject(ret); }; imports.wbg.__wbindgen_closure_wrapper1348 = function(arg0, arg1, arg2) { - const ret = makeMutClosure(arg0, arg1, 693, __wbg_adapter_48); + const ret = makeMutClosure(arg0, arg1, 692, __wbg_adapter_48); return addHeapObject(ret); }; - imports.wbg.__wbindgen_closure_wrapper3881 = function(arg0, arg1, arg2) { + imports.wbg.__wbindgen_closure_wrapper3876 = function(arg0, arg1, arg2) { const ret = makeMutClosure(arg0, arg1, 1949, __wbg_adapter_51); return addHeapObject(ret); }; - imports.wbg.__wbindgen_closure_wrapper3960 = function(arg0, arg1, arg2) { + imports.wbg.__wbindgen_closure_wrapper3955 = function(arg0, arg1, arg2) { const ret = makeMutClosure(arg0, arg1, 1975, __wbg_adapter_54); return addHeapObject(ret); }; - imports.wbg.__wbindgen_closure_wrapper3991 = function(arg0, arg1, arg2) { + imports.wbg.__wbindgen_closure_wrapper3986 = function(arg0, arg1, arg2) { const ret = makeMutClosure(arg0, arg1, 1992, __wbg_adapter_57); return addHeapObject(ret); }; diff --git a/server/web_ui/pkg/kanidmd_web_ui_user.js.br b/server/web_ui/pkg/kanidmd_web_ui_user.js.br index ed7a4df00..e194f194e 100644 Binary files a/server/web_ui/pkg/kanidmd_web_ui_user.js.br and b/server/web_ui/pkg/kanidmd_web_ui_user.js.br differ diff --git a/server/web_ui/pkg/kanidmd_web_ui_user_bg.wasm b/server/web_ui/pkg/kanidmd_web_ui_user_bg.wasm index d229f5b60..6de4afe1c 100644 Binary files a/server/web_ui/pkg/kanidmd_web_ui_user_bg.wasm and b/server/web_ui/pkg/kanidmd_web_ui_user_bg.wasm differ diff --git a/server/web_ui/pkg/kanidmd_web_ui_user_bg.wasm.br b/server/web_ui/pkg/kanidmd_web_ui_user_bg.wasm.br index 56937b82a..f4575f415 100644 Binary files a/server/web_ui/pkg/kanidmd_web_ui_user_bg.wasm.br and b/server/web_ui/pkg/kanidmd_web_ui_user_bg.wasm.br differ diff --git a/server/web_ui/shared/src/lib.rs b/server/web_ui/shared/src/lib.rs index 8e3754b24..36b9261dc 100644 --- a/server/web_ui/shared/src/lib.rs +++ b/server/web_ui/shared/src/lib.rs @@ -5,19 +5,18 @@ use error::FetchError; use gloo::console; use kanidm_proto::constants::uri::V1_AUTH_VALID; +use kanidm_proto::constants::APPLICATION_JSON; use kanidm_proto::constants::KOPID; -use kanidm_proto::constants::{APPLICATION_JSON, KSESSIONID}; -use models::{clear_bearer_token, get_bearer_token}; use serde::{Deserialize, Serialize}; use wasm_bindgen::prelude::*; use wasm_bindgen::JsValue; use wasm_bindgen_futures::JsFuture; use web_sys::{Headers, Request, RequestInit, RequestMode, Response}; -use gloo::storage::{SessionStorage as TemporaryStorage, Storage}; use yew::{html, Html}; use crate::constants::{CSS_ALERT_WARNING, IMG_LOGO_SQUARE}; +use crate::models::clear_bearer_token; pub mod constants; pub mod error; @@ -27,23 +26,6 @@ pub mod models; pub mod ui; pub mod utils; -const AUTH_SESSION_ID: &str = "auth_session_id"; - -pub fn pop_auth_session_id() -> Option { - let l: Result = TemporaryStorage::get(AUTH_SESSION_ID); - #[cfg(debug_assertions)] - console::debug!(format!("auth_session_id -> {:?}", l).as_str()); - TemporaryStorage::delete(AUTH_SESSION_ID); - l.ok() -} - -pub fn push_auth_session_id(r: String) { - TemporaryStorage::set(AUTH_SESSION_ID, r).expect_throw(&format!( - "failed to set {} in temporary storage", - AUTH_SESSION_ID - )); -} - /// Build and send a request to the backend, with some standard headers and pull back /// (kopid, status, json, headers) pub async fn do_request>( @@ -70,30 +52,12 @@ pub async fn do_request>( .set(CONTENT_TYPE, APPLICATION_JSON) .expect_throw("failed to set content-type header"); - if let Some(sessionid) = pop_auth_session_id() { - request - .headers() - .set(KSESSIONID, &sessionid) - .expect_throw(&format!("failed to set {} header", KSESSIONID)); - } - - if let Some(bearer_token) = get_bearer_token() { - request - .headers() - .set("authorization", &bearer_token) - .expect_throw("failed to set authorization header"); - } - let window = utils::window(); let resp_value = JsFuture::from(window.fetch_with_request(&request)).await?; let resp: Response = resp_value.dyn_into().expect_throw("Invalid response type"); let status = resp.status(); let headers: Headers = resp.headers(); - if let Some(sessionid) = headers.get(KSESSIONID).ok().flatten() { - push_auth_session_id(sessionid); - } - let kopid = headers.get(KOPID).ok().flatten(); let body = match resp.json() { diff --git a/server/web_ui/shared/src/models.rs b/server/web_ui/shared/src/models.rs index 3d86d3ac0..10afbd86e 100644 --- a/server/web_ui/shared/src/models.rs +++ b/server/web_ui/shared/src/models.rs @@ -14,21 +14,6 @@ const LOGIN_REMEMBER_ME: &str = "login_remember_me"; const RETURN_LOCATION: &str = "return_location"; const OAUTH2_AUTHORIZATION_REQUEST: &str = "oauth2_authorisation_request"; -/// Store the bearer token `r` in local storage -pub fn set_bearer_token(r: String) { - LocalStorage::set(BEARER_TOKEN, r).expect_throw(&format!("failed to set {}", BEARER_TOKEN)); -} - -pub fn get_bearer_token() -> Option { - let l: Result = LocalStorage::get(BEARER_TOKEN); - #[cfg(debug_assertions)] - console::debug!(&format!( - "login_hint::get_login_remember_me -> present={:?}", - l.is_ok() - )); - l.ok() -} - pub fn clear_bearer_token() { #[cfg(debug_assertions)] console::debug!("clearing the bearer token from local storage"); diff --git a/tools/orca/Cargo.toml b/tools/orca/Cargo.toml index 4725816f4..07a6e85c8 100644 --- a/tools/orca/Cargo.toml +++ b/tools/orca/Cargo.toml @@ -27,6 +27,7 @@ hashbrown = { workspace = true } kanidm_client = { workspace = true } kanidm_proto = { workspace = true } mathru = { workspace = true } +mimalloc = { workspace = true } rand = { workspace = true } rand_chacha = { workspace = true } serde = { workspace = true, features = ["derive"] } @@ -37,9 +38,6 @@ tracing = { workspace = true } tracing-subscriber = { workspace = true } uuid = { workspace = true, features = ["serde", "v4" ] } -[target.'cfg(not(target_family = "windows"))'.dependencies] -tikv-jemallocator = { workspace = true } - [build-dependencies] kanidm_build_profiles = { workspace = true } diff --git a/tools/orca/src/main.rs b/tools/orca/src/main.rs index acca76c90..fe26896be 100644 --- a/tools/orca/src/main.rs +++ b/tools/orca/src/main.rs @@ -8,7 +8,7 @@ #[cfg(not(target_family = "windows"))] #[global_allocator] -static ALLOC: tikv_jemallocator::Jemalloc = tikv_jemallocator::Jemalloc; +static GLOBAL: mimalloc::MiMalloc = mimalloc::MiMalloc; #[macro_use] extern crate tracing; diff --git a/unix_integration/Cargo.toml b/unix_integration/Cargo.toml index 725e9314b..891b50ca2 100644 --- a/unix_integration/Cargo.toml +++ b/unix_integration/Cargo.toml @@ -67,6 +67,7 @@ kanidm_proto = { workspace = true } kanidm-hsm-crypto = { workspace = true } kanidm_lib_crypto = { workspace = true } kanidm_lib_file_permissions = { workspace = true } +mimalloc = { workspace = true } notify-debouncer-full = { workspace = true } rpassword = { workspace = true } rusqlite = { workspace = true } diff --git a/unix_integration/src/daemon.rs b/unix_integration/src/daemon.rs index b544e3bd3..4d5916801 100644 --- a/unix_integration/src/daemon.rs +++ b/unix_integration/src/daemon.rs @@ -53,6 +53,9 @@ use kanidm_hsm_crypto::{soft::SoftTpm, AuthValue, BoxedDynTpm, Tpm}; use notify_debouncer_full::{new_debouncer, notify::RecursiveMode, notify::Watcher}; +#[global_allocator] +static ALLOC: mimalloc::MiMalloc = mimalloc::MiMalloc; + //=== the codec type AsyncTaskRequest = (TaskRequest, oneshot::Sender<()>);