diff --git a/Cargo.lock b/Cargo.lock index 1b10c412c..8a08d799a 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -212,9 +212,9 @@ dependencies = [ [[package]] name = "async-compression" -version = "0.4.8" +version = "0.4.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "07dbbf24db18d609b1462965249abdf49129ccad073ec257da372adc83259c60" +checksum = "4e9eabd7a98fe442131a17c316bd9349c43695e49e730c3c8e12cfb5f4da2693" dependencies = [ "flate2", "futures-core", @@ -225,9 +225,9 @@ dependencies = [ [[package]] name = "async-recursion" -version = "1.1.0" +version = "1.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "30c5ef0ede93efbf733c1a727f3b6b5a1060bbedd5600183e66f6e4be4af0ec5" +checksum = "3b43422f69d8ff38f95f1b2bb76517c91589a924d1559a0e935d7c8ce0274c11" dependencies = [ "proc-macro2", "quote", @@ -291,7 +291,7 @@ dependencies = [ "serde_bytes", "serde_cbor", "serde_json", - "sha2 0.10.8", + "sha2", "winapi", ] @@ -430,12 +430,6 @@ version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "23ce669cd6c8588f79e15cf450314f9638f967fc5770ff1c7c1deb0925ea7cfa" -[[package]] -name = "base64" -version = "0.12.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3441f0f7b02788e948e47f457ca01f1d7e6d92c693bc132c22b087d3141c03ff" - [[package]] name = "base64" version = "0.13.1" @@ -450,9 +444,9 @@ checksum = "9d297deb1925b89f2ccc13d7635fa0714f12c87adce1c75356b39ca9b7178567" [[package]] name = "base64" -version = "0.22.0" +version = "0.22.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9475866fec1451be56a3c2400fd081ff546538961565ccb5b7142cbd22bc7a51" +checksum = "72b3254f16251a8381aa12e40e3c4d2f0199f8c6508fbecb9d91f575e0fbb8c6" [[package]] name = "base64ct" @@ -473,8 +467,9 @@ dependencies = [ [[package]] name = "base64urlsafedata" -version = "0.2.0" -source = "git+https://github.com/kanidm/webauthn-rs.git?rev=24b6ad8e41e336b4b6554b6e8e171c929952bf73#24b6ad8e41e336b4b6554b6e8e171c929952bf73" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1a56894edf5cd1efa7068d7454adeb7ce0b3da4ffa5ab08cfc06165bbc62f0c7" dependencies = [ "base64 0.21.7", "paste 1.0.14", @@ -575,19 +570,7 @@ version = "0.10.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "46502ad458c9a52b69d4d4d32775c788b7a1b85e8bc9d482d92250fc0e3f8efe" dependencies = [ - "digest 0.10.7", -] - -[[package]] -name = "block-buffer" -version = "0.7.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c0940dc441f31689269e10ac70eb1002a3a1d3ad1390e030043662eb7fe4688b" -dependencies = [ - "block-padding", - "byte-tools", - "byteorder", - "generic-array 0.12.4", + "digest", ] [[package]] @@ -596,16 +579,7 @@ version = "0.10.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3078c7629b62d3f0439517fa394996acacc5cbc91c5a20d8c658e77abd503a71" dependencies = [ - "generic-array 0.14.7", -] - -[[package]] -name = "block-padding" -version = "0.1.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fa79dedbb091f449f1f39e53edf88d5dbe95f895dae6135a8d7b881fb5af73f5" -dependencies = [ - "byte-tools", + "generic-array", ] [[package]] @@ -640,12 +614,6 @@ version = "3.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "79296716171880943b8470b5f8d03aa55eb2e645a4874bdbb28adb49162e012c" -[[package]] -name = "byte-tools" -version = "0.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e3b5ca7a04898ad4bcd41c90c5285445ff5b791899bb1b0abdd2a2aa791211d7" - [[package]] name = "bytecount" version = "0.6.8" @@ -678,9 +646,9 @@ checksum = "37b2a672a2cb129a2e41c10b1224bb368f9f37a2b16b612598138befd7b37eb5" [[package]] name = "cc" -version = "1.0.95" +version = "1.0.96" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d32a725bc159af97c3e629873bb9f88fb8cf8a4867175f76dc987815ea07c83b" +checksum = "065a29261d53ba54260972629f9ca6bffa69bac13cd1fed61420f7fa68b9f8bd" [[package]] name = "cexpr" @@ -848,12 +816,12 @@ dependencies = [ [[package]] name = "compact_jwt" -version = "0.4.0-dev" +version = "0.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1d7adf14f5a7fc546b0828c69abe4dc4e16aad4de49e01553f54d6cbbc8a0a99" +checksum = "d1aca09e6a9e9011c2a2fb13f26a0d2440a709ac0e68ccf02d168d54f4801b27" dependencies = [ "base64 0.21.7", - "base64urlsafedata 0.1.3", + "base64urlsafedata 0.5.0", "hex", "kanidm-hsm-crypto 0.2.0", "openssl", @@ -1093,7 +1061,7 @@ version = "0.1.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3" dependencies = [ - "generic-array 0.14.7", + "generic-array", "typenum", ] @@ -1120,7 +1088,7 @@ dependencies = [ [[package]] name = "daemon" -version = "1.2.0-dev" +version = "1.2.0" dependencies = [ "clap", "clap_complete", @@ -1220,9 +1188,9 @@ dependencies = [ [[package]] name = "data-encoding" -version = "2.5.0" +version = "2.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7e962a19be5cfc3f3bf6dd8f61eb50107f356ad6270fbb3ed41476571db78be5" +checksum = "e8566979429cf69b49a5c740c60791108e86440e8be149bbea4fe54d2c32d6e2" [[package]] name = "der-parser" @@ -1307,22 +1275,13 @@ version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6184e33543162437515c2e2b48714794e37845ec9851711914eec9d308f6ebe8" -[[package]] -name = "digest" -version = "0.8.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f3d0c8c8752312f9713efd397ff63acb9f85585afbf179282e720e7704954dd5" -dependencies = [ - "generic-array 0.12.4", -] - [[package]] name = "digest" version = "0.10.7" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9ed9a281f7bc9b7576e61468ba615a66a5c8cfdff42420a70aa82701a3b1e292" dependencies = [ - "block-buffer 0.10.4", + "block-buffer", "crypto-common", "subtle", ] @@ -1486,12 +1445,6 @@ dependencies = [ "serde_json", ] -[[package]] -name = "fake-simd" -version = "0.1.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e88a8acf291dafb59c2d96e8f59828f3838bb1a70398823ade51a84de6a6deed" - [[package]] name = "fallible-iterator" version = "0.2.0" @@ -1556,9 +1509,9 @@ dependencies = [ [[package]] name = "fastrand" -version = "2.0.2" +version = "2.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "658bd65b1cf4c852a3cc96f18a8ce7b5640f6b703f905c7d74532294c2a63984" +checksum = "9fc0510504f03c51ada170672ac806f1f105a88aa97a5281117e1ddc3368e51a" [[package]] name = "fernet" @@ -1602,9 +1555,9 @@ checksum = "0ce7134b9999ecaf8bcd65542e436736ef32ddca1b3e06094cb6ec5755203b80" [[package]] name = "flate2" -version = "1.0.28" +version = "1.0.30" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "46303f565772937ffe1d394a4fac6f411c6013172fadde9dcdb1e147a086940e" +checksum = "5f54427cfd1c7829e2a139fcefea601bf088ebca651d2bf53ebc600eac295dae" dependencies = [ "crc32fast", "miniz_oxide", @@ -1769,15 +1722,6 @@ dependencies = [ "slab", ] -[[package]] -name = "generic-array" -version = "0.12.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ffdf9f34f1447443d37393cc6c2b8313aebddcd96906caf34e54c68d8e57d7bd" -dependencies = [ - "typenum", -] - [[package]] name = "generic-array" version = "0.14.7" @@ -1862,7 +1806,7 @@ dependencies = [ "gix-utils", "gix-validate", "once_cell", - "parking_lot 0.12.1", + "parking_lot 0.12.2", "smallvec", "thiserror", "unicode-normalization", @@ -2033,8 +1977,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "feb61880816d7ec4f0b20606b498147d480860ddd9133ba542628df2f548d3ca" dependencies = [ "gix-hash", - "hashbrown 0.14.3", - "parking_lot 0.12.1", + "hashbrown 0.14.5", + "parking_lot 0.12.2", ] [[package]] @@ -2092,7 +2036,7 @@ dependencies = [ "gix-pack", "gix-path", "gix-quote", - "parking_lot 0.12.1", + "parking_lot 0.12.2", "tempfile", "thiserror", ] @@ -2112,7 +2056,7 @@ dependencies = [ "gix-path", "gix-tempfile", "memmap2", - "parking_lot 0.12.1", + "parking_lot 0.12.2", "smallvec", "thiserror", ] @@ -2228,7 +2172,7 @@ dependencies = [ "gix-fs", "libc", "once_cell", - "parking_lot 0.12.1", + "parking_lot 0.12.2", "tempfile", ] @@ -2541,9 +2485,9 @@ dependencies = [ [[package]] name = "hashbrown" -version = "0.14.3" +version = "0.14.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "290f1a1d9242c78d09ce40a5e87e7554ee637af1351968159f4952f028f75604" +checksum = "e5274423e17b7c9fc20b6e7e208532f9b19825d82dfd615708b70edd83df41f1" dependencies = [ "ahash 0.8.11", "allocator-api2", @@ -2556,7 +2500,7 @@ version = "0.8.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e8094feaf31ff591f651a2664fb9cfd92bba7a60ce3197265e9482ebe753c8f7" dependencies = [ - "hashbrown 0.14.3", + "hashbrown 0.14.5", ] [[package]] @@ -2826,7 +2770,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "168fb715dda47215e360912c096649d23d58bf392ac62f73919e831745e40f26" dependencies = [ "equivalent", - "hashbrown 0.14.3", + "hashbrown 0.14.5", "serde", ] @@ -2943,7 +2887,7 @@ dependencies = [ "memchr", "num-cmp", "once_cell", - "parking_lot 0.12.1", + "parking_lot 0.12.2", "percent-encoding", "regex", "reqwest", @@ -2986,9 +2930,8 @@ dependencies = [ [[package]] name = "kanidm-ipa-sync" -version = "1.2.0-dev" +version = "1.2.0" dependencies = [ - "base64urlsafedata 0.1.3", "chrono", "clap", "clap_complete", @@ -3011,9 +2954,9 @@ dependencies = [ [[package]] name = "kanidm-ldap-sync" -version = "1.2.0-dev" +version = "1.2.0" dependencies = [ - "base64urlsafedata 0.1.3", + "base64urlsafedata 0.5.0", "chrono", "clap", "clap_complete", @@ -3037,7 +2980,7 @@ dependencies = [ [[package]] name = "kanidm_build_profiles" -version = "1.2.0-dev" +version = "1.2.0" dependencies = [ "base64 0.21.7", "gix", @@ -3047,9 +2990,9 @@ dependencies = [ [[package]] name = "kanidm_client" -version = "1.2.0-dev" +version = "1.2.0" dependencies = [ - "compact_jwt 0.4.0-dev", + "compact_jwt 0.4.1", "hyper", "kanidm_lib_file_permissions", "kanidm_proto", @@ -3067,11 +3010,11 @@ dependencies = [ [[package]] name = "kanidm_lib_crypto" -version = "1.2.0-dev" +version = "1.2.0" dependencies = [ "argon2", "base64 0.21.7", - "base64urlsafedata 0.1.3", + "base64urlsafedata 0.5.0", "hex", "kanidm-hsm-crypto 0.1.6", "kanidm_proto", @@ -3086,7 +3029,7 @@ dependencies = [ [[package]] name = "kanidm_lib_file_permissions" -version = "1.2.0-dev" +version = "1.2.0" dependencies = [ "kanidm_utils_users", "whoami", @@ -3094,10 +3037,10 @@ dependencies = [ [[package]] name = "kanidm_proto" -version = "1.2.0-dev" +version = "1.2.0" dependencies = [ "base32", - "base64urlsafedata 0.1.3", + "base64urlsafedata 0.5.0", "num_enum", "scim_proto", "serde", @@ -3114,12 +3057,12 @@ dependencies = [ [[package]] name = "kanidm_tools" -version = "1.2.0-dev" +version = "1.2.0" dependencies = [ "async-recursion", "clap", "clap_complete", - "compact_jwt 0.4.0-dev", + "compact_jwt 0.4.1", "dialoguer", "futures-concurrency", "kanidm_build_profiles", @@ -3146,16 +3089,16 @@ dependencies = [ [[package]] name = "kanidm_unix_int" -version = "1.2.0-dev" +version = "1.2.0" dependencies = [ "async-trait", - "base64urlsafedata 0.1.3", + "base64urlsafedata 0.5.0", "bytes", "clap", "clap_complete", "csv", "futures", - "hashbrown 0.14.3", + "hashbrown 0.14.5", "kanidm-hsm-crypto 0.1.6", "kanidm_build_profiles", "kanidm_client", @@ -3187,14 +3130,14 @@ dependencies = [ [[package]] name = "kanidm_utils_users" -version = "1.2.0-dev" +version = "1.2.0" dependencies = [ "libc", ] [[package]] name = "kanidmd_core" -version = "1.2.0-dev" +version = "1.2.0" dependencies = [ "async-trait", "axum", @@ -3204,12 +3147,12 @@ dependencies = [ "axum-server", "bytes", "chrono", - "compact_jwt 0.4.0-dev", + "compact_jwt 0.4.1", "cron", "filetime", "futures", "futures-util", - "hashbrown 0.14.3", + "hashbrown 0.14.5", "http", "hyper", "kanidm_build_profiles", @@ -3247,19 +3190,19 @@ dependencies = [ [[package]] name = "kanidmd_lib" -version = "1.2.0-dev" +version = "1.2.0" dependencies = [ "base64 0.21.7", - "base64urlsafedata 0.1.3", + "base64urlsafedata 0.5.0", "bitflags 2.5.0", - "compact_jwt 0.4.0-dev", + "compact_jwt 0.4.1", "concread", "criterion", "dyn-clone", "enum-iterator", "fernet", "futures", - "hashbrown 0.14.3", + "hashbrown 0.14.5", "hex", "idlset", "image 0.24.9", @@ -3306,7 +3249,7 @@ dependencies = [ [[package]] name = "kanidmd_lib_macros" -version = "1.2.0-dev" +version = "1.2.0" dependencies = [ "proc-macro2", "quote", @@ -3315,10 +3258,10 @@ dependencies = [ [[package]] name = "kanidmd_testkit" -version = "1.2.0-dev" +version = "1.2.0" dependencies = [ "assert_cmd", - "compact_jwt 0.4.0-dev", + "compact_jwt 0.4.1", "escargot", "fantoccini", "futures", @@ -3353,7 +3296,7 @@ dependencies = [ [[package]] name = "kanidmd_web_ui_admin" -version = "1.2.0-dev" +version = "1.2.0" dependencies = [ "enum-iterator", "gloo", @@ -3375,7 +3318,7 @@ dependencies = [ [[package]] name = "kanidmd_web_ui_login_flows" -version = "1.2.0-dev" +version = "1.2.0" dependencies = [ "gloo", "gloo-utils 0.2.0", @@ -3396,7 +3339,7 @@ dependencies = [ [[package]] name = "kanidmd_web_ui_shared" -version = "1.2.0-dev" +version = "1.2.0" dependencies = [ "gloo", "js-sys", @@ -3415,7 +3358,7 @@ dependencies = [ [[package]] name = "kanidmd_web_ui_user" -version = "1.2.0-dev" +version = "1.2.0" dependencies = [ "enum-iterator", "gloo", @@ -3484,12 +3427,12 @@ dependencies = [ [[package]] name = "ldap3_client" -version = "0.4.4" +version = "0.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "854e3458060e43858cb5220afc6a04db414be3de41d98dc29b7f628bdb7fc02d" +checksum = "a4dc2ec605c20613bceb9ca5350d937251e89cd3ecdf001bfa3afc980c931a9c" dependencies = [ "base64 0.21.7", - "base64urlsafedata 0.1.3", + "base64urlsafedata 0.5.0", "futures-util", "ldap3_proto", "openssl", @@ -3504,9 +3447,9 @@ dependencies = [ [[package]] name = "ldap3_proto" -version = "0.4.4" +version = "0.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9a35c5ce9e52b4e5b333422203a266e4466ed8b43768c877c1d3d23bf2b4d561" +checksum = "526cebd4798661e483617adb3dd023752611eec1d72dddd27172a729ddfdc0fe" dependencies = [ "base64 0.21.7", "bytes", @@ -3522,9 +3465,9 @@ dependencies = [ [[package]] name = "libc" -version = "0.2.153" +version = "0.2.154" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9c198f91728a82281a64e1f4f9eeb25d82cb32a5de251c6bd1b5154d63a8e7bd" +checksum = "ae743338b92ff9146ce83992f766a31066a91a8c84a45e0e9f21e7cf6de6d346" [[package]] name = "libloading" @@ -3596,9 +3539,9 @@ checksum = "01cda141df6706de531b6c46c3a33ecca755538219bd484262fa09410c13539c" [[package]] name = "lock_api" -version = "0.4.11" +version = "0.4.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3c168f8615b12bc01f9c17e2eb0cc07dcae1940121185446edc3744920e8ef45" +checksum = "07af8b9cdd281b7915f413fa73f29ebd5d55d0d3f0155584dade1ff18cea1b17" dependencies = [ "autocfg", "scopeguard", @@ -3638,7 +3581,7 @@ version = "0.12.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d3262e75e648fce39813cb56ac41f3c3e3f65217ebf3844d818d1f9398cfb0dc" dependencies = [ - "hashbrown 0.14.3", + "hashbrown 0.14.5", ] [[package]] @@ -3833,13 +3776,13 @@ dependencies = [ "crossbeam-channel", "file-id", "notify", - "parking_lot 0.12.1", + "parking_lot 0.12.2", "walkdir", ] [[package]] name = "nss_kanidm" -version = "1.2.0-dev" +version = "1.2.0" dependencies = [ "kanidm_unix_int", "lazy_static", @@ -4021,7 +3964,7 @@ dependencies = [ "serde", "serde_json", "serde_path_to_error", - "sha2 0.10.8", + "sha2", "thiserror", "url", ] @@ -4065,12 +4008,6 @@ version = "11.1.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0ab1bc2a289d34bd04a330323ac98a1b4bc82c9d9fcb1e66b63caa84da26b575" -[[package]] -name = "opaque-debug" -version = "0.2.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2839e79665f131bdb5782e51f2c6c9599c133c6098982a54c794358bf432529c" - [[package]] name = "openssl" version = "0.10.64" @@ -4226,14 +4163,14 @@ checksum = "04744f49eae99ab78e0d5c0b603ab218f515ea8cfe5a456d7629ad883a3b6e7d" [[package]] name = "orca" -version = "1.2.0-dev" +version = "1.2.0" dependencies = [ "async-trait", "clap", "crossbeam", "csv", "futures-util", - "hashbrown 0.14.3", + "hashbrown 0.14.5", "kanidm_build_profiles", "kanidm_client", "kanidm_proto", @@ -4267,7 +4204,7 @@ checksum = "b15813163c1d831bf4a13c3610c05c0d03b39feb07f7e09fa234dac9b15aaf39" [[package]] name = "pam_kanidm" -version = "1.2.0-dev" +version = "1.2.0" dependencies = [ "kanidm_unix_int", "libc", @@ -4289,12 +4226,12 @@ dependencies = [ [[package]] name = "parking_lot" -version = "0.12.1" +version = "0.12.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3742b2c103b9f06bc9fff0a37ff4912935851bee6d36f3c02bcc755bcfec228f" +checksum = "7e4af0ca4f6caed20e900d564c242b8e5d4903fdacf31d3daf527b66fe6f42fb" dependencies = [ "lock_api", - "parking_lot_core 0.9.9", + "parking_lot_core 0.9.10", ] [[package]] @@ -4313,15 +4250,15 @@ dependencies = [ [[package]] name = "parking_lot_core" -version = "0.9.9" +version = "0.9.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4c42a9226546d68acdd9c0a280d17ce19bfe27a46bf68784e4066115788d008e" +checksum = "1e401f977ab385c9e4e3ab30627d6f26d00e2c73eef317493c4ec6d468726cf8" dependencies = [ "cfg-if", "libc", - "redox_syscall 0.4.1", + "redox_syscall 0.5.1", "smallvec", - "windows-targets 0.48.5", + "windows-targets 0.52.5", ] [[package]] @@ -4368,9 +4305,9 @@ checksum = "19b17cddbe7ec3f8bc800887bab5e717348c95ea2ca0b1bf0837fb964dc67099" [[package]] name = "peg" -version = "0.8.2" +version = "0.8.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "400bcab7d219c38abf8bd7cc2054eb9bbbd4312d66f6a5557d572a203f646f61" +checksum = "8a625d12ad770914cbf7eff6f9314c3ef803bfe364a1b20bc36ddf56673e71e5" dependencies = [ "peg-macros", "peg-runtime", @@ -4378,9 +4315,9 @@ dependencies = [ [[package]] name = "peg-macros" -version = "0.8.2" +version = "0.8.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "46e61cce859b76d19090f62da50a9fe92bab7c2a5f09e183763559a2ac392c90" +checksum = "f241d42067ed3ab6a4fece1db720838e1418f36d868585a27931f95d6bc03582" dependencies = [ "peg-runtime", "proc-macro2", @@ -4389,9 +4326,9 @@ dependencies = [ [[package]] name = "peg-runtime" -version = "0.8.2" +version = "0.8.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "36bae92c60fa2398ce4678b98b2c4b5a7c61099961ca1fa305aec04a9ad28922" +checksum = "e3aeb8f54c078314c2065ee649a7241f46b9d8e418e1a9581ba0546657d7aa3a" [[package]] name = "percent-encoding" @@ -4796,6 +4733,15 @@ dependencies = [ "bitflags 1.3.2", ] +[[package]] +name = "redox_syscall" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "469052894dcb553421e483e4209ee581a45100d31b4018de03e5a7ad86374a7e" +dependencies = [ + "bitflags 2.5.0", +] + [[package]] name = "redox_users" version = "0.4.5" @@ -4999,7 +4945,7 @@ version = "8.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "86f69089032567ffff4eada41c573fc43ff466c7db7c5688b2e7969584345581" dependencies = [ - "sha2 0.10.8", + "sha2", "walkdir", ] @@ -5078,11 +5024,11 @@ dependencies = [ [[package]] name = "scim_proto" -version = "0.2.1" +version = "0.2.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "38e53f2c444b72dd7410aa1cdc3c0942349262e84364dc7968dc7402525ea2ca" +checksum = "55fbcfbcbc11ff46228a2b7b6018e1f6f37499fff47851e20583862ba1d9ef3f" dependencies = [ - "base64urlsafedata 0.1.3", + "base64 0.22.1", "peg", "serde", "serde_json", @@ -5168,9 +5114,9 @@ checksum = "92d43fe69e652f3df9bdc2b85b2854a0825b86e4fb76bc44d945137d053639ca" [[package]] name = "serde" -version = "1.0.198" +version = "1.0.199" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9846a40c979031340571da2545a4e5b7c4163bdae79b301d5f86d03979451fcc" +checksum = "0c9f6e76df036c77cd94996771fb40db98187f096dd0b9af39c6c6e452ba966a" dependencies = [ "serde_derive", ] @@ -5228,9 +5174,9 @@ dependencies = [ [[package]] name = "serde_derive" -version = "1.0.198" +version = "1.0.199" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e88edab869b01783ba905e7d0153f9fc1a6505a96e4ad3018011eedb838566d9" +checksum = "11bd257a6541e141e42ca6d24ae26f7714887b47e89aa739099104c7e4d3b7fc" dependencies = [ "proc-macro2", "quote", @@ -5272,11 +5218,11 @@ dependencies = [ [[package]] name = "serde_with" -version = "3.8.0" +version = "3.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2c85f8e96d1d6857f13768fcbd895fcb06225510022a2774ed8b5150581847b0" +checksum = "0ad483d2ab0149d5a5ebcd9972a3852711e0153d863bf5a5d0391d28883c4a20" dependencies = [ - "base64 0.22.0", + "base64 0.22.1", "chrono", "hex", "indexmap 1.9.3", @@ -5290,9 +5236,9 @@ dependencies = [ [[package]] name = "serde_with_macros" -version = "3.8.0" +version = "3.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c8b3a576c4eb2924262d5951a3b737ccaf16c931e39a2810c36f9a7e25575557" +checksum = "65569b702f41443e8bc8bbb1c5779bd0450bbe723b56198980e80ec45780bce2" dependencies = [ "darling 0.20.8", "proc-macro2", @@ -5308,7 +5254,7 @@ checksum = "e3bf829a2d51ab4a5ddf1352d8470c140cadc8301b2ae1789db023f01cedd6ba" dependencies = [ "cfg-if", "cpufeatures", - "digest 0.10.7", + "digest", ] [[package]] @@ -5317,18 +5263,6 @@ version = "1.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ae1a47186c03a32177042e55dbc5fd5aee900b8e0069a8d70fba96a9375cd012" -[[package]] -name = "sha2" -version = "0.8.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a256f46ea78a0c0d9ff00077504903ac881a1dafdc20da66545699e7776b3e69" -dependencies = [ - "block-buffer 0.7.3", - "digest 0.8.1", - "fake-simd", - "opaque-debug", -] - [[package]] name = "sha2" version = "0.10.8" @@ -5337,7 +5271,7 @@ checksum = "793db75ad2bcafc3ffa7c68b215fee268f537982cd901d132f89c6343f3a3dc8" dependencies = [ "cfg-if", "cpufeatures", - "digest 0.10.7", + "digest", ] [[package]] @@ -5390,7 +5324,7 @@ dependencies = [ [[package]] name = "sketching" -version = "1.2.0-dev" +version = "1.2.0" dependencies = [ "gethostname", "num_enum", @@ -5447,9 +5381,9 @@ dependencies = [ [[package]] name = "socket2" -version = "0.5.6" +version = "0.5.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "05ffd9c0a93b7543e062e759284fcf5f5e3b098501104bfbdde4d404db792871" +checksum = "ce305eb0b4296696835b71df73eb912e0f1ffd2556a501fcede6e0c50349191c" dependencies = [ "libc", "windows-sys 0.52.0", @@ -5469,11 +5403,12 @@ checksum = "3b9b39299b249ad65f3b7e96443bad61c02ca5cd3589f46cb6d610a0fd6c0d6a" [[package]] name = "sshkey-attest" -version = "0.5.0-dev" -source = "git+https://github.com/kanidm/webauthn-rs.git?rev=24b6ad8e41e336b4b6554b6e8e171c929952bf73#24b6ad8e41e336b4b6554b6e8e171c929952bf73" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "34285eaade87ba166c4f17c0ae1e35d52659507db81888beae277e962b9e5a02" dependencies = [ "base64 0.21.7", - "base64urlsafedata 0.2.0", + "base64urlsafedata 0.5.0", "nom", "openssl", "serde", @@ -5486,13 +5421,14 @@ dependencies = [ [[package]] name = "sshkeys" -version = "0.3.2" -source = "git+https://github.com/dnaeon/rust-sshkeys.git?rev=fa5bd02dd6e90ee724fdb981253c1e7726a7f534#fa5bd02dd6e90ee724fdb981253c1e7726a7f534" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "45287473d24bf7ad9ebad1aff097ad0424c16cd9430549170c3a67c5b05705bd" dependencies = [ - "base64 0.12.3", + "base64 0.22.1", "byteorder", "serde", - "sha2 0.8.2", + "sha2", ] [[package]] @@ -6137,9 +6073,9 @@ checksum = "d4c87d22b6e3f4a18d4d40ef354e97c90fcb14dd91d7dc0aa9d8a1172ebf7202" [[package]] name = "unicode-width" -version = "0.1.11" +version = "0.1.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e51733f11c9c4f72aa0c160008246859e340b00807569a0da0e7a1079b27ba85" +checksum = "68f5e5f3158ecfd4b8ff6fe086db7c8467a2dfdac97fe420f2b7c4aa97af66d6" [[package]] name = "unicode-xid" @@ -6402,10 +6338,11 @@ dependencies = [ [[package]] name = "webauthn-attestation-ca" -version = "0.1.0" -source = "git+https://github.com/kanidm/webauthn-rs.git?rev=24b6ad8e41e336b4b6554b6e8e171c929952bf73#24b6ad8e41e336b4b6554b6e8e171c929952bf73" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9b0f2ebaf5650ca15b515a761f31ed6477fa2312491cf632a71102ac22b82784" dependencies = [ - "base64urlsafedata 0.2.0", + "base64urlsafedata 0.5.0", "openssl", "serde", "tracing", @@ -6414,14 +6351,15 @@ dependencies = [ [[package]] name = "webauthn-authenticator-rs" -version = "0.5.0-dev" -source = "git+https://github.com/kanidm/webauthn-rs.git?rev=24b6ad8e41e336b4b6554b6e8e171c929952bf73#24b6ad8e41e336b4b6554b6e8e171c929952bf73" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0c0200dacdf1e6f9e48c6d6671de3d001b0ccd30ac21df115bcc07de2ed12bef" dependencies = [ "async-stream", "async-trait", "authenticator-ctap2-2021", "base64 0.21.7", - "base64urlsafedata 0.2.0", + "base64urlsafedata 0.5.0", "bitflags 1.3.2", "futures", "hex", @@ -6447,10 +6385,11 @@ dependencies = [ [[package]] name = "webauthn-rs" -version = "0.5.0-dev" -source = "git+https://github.com/kanidm/webauthn-rs.git?rev=24b6ad8e41e336b4b6554b6e8e171c929952bf73#24b6ad8e41e336b4b6554b6e8e171c929952bf73" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fb9d7cdc9ec26e3e06f7e8ee1433e6fa3627c6c075ab3effbc3a2280c2f526c0" dependencies = [ - "base64urlsafedata 0.2.0", + "base64urlsafedata 0.5.0", "serde", "tracing", "url", @@ -6460,11 +6399,12 @@ dependencies = [ [[package]] name = "webauthn-rs-core" -version = "0.5.0-dev" -source = "git+https://github.com/kanidm/webauthn-rs.git?rev=24b6ad8e41e336b4b6554b6e8e171c929952bf73#24b6ad8e41e336b4b6554b6e8e171c929952bf73" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cf1ee1dc7f4138b8fd05a74a6eae93ddaf504c5a60861f1eb95d9de3172900b3" dependencies = [ "base64 0.21.7", - "base64urlsafedata 0.2.0", + "base64urlsafedata 0.5.0", "compact_jwt 0.2.10", "der-parser", "hex", @@ -6486,11 +6426,12 @@ dependencies = [ [[package]] name = "webauthn-rs-proto" -version = "0.5.0-dev" -source = "git+https://github.com/kanidm/webauthn-rs.git?rev=24b6ad8e41e336b4b6554b6e8e171c929952bf73#24b6ad8e41e336b4b6554b6e8e171c929952bf73" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1f1c6dc254607f48eec3bdb35b86b377202436859ca1e4c9290afafd7349dcc3" dependencies = [ "base64 0.21.7", - "base64urlsafedata 0.2.0", + "base64urlsafedata 0.5.0", "js-sys", "serde", "serde-wasm-bindgen 0.4.5", @@ -6912,9 +6853,9 @@ dependencies = [ [[package]] name = "zeroize" -version = "1.8.0" +version = "1.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "63381fa6624bf92130a6b87c0d07380116f80b565c42cf0d754136f0238359ef" +checksum = "525b4ec142c6b68a2d10f01f7bbf6755599ca3f81ea53b8431b7dd348f5fdb2d" dependencies = [ "zeroize_derive", ] diff --git a/Cargo.toml b/Cargo.toml index d79f7d3b3..3e41001b7 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -32,7 +32,7 @@ members = [ ] [workspace.package] -version = "1.2.0-pre" +version = "1.2.0" authors = [ "William Brown ", "James Hodgkinson ", @@ -61,12 +61,12 @@ repository = "https://github.com/kanidm/kanidm/" # scim_proto = { path = "../scim/proto" } # scim_proto = { git = "https://github.com/kanidm/scim.git" } -base64urlsafedata = { git = "https://github.com/kanidm/webauthn-rs.git", rev = "24b6ad8e41e336b4b6554b6e8e171c929952bf73" } -webauthn-authenticator-rs = { git = "https://github.com/kanidm/webauthn-rs.git", rev = "24b6ad8e41e336b4b6554b6e8e171c929952bf73" } -webauthn-rs = { git = "https://github.com/kanidm/webauthn-rs.git", rev = "24b6ad8e41e336b4b6554b6e8e171c929952bf73" } -webauthn-rs-core = { git = "https://github.com/kanidm/webauthn-rs.git", rev = "24b6ad8e41e336b4b6554b6e8e171c929952bf73" } -webauthn-rs-proto = { git = "https://github.com/kanidm/webauthn-rs.git", rev = "24b6ad8e41e336b4b6554b6e8e171c929952bf73" } -sshkey-attest = { git = "https://github.com/kanidm/webauthn-rs.git", rev = "24b6ad8e41e336b4b6554b6e8e171c929952bf73" } +# base64urlsafedata = { git = "https://github.com/kanidm/webauthn-rs.git", rev = "24b6ad8e41e336b4b6554b6e8e171c929952bf73" } +# webauthn-authenticator-rs = { git = "https://github.com/kanidm/webauthn-rs.git", rev = "24b6ad8e41e336b4b6554b6e8e171c929952bf73" } +# webauthn-rs = { git = "https://github.com/kanidm/webauthn-rs.git", rev = "24b6ad8e41e336b4b6554b6e8e171c929952bf73" } +# webauthn-rs-core = { git = "https://github.com/kanidm/webauthn-rs.git", rev = "24b6ad8e41e336b4b6554b6e8e171c929952bf73" } +# webauthn-rs-proto = { git = "https://github.com/kanidm/webauthn-rs.git", rev = "24b6ad8e41e336b4b6554b6e8e171c929952bf73" } +# sshkey-attest = { git = "https://github.com/kanidm/webauthn-rs.git", rev = "24b6ad8e41e336b4b6554b6e8e171c929952bf73" } # base64urlsafedata = { path = "../webauthn-rs/base64urlsafedata" } # webauthn-authenticator-rs = { path = "../webauthn-rs/webauthn-authenticator-rs" } @@ -78,19 +78,19 @@ sshkey-attest = { git = "https://github.com/kanidm/webauthn-rs.git", rev = "24b6 # kanidm-hsm-crypto = { path = "../hsm-crypto" } [workspace.dependencies] -kanidmd_core = { path = "./server/core", version = "=1.2.0-dev" } -kanidmd_lib = { path = "./server/lib", version = "=1.2.0-dev" } -kanidmd_lib_macros = { path = "./server/lib-macros", version = "=1.2.0-dev" } -kanidmd_testkit = { path = "./server/testkit", version = "=1.2.0-dev" } -kanidm_build_profiles = { path = "./libs/profiles", version = "=1.2.0-dev" } -kanidm_client = { path = "./libs/client", version = "=1.2.0-dev" } +kanidmd_core = { path = "./server/core", version = "=1.2.0" } +kanidmd_lib = { path = "./server/lib", version = "=1.2.0" } +kanidmd_lib_macros = { path = "./server/lib-macros", version = "=1.2.0" } +kanidmd_testkit = { path = "./server/testkit", version = "=1.2.0" } +kanidm_build_profiles = { path = "./libs/profiles", version = "=1.2.0" } +kanidm_client = { path = "./libs/client", version = "=1.2.0" } kanidm-hsm-crypto = "^0.1.6" -kanidm_lib_crypto = { path = "./libs/crypto", version = "=1.2.0-dev" } -kanidm_lib_file_permissions = { path = "./libs/file_permissions", version = "=1.2.0-dev" } -kanidm_proto = { path = "./proto", version = "=1.2.0-dev" } -kanidm_unix_int = { path = "./unix_integration", version = "=1.2.0-dev" } -kanidm_utils_users = { path = "./libs/users", version = "=1.2.0-dev" } -sketching = { path = "./libs/sketching", version = "=1.2.0-dev" } +kanidm_lib_crypto = { path = "./libs/crypto", version = "=1.2.0" } +kanidm_lib_file_permissions = { path = "./libs/file_permissions", version = "=1.2.0" } +kanidm_proto = { path = "./proto", version = "=1.2.0" } +kanidm_unix_int = { path = "./unix_integration", version = "=1.2.0" } +kanidm_utils_users = { path = "./libs/users", version = "=1.2.0" } +sketching = { path = "./libs/sketching", version = "=1.2.0" } serde_with = "3.7.0" argon2 = { version = "0.5.3", features = ["alloc"] } @@ -110,14 +110,14 @@ axum = { version = "0.6.20", features = [ axum-csp = { version = "0.0.5" } base32 = "^0.4.0" base64 = "^0.21.7" -base64urlsafedata = "0.1.3" +base64urlsafedata = "0.5.0" bitflags = "^2.4.2" bytes = "^1.5.0" clap = { version = "^4.5.3", features = ["derive", "env"] } clap_complete = "^4.5.1" # Forced by saffron/cron chrono = "^0.4.35" -compact_jwt = { version = "^0.4.0-dev", default-features = false } +compact_jwt = { version = "^0.4.1", default-features = false } concread = "^0.5.0" cron = "0.12.1" crossbeam = "0.8.4" @@ -151,8 +151,8 @@ js-sys = "^0.3.69" kanidmd_web_ui_shared = { path = "./server/web_ui/shared" } # REMOVE this lazy_static = "^1.4.0" -ldap3_client = "^0.4.4" -ldap3_proto = { version = "^0.4.3", features = ["serde"] } +ldap3_client = "^0.5" +ldap3_proto = { version = "^0.5", features = ["serde"] } libc = "^0.2.153" libnss = "^0.4.0" @@ -197,7 +197,7 @@ reqwest = { version = "0.11.26", default-features = false, features = [ rpassword = "^7.3.1" rusqlite = { version = "^0.28.0", features = ["array", "bundled"] } -scim_proto = "^0.2.1" +scim_proto = "^0.2.2" sd-notify = "^0.4.1" selinux = "^0.4.3" serde = "^1.0.197" @@ -207,7 +207,7 @@ serde-wasm-bindgen = "0.5" shellexpand = "^2.1.2" smartstring = "^1.0.1" smolset = "^1.3.1" -sshkey-attest = "^0.5.0-dev" +sshkey-attest = "^0.5.0" svg = "0.13.1" syn = { version = "2.0.53", features = ["full"] } tempfile = "3.10.1" @@ -239,14 +239,14 @@ wasm-bindgen = "^0.2.92" wasm-bindgen-futures = "^0.4.42" wasm-bindgen-test = "0.3.42" -webauthn-authenticator-rs = { version = "0.5.0-dev", features = [ +webauthn-authenticator-rs = { version = "0.5.0", features = [ "softpasskey", "softtoken", "mozilla", ] } -webauthn-rs = { version = "0.5.0-dev", features = ["preview-features"] } -webauthn-rs-core = "0.5.0-dev" -webauthn-rs-proto = "0.5.0-dev" +webauthn-rs = { version = "0.5.0", features = ["preview-features"] } +webauthn-rs-core = "0.5.0" +webauthn-rs-proto = "0.5.0" web-sys = "^0.3.69" whoami = "^1.5.1" diff --git a/Makefile b/Makefile index f76e7463d..6f47ac175 100644 --- a/Makefile +++ b/Makefile @@ -1,6 +1,6 @@ IMAGE_BASE ?= kanidm IMAGE_VERSION ?= devel -IMAGE_EXT_VERSION ?= 1.2.0-pre +IMAGE_EXT_VERSION ?= 1.2.0 CONTAINER_TOOL_ARGS ?= IMAGE_ARCH ?= "linux/amd64,linux/arm64" CONTAINER_BUILD_ARGS ?= diff --git a/libs/crypto/src/lib.rs b/libs/crypto/src/lib.rs index 56666356a..7ad2108f1 100644 --- a/libs/crypto/src/lib.rs +++ b/libs/crypto/src/lib.rs @@ -507,8 +507,8 @@ impl TryFrom<&ReplPasswordV1> for Password { t_cost: *t_cost, p_cost: *p_cost, version: *version, - salt: salt.0.clone(), - key: key.0.clone(), + salt: salt.to_vec(), + key: key.to_vec(), }, }), ReplPasswordV1::ARGON2ID { @@ -524,39 +524,39 @@ impl TryFrom<&ReplPasswordV1> for Password { t_cost: *t_cost, p_cost: *p_cost, version: *version, - salt: salt.0.clone(), - key: key.0.clone(), + salt: salt.to_vec(), + key: key.to_vec(), }, }), ReplPasswordV1::PBKDF2 { cost, salt, hash } => Ok(Password { - material: Kdf::PBKDF2(*cost, salt.0.clone(), hash.0.clone()), + material: Kdf::PBKDF2(*cost, salt.to_vec(), hash.to_vec()), }), ReplPasswordV1::PBKDF2_SHA1 { cost, salt, hash } => Ok(Password { - material: Kdf::PBKDF2_SHA1(*cost, salt.0.clone(), hash.0.clone()), + material: Kdf::PBKDF2_SHA1(*cost, salt.to_vec(), hash.to_vec()), }), ReplPasswordV1::PBKDF2_SHA512 { cost, salt, hash } => Ok(Password { - material: Kdf::PBKDF2_SHA512(*cost, salt.0.clone(), hash.0.clone()), + material: Kdf::PBKDF2_SHA512(*cost, salt.to_vec(), hash.to_vec()), }), ReplPasswordV1::SHA1 { hash } => Ok(Password { - material: Kdf::SHA1(hash.0.clone()), + material: Kdf::SHA1(hash.to_vec()), }), ReplPasswordV1::SSHA1 { salt, hash } => Ok(Password { - material: Kdf::SSHA1(salt.0.clone(), hash.0.clone()), + material: Kdf::SSHA1(salt.to_vec(), hash.to_vec()), }), ReplPasswordV1::SHA256 { hash } => Ok(Password { - material: Kdf::SHA256(hash.0.clone()), + material: Kdf::SHA256(hash.to_vec()), }), ReplPasswordV1::SSHA256 { salt, hash } => Ok(Password { - material: Kdf::SSHA256(salt.0.clone(), hash.0.clone()), + material: Kdf::SSHA256(salt.to_vec(), hash.to_vec()), }), ReplPasswordV1::SHA512 { hash } => Ok(Password { - material: Kdf::SHA512(hash.0.clone()), + material: Kdf::SHA512(hash.to_vec()), }), ReplPasswordV1::SSHA512 { salt, hash } => Ok(Password { - material: Kdf::SSHA512(salt.0.clone(), hash.0.clone()), + material: Kdf::SSHA512(salt.to_vec(), hash.to_vec()), }), ReplPasswordV1::NT_MD4 { hash } => Ok(Password { - material: Kdf::NT_MD4(hash.0.clone()), + material: Kdf::NT_MD4(hash.to_vec()), }), } } diff --git a/server/lib/src/credential/totp.rs b/server/lib/src/credential/totp.rs index 7f0cc90b7..01a3e7b12 100644 --- a/server/lib/src/credential/totp.rs +++ b/server/lib/src/credential/totp.rs @@ -129,7 +129,7 @@ impl TryFrom<&ReplTotpV1> for Totp { let digits = TotpDigits::try_from(value.digits)?; Ok(Totp { - secret: value.key.0.clone(), + secret: value.key.to_vec(), step: value.step, algo, digits, diff --git a/server/lib/src/idm/oauth2.rs b/server/lib/src/idm/oauth2.rs index 2db55942d..1b7a81a6e 100644 --- a/server/lib/src/idm/oauth2.rs +++ b/server/lib/src/idm/oauth2.rs @@ -1009,7 +1009,7 @@ impl<'a> IdmServerProxyWriteTransaction<'a> { hasher.update(code_verifier.as_bytes()); let code_verifier_hash: Vec = hasher.finish().to_vec(); - if code_challenge.0 != code_verifier_hash { + if code_challenge != code_verifier_hash { security_info!( "PKCE code verification failed - this may indicate malicious activity" ); @@ -2607,7 +2607,6 @@ mod tests { use std::str::FromStr; use std::time::Duration; - use base64urlsafedata::Base64UrlSafeData; use compact_jwt::{ compact::JwkUse, crypto::JwsRs256Verifier, dangernoverify::JwsDangerReleaseWithoutVerify, JwaAlg, Jwk, JwsCompact, JwsEs256Verifier, JwsVerifier, OidcSubject, OidcUnverified, @@ -2658,7 +2657,7 @@ mod tests { client_id: "test_resource_server".to_string(), state: "123".to_string(), pkce_request: Some(PkceRequest { - code_challenge: Base64UrlSafeData($code_challenge), + code_challenge: $code_challenge.into(), code_challenge_method: CodeChallengeMethod::S256, }), redirect_uri: Url::parse("https://demo.example.com/oauth2/result").unwrap(), @@ -3129,7 +3128,7 @@ mod tests { let (_code_verifier, code_challenge) = create_code_verifier!("Whar Garble"); let pkce_request = Some(PkceRequest { - code_challenge: Base64UrlSafeData(code_challenge), + code_challenge: code_challenge.into(), code_challenge_method: CodeChallengeMethod::S256, }); @@ -4851,7 +4850,7 @@ mod tests { client_id: "test_resource_server".to_string(), state: "123".to_string(), pkce_request: Some(PkceRequest { - code_challenge: Base64UrlSafeData(code_challenge), + code_challenge: code_challenge.into(), code_challenge_method: CodeChallengeMethod::S256, }), redirect_uri: Url::parse("https://demo.example.com/oauth2/result").unwrap(), @@ -4911,7 +4910,7 @@ mod tests { client_id: "test_resource_server".to_string(), state: "123".to_string(), pkce_request: Some(PkceRequest { - code_challenge: Base64UrlSafeData(code_challenge), + code_challenge: code_challenge.into(), code_challenge_method: CodeChallengeMethod::S256, }), redirect_uri: Url::parse("https://demo.example.com/oauth2/result").unwrap(), @@ -5132,7 +5131,7 @@ mod tests { client_id: "test_resource_server".to_string(), state: "123".to_string(), pkce_request: Some(PkceRequest { - code_challenge: Base64UrlSafeData(code_challenge.clone()), + code_challenge: code_challenge.clone().into(), code_challenge_method: CodeChallengeMethod::S256, }), redirect_uri: Url::parse("http://demo.example.com/oauth2/result").unwrap(), @@ -5914,7 +5913,7 @@ mod tests { client_id: "test_resource_server".to_string(), state: "123".to_string(), pkce_request: Some(PkceRequest { - code_challenge: Base64UrlSafeData(code_challenge), + code_challenge: code_challenge.into(), code_challenge_method: CodeChallengeMethod::S256, }), redirect_uri: Url::parse("http://localhost:8765/oauth2/result").unwrap(), diff --git a/server/lib/src/idm/scim.rs b/server/lib/src/idm/scim.rs index 8a945a035..5f3ef4bb8 100644 --- a/server/lib/src/idm/scim.rs +++ b/server/lib/src/idm/scim.rs @@ -1,6 +1,6 @@ use std::time::Duration; -use base64urlsafedata::Base64UrlSafeData; +use base64::{engine::general_purpose::STANDARD, Engine as _}; use compact_jwt::{Jws, JwsCompact, JwsEs256Signer, JwsSigner}; use kanidm_proto::internal::{ApiTokenPurpose, ScimSyncToken}; @@ -590,7 +590,7 @@ impl<'a> IdmServerProxyWriteTransaction<'a> { } (ScimSyncState::Active { cookie }, Some(sync_cookie)) => { // Check cookies. - if cookie.0 != sync_cookie { + if cookie != sync_cookie { // Invalid error!( "Invalid Sync State - Active, but agreement has divegent external cookie." @@ -933,8 +933,7 @@ impl<'a> IdmServerProxyWriteTransaction<'a> { }) .and_then(|secret| match secret { ScimSimpleAttr::String(value) => { - Base64UrlSafeData::try_from(value.as_str()) - .map(|b| b.into()) + STANDARD.decode(value.as_str()) .map_err(|_| { error!("Invalid secret attribute - must be base64 string"); OperationError::InvalidAttribute(format!( @@ -1482,7 +1481,7 @@ impl<'a> IdmServerProxyWriteTransaction<'a> { let modlist = match to_state { ScimSyncState::Active { cookie } => ModifyList::new_purge_and_set( Attribute::SyncCookie, - Value::PrivateBinary(cookie.0.clone()), + Value::PrivateBinary(cookie.to_vec()), ), ScimSyncState::Refresh => ModifyList::new_purge(Attribute::SyncCookie), }; @@ -1532,7 +1531,7 @@ impl<'a> IdmServerProxyReadTransaction<'a> { Ok( match sync_entry.get_ava_single_private_binary(Attribute::SyncCookie) { Some(b) => ScimSyncState::Active { - cookie: Base64UrlSafeData(b.to_vec()), + cookie: b.to_vec().into(), }, None => ScimSyncState::Refresh, }, @@ -1546,7 +1545,6 @@ mod tests { use crate::prelude::*; use crate::server::keys::KeyProvidersTransaction; use crate::value::KeyStatus; - use base64urlsafedata::Base64UrlSafeData; use compact_jwt::traits::JwsVerifiable; use compact_jwt::{Jws, JwsCompact, JwsEs256Signer, JwsSigner}; use kanidm_proto::internal::ApiTokenPurpose; @@ -1911,7 +1909,7 @@ mod tests { let changes = ScimSyncRequest { from_state: ScimSyncState::Active { - cookie: Base64UrlSafeData(vec![1, 2, 3, 4]), + cookie: vec![1, 2, 3, 4].into(), }, to_state: ScimSyncState::Refresh, entries: Vec::default(), @@ -1940,7 +1938,7 @@ mod tests { let changes = ScimSyncRequest { from_state: ScimSyncState::Refresh, to_state: ScimSyncState::Active { - cookie: Base64UrlSafeData(vec![1, 2, 3, 4]), + cookie: vec![1, 2, 3, 4].into(), }, entries: vec![ScimEntry { schemas: vec![SCIM_SCHEMA_SYNC_PERSON.to_string()], @@ -2008,7 +2006,7 @@ mod tests { let changes = ScimSyncRequest { from_state: ScimSyncState::Refresh, to_state: ScimSyncState::Active { - cookie: Base64UrlSafeData(vec![1, 2, 3, 4]), + cookie: vec![1, 2, 3, 4].into(), }, entries: vec![ScimEntry { schemas: vec![SCIM_SCHEMA_SYNC_PERSON.to_string()], @@ -2048,7 +2046,7 @@ mod tests { let changes = ScimSyncRequest { from_state: ScimSyncState::Refresh, to_state: ScimSyncState::Active { - cookie: Base64UrlSafeData(vec![1, 2, 3, 4]), + cookie: vec![1, 2, 3, 4].into(), }, entries, retain: ScimSyncRetentionMode::Ignore, @@ -2251,7 +2249,7 @@ mod tests { let changes = ScimSyncRequest { from_state: ScimSyncState::Refresh, to_state: ScimSyncState::Active { - cookie: Base64UrlSafeData(vec![1, 2, 3, 4]), + cookie: vec![1, 2, 3, 4].into(), }, entries: vec![ScimEntry { schemas: vec![SCIM_SCHEMA_SYNC_GROUP.to_string()], @@ -2275,10 +2273,10 @@ mod tests { let changes = ScimSyncRequest { from_state: ScimSyncState::Active { - cookie: Base64UrlSafeData(vec![1, 2, 3, 4]), + cookie: vec![1, 2, 3, 4].into(), }, to_state: ScimSyncState::Active { - cookie: Base64UrlSafeData(vec![2, 3, 4, 5]), + cookie: vec![2, 3, 4, 5].into(), }, entries: vec![], retain: ScimSyncRetentionMode::Delete(vec![user_sync_uuid]), @@ -2318,7 +2316,7 @@ mod tests { let changes = ScimSyncRequest { from_state: ScimSyncState::Refresh, to_state: ScimSyncState::Active { - cookie: Base64UrlSafeData(vec![1, 2, 3, 4]), + cookie: vec![1, 2, 3, 4].into(), }, // Doesn't exist. If it does, then bless rng. entries: Vec::default(), @@ -2357,7 +2355,7 @@ mod tests { let changes = ScimSyncRequest { from_state: ScimSyncState::Refresh, to_state: ScimSyncState::Active { - cookie: Base64UrlSafeData(vec![1, 2, 3, 4]), + cookie: vec![1, 2, 3, 4].into(), }, // Doesn't exist. If it does, then bless rng. entries: Vec::default(), @@ -2399,7 +2397,7 @@ mod tests { let changes = ScimSyncRequest { from_state: ScimSyncState::Refresh, to_state: ScimSyncState::Active { - cookie: Base64UrlSafeData(vec![1, 2, 3, 4]), + cookie: vec![1, 2, 3, 4].into(), }, // Doesn't exist. If it does, then bless rng. entries: Vec::default(), @@ -2434,7 +2432,7 @@ mod tests { let changes = ScimSyncRequest { from_state: ScimSyncState::Refresh, to_state: ScimSyncState::Active { - cookie: Base64UrlSafeData(vec![1, 2, 3, 4]), + cookie: vec![1, 2, 3, 4].into(), }, entries: vec![ ScimEntry { @@ -2470,10 +2468,10 @@ mod tests { let changes = ScimSyncRequest { from_state: ScimSyncState::Active { - cookie: Base64UrlSafeData(vec![1, 2, 3, 4]), + cookie: vec![1, 2, 3, 4].into(), }, to_state: ScimSyncState::Active { - cookie: Base64UrlSafeData(vec![2, 3, 4, 5]), + cookie: vec![2, 3, 4, 5].into(), }, entries: vec![], retain: ScimSyncRetentionMode::Retain(vec![sync_uuid_a]), @@ -2518,7 +2516,7 @@ mod tests { let changes = ScimSyncRequest { from_state: ScimSyncState::Refresh, to_state: ScimSyncState::Active { - cookie: Base64UrlSafeData(vec![1, 2, 3, 4]), + cookie: vec![1, 2, 3, 4].into(), }, entries: vec![ ScimEntry { @@ -2554,10 +2552,10 @@ mod tests { let changes = ScimSyncRequest { from_state: ScimSyncState::Active { - cookie: Base64UrlSafeData(vec![1, 2, 3, 4]), + cookie: vec![1, 2, 3, 4].into(), }, to_state: ScimSyncState::Active { - cookie: Base64UrlSafeData(vec![2, 3, 4, 5]), + cookie: vec![2, 3, 4, 5].into(), }, entries: vec![], retain: ScimSyncRetentionMode::Retain(vec![]), @@ -2616,7 +2614,7 @@ mod tests { let changes = ScimSyncRequest { from_state: ScimSyncState::Refresh, to_state: ScimSyncState::Active { - cookie: Base64UrlSafeData(vec![1, 2, 3, 4]), + cookie: vec![1, 2, 3, 4].into(), }, entries: vec![ScimEntry { schemas: vec![SCIM_SCHEMA_SYNC_GROUP.to_string()], @@ -2640,10 +2638,10 @@ mod tests { let changes = ScimSyncRequest { from_state: ScimSyncState::Active { - cookie: Base64UrlSafeData(vec![1, 2, 3, 4]), + cookie: vec![1, 2, 3, 4].into(), }, to_state: ScimSyncState::Active { - cookie: Base64UrlSafeData(vec![2, 3, 4, 5]), + cookie: vec![2, 3, 4, 5].into(), }, entries: vec![], retain: ScimSyncRetentionMode::Retain(vec![sync_uuid_a]), @@ -2678,7 +2676,7 @@ mod tests { let changes = ScimSyncRequest { from_state: ScimSyncState::Refresh, to_state: ScimSyncState::Active { - cookie: Base64UrlSafeData(vec![1, 2, 3, 4]), + cookie: vec![1, 2, 3, 4].into(), }, entries: Vec::default(), retain: ScimSyncRetentionMode::Ignore, @@ -2693,10 +2691,10 @@ mod tests { let changes = ScimSyncRequest { from_state: ScimSyncState::Active { - cookie: Base64UrlSafeData(vec![1, 2, 3, 4]), + cookie: vec![1, 2, 3, 4].into(), }, to_state: ScimSyncState::Active { - cookie: Base64UrlSafeData(vec![2, 3, 4, 5]), + cookie: vec![2, 3, 4, 5].into(), }, entries: vec![], retain: ScimSyncRetentionMode::Ignore, diff --git a/server/lib/src/valueset/binary.rs b/server/lib/src/valueset/binary.rs index 5eccec4b0..a81fd9c4e 100644 --- a/server/lib/src/valueset/binary.rs +++ b/server/lib/src/valueset/binary.rs @@ -31,7 +31,7 @@ impl ValueSetPrivateBinary { } pub fn from_repl_v1(data: &[Base64UrlSafeData]) -> Result { - let set = data.iter().map(|b| b.0.clone()).collect(); + let set = data.iter().map(|b| b.to_vec()).collect(); Ok(Box::new(ValueSetPrivateBinary { set })) } @@ -182,7 +182,7 @@ impl ValueSetPublicBinary { } pub fn from_repl_v1(data: &[(String, Base64UrlSafeData)]) -> Result { - let map = data.iter().map(|(k, v)| (k.clone(), v.0.clone())).collect(); + let map = data.iter().map(|(k, v)| (k.clone(), v.to_vec())).collect(); Ok(Box::new(ValueSetPublicBinary { map })) } diff --git a/server/lib/src/valueset/jws.rs b/server/lib/src/valueset/jws.rs index 2c3233b52..5672b3cce 100644 --- a/server/lib/src/valueset/jws.rs +++ b/server/lib/src/valueset/jws.rs @@ -40,7 +40,7 @@ impl ValueSetJwsKeyEs256 { let set = data .iter() .map(|b| { - JwsEs256Signer::from_es256_der(b.0.as_slice()).map_err(|e| { + JwsEs256Signer::from_es256_der(b.as_slice()).map_err(|e| { debug!(?e, "Error occurred parsing ES256 DER"); OperationError::InvalidValueState }) @@ -229,7 +229,7 @@ impl ValueSetJwsKeyRs256 { let set = data .iter() .map(|b| { - JwsRs256Signer::from_rs256_der(b.0.as_slice()).map_err(|e| { + JwsRs256Signer::from_rs256_der(b.as_slice()).map_err(|e| { debug!(?e, "Error occurred parsing RS256 DER"); OperationError::InvalidValueState }) diff --git a/tools/iam_migrations/freeipa/Cargo.toml b/tools/iam_migrations/freeipa/Cargo.toml index f9d9a0ff1..1a89b86a7 100644 --- a/tools/iam_migrations/freeipa/Cargo.toml +++ b/tools/iam_migrations/freeipa/Cargo.toml @@ -12,7 +12,6 @@ homepage = { workspace = true } repository = { workspace = true } [dependencies] -base64urlsafedata = { workspace = true } clap = { workspace = true, features = ["derive", "env"] } chrono = { workspace = true } cron = { workspace = true } diff --git a/tools/iam_migrations/freeipa/src/main.rs b/tools/iam_migrations/freeipa/src/main.rs index cdc03aa9f..85d07cefa 100644 --- a/tools/iam_migrations/freeipa/src/main.rs +++ b/tools/iam_migrations/freeipa/src/main.rs @@ -19,7 +19,6 @@ mod error; use crate::config::{Config, EntryConfig}; use crate::error::SyncError; -use base64urlsafedata::Base64UrlSafeData; use chrono::Utc; use clap::Parser; use cron::Schedule; @@ -354,7 +353,7 @@ async fn run_sync( let cookie = match &scim_sync_status { ScimSyncState::Refresh => None, - ScimSyncState::Active { cookie } => Some(cookie.0.clone()), + ScimSyncState::Active { cookie } => Some(cookie.to_vec()), }; let is_initialise = cookie.is_none(); @@ -1025,13 +1024,8 @@ fn ipa_to_totp(sync_entry: &LdapSyncReplEntry) -> Option { .entry .attrs .get("ipatokenotpkey") - .and_then(|v| v.first()) - .and_then(|s| { - // Decode, and then make it urlsafe. - Base64UrlSafeData::try_from(s.as_str()) - .ok() - .map(|b| b.to_string()) - }) + .and_then(|v| v.first().cloned()) + // This is a base64 string at this point .or_else(|| { warn!("Invalid ipatokenotpkey"); None diff --git a/tools/iam_migrations/ldap/src/main.rs b/tools/iam_migrations/ldap/src/main.rs index 4b62ed283..3018d0a5d 100644 --- a/tools/iam_migrations/ldap/src/main.rs +++ b/tools/iam_migrations/ldap/src/main.rs @@ -315,7 +315,7 @@ async fn run_sync( let cookie = match &scim_sync_status { ScimSyncState::Refresh => None, - ScimSyncState::Active { cookie } => Some(cookie.0.clone()), + ScimSyncState::Active { cookie } => Some(cookie.to_vec()), }; let filter = sync_config.ldap_filter.clone();