Async Style Validation Question

[kulak]

Hi,

I implemented delegation of JWT authentication in middleware. During implementation I run into problem of trying to use async Hyper HTTPS client. I was unable to await inside validate function.

https://github.com/kulak/axum-middleware/blob/1d90fc8ea51d27aeab86808b65728370081c225f/src/jwt_auth_delegate.rs#L72

I suspect my current implementation blocks on Async task implementation and that's bad.

I am new to RUST, so I would like to know a better way compared to what I did.

If I recall correctly, my initial implementation used futures::executor::block_on but it simply blocked application execution forever. Additional research in this direction indicated that's not a good idea.

I was considering that tower level middleware might be a better fit, but I am not sure I would not run into the same problem there either. The starting point would be similar to this:

tower-http/tower-http/src/validate_request.rs

Line 227 in e8eb549

impl<ReqBody, ResBody, S, V> Service<Request<ReqBody>> for ValidateRequestHeader<S, V>

[kulak]

I think I found answer in existing code in https://docs.rs/tower-http/latest/tower_http/auth/async_require_authorization/index.html

[kulak]

When I tried using AsyncRequireAuthorizationLayer, I can't figure out how to use it with route. I am starting to think it is meant to be used for http client calls and not for the server side.

I can't seem to adapt this part of documentation in tower-http/src/auth/async_require_authorization.rs file to use route:

//! # #[tokio::main]
//! # async fn main() -> Result<(), Box<dyn std::error::Error>> {
//! let service = ServiceBuilder::new()
//!     // Authorize requests using `MyAuth`
//!     .layer(AsyncRequireAuthorizationLayer::new(MyAuth))
//!     .service_fn(handle);
//! # Ok(())
//! # }

[kulak]

well, the complexity of framework type system is killing me.

The best I was able to get is utilization of tower_http::auth::AsyncRequireAuthorizationLayer, but I failed to figure out how to use it with router methods like GET and POST.

The best I was able to do is to attach it to service route:

https://github.com/kulak/axum-middleware/blob/AsyncAuthorizeRequest/examples/jwt-auth-delegate/src/main.rs

[jplatte]

If you are using axum, I would recommend using middleware::from_fn instead of AsyncRequireAuthorizationLayer. The axum function is much more generic, but it really doesn't require much boilerplate to achieve the same. (check auth, on success call the inner service, on failure return an error response)

[kulak]

Thanks. I was about to give up.

I really hope RUST gets async Traits, so things are not so complicated.