Wrap app tokens and password of User in secret type

2025-12-13 22:52:22 +00:00 · 2025-04-16 16:30:45 +02:00
parent 9bff8c228d
commit ed84fb894f
4 changed files with 21 additions and 5 deletions
--- a/crates/store/src/auth/toml_user_store.rs
+++ b/crates/store/src/auth/toml_user_store.rs
@@ -89,7 +89,7 @@ impl AuthenticationProvider for TomlPrincipalStore {
            None => return Ok(None),
        };

-        if password_auth::verify_password(password_input, password).is_ok() {
+        if password_auth::verify_password(password_input, password.as_ref()).is_ok() {
            return Ok(Some(user));
        }
        Ok(None)
@@ -102,7 +102,7 @@ impl AuthenticationProvider for TomlPrincipalStore {
        };

        for app_token in &user.app_tokens {
-            if password_auth::verify_password(token, &app_token.token).is_ok() {
+            if password_auth::verify_password(token, app_token.token.as_ref()).is_ok() {
                return Ok(Some(user));
            }
        }
@@ -135,7 +135,7 @@ impl AuthenticationProvider for TomlPrincipalStore {
                .to_string();
            principal.app_tokens.push(AppToken {
                name,
-                token: token_hash,
+                token: token_hash.into(),
                created_at: Some(chrono::Utc::now()),
                id: id.clone(),
            });
--- a/crates/store/src/auth/user.rs
+++ b/crates/store/src/auth/user.rs
@@ -9,6 +9,8 @@ use rustical_xml::ValueSerialize;
 use serde::{Deserialize, Serialize};
 use std::future::{Ready, ready};

+use crate::Secret;
+
 /// https://datatracker.ietf.org/doc/html/rfc5545#section-3.2.3
 #[derive(Debug, Clone, Deserialize, Serialize, Default, PartialEq)]
 #[serde(rename_all = "lowercase")]
@@ -39,7 +41,7 @@ impl ValueSerialize for PrincipalType {
 pub struct AppToken {
    pub id: String,
    pub name: String,
-    pub token: String,
+    pub token: Secret<String>,
    pub created_at: Option<DateTime<Utc>>,
 }

@@ -51,7 +53,7 @@ pub struct User {
    pub displayname: Option<String>,
    #[serde(default)]
    pub principal_type: PrincipalType,
-    pub password: Option<String>,
+    pub password: Option<Secret<String>>,
    #[serde(default)]
    pub app_tokens: Vec<AppToken>,
    #[serde(default)]
--- a/crates/store/src/lib.rs
+++ b/crates/store/src/lib.rs
@@ -6,12 +6,14 @@ pub use error::Error;
 pub mod auth;
 pub mod calendar;
 mod contact_birthday_store;
+mod secret;
 mod subscription_store;
 pub mod synctoken;

 pub use addressbook_store::AddressbookStore;
 pub use calendar_store::CalendarStore;
 pub use contact_birthday_store::ContactBirthdayStore;
+pub use secret::Secret;
 pub use subscription_store::*;

 pub use addressbook::{AddressObject, Addressbook};
--- a/crates/store/src/secret.rs
+++ b/crates/store/src/secret.rs
@@ -0,0 +1,12 @@
+use derive_more::{AsRef, From};
+use serde::{Deserialize, Serialize};
+
+/// Wrapper type to prevent secrets from accidentally getting leaked into traces
+#[derive(From, Clone, Deserialize, Serialize, AsRef)]
+pub struct Secret<T>(pub T);
+
+impl<T> std::fmt::Debug for Secret<T> {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        f.write_str("Secret")
+    }
+}