mart-w/kanidm
1
0
Fork 0
mirror of https://github.com/kanidm/kanidm.git synced 2025-02-23 12:37:00 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

Time travelling (#1648)

Browse source 
* yeet the time package into the future (updating min time version to 0.3.21)
* CI change to catch web ui builds in future, updating SCIM requirements
* removing allow deprecated flag
* making references to rfc3339 formatter shorter
* clippyisms
* fmt
This commit is contained in:
James Hodgkinson 2023-05-25 08:25:16 +10:00 committed by GitHub
parent 16bcd953ee
commit fcab605320
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
27 changed files with 647 additions and 622 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.github/workflows/wasm_test.yml vendored
View file

@ -44,5 +44,6 @@ jobs:
# docs here: # docs here:
# https://rustwasm.github.io/docs/wasm-bindgen/wasm-bindgen-test/browsers.html # https://rustwasm.github.io/docs/wasm-bindgen/wasm-bindgen-test/browsers.html
- run: make webui
- run: wasm-pack test --headless --chrome - run: wasm-pack test --headless --chrome
continue-on-error: true continue-on-error: true

316
Cargo.lock generated
View file

@ -73,6 +73,17 @@ dependencies = [
"version_check", "version_check",
] ]
[[package]]
name = "ahash"
version = "0.8.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2c99f64d1e06488f620f932677e24bc6e2897582980441ae90a671415bd7ec2f"
dependencies = [
"cfg-if 1.0.0",
"once_cell",
"version_check",
]
[[package]] [[package]]
name = "aho-corasick" name = "aho-corasick"
version = "1.0.1" version = "1.0.1"
@ -99,9 +110,9 @@ checksum = "4b46cbb362ab8752921c97e041f5e366ee6297bd428a31275b9fcf1e380f7299"
[[package]] [[package]]
name = "anyhow" name = "anyhow"
version = "1.0.70" version = "1.0.71"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7de8ce5e0f9f8d88245311066a578d72b7af3e7088f32783804676302df237e4" checksum = "9c7d0618f0e0b7e8ff11427422b64564d5fb0be1940354bfe2e0529b18a9d9b8"
[[package]] [[package]]
name = "anymap2" name = "anymap2"
@ -134,7 +145,7 @@ dependencies = [
"num-traits", "num-traits",
"rusticata-macros", "rusticata-macros",
"thiserror", "thiserror",
"time 0.3.20", "time 0.3.21",
] ]
[[package]] [[package]]
@ -590,9 +601,9 @@ checksum = "cfa8873f51c92e232f9bac4065cddef41b714152812bfc5f7672ba16d6ef8cd9"
[[package]] [[package]]
name = "bumpalo" name = "bumpalo"
version = "3.12.0" version = "3.12.2"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0d261e256854913907f67ed06efbc3338dfe6179796deefc1ff763fc1aee5535" checksum = "3c6ed94e98ecff0c12dd1b04c15ec0d7d9458ca8fe806cea6f12954efe74c63b"
[[package]] [[package]]
name = "byte-tools" name = "byte-tools"
@ -669,9 +680,9 @@ dependencies = [
[[package]] [[package]]
name = "ciborium" name = "ciborium"
version = "0.2.0" version = "0.2.1"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b0c137568cc60b904a7724001b35ce2630fd00d5d84805fbb608ab89509d788f" checksum = "effd91f6c78e5a4ace8a5d3c0b6bfaec9e2baaef55f3efc00e45fb2e477ee926"
dependencies = [ dependencies = [
"ciborium-io", "ciborium-io",
"ciborium-ll", "ciborium-ll",
@ -680,15 +691,15 @@ dependencies = [
[[package]] [[package]]
name = "ciborium-io" name = "ciborium-io"
version = "0.2.0" version = "0.2.1"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "346de753af073cc87b52b2083a506b38ac176a44cfb05497b622e27be899b369" checksum = "cdf919175532b369853f5d5e20b26b43112613fd6fe7aee757e35f7a44642656"
[[package]] [[package]]
name = "ciborium-ll" name = "ciborium-ll"
version = "0.2.0" version = "0.2.1"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "213030a2b5a4e0c0892b6652260cf6ccac84827b83a85a534e178e3906c4cf1b" checksum = "defaa24ecc093c77630e6c15e17c51f5e187bf35ee514f4e2d67baaa96dae22b"
dependencies = [ dependencies = [
"ciborium-io", "ciborium-io",
"half", "half",
@ -751,16 +762,6 @@ dependencies = [
"os_str_bytes", "os_str_bytes",
] ]
[[package]]
name = "codespan-reporting"
version = "0.11.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3538270d33cc669650c4b093848450d380def10c331d38c768e34cac80576e6e"
dependencies = [
"termcolor",
"unicode-width",
]
[[package]] [[package]]
name = "color_quant" name = "color_quant"
version = "1.1.0" version = "1.1.0"
@ -790,7 +791,7 @@ version = "0.4.1"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5d3d825450e64aece76bdcf5c6d115c454ebb284c892da3e4cc7ff1e62e72069" checksum = "5d3d825450e64aece76bdcf5c6d115c454ebb284c892da3e4cc7ff1e62e72069"
dependencies = [ dependencies = [
"ahash", "ahash 0.7.6",
"crossbeam-epoch", "crossbeam-epoch",
"crossbeam-queue", "crossbeam-queue",
"crossbeam-utils", "crossbeam-utils",
@ -812,15 +813,15 @@ dependencies = [
[[package]] [[package]]
name = "console" name = "console"
version = "0.15.5" version = "0.15.7"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c3d79fbe8970a77e3e34151cc13d3b3e248aa0faaecb9f6091fa07ebefe5ad60" checksum = "c926e00cc70edefdc64d3a5ff31cc65bb97a3460097762bd23afb4d8145fccf8"
dependencies = [ dependencies = [
"encode_unicode", "encode_unicode",
"lazy_static", "lazy_static",
"libc", "libc",
"unicode-width", "unicode-width",
"windows-sys 0.42.0", "windows-sys 0.45.0",
] ]
[[package]] [[package]]
@ -869,7 +870,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e859cd57d0710d9e06c381b550c06e76992472a8c6d527aecd2fc673dcc231fb" checksum = "e859cd57d0710d9e06c381b550c06e76992472a8c6d527aecd2fc673dcc231fb"
dependencies = [ dependencies = [
"percent-encoding", "percent-encoding",
"time 0.3.20", "time 0.3.21",
"version_check", "version_check",
] ]
@ -885,7 +886,7 @@ dependencies = [
"publicsuffix", "publicsuffix",
"serde", "serde",
"serde_json", "serde_json",
"time 0.3.20", "time 0.3.21",
"url", "url",
] ]
@ -907,9 +908,9 @@ checksum = "e496a50fda8aacccc86d7529e2c1e0892dbd0f898a6b5645b5561b89c3210efa"
[[package]] [[package]]
name = "cpufeatures" name = "cpufeatures"
version = "0.2.6" version = "0.2.7"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "280a9f2d8b3a38871a3c8a46fb80db65e5e5ed97da80c4d08bf27fb63e35e181" checksum = "3e4c1eaa2012c47becbbad2ab175484c2a84d1185b566fb2cc5b8707343dfe58"
dependencies = [ dependencies = [
"libc", "libc",
] ]
@ -1113,50 +1114,6 @@ dependencies = [
"cipher", "cipher",
] ]
[[package]]
name = "cxx"
version = "1.0.94"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f61f1b6389c3fe1c316bf8a4dccc90a38208354b330925bce1f74a6c4756eb93"
dependencies = [
"cc",
"cxxbridge-flags",
"cxxbridge-macro",
"link-cplusplus",
]
[[package]]
name = "cxx-build"
version = "1.0.94"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "12cee708e8962df2aeb38f594aae5d827c022b6460ac71a7a3e2c3c2aae5a07b"
dependencies = [
"cc",
"codespan-reporting",
"once_cell",
"proc-macro2",
"quote",
"scratch",
"syn 2.0.16",
]
[[package]]
name = "cxxbridge-flags"
version = "1.0.94"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7944172ae7e4068c533afbb984114a56c46e9ccddda550499caa222902c7f7bb"
[[package]]
name = "cxxbridge-macro"
version = "1.0.94"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2345488264226bf682893e25de0769f3360aac9957980ec49361b083ddaa5bc5"
dependencies = [
"proc-macro2",
"quote",
"syn 2.0.16",
]
[[package]] [[package]]
name = "daemon" name = "daemon"
version = "1.1.0-beta.13" version = "1.1.0-beta.13"
@ -1215,9 +1172,9 @@ dependencies = [
[[package]] [[package]]
name = "data-encoding" name = "data-encoding"
version = "2.3.3" version = "2.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "23d8666cb01533c39dde32bcbab8e227b4ed6679b2c925eba05feabea39508fb" checksum = "c2e66c9d817f1720209181c316d28635c050fa304f9c79e47a520882661b7308"
[[package]] [[package]]
name = "der-parser" name = "der-parser"
@ -1306,9 +1263,9 @@ dependencies = [
[[package]] [[package]]
name = "digest" name = "digest"
version = "0.10.6" version = "0.10.7"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8168378f4e5023e7218c89c891c0fd8ecdb5e5e4f18cb78f38cf245dd021e76f" checksum = "9ed9a281f7bc9b7576e61468ba615a66a5c8cfdff42420a70aa82701a3b1e292"
dependencies = [ dependencies = [
"block-buffer 0.10.4", "block-buffer 0.10.4",
"crypto-common", "crypto-common",
@ -1342,13 +1299,13 @@ checksum = "212d0f5754cb6769937f4501cc0e67f4f4483c8d2c3e1e922ee9edbe4ab4c7c0"
[[package]] [[package]]
name = "displaydoc" name = "displaydoc"
version = "0.2.3" version = "0.2.4"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3bf95dc3f046b9da4f2d51833c0d3547d8564ef6910f5c1ed130306a75b92886" checksum = "487585f4d0c6655fe74905e2504d8ad6908e4db67f744eb140876906c2f3175d"
dependencies = [ dependencies = [
"proc-macro2", "proc-macro2",
"quote", "quote",
"syn 1.0.109", "syn 2.0.16",
] ]
[[package]] [[package]]
@ -1494,9 +1451,9 @@ dependencies = [
[[package]] [[package]]
name = "flate2" name = "flate2"
version = "1.0.25" version = "1.0.26"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a8a2db397cb1c8772f31494cb8917e48cd1e64f0fa7efac59fbd741a0a8ce841" checksum = "3b9429470923de8e8cbd4d2dc513535400b4b3fef0319fb5c4e1f520a7bef743"
dependencies = [ dependencies = [
"crc32fast", "crc32fast",
"miniz_oxide", "miniz_oxide",
@ -1895,9 +1852,9 @@ dependencies = [
[[package]] [[package]]
name = "h2" name = "h2"
version = "0.3.18" version = "0.3.19"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "17f8a914c2987b688368b5138aa05321db91f4090cf26118185672ad588bce21" checksum = "d357c7ae988e7d2182f7d7871d0b963962420b0678b0997ce7de72001aeab782"
dependencies = [ dependencies = [
"bytes", "bytes",
"fnv", "fnv",
@ -1924,17 +1881,26 @@ version = "0.12.3"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8a9ee70c43aaf417c914396645a0fa852624801b24ebb7ae78fe8272889ac888" checksum = "8a9ee70c43aaf417c914396645a0fa852624801b24ebb7ae78fe8272889ac888"
dependencies = [ dependencies = [
"ahash", "ahash 0.7.6",
"serde", "serde",
] ]
[[package]] [[package]]
name = "hashlink" name = "hashbrown"
version = "0.8.1" version = "0.13.2"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "69fe1fcf8b4278d860ad0548329f892a3631fb63f82574df68275f34cdbe0ffa" checksum = "43a3c133739dddd0d2990f9a4bdf8eb4b21ef50e4851ca85ab661199821d510e"
dependencies = [ dependencies = [
"hashbrown", "ahash 0.8.3",
]
[[package]]
name = "hashlink"
version = "0.8.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0761a1b9491c4f2e3d66aa0f62d0fba0af9a0e2852e4d48ea506632a4b56e6aa"
dependencies = [
"hashbrown 0.13.2",
] ]
[[package]] [[package]]
@ -2124,12 +2090,11 @@ dependencies = [
[[package]] [[package]]
name = "iana-time-zone-haiku" name = "iana-time-zone-haiku"
version = "0.1.1" version = "0.1.2"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0703ae284fc167426161c2e3f1da3ea71d94b21bedbcc9494e92b28e334e3dca" checksum = "f31827a206f56af32e590ba56d5d2d085f558508192593743f16b2306495269f"
dependencies = [ dependencies = [
"cxx", "cc",
"cxx-build",
] ]
[[package]] [[package]]
@ -2200,7 +2165,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bd070e393353796e801d209ad339e89596eb4c8d430d18ede6a1cced8fafbd99" checksum = "bd070e393353796e801d209ad339e89596eb4c8d430d18ede6a1cced8fafbd99"
dependencies = [ dependencies = [
"autocfg", "autocfg",
"hashbrown", "hashbrown 0.12.3",
] ]
[[package]] [[package]]
@ -2300,7 +2265,7 @@ dependencies = [
"reqwest", "reqwest",
"serde", "serde",
"serde_json", "serde_json",
"time 0.2.27", "time 0.3.21",
"tokio", "tokio",
"toml", "toml",
"tracing", "tracing",
@ -2344,7 +2309,7 @@ dependencies = [
"scim_proto", "scim_proto",
"serde", "serde",
"serde_json", "serde_json",
"time 0.2.27", "time 0.3.21",
"tracing", "tracing",
"url", "url",
"urlencoding", "urlencoding",
@ -2369,7 +2334,7 @@ dependencies = [
"serde", "serde",
"serde_json", "serde_json",
"shellexpand", "shellexpand",
"time 0.2.27", "time 0.3.21",
"tokio", "tokio",
"tracing", "tracing",
"tracing-subscriber", "tracing-subscriber",
@ -2436,7 +2401,7 @@ dependencies = [
"tide", "tide",
"tide-compress", "tide-compress",
"tide-openssl", "tide-openssl",
"time 0.2.27", "time 0.3.21",
"tokio", "tokio",
"tokio-openssl", "tokio-openssl",
"tokio-util", "tokio-util",
@ -2460,7 +2425,7 @@ dependencies = [
"filetime", "filetime",
"futures", "futures",
"futures-util", "futures-util",
"hashbrown", "hashbrown 0.12.3",
"idlset", "idlset",
"kanidm_lib_crypto", "kanidm_lib_crypto",
"kanidm_proto", "kanidm_proto",
@ -2487,7 +2452,7 @@ dependencies = [
"smolset", "smolset",
"sshkeys", "sshkeys",
"tide", "tide",
"time 0.2.27", "time 0.3.21",
"tokio", "tokio",
"tokio-util", "tokio-util",
"toml", "toml",
@ -2529,7 +2494,7 @@ dependencies = [
"serde_json", "serde_json",
"sketching", "sketching",
"testkit-macros", "testkit-macros",
"time 0.2.27", "time 0.3.21",
"tokio", "tokio",
"tracing", "tracing",
"url", "url",
@ -2549,7 +2514,7 @@ dependencies = [
"serde", "serde",
"serde-wasm-bindgen", "serde-wasm-bindgen",
"serde_json", "serde_json",
"time 0.2.27", "time 0.3.21",
"url", "url",
"uuid", "uuid",
"wasm-bindgen", "wasm-bindgen",
@ -2707,9 +2672,9 @@ dependencies = [
[[package]] [[package]]
name = "libz-sys" name = "libz-sys"
version = "1.1.8" version = "1.1.9"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9702761c3935f8cc2f101793272e202c72b99da8f4224a19ddcf1279a6450bbf" checksum = "56ee889ecc9568871456d42f603d6a0ce59ff328d291063a45cbdf0036baf6db"
dependencies = [ dependencies = [
"cc", "cc",
"libc", "libc",
@ -2717,20 +2682,11 @@ dependencies = [
"vcpkg", "vcpkg",
] ]
[[package]]
name = "link-cplusplus"
version = "1.0.8"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ecd207c9c713c34f95a097a5b029ac2ce6010530c7b49d7fea24d977dede04f5"
dependencies = [
"cc",
]
[[package]] [[package]]
name = "linux-raw-sys" name = "linux-raw-sys"
version = "0.3.3" version = "0.3.8"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9b085a4f2cde5781fc4b1717f2e86c62f5cda49de7ba99a7c2eae02b61c9064c" checksum = "ef53942eb7bf7ff43a617b3e2c1c4a5ecf5944a7c1bc12d7ee39bbb15e5c1519"
[[package]] [[package]]
name = "lock_api" name = "lock_api"
@ -2759,7 +2715,7 @@ version = "0.7.8"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e999beba7b6e8345721bd280141ed958096a2e4abdf74f67ff4ce49b4b54e47a" checksum = "e999beba7b6e8345721bd280141ed958096a2e4abdf74f67ff4ce49b4b54e47a"
dependencies = [ dependencies = [
"hashbrown", "hashbrown 0.12.3",
] ]
[[package]] [[package]]
@ -2768,7 +2724,7 @@ version = "0.8.1"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b6e8aaa3f231bb4bd57b84b2d5dc3ae7f350265df8aa96492e0bc394a1571909" checksum = "b6e8aaa3f231bb4bd57b84b2d5dc3ae7f350265df8aa96492e0bc394a1571909"
dependencies = [ dependencies = [
"hashbrown", "hashbrown 0.12.3",
] ]
[[package]] [[package]]
@ -2833,9 +2789,9 @@ checksum = "68354c5c6bd36d73ff3feceb05efa59b6acb7626617f4962be322a825e61f79a"
[[package]] [[package]]
name = "miniz_oxide" name = "miniz_oxide"
version = "0.6.2" version = "0.7.1"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b275950c28b37e794e8c55d88aeb5e139d0ce23fdbbeda68f8d7174abdf9e8fa" checksum = "e7810e0be55b428ada41041c41f32c9f1a42817901b4ccf45fa3d4b6561e74c7"
dependencies = [ dependencies = [
"adler", "adler",
] ]
@ -2994,10 +2950,19 @@ dependencies = [
] ]
[[package]] [[package]]
name = "oauth2" name = "num_threads"
version = "4.3.0" version = "0.1.6"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "eeaf26a72311c087f8c5ba617c96fac67a5c04f430e716ac8d8ab2de62e23368" checksum = "2819ce041d2ee131036f4fc9d6ae7ae125a3a40e97ba64d04fe799ad9dabbb44"
dependencies = [
"libc",
]
[[package]]
name = "oauth2"
version = "4.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "50df55a3cc0374df91ef8da8741542d9e0b9e6581481ed1cffe84f64d2f5fc3d"
dependencies = [ dependencies = [
"base64 0.13.1", "base64 0.13.1",
"chrono", "chrono",
@ -3227,22 +3192,22 @@ checksum = "478c572c3d73181ff3c2539045f6eb99e5491218eae919370993b890cdbdd98e"
[[package]] [[package]]
name = "pin-project" name = "pin-project"
version = "1.0.12" version = "1.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ad29a609b6bcd67fee905812e544992d216af9d755757c05ed2d0e15a74c6ecc" checksum = "c95a7476719eab1e366eaf73d0260af3021184f18177925b07f54b30089ceead"
dependencies = [ dependencies = [
"pin-project-internal", "pin-project-internal",
] ]
[[package]] [[package]]
name = "pin-project-internal" name = "pin-project-internal"
version = "1.0.12" version = "1.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "069bdb1e05adc7a8990dce9cc75370895fbe4e3d58b9b73bf1aee56359344a55" checksum = "39407670928234ebc5e6e580247dd567ad73a3578460c5990f9503df207e8f07"
dependencies = [ dependencies = [
"proc-macro2", "proc-macro2",
"quote", "quote",
"syn 1.0.109", "syn 2.0.16",
] ]
[[package]] [[package]]
@ -3310,9 +3275,9 @@ dependencies = [
[[package]] [[package]]
name = "polling" name = "polling"
version = "2.7.0" version = "2.8.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4be1c66a6add46bff50935c313dae30a5030cf8385c5206e8a95e9e9def974aa" checksum = "4b2d323e8ca7996b3e23126511a523f7e62924d93ecd5ae73b333815b0eb3dce"
dependencies = [ dependencies = [
"autocfg", "autocfg",
"bitflags", "bitflags",
@ -3766,9 +3731,9 @@ dependencies = [
[[package]] [[package]]
name = "rustix" name = "rustix"
version = "0.37.12" version = "0.37.19"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "722529a737f5a942fdbac3a46cee213053196737c5eaa3386d52e85b786f2659" checksum = "acf8729d8542766f1b2cf77eb034d52f40d375bb8b615d0b147089946e16613d"
dependencies = [ dependencies = [
"bitflags", "bitflags",
"errno", "errno",
@ -3819,15 +3784,15 @@ dependencies = [
[[package]] [[package]]
name = "scim_proto" name = "scim_proto"
version = "0.1.1" version = "0.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e5abc672c8241e5bd368c0a73bf24727e98b0000a8636a44b8eb42a1e22835ef" checksum = "e3fbb159b673baace5ca93f155fdf80a957631802a04950df298c6e2445e3f4e"
dependencies = [ dependencies = [
"base64urlsafedata", "base64urlsafedata",
"peg", "peg",
"serde", "serde",
"serde_json", "serde_json",
"time 0.2.27", "time 0.3.21",
"tracing", "tracing",
"tracing-subscriber", "tracing-subscriber",
"url", "url",
@ -3846,17 +3811,11 @@ version = "1.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd" checksum = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd"
[[package]]
name = "scratch"
version = "1.0.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1792db035ce95be60c3f8853017b3999209281c24e2ba5bc8e59bf97a0c590c1"
[[package]] [[package]]
name = "security-framework" name = "security-framework"
version = "2.8.2" version = "2.9.1"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a332be01508d814fed64bf28f798a146d73792121129962fdf335bb3c49a4254" checksum = "1fc758eb7bffce5b308734e9b0c1468893cae9ff70ebf13e7090be8dcbcc83a8"
dependencies = [ dependencies = [
"bitflags", "bitflags",
"core-foundation", "core-foundation",
@ -3867,9 +3826,9 @@ dependencies = [
[[package]] [[package]]
name = "security-framework-sys" name = "security-framework-sys"
version = "2.8.0" version = "2.9.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "31c9bb296072e961fcbd8853511dd39c2d8be2deb1e17c6860b1d30732b323b4" checksum = "f51d0c0d83bec45f16480d0ce0058397a69e48fcdc52d1dc8855fb68acbd31a7"
dependencies = [ dependencies = [
"core-foundation-sys", "core-foundation-sys",
"libc", "libc",
@ -3952,9 +3911,9 @@ dependencies = [
[[package]] [[package]]
name = "serde_fmt" name = "serde_fmt"
version = "1.0.2" version = "1.0.3"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6180def5ddda7565fea64b0fba33b99192d86d669f23b5019598e0b7e846b407" checksum = "e1d4ddca14104cd60529e8c7f7ba71a2c8acd8f7f5cfcdc2faf97eeb7c3010a4"
dependencies = [ dependencies = [
"serde", "serde",
] ]
@ -4050,7 +4009,7 @@ checksum = "82e6b795fe2e3b1e845bafcb27aa35405c4d47cdfc92af5fc8d3002f76cebdc0"
dependencies = [ dependencies = [
"cfg-if 1.0.0", "cfg-if 1.0.0",
"cpufeatures", "cpufeatures",
"digest 0.10.6", "digest 0.10.7",
] ]
[[package]] [[package]]
@ -4460,7 +4419,6 @@ checksum = "4752a97f8eebd6854ff91f1c1824cd6160626ac4bd44287f7f4ea2035a02a242"
dependencies = [ dependencies = [
"const_fn", "const_fn",
"libc", "libc",
"serde",
"standback", "standback",
"stdweb", "stdweb",
"time-macros 0.1.1", "time-macros 0.1.1",
@ -4470,21 +4428,23 @@ dependencies = [
[[package]] [[package]]
name = "time" name = "time"
version = "0.3.20" version = "0.3.21"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "cd0cbfecb4d19b5ea75bb31ad904eb5b9fa13f21079c3b92017ebdf4999a5890" checksum = "8f3403384eaacbca9923fa06940178ac13e4edb725486d70e8e15881d0c836cc"
dependencies = [ dependencies = [
"itoa", "itoa",
"libc",
"num_threads",
"serde", "serde",
"time-core", "time-core",
"time-macros 0.2.8", "time-macros 0.2.9",
] ]
[[package]] [[package]]
name = "time-core" name = "time-core"
version = "0.1.0" version = "0.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2e153e1f1acaef8acc537e68b44906d2db6436e2b35ac2c6b42640fff91f00fd" checksum = "7300fbefb4dadc1af235a9cef3737cea692a9d97e1b9cbcd4ebdae6f8868e6fb"
[[package]] [[package]]
name = "time-macros" name = "time-macros"
@ -4498,9 +4458,9 @@ dependencies = [
[[package]] [[package]]
name = "time-macros" name = "time-macros"
version = "0.2.8" version = "0.2.9"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fd80a657e71da814b8e5d60d3374fc6d35045062245d80224748ae522dd76f36" checksum = "372950940a5f07bf38dbe211d7283c9e6d7327df53794992d293e534c733d09b"
dependencies = [ dependencies = [
"time-core", "time-core",
] ]
@ -4596,9 +4556,9 @@ dependencies = [
[[package]] [[package]]
name = "tokio-stream" name = "tokio-stream"
version = "0.1.12" version = "0.1.14"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8fb52b74f05dbf495a8fba459fdc331812b96aa086d9eb78101fa0d4569c3313" checksum = "397c988d37662c7dda6d2208364a706264bf3d6138b11d436cbac0ad38832842"
dependencies = [ dependencies = [
"futures-core", "futures-core",
"pin-project-lite 0.2.9", "pin-project-lite 0.2.9",
@ -4630,15 +4590,15 @@ dependencies = [
[[package]] [[package]]
name = "toml_datetime" name = "toml_datetime"
version = "0.6.1" version = "0.6.2"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3ab8ed2edee10b50132aed5f331333428b011c99402b5a534154ed15746f9622" checksum = "5a76a9312f5ba4c2dec6b9161fdf25d87ad8a09256ccea5a556fef03c706a10f"
[[package]] [[package]]
name = "toml_edit" name = "toml_edit"
version = "0.19.8" version = "0.19.9"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "239410c8609e8125456927e6707163a3b1fdb40561e4b803bc041f466ccfdc13" checksum = "92d964908cec0d030b812013af25a0e57fddfadb1e066ecc6681d86253129d4f"
dependencies = [ dependencies = [
"indexmap", "indexmap",
"toml_datetime", "toml_datetime",
@ -4674,20 +4634,20 @@ dependencies = [
[[package]] [[package]]
name = "tracing-attributes" name = "tracing-attributes"
version = "0.1.23" version = "0.1.24"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4017f8f45139870ca7e672686113917c71c7a6e02d4924eda67186083c03081a" checksum = "0f57e3ca2a01450b1a921183a9c9cbfda207fd822cef4ccb00a65402cbba7a74"
dependencies = [ dependencies = [
"proc-macro2", "proc-macro2",
"quote", "quote",
"syn 1.0.109", "syn 2.0.16",
] ]
[[package]] [[package]]
name = "tracing-core" name = "tracing-core"
version = "0.1.30" version = "0.1.31"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "24eb03ba0eab1fd845050058ce5e616558e8f8d8fca633e6b163fe25c797213a" checksum = "0955b8137a1df6f1a2e9a37d8a6656291ff0297c1a97c24e0d8425fe2312f79a"
dependencies = [ dependencies = [
"once_cell", "once_cell",
"valuable", "valuable",
@ -4933,9 +4893,9 @@ dependencies = [
[[package]] [[package]]
name = "wasm-bindgen-futures" name = "wasm-bindgen-futures"
version = "0.4.35" version = "0.4.36"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "083abe15c5d88556b77bdf7aef403625be9e327ad37c62c4e4129af740168163" checksum = "2d1985d03709c53167ce907ff394f5316aa22cb4e12761295c5dc57dacb6297e"
dependencies = [ dependencies = [
"cfg-if 1.0.0", "cfg-if 1.0.0",
"js-sys", "js-sys",
@ -4974,9 +4934,9 @@ checksum = "ed9d5b4305409d1fc9482fee2d7f9bcbf24b3972bf59817ef757e23982242a93"
[[package]] [[package]]
name = "wasm-bindgen-test" name = "wasm-bindgen-test"
version = "0.3.35" version = "0.3.36"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b27e15b4a3030b9944370ba1d8cec6f21f66a1ad4fd14725c5685600460713ec" checksum = "c9e636f3a428ff62b3742ebc3c70e254dfe12b8c2b469d688ea59cdd4abcf502"
dependencies = [ dependencies = [
"console_error_panic_hook", "console_error_panic_hook",
"js-sys", "js-sys",
@ -4988,9 +4948,9 @@ dependencies = [
[[package]] [[package]]
name = "wasm-bindgen-test-macro" name = "wasm-bindgen-test-macro"
version = "0.3.35" version = "0.3.36"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1dbaa9b9a574eac00c4f3a9c4941ac051f07632ecd0484a8588abd95af6b99d2" checksum = "f18c1fad2f7c4958e7bcce014fa212f59a65d5e3721d0f77e6c0b27ede936ba3"
dependencies = [ dependencies = [
"proc-macro2", "proc-macro2",
"quote", "quote",
@ -4998,9 +4958,9 @@ dependencies = [
[[package]] [[package]]
name = "web-sys" name = "web-sys"
version = "0.3.62" version = "0.3.63"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "16b5f940c7edfdc6d12126d98c9ef4d1b3d470011c47c76a6581df47ad9ba721" checksum = "3bdd9ef4e984da1187bf8110c5cf5b845fbc87a23602cdf912386a76fcd3a7c2"
dependencies = [ dependencies = [
"js-sys", "js-sys",
"wasm-bindgen", "wasm-bindgen",
@ -5337,9 +5297,9 @@ checksum = "1a515f5799fe4961cb532f983ce2b23082366b898e52ffbce459c86f67c8378a"
[[package]] [[package]]
name = "winnow" name = "winnow"
version = "0.4.1" version = "0.4.6"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ae8970b36c66498d8ff1d66685dc86b91b29db0c7739899012f63a63814b4b28" checksum = "61de7bac303dc551fe038e2b3cef0f571087a47571ea6e79a87692ac99b99699"
dependencies = [ dependencies = [
"memchr", "memchr",
] ]
@ -5368,7 +5328,7 @@ dependencies = [
"oid-registry", "oid-registry",
"rusticata-macros", "rusticata-macros",
"thiserror", "thiserror",
"time 0.3.20", "time 0.3.21",
] ]
[[package]] [[package]]
@ -5473,5 +5433,5 @@ dependencies = [
"lazy_static", "lazy_static",
"quick-error", "quick-error",
"regex", "regex",
"time 0.3.20", "time 0.3.21",
] ]

8
Cargo.toml
View file

@ -115,8 +115,8 @@ reqwest = { version = "0.11.18", default-features = false, features=["cookies",
rpassword = "^7.2.0" rpassword = "^7.2.0"
rusqlite = "^0.28.0" rusqlite = "^0.28.0"
scim_proto = "^0.1.1" scim_proto = "^0.2.0"
# scim_proto = { path = "../scim/proto", version = "0.1.1" } # scim_proto = { path = "../scim/proto", version = "^0.2.0" }
# scim_proto = { git = "https://github.com/kanidm/scim.git", version = "0.1.1" } # scim_proto = { git = "https://github.com/kanidm/scim.git", version = "0.1.1" }
serde = "^1.0.163" serde = "^1.0.163"
@ -134,9 +134,7 @@ tide = "^0.16.0"
# Including brotli *very* slow, so don't do that. Including the "default" feature pulls a mime-type list from the internet on build, which isn't used. # Including brotli *very* slow, so don't do that. Including the "default" feature pulls a mime-type list from the internet on build, which isn't used.
tide-compress = { version="0.10.6", default-features = false, features = [ "gzip", "regex-check" ] } tide-compress = { version="0.10.6", default-features = false, features = [ "gzip", "regex-check" ] }
tide-openssl = "^0.1.1" tide-openssl = "^0.1.1"
# Unable to increase version due to removing ability to detect time = { version = "^0.3.21", features = ["formatting", "local-offset"] }
# local platform time.
time = "=0.2.27"
tikv-jemallocator = "0.5" tikv-jemallocator = "0.5"

20
proto/src/v1.rs
View file

@ -5,6 +5,7 @@ use std::str::FromStr;
use num_enum::TryFromPrimitive; use num_enum::TryFromPrimitive;
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};
use time::OffsetDateTime;
use uuid::Uuid; use uuid::Uuid;
use webauthn_rs_proto::{ use webauthn_rs_proto::{
CreationChallengeResponse, PublicKeyCredential, RegisterPublicKeyCredential, CreationChallengeResponse, PublicKeyCredential, RegisterPublicKeyCredential,
@ -493,15 +494,16 @@ impl fmt::Display for ApiToken {
writeln!(f, "label: {}", self.label)?; writeln!(f, "label: {}", self.label)?;
writeln!(f, "issued at: {}", self.issued_at)?; writeln!(f, "issued at: {}", self.issued_at)?;
if let Some(expiry) = self.expiry { if let Some(expiry) = self.expiry {
writeln!( // if this fails we're in trouble!
f, #[allow(clippy::expect_used)]
"token expiry: {}", let expiry_str = expiry
expiry .to_offset(
.to_offset( time::UtcOffset::local_offset_at(OffsetDateTime::UNIX_EPOCH)
time::UtcOffset::try_current_local_offset().unwrap_or(time::UtcOffset::UTC), .unwrap_or(time::UtcOffset::UTC),
) )
.format(time::Format::Rfc3339) .format(&time::format_description::well_known::Rfc3339)
) .expect("Failed to format timestamp to RFC3339");
writeln!(f, "token expiry: {}", expiry_str)
} else { } else {
writeln!(f, "token expiry: never") writeln!(f, "token expiry: never")
} }

56
server/core/Cargo.toml
View file

@ -4,41 +4,41 @@ description = "Kanidm Server Core and Library"
documentation = "https://docs.rs/kanidm/latest/kanidm/" documentation = "https://docs.rs/kanidm/latest/kanidm/"
autotests = false autotests = false
version.workspace = true version = { workspace = true }
authors.workspace = true authors = { workspace = true }
rust-version.workspace = true rust-version = { workspace = true }
edition.workspace = true edition = { workspace = true }
license.workspace = true license = { workspace = true }
homepage.workspace = true homepage = { workspace = true }
repository.workspace = true repository = { workspace = true }
[dependencies] [dependencies]
async-trait.workspace = true async-trait = { workspace = true }
chrono.workspace = true chrono = { workspace = true }
cron.workspace = true cron = { workspace = true }
compact_jwt.workspace = true compact_jwt = { workspace = true }
futures-util.workspace = true futures-util = { workspace = true }
http-types.workspace = true http-types = { workspace = true }
kanidm_proto.workspace = true kanidm_proto = { workspace = true }
kanidmd_lib.workspace = true kanidmd_lib = { workspace = true }
ldap3_proto.workspace = true ldap3_proto = { workspace = true }
libc.workspace = true libc = { workspace = true }
openssl.workspace = true openssl = { workspace = true }
rand.workspace = true rand = { workspace = true }
regex.workspace = true regex = { workspace = true }
serde = { workspace = true, features = ["derive"] } serde = { workspace = true, features = ["derive"] }
serde_json.workspace = true serde_json = { workspace = true }
sketching.workspace = true sketching = { workspace = true }
tide.workspace = true tide = { workspace = true }
time = { workspace = true, features = ["serde", "std"] } time = { workspace = true, features = ["serde", "std","local-offset"] }
tide-compress.workspace = true tide-compress = { workspace = true }
tide-openssl.workspace = true tide-openssl = { workspace = true }
tokio = { workspace = true, features = ["net", "sync", "io-util", "macros"] } tokio = { workspace = true, features = ["net", "sync", "io-util", "macros"] }
tokio-openssl.workspace = true tokio-openssl = { workspace = true }
tokio-util = { workspace = true, features = ["codec"] } tokio-util = { workspace = true, features = ["codec"] }
toml = {workspace = true} toml = {workspace = true}
tracing = { workspace = true, features = ["attributes"] } tracing = { workspace = true, features = ["attributes"] }
uuid = { workspace = true, features = ["serde", "v4" ] } uuid = { workspace = true, features = ["serde", "v4" ] }
[build-dependencies] [build-dependencies]
profiles.workspace = true profiles = { workspace = true }

11
server/core/src/actors/v1_read.rs
View file

@ -198,9 +198,14 @@ impl QueryServerReadV1 {
) -> Result<(), OperationError> { ) -> Result<(), OperationError> {
trace!(eventid = ?msg.eventid, "Begin online backup event"); trace!(eventid = ?msg.eventid, "Begin online backup event");
#[allow(deprecated)] let now = match time::OffsetDateTime::now_local() {
let now = time::OffsetDateTime::now_local(); Ok(val) => val,
let timestamp = now.format(time::Format::Rfc3339); Err(_err) => {
admin_warn!("Failed to get local offset, using UTC");
time::OffsetDateTime::now_utc()
}
};
let timestamp = now.format(&Rfc3339).unwrap();
let dest_file = format!("{}/backup-{}.json", outpath, timestamp); let dest_file = format!("{}/backup-{}.json", outpath, timestamp);
if Path::new(&dest_file).exists() { if Path::new(&dest_file).exists() {

14
server/lib/src/idm/account.rs
View file

@ -204,10 +204,10 @@ impl Account {
// the nanoseconds, but if we haven't done a serialise on the server our db cache has the // the nanoseconds, but if we haven't done a serialise on the server our db cache has the
// ns value which breaks some checks. // ns value which breaks some checks.
let ct = ct - Duration::from_nanos(ct.subsec_nanos() as u64); let ct = ct - Duration::from_nanos(ct.subsec_nanos() as u64);
let issued_at = OffsetDateTime::unix_epoch() + ct; let issued_at = OffsetDateTime::UNIX_EPOCH + ct;
let expiry = let expiry =
Some(OffsetDateTime::unix_epoch() + ct + Duration::from_secs(AUTH_SESSION_EXPIRY)); Some(OffsetDateTime::UNIX_EPOCH + ct + Duration::from_secs(AUTH_SESSION_EXPIRY));
let (purpose, expiry) = match scope { let (purpose, expiry) = match scope {
// Issue an invalid/expired session. // Issue an invalid/expired session.
@ -229,7 +229,7 @@ impl Account {
{ {
( (
UatPurpose::ReadWrite { expiry: None }, UatPurpose::ReadWrite { expiry: None },
Some(OffsetDateTime::unix_epoch() + ct + Duration::from_secs(86400)), Some(OffsetDateTime::UNIX_EPOCH + ct + Duration::from_secs(86400)),
) )
} }
}; };
@ -259,7 +259,7 @@ impl Account {
scope: SessionScope, scope: SessionScope,
ct: Duration, ct: Duration,
) -> Option<UserAuthToken> { ) -> Option<UserAuthToken> {
let issued_at = OffsetDateTime::unix_epoch() + ct; let issued_at = OffsetDateTime::UNIX_EPOCH + ct;
let (purpose, expiry) = match scope { let (purpose, expiry) = match scope {
SessionScope::Synchronise | SessionScope::ReadOnly | SessionScope::ReadWrite => { SessionScope::Synchronise | SessionScope::ReadOnly | SessionScope::ReadWrite => {
@ -273,7 +273,7 @@ impl Account {
// Return a ReadWrite session with an inner expiry for the privileges // Return a ReadWrite session with an inner expiry for the privileges
{ {
let expiry = Some( let expiry = Some(
OffsetDateTime::unix_epoch() + ct + Duration::from_secs(AUTH_PRIVILEGE_EXPIRY), OffsetDateTime::UNIX_EPOCH + ct + Duration::from_secs(AUTH_PRIVILEGE_EXPIRY),
); );
( (
UatPurpose::ReadWrite { expiry }, UatPurpose::ReadWrite { expiry },
@ -305,7 +305,7 @@ impl Account {
valid_from: Option<&OffsetDateTime>, valid_from: Option<&OffsetDateTime>,
expire: Option<&OffsetDateTime>, expire: Option<&OffsetDateTime>,
) -> bool { ) -> bool {
let cot = OffsetDateTime::unix_epoch() + ct; let cot = OffsetDateTime::UNIX_EPOCH + ct;
let vmin = if let Some(vft) = valid_from { let vmin = if let Some(vft) = valid_from {
// If current time greater than start time window // If current time greater than start time window
@ -547,7 +547,7 @@ impl Account {
} }
} else { } else {
let grace = uat.issued_at + GRACE_WINDOW; let grace = uat.issued_at + GRACE_WINDOW;
let current = time::OffsetDateTime::unix_epoch() + ct; let current = time::OffsetDateTime::UNIX_EPOCH + ct;
trace!(%grace, %current); trace!(%grace, %current);
if current >= grace { if current >= grace {
security_info!( security_info!(

2
server/lib/src/idm/credupdatesession.rs
View file

@ -585,7 +585,7 @@ impl<'a> IdmServerProxyWriteTransaction<'a> {
"Rejecting Update Session - Intent Token does not exist (replication delay?)", "Rejecting Update Session - Intent Token does not exist (replication delay?)",
); );
return Err(OperationError::Wait( return Err(OperationError::Wait(
OffsetDateTime::unix_epoch() + (current_time + Duration::from_secs(150)), OffsetDateTime::UNIX_EPOCH + (current_time + Duration::from_secs(150)),
)); ));
} }
}; };

16
server/lib/src/idm/oauth2.rs
View file

@ -515,7 +515,7 @@ impl<'a> IdmServerProxyWriteTransaction<'a> {
.. ..
} => { } => {
// Only submit a revocation if the token is not yet expired. // Only submit a revocation if the token is not yet expired.
let odt_ct = OffsetDateTime::unix_epoch() + ct; let odt_ct = OffsetDateTime::UNIX_EPOCH + ct;
if expiry <= odt_ct { if expiry <= odt_ct {
security_info!(?uuid, "access token has expired, returning inactive"); security_info!(?uuid, "access token has expired, returning inactive");
return Ok(()); return Ok(());
@ -763,7 +763,7 @@ impl<'a> IdmServerProxyWriteTransaction<'a> {
} }
// Check that the UAT we are issuing for still is valid. // Check that the UAT we are issuing for still is valid.
let odt_ct = OffsetDateTime::unix_epoch() + ct; let odt_ct = OffsetDateTime::UNIX_EPOCH + ct;
if let Some(expiry) = code_xchg.uat.expiry { if let Some(expiry) = code_xchg.uat.expiry {
if expiry <= odt_ct { if expiry <= odt_ct {
security_info!( security_info!(
@ -830,7 +830,7 @@ impl<'a> IdmServerProxyWriteTransaction<'a> {
nbf: _, nbf: _,
} => { } => {
// Get the current time in odt // Get the current time in odt
let odt_ct = OffsetDateTime::unix_epoch() + ct; let odt_ct = OffsetDateTime::UNIX_EPOCH + ct;
if expiry <= odt_ct { if expiry <= odt_ct {
security_info!(?uuid, "refresh token has expired, "); security_info!(?uuid, "refresh token has expired, ");
return Err(Oauth2Error::InvalidToken); return Err(Oauth2Error::InvalidToken);
@ -936,7 +936,7 @@ impl<'a> IdmServerProxyWriteTransaction<'a> {
session_id: Uuid, session_id: Uuid,
nonce: Option<String>, nonce: Option<String>,
) -> Result<AccessTokenResponse, Oauth2Error> { ) -> Result<AccessTokenResponse, Oauth2Error> {
let odt_ct = OffsetDateTime::unix_epoch() + ct; let odt_ct = OffsetDateTime::UNIX_EPOCH + ct;
let iat = ct.as_secs() as i64; let iat = ct.as_secs() as i64;
// TODO: Configurable from the oauth2rs configuration? // TODO: Configurable from the oauth2rs configuration?
@ -1530,7 +1530,7 @@ impl<'a> IdmServerProxyReadTransaction<'a> {
auth_time: _, auth_time: _,
} => { } => {
// Has this token expired? // Has this token expired?
let odt_ct = OffsetDateTime::unix_epoch() + ct; let odt_ct = OffsetDateTime::UNIX_EPOCH + ct;
if expiry <= odt_ct { if expiry <= odt_ct {
security_info!(?uuid, "access token has expired, returning inactive"); security_info!(?uuid, "access token has expired, returning inactive");
return Ok(AccessTokenIntrospectResponse::inactive()); return Ok(AccessTokenIntrospectResponse::inactive());
@ -1635,7 +1635,7 @@ impl<'a> IdmServerProxyReadTransaction<'a> {
auth_time: _, auth_time: _,
} => { } => {
// Has this token expired? // Has this token expired?
let odt_ct = OffsetDateTime::unix_epoch() + ct; let odt_ct = OffsetDateTime::UNIX_EPOCH + ct;
if expiry <= odt_ct { if expiry <= odt_ct {
security_info!(?uuid, "access token has expired, returning inactive"); security_info!(?uuid, "access token has expired, returning inactive");
return Err(Oauth2Error::InvalidToken); return Err(Oauth2Error::InvalidToken);
@ -2043,7 +2043,7 @@ mod tests {
crate::value::Session { crate::value::Session {
label: "label".to_string(), label: "label".to_string(),
expiry, expiry,
issued_at: time::OffsetDateTime::unix_epoch() + ct, issued_at: time::OffsetDateTime::UNIX_EPOCH + ct,
issued_by: IdentityId::Internal, issued_by: IdentityId::Internal,
cred_id, cred_id,
scope: SessionScope::ReadWrite, scope: SessionScope::ReadWrite,
@ -2428,7 +2428,7 @@ mod tests {
// //
// This lets us check a variety of time based cases. // This lets us check a variety of time based cases.
uat.expiry = Some( uat.expiry = Some(
time::OffsetDateTime::unix_epoch() time::OffsetDateTime::UNIX_EPOCH
+ Duration::from_secs(TEST_CURRENT_TIME + UAT_EXPIRE - 1), + Duration::from_secs(TEST_CURRENT_TIME + UAT_EXPIRE - 1),
); );

2
server/lib/src/idm/radius.rs
View file

@ -71,7 +71,7 @@ impl RadiusAccount {
} }
fn is_within_valid_time(&self, ct: Duration) -> bool { fn is_within_valid_time(&self, ct: Duration) -> bool {
let cot = OffsetDateTime::unix_epoch() + ct; let cot = OffsetDateTime::UNIX_EPOCH + ct;
let vmin = if let Some(vft) = &self.valid_from { let vmin = if let Some(vft) = &self.valid_from {
// If current time greater than start time window // If current time greater than start time window

2
server/lib/src/idm/scim.rs
View file

@ -144,7 +144,7 @@ impl<'a> IdmServerProxyWriteTransaction<'a> {
})?; })?;
let session_id = Uuid::new_v4(); let session_id = Uuid::new_v4();
let issued_at = time::OffsetDateTime::unix_epoch() + ct; let issued_at = time::OffsetDateTime::UNIX_EPOCH + ct;
let scope = ApiTokenScope::Synchronise; let scope = ApiTokenScope::Synchronise;
let purpose = scope.try_into()?; let purpose = scope.try_into()?;

16
server/lib/src/idm/server.rs
View file

@ -471,7 +471,7 @@ pub trait IdmServerTransaction<'a> {
.map(|t: Jws<UserAuthToken>| t.into_inner())?; .map(|t: Jws<UserAuthToken>| t.into_inner())?;
if let Some(exp) = uat.expiry { if let Some(exp) = uat.expiry {
if time::OffsetDateTime::unix_epoch() + ct >= exp { if time::OffsetDateTime::UNIX_EPOCH + ct >= exp {
security_info!("Session expired"); security_info!("Session expired");
Err(OperationError::SessionExpired) Err(OperationError::SessionExpired)
} else { } else {
@ -525,7 +525,7 @@ pub trait IdmServerTransaction<'a> {
.map(|t: Jws<ApiToken>| t.into_inner())?; .map(|t: Jws<ApiToken>| t.into_inner())?;
if let Some(expiry) = apit.expiry { if let Some(expiry) = apit.expiry {
if time::OffsetDateTime::unix_epoch() + ct >= expiry { if time::OffsetDateTime::UNIX_EPOCH + ct >= expiry {
security_info!("Session expired"); security_info!("Session expired");
return Err(OperationError::SessionExpired); return Err(OperationError::SessionExpired);
} }
@ -562,7 +562,7 @@ pub trait IdmServerTransaction<'a> {
})?; })?;
if let Some(exp) = uat.expiry { if let Some(exp) = uat.expiry {
if time::OffsetDateTime::unix_epoch() + ct >= exp { if time::OffsetDateTime::UNIX_EPOCH + ct >= exp {
security_info!("Session expired"); security_info!("Session expired");
Err(OperationError::SessionExpired) Err(OperationError::SessionExpired)
} else { } else {
@ -665,7 +665,7 @@ pub trait IdmServerTransaction<'a> {
UatPurpose::ReadWrite { UatPurpose::ReadWrite {
expiry: Some(expiry), expiry: Some(expiry),
} => { } => {
let cot = time::OffsetDateTime::unix_epoch() + ct; let cot = time::OffsetDateTime::UNIX_EPOCH + ct;
if cot < expiry { if cot < expiry {
AccessScope::ReadWrite AccessScope::ReadWrite
} else { } else {
@ -3417,8 +3417,8 @@ mod tests {
session_id: session_a, session_id: session_a,
cred_id, cred_id,
label: "Test Session A".to_string(), label: "Test Session A".to_string(),
expiry: Some(OffsetDateTime::unix_epoch() + expiry_a), expiry: Some(OffsetDateTime::UNIX_EPOCH + expiry_a),
issued_at: OffsetDateTime::unix_epoch() + ct, issued_at: OffsetDateTime::UNIX_EPOCH + ct,
issued_by: IdentityId::User(UUID_ADMIN), issued_by: IdentityId::User(UUID_ADMIN),
scope: SessionScope::ReadOnly, scope: SessionScope::ReadOnly,
}); });
@ -3452,8 +3452,8 @@ mod tests {
session_id: session_b, session_id: session_b,
cred_id, cred_id,
label: "Test Session B".to_string(), label: "Test Session B".to_string(),
expiry: Some(OffsetDateTime::unix_epoch() + expiry_b), expiry: Some(OffsetDateTime::UNIX_EPOCH + expiry_b),
issued_at: OffsetDateTime::unix_epoch() + ct, issued_at: OffsetDateTime::UNIX_EPOCH + ct,
issued_by: IdentityId::User(UUID_ADMIN), issued_by: IdentityId::User(UUID_ADMIN),
scope: SessionScope::ReadOnly, scope: SessionScope::ReadOnly,
}); });

6
server/lib/src/idm/serviceaccount.rs
View file

@ -117,7 +117,7 @@ impl ServiceAccount {
true true
} else { } else {
let grace = apit.issued_at + GRACE_WINDOW; let grace = apit.issued_at + GRACE_WINDOW;
let current = time::OffsetDateTime::unix_epoch() + ct; let current = time::OffsetDateTime::UNIX_EPOCH + ct;
trace!(%grace, %current); trace!(%grace, %current);
if current >= grace { if current >= grace {
security_info!( security_info!(
@ -160,7 +160,7 @@ impl GenerateApiTokenEvent {
ident: Identity::from_internal(), ident: Identity::from_internal(),
target, target,
label: label.to_string(), label: label.to_string(),
expiry: expiry.map(|ct| time::OffsetDateTime::unix_epoch() + ct), expiry: expiry.map(|ct| time::OffsetDateTime::UNIX_EPOCH + ct),
read_write: false, read_write: false,
} }
} }
@ -202,7 +202,7 @@ impl<'a> IdmServerProxyWriteTransaction<'a> {
})?; })?;
let session_id = Uuid::new_v4(); let session_id = Uuid::new_v4();
let issued_at = time::OffsetDateTime::unix_epoch() + ct; let issued_at = time::OffsetDateTime::UNIX_EPOCH + ct;
// Normalise to UTC in case it was provided as something else. // Normalise to UTC in case it was provided as something else.
let expiry = gte.expiry.map(|odt| odt.to_offset(time::UtcOffset::UTC)); let expiry = gte.expiry.map(|odt| odt.to_offset(time::UtcOffset::UTC));

2
server/lib/src/idm/unix.rs
View file

@ -179,7 +179,7 @@ impl UnixUserAccount {
} }
pub fn is_within_valid_time(&self, ct: Duration) -> bool { pub fn is_within_valid_time(&self, ct: Duration) -> bool {
let cot = OffsetDateTime::unix_epoch() + ct; let cot = OffsetDateTime::UNIX_EPOCH + ct;
let vmin = if let Some(vft) = &self.valid_from { let vmin = if let Some(vft) = &self.valid_from {
// If current time greater than start time window // If current time greater than start time window

2
server/lib/src/lib.rs
View file

@ -101,4 +101,6 @@ pub mod prelude {
#[cfg(test)] #[cfg(test)]
pub use kanidmd_lib_macros::*; pub use kanidmd_lib_macros::*;
pub use time::format_description::well_known::Rfc3339;
} }

2
server/lib/src/plugins/refint.rs
View file

@ -783,7 +783,7 @@ mod tests {
#[qs_test] #[qs_test]
async fn test_delete_oauth2_rs_remove_sessions(server: &QueryServer) { async fn test_delete_oauth2_rs_remove_sessions(server: &QueryServer) {
let curtime = duration_from_epoch_now(); let curtime = duration_from_epoch_now();
let curtime_odt = OffsetDateTime::unix_epoch() + curtime; let curtime_odt = OffsetDateTime::UNIX_EPOCH + curtime;
let p = CryptoPolicy::minimum(); let p = CryptoPolicy::minimum();
let cred = Credential::new_password_only(&p, "test_password").unwrap(); let cred = Credential::new_password_only(&p, "test_password").unwrap();

18
server/lib/src/plugins/session.rs
View file

@ -45,7 +45,7 @@ impl SessionConsistency {
cand: &mut [Entry<EntryInvalid, T>], cand: &mut [Entry<EntryInvalid, T>],
) -> Result<(), OperationError> { ) -> Result<(), OperationError> {
let curtime = qs.get_curtime(); let curtime = qs.get_curtime();
let curtime_odt = OffsetDateTime::unix_epoch() + curtime; let curtime_odt = OffsetDateTime::UNIX_EPOCH + curtime;
// We need to assert a number of properties. We must do these *in order*. // We need to assert a number of properties. We must do these *in order*.
cand.iter_mut().try_for_each(|entry| { cand.iter_mut().try_for_each(|entry| {
@ -161,14 +161,14 @@ mod tests {
#[qs_test] #[qs_test]
async fn test_session_consistency_expire_old_sessions(server: &QueryServer) { async fn test_session_consistency_expire_old_sessions(server: &QueryServer) {
let curtime = duration_from_epoch_now(); let curtime = duration_from_epoch_now();
let curtime_odt = OffsetDateTime::unix_epoch() + curtime; let curtime_odt = OffsetDateTime::UNIX_EPOCH + curtime;
let p = CryptoPolicy::minimum(); let p = CryptoPolicy::minimum();
let cred = Credential::new_password_only(&p, "test_password").unwrap(); let cred = Credential::new_password_only(&p, "test_password").unwrap();
let cred_id = cred.uuid; let cred_id = cred.uuid;
let exp_curtime = curtime + Duration::from_secs(60); let exp_curtime = curtime + Duration::from_secs(60);
let exp_curtime_odt = OffsetDateTime::unix_epoch() + exp_curtime; let exp_curtime_odt = OffsetDateTime::UNIX_EPOCH + exp_curtime;
// Create a user // Create a user
let mut server_txn = server.write(curtime).await; let mut server_txn = server.write(curtime).await;
@ -254,7 +254,7 @@ mod tests {
#[qs_test] #[qs_test]
async fn test_session_consistency_oauth2_expiry_cleanup(server: &QueryServer) { async fn test_session_consistency_oauth2_expiry_cleanup(server: &QueryServer) {
let curtime = duration_from_epoch_now(); let curtime = duration_from_epoch_now();
let curtime_odt = OffsetDateTime::unix_epoch() + curtime; let curtime_odt = OffsetDateTime::UNIX_EPOCH + curtime;
let p = CryptoPolicy::minimum(); let p = CryptoPolicy::minimum();
let cred = Credential::new_password_only(&p, "test_password").unwrap(); let cred = Credential::new_password_only(&p, "test_password").unwrap();
@ -262,7 +262,7 @@ mod tests {
// Set exp to gracewindow. // Set exp to gracewindow.
let exp_curtime = curtime + GRACE_WINDOW; let exp_curtime = curtime + GRACE_WINDOW;
let exp_curtime_odt = OffsetDateTime::unix_epoch() + exp_curtime; let exp_curtime_odt = OffsetDateTime::UNIX_EPOCH + exp_curtime;
// Create a user // Create a user
let mut server_txn = server.write(curtime).await; let mut server_txn = server.write(curtime).await;
@ -395,7 +395,7 @@ mod tests {
#[qs_test] #[qs_test]
async fn test_session_consistency_oauth2_removed_by_parent(server: &QueryServer) { async fn test_session_consistency_oauth2_removed_by_parent(server: &QueryServer) {
let curtime = duration_from_epoch_now(); let curtime = duration_from_epoch_now();
let curtime_odt = OffsetDateTime::unix_epoch() + curtime; let curtime_odt = OffsetDateTime::UNIX_EPOCH + curtime;
let exp_curtime = curtime + GRACE_WINDOW; let exp_curtime = curtime + GRACE_WINDOW;
let p = CryptoPolicy::minimum(); let p = CryptoPolicy::minimum();
@ -529,11 +529,11 @@ mod tests {
#[qs_test] #[qs_test]
async fn test_session_consistency_oauth2_grace_window_past(server: &QueryServer) { async fn test_session_consistency_oauth2_grace_window_past(server: &QueryServer) {
let curtime = duration_from_epoch_now(); let curtime = duration_from_epoch_now();
let curtime_odt = OffsetDateTime::unix_epoch() + curtime; let curtime_odt = OffsetDateTime::UNIX_EPOCH + curtime;
// Set exp to gracewindow. // Set exp to gracewindow.
let exp_curtime = curtime + GRACE_WINDOW; let exp_curtime = curtime + GRACE_WINDOW;
// let exp_curtime_odt = OffsetDateTime::unix_epoch() + exp_curtime; // let exp_curtime_odt = OffsetDateTime::UNIX_EPOCH + exp_curtime;
// Create a user // Create a user
let mut server_txn = server.write(curtime).await; let mut server_txn = server.write(curtime).await;
@ -631,7 +631,7 @@ mod tests {
#[qs_test] #[qs_test]
async fn test_session_consistency_expire_when_cred_removed(server: &QueryServer) { async fn test_session_consistency_expire_when_cred_removed(server: &QueryServer) {
let curtime = duration_from_epoch_now(); let curtime = duration_from_epoch_now();
let curtime_odt = OffsetDateTime::unix_epoch() + curtime; let curtime_odt = OffsetDateTime::UNIX_EPOCH + curtime;
let p = CryptoPolicy::minimum(); let p = CryptoPolicy::minimum();
let cred = Credential::new_password_only(&p, "test_password").unwrap(); let cred = Credential::new_password_only(&p, "test_password").unwrap();

18
server/lib/src/value.rs
View file

@ -603,11 +603,11 @@ impl PartialValue {
} }
pub fn new_datetime_epoch(ts: Duration) -> Self { pub fn new_datetime_epoch(ts: Duration) -> Self {
PartialValue::DateTime(OffsetDateTime::unix_epoch() + ts) PartialValue::DateTime(OffsetDateTime::UNIX_EPOCH + ts)
} }
pub fn new_datetime_s(s: &str) -> Option<Self> { pub fn new_datetime_s(s: &str) -> Option<Self> {
OffsetDateTime::parse(s, time::Format::Rfc3339) OffsetDateTime::parse(s, &Rfc3339)
.ok() .ok()
.map(|odt| odt.to_offset(time::UtcOffset::UTC)) .map(|odt| odt.to_offset(time::UtcOffset::UTC))
.map(PartialValue::DateTime) .map(PartialValue::DateTime)
@ -737,7 +737,9 @@ impl PartialValue {
PartialValue::Cid(_) => "_".to_string(), PartialValue::Cid(_) => "_".to_string(),
PartialValue::DateTime(odt) => { PartialValue::DateTime(odt) => {
debug_assert!(odt.offset() == time::UtcOffset::UTC); debug_assert!(odt.offset() == time::UtcOffset::UTC);
odt.format(time::Format::Rfc3339) #[allow(clippy::expect_used)]
odt.format(&Rfc3339)
.expect("Failed to format timestamp into RFC3339")
} }
PartialValue::Url(u) => u.to_string(), PartialValue::Url(u) => u.to_string(),
PartialValue::OauthScope(u) => u.to_string(), PartialValue::OauthScope(u) => u.to_string(),
@ -1254,11 +1256,11 @@ impl Value {
} }
pub fn new_datetime_epoch(ts: Duration) -> Self { pub fn new_datetime_epoch(ts: Duration) -> Self {
Value::DateTime(OffsetDateTime::unix_epoch() + ts) Value::DateTime(OffsetDateTime::UNIX_EPOCH + ts)
} }
pub fn new_datetime_s(s: &str) -> Option<Self> { pub fn new_datetime_s(s: &str) -> Option<Self> {
OffsetDateTime::parse(s, time::Format::Rfc3339) OffsetDateTime::parse(s, &Rfc3339)
.ok() .ok()
.map(|odt| odt.to_offset(time::UtcOffset::UTC)) .map(|odt| odt.to_offset(time::UtcOffset::UTC))
.map(Value::DateTime) .map(Value::DateTime)
@ -1927,8 +1929,10 @@ mod tests {
assert!(Value::new_datetime_s("2020-09-25 01:22:02+00:00").is_none()); assert!(Value::new_datetime_s("2020-09-25 01:22:02+00:00").is_none());
// Manually craft // Manually craft
let inv1 = let inv1 = Value::DateTime(
Value::DateTime(OffsetDateTime::now_utc().to_offset(time::UtcOffset::east_hours(10))); OffsetDateTime::now_utc()
.to_offset(time::UtcOffset::from_whole_seconds(36000).unwrap()),
);
assert!(!inv1.validate()); assert!(!inv1.validate());
let val3 = Value::DateTime(OffsetDateTime::now_utc()); let val3 = Value::DateTime(OffsetDateTime::now_utc());

20
server/lib/src/valueset/datetime.rs
View file

@ -26,7 +26,7 @@ impl ValueSetDateTime {
let set = data let set = data
.into_iter() .into_iter()
.map(|s| { .map(|s| {
OffsetDateTime::parse(s, time::Format::Rfc3339) OffsetDateTime::parse(&s, &Rfc3339)
.map(|odt| odt.to_offset(time::UtcOffset::UTC)) .map(|odt| odt.to_offset(time::UtcOffset::UTC))
.map_err(|_| OperationError::InvalidValueState) .map_err(|_| OperationError::InvalidValueState)
}) })
@ -38,7 +38,7 @@ impl ValueSetDateTime {
let set = data let set = data
.iter() .iter()
.map(|s| { .map(|s| {
OffsetDateTime::parse(s, time::Format::Rfc3339) OffsetDateTime::parse(s, &Rfc3339)
.map(|odt| odt.to_offset(time::UtcOffset::UTC)) .map(|odt| odt.to_offset(time::UtcOffset::UTC))
.map_err(|_| OperationError::InvalidValueState) .map_err(|_| OperationError::InvalidValueState)
}) })
@ -104,7 +104,9 @@ impl ValueSetT for ValueSetDateTime {
.iter() .iter()
.map(|odt| { .map(|odt| {
debug_assert!(odt.offset() == time::UtcOffset::UTC); debug_assert!(odt.offset() == time::UtcOffset::UTC);
odt.format(time::Format::Rfc3339) #[allow(clippy::expect_used)]
odt.format(&Rfc3339)
.expect("Failed to format timestamp into RFC3339")
}) })
.collect() .collect()
} }
@ -120,7 +122,9 @@ impl ValueSetT for ValueSetDateTime {
fn to_proto_string_clone_iter(&self) -> Box<dyn Iterator<Item = String> + '_> { fn to_proto_string_clone_iter(&self) -> Box<dyn Iterator<Item = String> + '_> {
Box::new(self.set.iter().map(|odt| { Box::new(self.set.iter().map(|odt| {
debug_assert!(odt.offset() == time::UtcOffset::UTC); debug_assert!(odt.offset() == time::UtcOffset::UTC);
odt.format(time::Format::Rfc3339) #[allow(clippy::expect_used)]
odt.format(&Rfc3339)
.expect("Failed to format timestamp into RFC3339")
})) }))
} }
@ -130,7 +134,9 @@ impl ValueSetT for ValueSetDateTime {
.iter() .iter()
.map(|odt| { .map(|odt| {
debug_assert!(odt.offset() == time::UtcOffset::UTC); debug_assert!(odt.offset() == time::UtcOffset::UTC);
odt.format(time::Format::Rfc3339) #[allow(clippy::expect_used)]
odt.format(&Rfc3339)
.expect("Failed to format timestamp into RFC3339")
}) })
.collect(), .collect(),
) )
@ -143,7 +149,9 @@ impl ValueSetT for ValueSetDateTime {
.iter() .iter()
.map(|odt| { .map(|odt| {
debug_assert!(odt.offset() == time::UtcOffset::UTC); debug_assert!(odt.offset() == time::UtcOffset::UTC);
odt.format(time::Format::Rfc3339) #[allow(clippy::expect_used)]
odt.format(&Rfc3339)
.expect("Failed to format timestamp into RFC3339")
}) })
.collect(), .collect(),
} }

83
server/lib/src/valueset/session.rs
View file

@ -52,7 +52,7 @@ impl ValueSetSession {
let cred_id = Uuid::new_v4(); let cred_id = Uuid::new_v4();
// Convert things. // Convert things.
let issued_at = OffsetDateTime::parse(issued_at, time::Format::Rfc3339) let issued_at = OffsetDateTime::parse(&issued_at, &Rfc3339)
.map(|odt| odt.to_offset(time::UtcOffset::UTC)) .map(|odt| odt.to_offset(time::UtcOffset::UTC))
.map_err(|e| { .map_err(|e| {
admin_error!( admin_error!(
@ -69,7 +69,7 @@ impl ValueSetSession {
// here. // here.
let expiry = expiry let expiry = expiry
.map(|e_inner| { .map(|e_inner| {
OffsetDateTime::parse(e_inner, time::Format::Rfc3339) OffsetDateTime::parse(&e_inner, &Rfc3339)
.map(|odt| odt.to_offset(time::UtcOffset::UTC)) .map(|odt| odt.to_offset(time::UtcOffset::UTC))
// We now have an // We now have an
// Option<Result<ODT, _>> // Option<Result<ODT, _>>
@ -124,7 +124,7 @@ impl ValueSetSession {
scope, scope,
} => { } => {
// Convert things. // Convert things.
let issued_at = OffsetDateTime::parse(issued_at, time::Format::Rfc3339) let issued_at = OffsetDateTime::parse(&issued_at, &Rfc3339)
.map(|odt| odt.to_offset(time::UtcOffset::UTC)) .map(|odt| odt.to_offset(time::UtcOffset::UTC))
.map_err(|e| { .map_err(|e| {
admin_error!( admin_error!(
@ -141,7 +141,7 @@ impl ValueSetSession {
// here. // here.
let expiry = expiry let expiry = expiry
.map(|e_inner| { .map(|e_inner| {
OffsetDateTime::parse(e_inner, time::Format::Rfc3339) OffsetDateTime::parse(&e_inner, &Rfc3339)
.map(|odt| odt.to_offset(time::UtcOffset::UTC)) .map(|odt| odt.to_offset(time::UtcOffset::UTC))
// We now have an // We now have an
// Option<Result<ODT, _>> // Option<Result<ODT, _>>
@ -206,7 +206,7 @@ impl ValueSetSession {
scope, scope,
}| { }| {
// Convert things. // Convert things.
let issued_at = OffsetDateTime::parse(issued_at, time::Format::Rfc3339) let issued_at = OffsetDateTime::parse(issued_at, &Rfc3339)
.map(|odt| odt.to_offset(time::UtcOffset::UTC)) .map(|odt| odt.to_offset(time::UtcOffset::UTC))
.map_err(|e| { .map_err(|e| {
admin_error!( admin_error!(
@ -224,7 +224,7 @@ impl ValueSetSession {
let expiry = expiry let expiry = expiry
.as_ref() .as_ref()
.map(|e_inner| { .map(|e_inner| {
OffsetDateTime::parse(e_inner, time::Format::Rfc3339) OffsetDateTime::parse(e_inner, &Rfc3339)
.map(|odt| odt.to_offset(time::UtcOffset::UTC)) .map(|odt| odt.to_offset(time::UtcOffset::UTC))
// We now have an // We now have an
// Option<Result<ODT, _>> // Option<Result<ODT, _>>
@ -360,11 +360,16 @@ impl ValueSetT for ValueSetSession {
label: m.label.clone(), label: m.label.clone(),
expiry: m.expiry.map(|odt| { expiry: m.expiry.map(|odt| {
debug_assert!(odt.offset() == time::UtcOffset::UTC); debug_assert!(odt.offset() == time::UtcOffset::UTC);
odt.format(time::Format::Rfc3339) #[allow(clippy::expect_used)]
odt.format(&Rfc3339)
.expect("Failed to format timestamp into RFC3339!")
}), }),
issued_at: { issued_at: {
debug_assert!(m.issued_at.offset() == time::UtcOffset::UTC); debug_assert!(m.issued_at.offset() == time::UtcOffset::UTC);
m.issued_at.format(time::Format::Rfc3339) #[allow(clippy::expect_used)]
m.issued_at
.format(&Rfc3339)
.expect("Failed to format timestamp into RFC3339!")
}, },
issued_by: match m.issued_by { issued_by: match m.issued_by {
IdentityId::Internal => DbValueIdentityId::V1Internal, IdentityId::Internal => DbValueIdentityId::V1Internal,
@ -393,11 +398,16 @@ impl ValueSetT for ValueSetSession {
label: m.label.clone(), label: m.label.clone(),
expiry: m.expiry.map(|odt| { expiry: m.expiry.map(|odt| {
debug_assert!(odt.offset() == time::UtcOffset::UTC); debug_assert!(odt.offset() == time::UtcOffset::UTC);
odt.format(time::Format::Rfc3339) #[allow(clippy::expect_used)]
odt.format(&Rfc3339)
.expect("Failed to format timestamp to RFC3339")
}), }),
issued_at: { issued_at: {
debug_assert!(m.issued_at.offset() == time::UtcOffset::UTC); debug_assert!(m.issued_at.offset() == time::UtcOffset::UTC);
m.issued_at.format(time::Format::Rfc3339) #[allow(clippy::expect_used)]
m.issued_at
.format(&Rfc3339)
.expect("Failed to format timestamp to RFC3339")
}, },
issued_by: match m.issued_by { issued_by: match m.issued_by {
IdentityId::Internal => ReplIdentityIdV1::Internal, IdentityId::Internal => ReplIdentityIdV1::Internal,
@ -530,7 +540,7 @@ impl ValueSetOauth2Session {
rs_uuid, rs_uuid,
} => { } => {
// Convert things. // Convert things.
let issued_at = OffsetDateTime::parse(issued_at, time::Format::Rfc3339) let issued_at = OffsetDateTime::parse(&issued_at, &Rfc3339)
.map(|odt| odt.to_offset(time::UtcOffset::UTC)) .map(|odt| odt.to_offset(time::UtcOffset::UTC))
.map_err(|e| { .map_err(|e| {
admin_error!( admin_error!(
@ -547,7 +557,7 @@ impl ValueSetOauth2Session {
// here. // here.
let expiry = expiry let expiry = expiry
.map(|e_inner| { .map(|e_inner| {
OffsetDateTime::parse(e_inner, time::Format::Rfc3339) OffsetDateTime::parse(&e_inner, &Rfc3339)
.map(|odt| odt.to_offset(time::UtcOffset::UTC)) .map(|odt| odt.to_offset(time::UtcOffset::UTC))
// We now have an // We now have an
// Option<Result<ODT, _>> // Option<Result<ODT, _>>
@ -595,7 +605,7 @@ impl ValueSetOauth2Session {
rs_uuid, rs_uuid,
}| { }| {
// Convert things. // Convert things.
let issued_at = OffsetDateTime::parse(issued_at, time::Format::Rfc3339) let issued_at = OffsetDateTime::parse(issued_at, &Rfc3339)
.map(|odt| odt.to_offset(time::UtcOffset::UTC)) .map(|odt| odt.to_offset(time::UtcOffset::UTC))
.map_err(|e| { .map_err(|e| {
admin_error!( admin_error!(
@ -613,7 +623,7 @@ impl ValueSetOauth2Session {
let expiry = expiry let expiry = expiry
.as_ref() .as_ref()
.map(|e_inner| { .map(|e_inner| {
OffsetDateTime::parse(e_inner, time::Format::Rfc3339) OffsetDateTime::parse(e_inner, &Rfc3339)
.map(|odt| odt.to_offset(time::UtcOffset::UTC)) .map(|odt| odt.to_offset(time::UtcOffset::UTC))
// We now have an // We now have an
// Option<Result<ODT, _>> // Option<Result<ODT, _>>
@ -765,11 +775,16 @@ impl ValueSetT for ValueSetOauth2Session {
parent: m.parent, parent: m.parent,
expiry: m.expiry.map(|odt| { expiry: m.expiry.map(|odt| {
debug_assert!(odt.offset() == time::UtcOffset::UTC); debug_assert!(odt.offset() == time::UtcOffset::UTC);
odt.format(time::Format::Rfc3339) #[allow(clippy::expect_used)]
odt.format(&Rfc3339)
.expect("Failed to format timestamp as RFC3339")
}), }),
issued_at: { issued_at: {
debug_assert!(m.issued_at.offset() == time::UtcOffset::UTC); debug_assert!(m.issued_at.offset() == time::UtcOffset::UTC);
m.issued_at.format(time::Format::Rfc3339) #[allow(clippy::expect_used)]
m.issued_at
.format(&Rfc3339)
.expect("Failed to format timestamp as RFC3339")
}, },
rs_uuid: m.rs_uuid, rs_uuid: m.rs_uuid,
}) })
@ -787,11 +802,16 @@ impl ValueSetT for ValueSetOauth2Session {
parent: m.parent, parent: m.parent,
expiry: m.expiry.map(|odt| { expiry: m.expiry.map(|odt| {
debug_assert!(odt.offset() == time::UtcOffset::UTC); debug_assert!(odt.offset() == time::UtcOffset::UTC);
odt.format(time::Format::Rfc3339) #[allow(clippy::expect_used)]
odt.format(&Rfc3339)
.expect("Failed to format timestamp into RFC3339")
}), }),
issued_at: { issued_at: {
debug_assert!(m.issued_at.offset() == time::UtcOffset::UTC); debug_assert!(m.issued_at.offset() == time::UtcOffset::UTC);
m.issued_at.format(time::Format::Rfc3339) #[allow(clippy::expect_used)]
m.issued_at
.format(&Rfc3339)
.expect("Failed to format timestamp into RFC3339")
}, },
rs_uuid: m.rs_uuid, rs_uuid: m.rs_uuid,
}) })
@ -879,7 +899,7 @@ impl ValueSetApiToken {
scope, scope,
} => { } => {
// Convert things. // Convert things.
let issued_at = OffsetDateTime::parse(issued_at, time::Format::Rfc3339) let issued_at = OffsetDateTime::parse(&issued_at, &Rfc3339)
.map(|odt| odt.to_offset(time::UtcOffset::UTC)) .map(|odt| odt.to_offset(time::UtcOffset::UTC))
.map_err(|e| { .map_err(|e| {
admin_error!( admin_error!(
@ -896,7 +916,7 @@ impl ValueSetApiToken {
// here. // here.
let expiry = expiry let expiry = expiry
.map(|e_inner| { .map(|e_inner| {
OffsetDateTime::parse(e_inner, time::Format::Rfc3339) OffsetDateTime::parse(&e_inner, &Rfc3339)
.map(|odt| odt.to_offset(time::UtcOffset::UTC)) .map(|odt| odt.to_offset(time::UtcOffset::UTC))
// We now have an // We now have an
// Option<Result<ODT, _>> // Option<Result<ODT, _>>
@ -955,7 +975,7 @@ impl ValueSetApiToken {
scope, scope,
}| { }| {
// Convert things. // Convert things.
let issued_at = OffsetDateTime::parse(issued_at, time::Format::Rfc3339) let issued_at = OffsetDateTime::parse(issued_at, &Rfc3339)
.map(|odt| odt.to_offset(time::UtcOffset::UTC)) .map(|odt| odt.to_offset(time::UtcOffset::UTC))
.map_err(|e| { .map_err(|e| {
admin_error!( admin_error!(
@ -973,7 +993,7 @@ impl ValueSetApiToken {
let expiry = expiry let expiry = expiry
.as_ref() .as_ref()
.map(|e_inner| { .map(|e_inner| {
OffsetDateTime::parse(e_inner, time::Format::Rfc3339) OffsetDateTime::parse(e_inner, &Rfc3339)
.map(|odt| odt.to_offset(time::UtcOffset::UTC)) .map(|odt| odt.to_offset(time::UtcOffset::UTC))
// We now have an // We now have an
// Option<Result<ODT, _>> // Option<Result<ODT, _>>
@ -1109,11 +1129,16 @@ impl ValueSetT for ValueSetApiToken {
label: m.label.clone(), label: m.label.clone(),
expiry: m.expiry.map(|odt| { expiry: m.expiry.map(|odt| {
debug_assert!(odt.offset() == time::UtcOffset::UTC); debug_assert!(odt.offset() == time::UtcOffset::UTC);
odt.format(time::Format::Rfc3339) #[allow(clippy::expect_used)]
odt.format(&Rfc3339)
.expect("Failed to format timestamp into RFC3339")
}), }),
issued_at: { issued_at: {
debug_assert!(m.issued_at.offset() == time::UtcOffset::UTC); debug_assert!(m.issued_at.offset() == time::UtcOffset::UTC);
m.issued_at.format(time::Format::Rfc3339) #[allow(clippy::expect_used)]
m.issued_at
.format(&Rfc3339)
.expect("Failed to format timestamp into RFC3339")
}, },
issued_by: match m.issued_by { issued_by: match m.issued_by {
IdentityId::Internal => DbValueIdentityId::V1Internal, IdentityId::Internal => DbValueIdentityId::V1Internal,
@ -1140,11 +1165,17 @@ impl ValueSetT for ValueSetApiToken {
label: m.label.clone(), label: m.label.clone(),
expiry: m.expiry.map(|odt| { expiry: m.expiry.map(|odt| {
debug_assert!(odt.offset() == time::UtcOffset::UTC); debug_assert!(odt.offset() == time::UtcOffset::UTC);
odt.format(time::Format::Rfc3339) #[allow(clippy::expect_used)]
odt.format(&Rfc3339)
.expect("Failed to format timestamp into RFC3339")
}), }),
issued_at: { issued_at: {
debug_assert!(m.issued_at.offset() == time::UtcOffset::UTC); debug_assert!(m.issued_at.offset() == time::UtcOffset::UTC);
m.issued_at.format(time::Format::Rfc3339)
#[allow(clippy::expect_used)]
m.issued_at
.format(&Rfc3339)
.expect("Failed to format timestamp into RFC3339")
}, },
issued_by: match m.issued_by { issued_by: match m.issued_by {
IdentityId::Internal => ReplIdentityIdV1::Internal, IdentityId::Internal => ReplIdentityIdV1::Internal,

2
server/web_ui/Cargo.toml
View file

@ -47,7 +47,7 @@ url = { workspace = true }
uuid = { workspace = true } uuid = { workspace = true }
yew = { workspace = true, features = ["csr"] } yew = { workspace = true, features = ["csr"] }
yew-router = { workspace = true } yew-router = { workspace = true }
time.workspace = true time = { workspace = true }
[dependencies.web-sys] [dependencies.web-sys]

586
server/web_ui/pkg/kanidmd_web_ui.js
View file

File diff suppressed because it is too large Load diff

BIN
server/web_ui/pkg/kanidmd_web_ui_bg.wasm
View file

Binary file not shown.

6
server/web_ui/pkg/package.json
View file

@ -5,7 +5,7 @@
"James Hodgkinson <james@terminaloutcomes.com>" "James Hodgkinson <james@terminaloutcomes.com>"
], ],
"description": "Kanidm Server Web User Interface", "description": "Kanidm Server Web User Interface",
"version": "1.1.0-alpha.12", "version": "1.1.0-beta.13",
"license": "MPL-2.0", "license": "MPL-2.0",
"repository": { "repository": {
"type": "git", "type": "git",
@ -18,5 +18,7 @@
], ],
"module": "kanidmd_web_ui.js", "module": "kanidmd_web_ui.js",
"homepage": "https://github.com/kanidm/kanidm/", "homepage": "https://github.com/kanidm/kanidm/",
"sideEffects": false "sideEffects": [
"./snippets/*"
]
} }

3
server/web_ui/src/views/security.rs
View file

@ -1,6 +1,7 @@
#[cfg(debug_assertions)] #[cfg(debug_assertions)]
use gloo::console; use gloo::console;
use kanidm_proto::v1::{CUSessionToken, CUStatus, UiHint}; use kanidm_proto::v1::{CUSessionToken, CUStatus, UiHint};
use time::format_description::well_known::Rfc3339;
use wasm_bindgen::{JsCast, UnwrapThrowExt}; use wasm_bindgen::{JsCast, UnwrapThrowExt};
use wasm_bindgen_futures::JsFuture; use wasm_bindgen_futures::JsFuture;
use web_sys::{Request, RequestCredentials, RequestInit, RequestMode, Response}; use web_sys::{Request, RequestCredentials, RequestInit, RequestMode, Response};
@ -130,7 +131,7 @@ impl Component for SecurityApp {
let isotime: String = jsdate.to_iso_string().into(); let isotime: String = jsdate.to_iso_string().into();
// TODO: Actually check the time of expiry on the uat and have a timer set that // TODO: Actually check the time of expiry on the uat and have a timer set that
// re-locks things nicely. // re-locks things nicely.
let time = time::OffsetDateTime::parse(isotime, time::Format::Rfc3339) let time = time::OffsetDateTime::parse(&isotime, &Rfc3339)
.map(|odt| odt + time::Duration::new(60, 0)) .map(|odt| odt + time::Duration::new(60, 0))
.expect_throw("Unable to process time stamp"); .expect_throw("Unable to process time stamp");

23
tools/cli/src/cli/person.rs
View file

@ -12,6 +12,7 @@ use kanidm_proto::v1::{CUIntentToken, CURegState, CUSessionToken, CUStatus, Totp
use kanidm_proto::v1::{CredentialDetail, CredentialDetailType}; use kanidm_proto::v1::{CredentialDetail, CredentialDetailType};
use qrcode::render::unicode; use qrcode::render::unicode;
use qrcode::QrCode; use qrcode::QrCode;
use time::format_description::well_known::Rfc3339;
use time::OffsetDateTime; use time::OffsetDateTime;
use url::Url; use url::Url;
use uuid::Uuid; use uuid::Uuid;
@ -370,13 +371,14 @@ impl PersonOpt {
if let Some(t) = vf { if let Some(t) = vf {
// Convert the time to local timezone. // Convert the time to local timezone.
let t = OffsetDateTime::parse(&t[0], time::Format::Rfc3339) let t = OffsetDateTime::parse(&t[0], &Rfc3339)
.map(|odt| { .map(|odt| {
odt.to_offset( odt.to_offset(
time::UtcOffset::try_current_local_offset() time::UtcOffset::local_offset_at(OffsetDateTime::UNIX_EPOCH)
.unwrap_or(time::UtcOffset::UTC), .unwrap_or(time::UtcOffset::UTC),
) )
.format(time::Format::Rfc3339) .format(&Rfc3339)
.unwrap_or(odt.to_string())
}) })
.unwrap_or_else(|_| "invalid timestamp".to_string()); .unwrap_or_else(|_| "invalid timestamp".to_string());
@ -386,13 +388,14 @@ impl PersonOpt {
} }
if let Some(t) = ex { if let Some(t) = ex {
let t = OffsetDateTime::parse(&t[0], time::Format::Rfc3339) let t = OffsetDateTime::parse(&t[0], &Rfc3339)
.map(|odt| { .map(|odt| {
odt.to_offset( odt.to_offset(
time::UtcOffset::try_current_local_offset() time::UtcOffset::local_offset_at(OffsetDateTime::UNIX_EPOCH)
.unwrap_or(time::UtcOffset::UTC), .unwrap_or(time::UtcOffset::UTC),
) )
.format(time::Format::Rfc3339) .format(&Rfc3339)
.unwrap_or(odt.to_string())
}) })
.unwrap_or_else(|_| "invalid timestamp".to_string()); .unwrap_or_else(|_| "invalid timestamp".to_string());
println!("expire: {}", t); println!("expire: {}", t);
@ -415,9 +418,7 @@ impl PersonOpt {
_ => println!("Success"), _ => println!("Success"),
} }
} else { } else {
if let Err(e) = if let Err(e) = OffsetDateTime::parse(ano.datetime.as_str(), &Rfc3339) {
OffsetDateTime::parse(ano.datetime.as_str(), time::Format::Rfc3339)
{
error!("Error -> {:?}", e); error!("Error -> {:?}", e);
return; return;
} }
@ -451,9 +452,7 @@ impl PersonOpt {
} }
} else { } else {
// Attempt to parse and set // Attempt to parse and set
if let Err(e) = if let Err(e) = OffsetDateTime::parse(ano.datetime.as_str(), &Rfc3339) {
OffsetDateTime::parse(ano.datetime.as_str(), time::Format::Rfc3339)
{
error!("Error -> {:?}", e); error!("Error -> {:?}", e);
return; return;
} }

34
tools/cli/src/cli/serviceaccount.rs
View file

@ -6,6 +6,7 @@ use crate::{
AccountSsh, AccountUserAuthToken, AccountValidity, ServiceAccountApiToken, AccountSsh, AccountUserAuthToken, AccountValidity, ServiceAccountApiToken,
ServiceAccountCredential, ServiceAccountOpt, ServiceAccountPosix, ServiceAccountCredential, ServiceAccountOpt, ServiceAccountPosix,
}; };
use time::format_description::well_known::Rfc3339;
impl ServiceAccountOpt { impl ServiceAccountOpt {
pub fn debug(&self) -> bool { pub fn debug(&self) -> bool {
@ -108,9 +109,9 @@ impl ServiceAccountOpt {
} => { } => {
let expiry_odt = if let Some(t) = expiry { let expiry_odt = if let Some(t) = expiry {
// Convert the time to local timezone. // Convert the time to local timezone.
match OffsetDateTime::parse(t, time::Format::Rfc3339).map(|odt| { match OffsetDateTime::parse(t, &Rfc3339).map(|odt| {
odt.to_offset( odt.to_offset(
time::UtcOffset::try_current_local_offset() time::UtcOffset::local_offset_at(OffsetDateTime::UNIX_EPOCH)
.unwrap_or(time::UtcOffset::UTC), .unwrap_or(time::UtcOffset::UTC),
) )
}) { }) {
@ -145,7 +146,10 @@ impl ServiceAccountOpt {
action: "api-token generate".to_string(), action: "api-token generate".to_string(),
result: new_token, result: new_token,
status: kanidm_proto::messages::MessageStatus::Success, status: kanidm_proto::messages::MessageStatus::Success,
src_user: copt.username.clone().unwrap(), src_user: copt
.username
.clone()
.unwrap_or("<unknown username>".to_string()),
dest_user: aopts.account_id.clone(), dest_user: aopts.account_id.clone(),
}; };
println!("{}", message); println!("{}", message);
@ -395,13 +399,14 @@ impl ServiceAccountOpt {
if let Some(t) = vf { if let Some(t) = vf {
// Convert the time to local timezone. // Convert the time to local timezone.
let t = OffsetDateTime::parse(&t[0], time::Format::Rfc3339) let t = OffsetDateTime::parse(&t[0], &Rfc3339)
.map(|odt| { .map(|odt| {
odt.to_offset( odt.to_offset(
time::UtcOffset::try_current_local_offset() time::UtcOffset::local_offset_at(OffsetDateTime::UNIX_EPOCH)
.unwrap_or(time::UtcOffset::UTC), .unwrap_or(time::UtcOffset::UTC),
) )
.format(time::Format::Rfc3339) .format(&Rfc3339)
.unwrap_or(odt.to_string())
}) })
.unwrap_or_else(|_| "invalid timestamp".to_string()); .unwrap_or_else(|_| "invalid timestamp".to_string());
@ -411,16 +416,17 @@ impl ServiceAccountOpt {
} }
if let Some(t) = ex { if let Some(t) = ex {
let t = OffsetDateTime::parse(&t[0], time::Format::Rfc3339) let t = OffsetDateTime::parse(&t[0], &Rfc3339)
.map(|odt| { .map(|odt| {
odt.to_offset( odt.to_offset(
time::UtcOffset::try_current_local_offset() time::UtcOffset::local_offset_at(OffsetDateTime::UNIX_EPOCH)
.unwrap_or(time::UtcOffset::UTC), .unwrap_or(time::UtcOffset::UTC),
) )
.format(time::Format::Rfc3339) .format(&Rfc3339)
.unwrap_or(odt.to_string())
}) })
.unwrap_or_else(|_| "invalid timestamp".to_string()); .unwrap_or_else(|_| "invalid timestamp".to_string());
println!("expire: {}", t); println!("expire: {:?}", t);
} else { } else {
println!("expire: never"); println!("expire: never");
} }
@ -440,9 +446,7 @@ impl ServiceAccountOpt {
_ => println!("Success"), _ => println!("Success"),
} }
} else { } else {
if let Err(e) = if let Err(e) = OffsetDateTime::parse(ano.datetime.as_str(), &Rfc3339) {
OffsetDateTime::parse(ano.datetime.as_str(), time::Format::Rfc3339)
{
error!("Error -> {:?}", e); error!("Error -> {:?}", e);
return; return;
} }
@ -476,9 +480,7 @@ impl ServiceAccountOpt {
} }
} else { } else {
// Attempt to parse and set // Attempt to parse and set
if let Err(e) = if let Err(e) = OffsetDateTime::parse(ano.datetime.as_str(), &Rfc3339) {
OffsetDateTime::parse(ano.datetime.as_str(), time::Format::Rfc3339)
{
error!("Error -> {:?}", e); error!("Error -> {:?}", e);
return; return;
} }