Add AuthCtx to ReducerContext for rust #3288
Conversation
| /// Check the size of the jwt associated with the given connection. | ||
| /// Returns 0 if there is no jwt for the connection. | ||
| pub fn jwt_len(connection_id_ptr: *const u8, out_ptr: *mut u32); | ||
|
|
||
| /// Write the jwt payload for the given connection id to the out_ptr. | ||
| /// target_ptr_len will be set to the number of bytes written to the buffer. | ||
| /// If the buffer is too small, or the connection has no jwt, target_ptr_len will be set to 0. | ||
| pub fn get_jwt(connection_id_ptr: *const u8, target_ptr: *mut u8, target_ptr_len: *mut u32); |
There was a problem hiding this comment.
I am surprised that we don't have get_jwt return a BytesSource which we then call bytes_source_read from. I would prefer not to proliferate read-like host functions. This would require amending bytes_source_read to support BytesSources other than CALL_REDUCER_ARGS_SOURCE, and probably also adding bytes_source_len, but that seems like valuable work that will need to get done at some point anyways. Notably I will need to do this when I implement HTTP requests in procedures in order to return the response. Because I'm going to be doing it anyways, I could write a patch tomorrow which makes the necessary extensions to bytes_source_read.
There was a problem hiding this comment.
I opened #3294 to support this.
| let Some(jwt_len) = jwt_length(connection_id) else { | ||
| return None; // No JWT found. | ||
| }; |
There was a problem hiding this comment.
| let Some(jwt_len) = jwt_length(connection_id) else { | |
| return None; // No JWT found. | |
| }; | |
| let jwt_len = jwt_length(connection_id)?; |
| "spacetime_10.0"::get_jwt, | ||
| "spacetime_10.0"::jwt_len, |
There was a problem hiding this comment.
These should be in a new ABI version and module, spacetime_11.0. See comment in bindings_sys/src/lib.rs around line 20.
There was a problem hiding this comment.
Ah, looks like this should be spacetime_10.1, actually.
There was a problem hiding this comment.
See #3294 for an example of adding a new host function with a new minor version. These can all go in 10.1 so long as we don't cut a release in between the two PRs.
Description of Changes
This exposes client credentials in reducer calls for rust.
API and ABI breaking changes
API Changes:
The main API change is the addition of
AuthCtxand thesender_authinReducerContext.ABI Changes:
This adds two new functions
jwt_lenandget_jwt. These usest_connection_credentialsto look up the credentials associated with a connection id.jwt_lencan be used to figure out the size of the payload, so thatget_jwtcan provide a large enough buffer.TODO: I assume I need to bump the ABI version in this PR.
Expected complexity level and risk
Testing
I've done some manual testing with modified versions of the quickstart. We should add some examples that use the new API.