taler-rust

config.rs (3357B)

---

 /*
   This file is part of TALER
   Copyright (C) 2025, 2026 Taler Systems SA
 
   TALER is free software; you can redistribute it and/or modify it under the
   terms of the GNU Affero General Public License as published by the Free Software
   Foundation; either version 3, or (at your option) any later version.
 
   TALER is distributed in the hope that it will be useful, but WITHOUT ANY
   WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
   A PARTICULAR PURPOSE.  See the GNU Affero General Public License for more details.
 
   You should have received a copy of the GNU Affero General Public License along with
   TALER; see the file COPYING.  If not, see <http://www.gnu.org/licenses/>
 */
 
 use std::net::{IpAddr, SocketAddr};
 
 use sqlx::postgres::PgConnectOptions;
 use taler_common::{
     config::{Section, ValueErr},
     encoding::base64,
     map_config,
 };
 
 use crate::{Serve, auth::AuthMethod};
 
 /// Basic database config
 #[derive(Debug)]
 pub struct DbCfg {
     pub cfg: PgConnectOptions,
     pub sql_dir: String,
 }
 
 impl DbCfg {
     pub fn parse(s: Section) -> Result<Self, ValueErr> {
         Ok(Self {
             cfg: s.postgres("CONFIG").require()?,
             sql_dir: s.path("SQL_DIR").require()?,
         })
     }
 }
 
 pub enum AuthCfg {
     None,
     Bearer(String),
     Basic { username: String, password: String },
 }
 
 impl AuthCfg {
     pub fn parse(s: &Section) -> Result<Self, ValueErr> {
         map_config!(s, "auth_method", "AUTH_METHOD",
             "none" => { AuthCfg::None },
             "basic" => {
                 AuthCfg::Basic {
                      username: s.str("USERNAME").require()?,
                      password: s.str("PASSWORD").require()?
                 }
             },
             "bearer" => {
                 if let Some(token) = s.str("AUTH_TOKEN").opt()? {
                     AuthCfg::Bearer(token)
                 } else {
                     AuthCfg::Bearer(s.str("TOKEN").require()?)
                 }
             }
         )
         .require()
     }
 
     pub fn method(&self) -> AuthMethod {
         match self {
             AuthCfg::None => AuthMethod::None,
             AuthCfg::Bearer(token) => AuthMethod::Bearer(token.clone()),
             AuthCfg::Basic { username, password } => {
                 AuthMethod::Basic(base64::encode(format!("{username}:{password}").as_bytes()))
             }
         }
     }
 }
 
 /// Basic api config
 pub struct ApiCfg {
     pub auth: AuthCfg,
 }
 
 impl ApiCfg {
     pub fn parse(s: Section) -> Result<Option<Self>, ValueErr> {
         Ok(if s.boolean("ENABLED").require()? {
             Some(Self {
                 auth: AuthCfg::parse(&s)?,
             })
         } else {
             None
         })
     }
 }
 
 impl Serve {
     pub fn parse(s: &Section) -> Result<Self, ValueErr> {
         map_config!(s, "serve", "SERVE",
             "tcp" => {
                 let port = s.number("PORT").require()?;
                 let ip: IpAddr = s.parse("IP addr", "BIND_TO").require()?;
                 Serve::Tcp(SocketAddr::new(ip, port))
             },
             "unix" => {
                 let path = s.path("UNIXPATH").require()?;
                 let permission = s.unix_mode("UNIXPATH_MODE").require()?;
                 Serve::Unix { path, permission }
             },
             "systemd" => { Serve::Systemd }
         )
         .require()
     }
 }