microcosm.blue / microcosm-rs
Constellation, Spacedust, Slingshot, UFOs: atproto crates and services for microcosm
fork atom

Compare changes

Choose any two refs to compare.

+59 -861
unified split
+2 -3
Cargo.lock
··· 803 804 [[package]] 805 name = "bytes" 806 - version = "1.10.1" 807 source = "registry+https://github.com/rust-lang/crates.io-index" 808 - checksum = "d71b6127be86fdcfddb610f7182ac57211d4b18a3e9c82eb2d17662f2227ad6a" 809 810 [[package]] 811 name = "byteview" ··· 5965 "form_urlencoded", 5966 "idna", 5967 "percent-encoding", 5968 - "serde", 5969 ] 5970 5971 [[package]]
··· 803 804 [[package]] 805 name = "bytes" 806 + version = "1.11.1" 807 source = "registry+https://github.com/rust-lang/crates.io-index" 808 + checksum = "1e748733b7cbc798e1434b6ac524f0c1ff2ab456fe201501e6497c8417a4fc33" 809 810 [[package]] 811 name = "byteview" ··· 5965 "form_urlencoded", 5966 "idna", 5967 "percent-encoding", 5968 ] 5969 5970 [[package]]
+7 -1
constellation/src/bin/main.rs
··· 45 #[arg(short, long)] 46 #[clap(value_enum, default_value_t = StorageBackend::Memory)] 47 backend: StorageBackend, 48 /// Initiate a database backup into this dir, if supported by the storage 49 #[arg(long)] 50 backup: Option<PathBuf>, ··· 103 MemStorage::new(), 104 fixture, 105 None, 106 stream, 107 bind, 108 metrics_bind, ··· 138 rocks, 139 fixture, 140 args.data, 141 stream, 142 bind, 143 metrics_bind, ··· 159 mut storage: impl LinkStorage, 160 fixture: Option<PathBuf>, 161 data_dir: Option<PathBuf>, 162 stream: String, 163 bind: SocketAddr, 164 metrics_bind: SocketAddr, ··· 211 if collect_metrics { 212 install_metrics_server(metrics_bind)?; 213 } 214 - serve(readable, bind, staying_alive).await 215 }) 216 .unwrap(); 217 stay_alive.drop_guard();
··· 45 #[arg(short, long)] 46 #[clap(value_enum, default_value_t = StorageBackend::Memory)] 47 backend: StorageBackend, 48 + /// Serve a did:web document for this domain 49 + #[arg(long)] 50 + did_web_domain: Option<String>, 51 /// Initiate a database backup into this dir, if supported by the storage 52 #[arg(long)] 53 backup: Option<PathBuf>, ··· 106 MemStorage::new(), 107 fixture, 108 None, 109 + args.did_web_domain, 110 stream, 111 bind, 112 metrics_bind, ··· 142 rocks, 143 fixture, 144 args.data, 145 + args.did_web_domain, 146 stream, 147 bind, 148 metrics_bind, ··· 164 mut storage: impl LinkStorage, 165 fixture: Option<PathBuf>, 166 data_dir: Option<PathBuf>, 167 + did_web_domain: Option<String>, 168 stream: String, 169 bind: SocketAddr, 170 metrics_bind: SocketAddr, ··· 217 if collect_metrics { 218 install_metrics_server(metrics_bind)?; 219 } 220 + serve(readable, bind, did_web_domain, staying_alive).await 221 }) 222 .unwrap(); 223 stay_alive.drop_guard();
+32 -7
constellation/src/server/mod.rs
··· 3 extract::{Query, Request}, 4 http::{self, header}, 5 middleware::{self, Next}, 6 - response::{IntoResponse, Response}, 7 routing::get, 8 Router, 9 }; ··· 37 http::StatusCode::INTERNAL_SERVER_ERROR 38 } 39 40 - pub async fn serve<S, A>(store: S, addr: A, stay_alive: CancellationToken) -> anyhow::Result<()> 41 - where 42 - S: LinkReader, 43 - A: ToSocketAddrs, 44 - { 45 - let app = Router::new() 46 .route("/robots.txt", get(robots)) 47 .route( 48 "/", ··· 204 User-agent: * 205 Disallow: /links 206 Disallow: /links/ 207 " 208 } 209 210 #[derive(Template, Serialize, Deserialize)]
··· 3 extract::{Query, Request}, 4 http::{self, header}, 5 middleware::{self, Next}, 6 + response::{IntoResponse, Json, Response}, 7 routing::get, 8 Router, 9 }; ··· 37 http::StatusCode::INTERNAL_SERVER_ERROR 38 } 39 40 + pub async fn serve<S: LinkReader, A: ToSocketAddrs>( 41 + store: S, 42 + addr: A, 43 + did_web_domain: Option<String>, 44 + stay_alive: CancellationToken, 45 + ) -> anyhow::Result<()> { 46 + let mut app = Router::new(); 47 + 48 + if let Some(d) = did_web_domain { 49 + app = app.route( 50 + "/.well-known/did.json", 51 + get({ 52 + let domain = d.clone(); 53 + move || did_web(domain) 54 + }), 55 + ) 56 + } 57 + 58 + let app = app 59 .route("/robots.txt", get(robots)) 60 .route( 61 "/", ··· 217 User-agent: * 218 Disallow: /links 219 Disallow: /links/ 220 + Disallow: /xrpc/ 221 " 222 + } 223 + 224 + async fn did_web(domain: String) -> impl IntoResponse { 225 + Json(serde_json::json!({ 226 + "id": format!("did:web:{domain}"), 227 + "service": [{ 228 + "id": "#constellation", 229 + "type": "ConstellationGraphService", 230 + "serviceEndpoint": format!("https://{domain}") 231 + }] 232 + })) 233 } 234 235 #[derive(Template, Serialize, Deserialize)]
+1 -1
slingshot/Cargo.toml
··· 28 tokio = { version = "1.47.0", features = ["full"] } 29 tokio-util = "0.7.15" 30 tracing-subscriber = { version = "0.3.19", features = ["env-filter"] } 31 - url = { version = "2.5.4", features = ["serde"] }
··· 28 tokio = { version = "1.47.0", features = ["full"] } 29 tokio-util = "0.7.15" 30 tracing-subscriber = { version = "0.3.19", features = ["env-filter"] } 31 + url = "2.5.4"
-10
slingshot/src/error.rs
··· 91 #[error("upstream non-atproto bad request")] 92 UpstreamBadBadNotGoodRequest(reqwest::Error), 93 } 94 - 95 - #[derive(Debug, Error)] 96 - pub enum ProxyError { 97 - #[error("failed to parse path: {0}")] 98 - PathParseError(String), 99 - #[error(transparent)] 100 - UrlParseError(#[from] url::ParseError), 101 - #[error(transparent)] 102 - ReqwestError(#[from] reqwest::Error), 103 - }
··· 91 #[error("upstream non-atproto bad request")] 92 UpstreamBadBadNotGoodRequest(reqwest::Error), 93 }
-2
slingshot/src/lib.rs
··· 3 mod firehose_cache; 4 mod healthcheck; 5 mod identity; 6 - mod proxy; 7 mod record; 8 mod server; 9 ··· 11 pub use firehose_cache::firehose_cache; 12 pub use healthcheck::healthcheck; 13 pub use identity::{Identity, IdentityKey}; 14 - pub use proxy::Proxy; 15 pub use record::{CachedRecord, ErrorResponseObject, Repo}; 16 pub use server::serve;
··· 3 mod firehose_cache; 4 mod healthcheck; 5 mod identity; 6 mod record; 7 mod server; 8 ··· 10 pub use firehose_cache::firehose_cache; 11 pub use healthcheck::healthcheck; 12 pub use identity::{Identity, IdentityKey}; 13 pub use record::{CachedRecord, ErrorResponseObject, Repo}; 14 pub use server::serve;
+3 -4
slingshot/src/main.rs
··· 2 // use foyer::{Engine, DirectFsDeviceOptions, HybridCacheBuilder}; 3 use metrics_exporter_prometheus::PrometheusBuilder; 4 use slingshot::{ 5 - Identity, Proxy, Repo, consume, error::MainTaskError, firehose_cache, healthcheck, serve, 6 }; 7 use std::net::SocketAddr; 8 use std::path::PathBuf; ··· 143 ) 144 .await 145 .map_err(|e| format!("identity setup failed: {e:?}"))?; 146 let identity_refresher = identity.clone(); 147 let identity_shutdown = shutdown.clone(); 148 tasks.spawn(async move { 149 identity_refresher.run_refresher(identity_shutdown).await?; 150 Ok(()) 151 }); 152 - log::info!("identity service ready."); 153 154 let repo = Repo::new(identity.clone()); 155 - let proxy = Proxy::new(repo.clone()); 156 157 let identity_for_server = identity.clone(); 158 let server_shutdown = shutdown.clone(); ··· 163 server_cache_handle, 164 identity_for_server, 165 repo, 166 - proxy, 167 args.acme_domain, 168 args.acme_contact, 169 args.acme_cache_path,
··· 2 // use foyer::{Engine, DirectFsDeviceOptions, HybridCacheBuilder}; 3 use metrics_exporter_prometheus::PrometheusBuilder; 4 use slingshot::{ 5 + Identity, Repo, consume, error::MainTaskError, firehose_cache, healthcheck, serve, 6 }; 7 use std::net::SocketAddr; 8 use std::path::PathBuf; ··· 143 ) 144 .await 145 .map_err(|e| format!("identity setup failed: {e:?}"))?; 146 + 147 + log::info!("identity service ready."); 148 let identity_refresher = identity.clone(); 149 let identity_shutdown = shutdown.clone(); 150 tasks.spawn(async move { 151 identity_refresher.run_refresher(identity_shutdown).await?; 152 Ok(()) 153 }); 154 155 let repo = Repo::new(identity.clone()); 156 157 let identity_for_server = identity.clone(); 158 let server_shutdown = shutdown.clone(); ··· 163 server_cache_handle, 164 identity_for_server, 165 repo, 166 args.acme_domain, 167 args.acme_contact, 168 args.acme_cache_path,
-505
slingshot/src/proxy.rs
··· 1 - use serde::Deserialize; 2 - use url::Url; 3 - use std::{collections::HashMap, time::Duration}; 4 - use crate::{Repo, server::HydrationSource, error::ProxyError}; 5 - use reqwest::Client; 6 - use serde_json::{Map, Value}; 7 - 8 - pub enum ParamValue { 9 - String(Vec<String>), 10 - Int(Vec<i64>), 11 - Bool(Vec<bool>), 12 - } 13 - pub struct Params(HashMap<String, ParamValue>); 14 - 15 - impl TryFrom<Map<String, Value>> for Params { 16 - type Error = (); // TODO 17 - fn try_from(val: Map<String, Value>) -> Result<Self, Self::Error> { 18 - let mut out = HashMap::new(); 19 - for (k, v) in val { 20 - match v { 21 - Value::String(s) => out.insert(k, ParamValue::String(vec![s])), 22 - Value::Bool(b) => out.insert(k, ParamValue::Bool(vec![b])), 23 - Value::Number(n) => { 24 - let Some(i) = n.as_i64() else { 25 - return Err(()); 26 - }; 27 - out.insert(k, ParamValue::Int(vec![i])) 28 - } 29 - Value::Array(a) => { 30 - let Some(first) = a.first() else { 31 - continue; 32 - }; 33 - if first.is_string() { 34 - let mut vals = Vec::with_capacity(a.len()); 35 - for v in a { 36 - let Some(v) = v.as_str() else { 37 - return Err(()); 38 - }; 39 - vals.push(v.to_string()); 40 - } 41 - out.insert(k, ParamValue::String(vals)); 42 - } else if first.is_i64() { 43 - let mut vals = Vec::with_capacity(a.len()); 44 - for v in a { 45 - let Some(v) = v.as_i64() else { 46 - return Err(()); 47 - }; 48 - vals.push(v); 49 - } 50 - out.insert(k, ParamValue::Int(vals)); 51 - } else if first.is_boolean() { 52 - let mut vals = Vec::with_capacity(a.len()); 53 - for v in a { 54 - let Some(v) = v.as_bool() else { 55 - return Err(()); 56 - }; 57 - vals.push(v); 58 - } 59 - out.insert(k, ParamValue::Bool(vals)); 60 - } 61 - todo!(); 62 - } 63 - _ => return Err(()), 64 - }; 65 - } 66 - 67 - Ok(Self(out)) 68 - } 69 - } 70 - 71 - #[derive(Clone)] 72 - pub struct Proxy { 73 - repo: Repo, 74 - client: Client, 75 - } 76 - 77 - impl Proxy { 78 - pub fn new(repo: Repo) -> Self { 79 - let client = Client::builder() 80 - .user_agent(format!( 81 - "microcosm slingshot v{} (contact: @bad-example.com)", 82 - env!("CARGO_PKG_VERSION") 83 - )) 84 - .no_proxy() 85 - .timeout(Duration::from_secs(6)) 86 - .build() 87 - .unwrap(); 88 - Self { repo, client } 89 - } 90 - 91 - pub async fn proxy( 92 - &self, 93 - xrpc: String, 94 - service: String, 95 - params: Option<Map<String, Value>>, 96 - ) -> Result<Value, ProxyError> { 97 - 98 - // hackin it to start 99 - 100 - // 1. assume did-web (TODO) and get the did doc 101 - #[derive(Debug, Deserialize)] 102 - struct ServiceDoc { 103 - id: String, 104 - service: Vec<ServiceItem>, 105 - } 106 - #[derive(Debug, Deserialize)] 107 - struct ServiceItem { 108 - id: String, 109 - #[expect(unused)] 110 - r#type: String, 111 - #[serde(rename = "serviceEndpoint")] 112 - service_endpoint: Url, 113 - } 114 - let dw = service.strip_prefix("did:web:").expect("a did web"); 115 - let (dw, service_id) = dw.split_once("#").expect("whatever"); 116 - let mut dw_url = Url::parse(&format!("https://{dw}"))?; 117 - dw_url.set_path("/.well-known/did.json"); 118 - let doc: ServiceDoc = self.client 119 - .get(dw_url) 120 - .send() 121 - .await? 122 - .error_for_status()? 123 - .json() 124 - .await?; 125 - 126 - assert_eq!(doc.id, format!("did:web:{}", dw)); 127 - 128 - let mut upstream = None; 129 - for ServiceItem { id, service_endpoint, .. } in doc.service { 130 - let Some((_, id)) = id.split_once("#") else { continue; }; 131 - if id != service_id { continue; }; 132 - upstream = Some(service_endpoint); 133 - break; 134 - } 135 - 136 - // 2. proxy the request forward 137 - let mut upstream = upstream.expect("to find it"); 138 - upstream.set_path(&format!("/xrpc/{xrpc}")); // TODO: validate nsid 139 - 140 - if let Some(params) = params { 141 - let mut query = upstream.query_pairs_mut(); 142 - let Params(ps) = params.try_into().expect("valid params"); 143 - for (k, pvs) in ps { 144 - match pvs { 145 - ParamValue::String(s) => { 146 - for s in s { 147 - query.append_pair(&k, &s); 148 - } 149 - } 150 - ParamValue::Int(i) => { 151 - for i in i { 152 - query.append_pair(&k, &i.to_string()); 153 - } 154 - } 155 - ParamValue::Bool(b) => { 156 - for b in b { 157 - query.append_pair(&k, &b.to_string()); 158 - } 159 - } 160 - } 161 - } 162 - } 163 - 164 - // TODO: other headers to proxy 165 - Ok(self.client 166 - .get(upstream) 167 - .send() 168 - .await? 169 - .error_for_status()? 170 - .json() 171 - .await?) 172 - } 173 - } 174 - 175 - #[derive(Debug, PartialEq)] 176 - pub enum PathPart { 177 - Scalar(String), 178 - Vector(String, Option<String>), // key, $type 179 - } 180 - 181 - pub fn parse_record_path(input: &str) -> Result<Vec<PathPart>, String> { 182 - let mut out = Vec::new(); 183 - 184 - let mut key_acc = String::new(); 185 - let mut type_acc = String::new(); 186 - let mut in_bracket = false; 187 - let mut chars = input.chars().enumerate(); 188 - while let Some((i, c)) = chars.next() { 189 - match c { 190 - '[' if in_bracket => return Err(format!("nested opening bracket not allowed, at {i}")), 191 - '[' if key_acc.is_empty() => return Err(format!("missing key before opening bracket, at {i}")), 192 - '[' => in_bracket = true, 193 - ']' if in_bracket => { 194 - in_bracket = false; 195 - let key = std::mem::take(&mut key_acc); 196 - let r#type = std::mem::take(&mut type_acc); 197 - let t = if r#type.is_empty() { None } else { Some(r#type) }; 198 - out.push(PathPart::Vector(key, t)); 199 - // peek ahead because we need a dot after array if there's more and i don't want to add more loop state 200 - let Some((i, c)) = chars.next() else { 201 - break; 202 - }; 203 - if c != '.' { 204 - return Err(format!("expected dot after close bracket, found {c:?} at {i}")); 205 - } 206 - } 207 - ']' => return Err(format!("unexpected close bracket at {i}")), 208 - '.' if in_bracket => type_acc.push(c), 209 - '.' if key_acc.is_empty() => return Err(format!("missing key before next segment, at {i}")), 210 - '.' => { 211 - let key = std::mem::take(&mut key_acc); 212 - assert!(type_acc.is_empty()); 213 - out.push(PathPart::Scalar(key)); 214 - } 215 - _ if in_bracket => type_acc.push(c), 216 - _ => key_acc.push(c), 217 - } 218 - } 219 - if in_bracket { 220 - return Err("unclosed bracket".into()); 221 - } 222 - if !key_acc.is_empty() { 223 - out.push(PathPart::Scalar(key_acc)); 224 - } 225 - Ok(out) 226 - } 227 - 228 - #[derive(Debug, Clone, PartialEq)] 229 - pub enum RefShape { 230 - StrongRef, 231 - AtUri, 232 - AtUriParts, 233 - Did, 234 - Handle, 235 - AtIdentifier, 236 - Blob, 237 - // TODO: blob with type? 238 - } 239 - 240 - impl TryFrom<&str> for RefShape { 241 - type Error = String; 242 - fn try_from(s: &str) -> Result<Self, Self::Error> { 243 - match s { 244 - "strong-ref" => Ok(Self::StrongRef), 245 - "at-uri" => Ok(Self::AtUri), 246 - "at-uri-parts" => Ok(Self::AtUriParts), 247 - "did" => Ok(Self::Did), 248 - "handle" => Ok(Self::Handle), 249 - "at-identifier" => Ok(Self::AtIdentifier), 250 - "blob" => Ok(Self::Blob), 251 - _ => Err(format!("unknown shape: {s}")), 252 - } 253 - } 254 - } 255 - 256 - #[derive(Debug, PartialEq)] 257 - pub enum MatchedRef { 258 - AtUri { 259 - uri: String, 260 - cid: Option<String>, 261 - }, 262 - Identifier(String), 263 - Blob { 264 - link: String, 265 - mime: String, 266 - size: u64, 267 - } 268 - } 269 - 270 - pub fn match_shape(shape: &RefShape, val: &Value) -> Option<MatchedRef> { 271 - // TODO: actually validate at-uri format 272 - // TODO: actually validate everything else also 273 - // TODO: should this function normalize identifiers to DIDs probably? 274 - // or just return at-uri parts so the caller can resolve and reassemble 275 - match shape { 276 - RefShape::StrongRef => { 277 - let o = val.as_object()?; 278 - let uri = o.get("uri")?.as_str()?.to_string(); 279 - let cid = o.get("cid")?.as_str()?.to_string(); 280 - Some(MatchedRef::AtUri { uri, cid: Some(cid) }) 281 - } 282 - RefShape::AtUri => { 283 - let uri = val.as_str()?.to_string(); 284 - Some(MatchedRef::AtUri { uri, cid: None }) 285 - } 286 - RefShape::AtUriParts => { 287 - let o = val.as_object()?; 288 - let identifier = o.get("repo").or(o.get("did"))?.as_str()?.to_string(); 289 - let collection = o.get("collection")?.as_str()?.to_string(); 290 - let rkey = o.get("rkey")?.as_str()?.to_string(); 291 - let uri = format!("at://{identifier}/{collection}/{rkey}"); 292 - let cid = o.get("cid").and_then(|v| v.as_str()).map(str::to_string); 293 - Some(MatchedRef::AtUri { uri, cid }) 294 - } 295 - RefShape::Did => { 296 - let id = val.as_str()?; 297 - if !id.starts_with("did:") { 298 - return None; 299 - } 300 - Some(MatchedRef::Identifier(id.to_string())) 301 - } 302 - RefShape::Handle => { 303 - let id = val.as_str()?; 304 - if id.contains(':') { 305 - return None; 306 - } 307 - Some(MatchedRef::Identifier(id.to_string())) 308 - } 309 - RefShape::AtIdentifier => { 310 - Some(MatchedRef::Identifier(val.as_str()?.to_string())) 311 - } 312 - RefShape::Blob => { 313 - let o = val.as_object()?; 314 - if o.get("$type")? != "blob" { 315 - return None; 316 - } 317 - let link = o.get("ref")?.as_object()?.get("$link")?.as_str()?.to_string(); 318 - let mime = o.get("mimeType")?.as_str()?.to_string(); 319 - let size = o.get("size")?.as_u64()?; 320 - Some(MatchedRef::Blob { link, mime, size }) 321 - } 322 - } 323 - } 324 - 325 - // TODO: send back metadata about the matching 326 - pub fn extract_links( 327 - sources: Vec<HydrationSource>, 328 - skeleton: &Value, 329 - ) -> Result<Vec<MatchedRef>, String> { 330 - // collect early to catch errors from the client 331 - // (TODO maybe the handler should do this and pass in the processed stuff probably definitely yeah) 332 - let sources = sources 333 - .into_iter() 334 - .map(|HydrationSource { path, shape }| { 335 - let path_parts = parse_record_path(&path)?; 336 - let shape: RefShape = shape.as_str().try_into()?; 337 - Ok((path_parts, shape)) 338 - }) 339 - .collect::<Result<Vec<_>, String>>()?; 340 - 341 - // lazy first impl, just re-walk the skeleton as many times as needed 342 - // not deduplicating for now 343 - let mut out = Vec::new(); 344 - for (path_parts, shape) in sources { 345 - for val in PathWalker::new(&path_parts, skeleton) { 346 - if let Some(matched) = match_shape(&shape, val) { 347 - out.push(matched); 348 - } 349 - } 350 - } 351 - 352 - Ok(out) 353 - } 354 - 355 - struct PathWalker<'a> { 356 - todo: Vec<(&'a [PathPart], &'a Value)>, 357 - } 358 - impl<'a> PathWalker<'a> { 359 - fn new(path_parts: &'a [PathPart], skeleton: &'a Value) -> Self { 360 - Self { todo: vec![(path_parts, skeleton)] } 361 - } 362 - } 363 - impl<'a> Iterator for PathWalker<'a> { 364 - type Item = &'a Value; 365 - fn next(&mut self) -> Option<Self::Item> { 366 - loop { 367 - let (parts, val) = self.todo.pop()?; 368 - let Some((part, rest)) = parts.split_first() else { 369 - return Some(val); 370 - }; 371 - let Some(o) = val.as_object() else { 372 - continue; 373 - }; 374 - match part { 375 - PathPart::Scalar(k) => { 376 - let Some(v) = o.get(k) else { 377 - continue; 378 - }; 379 - self.todo.push((rest, v)); 380 - } 381 - PathPart::Vector(k, t) => { 382 - let Some(a) = o.get(k).and_then(|v| v.as_array()) else { 383 - continue; 384 - }; 385 - for v in a 386 - .iter() 387 - .rev() 388 - .filter(|c| { 389 - let Some(t) = t else { return true }; 390 - c 391 - .as_object() 392 - .and_then(|o| o.get("$type")) 393 - .and_then(|v| v.as_str()) 394 - .map(|s| s == t) 395 - .unwrap_or(false) 396 - }) 397 - { 398 - self.todo.push((rest, v)) 399 - } 400 - } 401 - } 402 - } 403 - } 404 - } 405 - 406 - 407 - #[cfg(test)] 408 - mod tests { 409 - use super::*; 410 - use serde_json::json; 411 - 412 - #[test] 413 - fn test_parse_record_path() -> Result<(), Box<dyn std::error::Error>> { 414 - let cases = [ 415 - ("", vec![]), 416 - ("subject", vec![PathPart::Scalar("subject".into())]), 417 - ("authorDid", vec![PathPart::Scalar("authorDid".into())]), 418 - ("subject.uri", vec![PathPart::Scalar("subject".into()), PathPart::Scalar("uri".into())]), 419 - ("members[]", vec![PathPart::Vector("members".into(), None)]), 420 - ("add[].key", vec![ 421 - PathPart::Vector("add".into(), None), 422 - PathPart::Scalar("key".into()), 423 - ]), 424 - ("a[b]", vec![PathPart::Vector("a".into(), Some("b".into()))]), 425 - ("a[b.c]", vec![PathPart::Vector("a".into(), Some("b.c".into()))]), 426 - ("facets[app.bsky.richtext.facet].features[app.bsky.richtext.facet#mention].did", vec![ 427 - PathPart::Vector("facets".into(), Some("app.bsky.richtext.facet".into())), 428 - PathPart::Vector("features".into(), Some("app.bsky.richtext.facet#mention".into())), 429 - PathPart::Scalar("did".into()), 430 - ]), 431 - ]; 432 - 433 - for (path, expected) in cases { 434 - let parsed = parse_record_path(path)?; 435 - assert_eq!(parsed, expected, "path: {path:?}"); 436 - } 437 - 438 - Ok(()) 439 - } 440 - 441 - #[test] 442 - fn test_match_shape() { 443 - let cases = [ 444 - ("strong-ref", json!(""), None), 445 - ("strong-ref", json!({}), None), 446 - ("strong-ref", json!({ "uri": "abc" }), None), 447 - ("strong-ref", json!({ "cid": "def" }), None), 448 - ( 449 - "strong-ref", 450 - json!({ "uri": "abc", "cid": "def" }), 451 - Some(MatchedRef::AtUri { uri: "abc".to_string(), cid: Some("def".to_string()) }), 452 - ), 453 - ("at-uri", json!({ "uri": "abc" }), None), 454 - ("at-uri", json!({ "uri": "abc", "cid": "def" }), None), 455 - ( 456 - "at-uri", 457 - json!("abc"), 458 - Some(MatchedRef::AtUri { uri: "abc".to_string(), cid: None }), 459 - ), 460 - ("at-uri-parts", json!("abc"), None), 461 - ("at-uri-parts", json!({}), None), 462 - ( 463 - "at-uri-parts", 464 - json!({"repo": "a", "collection": "b", "rkey": "c"}), 465 - Some(MatchedRef::AtUri { uri: "at://a/b/c".to_string(), cid: None }), 466 - ), 467 - ( 468 - "at-uri-parts", 469 - json!({"did": "a", "collection": "b", "rkey": "c"}), 470 - Some(MatchedRef::AtUri { uri: "at://a/b/c".to_string(), cid: None }), 471 - ), 472 - ( 473 - "at-uri-parts", 474 - // 'repo' takes precedence over 'did' 475 - json!({"did": "a", "repo": "z", "collection": "b", "rkey": "c"}), 476 - Some(MatchedRef::AtUri { uri: "at://z/b/c".to_string(), cid: None }), 477 - ), 478 - ( 479 - "at-uri-parts", 480 - json!({"repo": "a", "collection": "b", "rkey": "c", "cid": "def"}), 481 - Some(MatchedRef::AtUri { uri: "at://a/b/c".to_string(), cid: Some("def".to_string()) }), 482 - ), 483 - ( 484 - "at-uri-parts", 485 - json!({"repo": "a", "collection": "b", "rkey": "c", "cid": {}}), 486 - Some(MatchedRef::AtUri { uri: "at://a/b/c".to_string(), cid: None }), 487 - ), 488 - ("did", json!({}), None), 489 - ("did", json!(""), None), 490 - ("did", json!("bad-example.com"), None), 491 - ("did", json!("did:plc:xyz"), Some(MatchedRef::Identifier("did:plc:xyz".to_string()))), 492 - ("handle", json!({}), None), 493 - ("handle", json!("bad-example.com"), Some(MatchedRef::Identifier("bad-example.com".to_string()))), 494 - ("handle", json!("did:plc:xyz"), None), 495 - ("at-identifier", json!({}), None), 496 - ("at-identifier", json!("bad-example.com"), Some(MatchedRef::Identifier("bad-example.com".to_string()))), 497 - ("at-identifier", json!("did:plc:xyz"), Some(MatchedRef::Identifier("did:plc:xyz".to_string()))), 498 - ]; 499 - for (shape, val, expected) in cases { 500 - let s = shape.try_into().unwrap(); 501 - let matched = match_shape(&s, &val); 502 - assert_eq!(matched, expected, "shape: {shape:?}, val: {val:?}"); 503 - } 504 - } 505 - }
···
+2 -2
slingshot/src/record.rs
··· 11 12 #[derive(Debug, Serialize, Deserialize)] 13 pub struct RawRecord { 14 - pub cid: Cid, 15 - pub record: String, 16 } 17 18 // TODO: should be able to do typed CID
··· 11 12 #[derive(Debug, Serialize, Deserialize)] 13 pub struct RawRecord { 14 + cid: Cid, 15 + record: String, 16 } 17 18 // TODO: should be able to do typed CID
+12 -326
slingshot/src/server.rs
··· 1 use crate::{ 2 - CachedRecord, ErrorResponseObject, Identity, Proxy, Repo, 3 error::{RecordError, ServerError}, 4 - proxy::{extract_links, MatchedRef}, 5 - record::RawRecord, 6 }; 7 use atrium_api::types::string::{Cid, Did, Handle, Nsid, RecordKey}; 8 use foyer::HybridCache; 9 use links::at_uri::parse_at_uri as normalize_at_uri; 10 use serde::Serialize; 11 - use std::{path::PathBuf, str::FromStr, sync::Arc, time::Instant, collections::HashMap}; 12 - use tokio::sync::mpsc; 13 use tokio_util::sync::CancellationToken; 14 15 use poem::{ ··· 24 }; 25 use poem_openapi::{ 26 ApiResponse, ContactObject, ExternalDocumentObject, Object, OpenApi, OpenApiService, Tags, 27 - Union, 28 param::Query, payload::Json, types::Example, 29 }; 30 ··· 55 "zQ3shpq1g134o7HGDb86CtQFxnHqzx5pZWknrVX2Waum3fF6j".to_string() 56 } 57 58 - #[derive(Debug, Object)] 59 #[oai(example = true)] 60 struct XrpcErrorResponseObject { 61 /// Should correspond an error `name` in the lexicon errors array ··· 88 89 fn bad_request_handler_resolve_mini(err: poem::Error) -> ResolveMiniIDResponse { 90 ResolveMiniIDResponse::BadRequest(Json(XrpcErrorResponseObject { 91 - error: "InvalidRequest".to_string(), 92 - message: format!("Bad request, here's some info that maybe should not be exposed: {err}"), 93 - })) 94 - } 95 - 96 - fn bad_request_handler_proxy_query(err: poem::Error) -> ProxyHydrateResponse { 97 - ProxyHydrateResponse::BadRequest(Json(XrpcErrorResponseObject { 98 error: "InvalidRequest".to_string(), 99 message: format!("Bad request, here's some info that maybe should not be exposed: {err}"), 100 })) ··· 199 } 200 201 #[derive(Object)] 202 - struct ProxyHydrationError { 203 - reason: String, 204 - } 205 - 206 - #[derive(Object)] 207 - struct ProxyHydrationPending { 208 - url: String, 209 - } 210 - 211 - #[derive(Object)] 212 - struct ProxyHydrationRecordFound { 213 - record: serde_json::Value, 214 - } 215 - 216 - #[derive(Object)] 217 - struct ProxyHydrationIdentifierFound { 218 - mini_doc: MiniDocResponseObject, 219 - } 220 - 221 - #[derive(Object)] 222 - #[oai(rename_all = "camelCase")] 223 - struct ProxyHydrationBlobFound { 224 - /// cdn url 225 - link: String, 226 - mime_type: String, 227 - size: u64, 228 - } 229 - 230 - // todo: there's gotta be a supertrait that collects these? 231 - use poem_openapi::types::{Type, ToJSON, ParseFromJSON, IsObjectType}; 232 - 233 - #[derive(Union)] 234 - #[oai(discriminator_name = "status", rename_all = "camelCase")] 235 - enum Hydration<T: Send + Sync + Type + ToJSON + ParseFromJSON + IsObjectType> { 236 - Error(ProxyHydrationError), 237 - Pending(ProxyHydrationPending), 238 - Found(T), 239 - } 240 - 241 - #[derive(Object)] 242 - #[oai(example = true)] 243 - struct ProxyHydrateResponseObject { 244 - /// The original upstream response content 245 - output: serde_json::Value, 246 - /// Any hydrated records 247 - records: HashMap<String, Hydration<ProxyHydrationRecordFound>>, 248 - /// Any hydrated identifiers 249 - /// 250 - /// TODO: "identifiers" feels wrong as the name, probably "identities"? 251 - identifiers: HashMap<String, Hydration<ProxyHydrationIdentifierFound>>, 252 - /// Any hydrated blob CDN urls 253 - blobs: HashMap<String, Hydration<ProxyHydrationBlobFound>>, 254 - } 255 - impl Example for ProxyHydrateResponseObject { 256 - fn example() -> Self { 257 - Self { 258 - output: serde_json::json!({}), 259 - records: HashMap::from([ 260 - ("asdf".into(), Hydration::Pending(ProxyHydrationPending { url: "todo".into() })), 261 - ]), 262 - identifiers: HashMap::new(), 263 - blobs: HashMap::new(), 264 - } 265 - } 266 - } 267 - 268 - #[derive(ApiResponse)] 269 - #[oai(bad_request_handler = "bad_request_handler_proxy_query")] 270 - enum ProxyHydrateResponse { 271 - #[oai(status = 200)] 272 - Ok(Json<ProxyHydrateResponseObject>), 273 - #[oai(status = 400)] 274 - BadRequest(XrpcError) 275 - } 276 - 277 - #[derive(Object)] 278 - pub struct HydrationSource { 279 - /// Record Path syntax for locating fields 280 - pub path: String, 281 - /// What to expect at the path: 'strong-ref', 'at-uri', 'at-uri-parts', 'did', 'handle', or 'at-identifier'. 282 - /// 283 - /// - `strong-ref`: object in the shape of `com.atproto.repo.strongRef` with `uri` and `cid` keys. 284 - /// - `at-uri`: string, must have all segments present (identifier, collection, rkey) 285 - /// - `at-uri-parts`: object with keys (`repo` or `did`), `collection`, `rkey`, and optional `cid`. Other keys may be present and will be ignored. 286 - /// - `did`: string, `did` format 287 - /// - `handle`: string, `handle` format 288 - /// - `at-identifier`: string, `did` or `handle` format 289 - pub shape: String, 290 - } 291 - 292 - #[derive(Object)] 293 - #[oai(example = true)] 294 - struct ProxyQueryPayload { 295 - /// The NSID of the XRPC you wish to forward 296 - xrpc: String, 297 - /// The destination service the request will be forwarded to 298 - atproto_proxy: String, 299 - /// The `params` for the destination service XRPC endpoint 300 - /// 301 - /// Currently this will be passed along unchecked, but a future version of 302 - /// slingshot may attempt to do lexicon resolution to validate `params` 303 - /// based on the upstream service 304 - params: Option<serde_json::Value>, 305 - /// Paths within the response to look for at-uris that can be hydrated 306 - hydration_sources: Vec<HydrationSource>, 307 - // todo: deadline thing 308 - 309 - } 310 - impl Example for ProxyQueryPayload { 311 - fn example() -> Self { 312 - Self { 313 - xrpc: "app.bsky.feed.getFeedSkeleton".to_string(), 314 - atproto_proxy: "did:web:blue.mackuba.eu#bsky_fg".to_string(), 315 - params: Some(serde_json::json!({ 316 - "feed": "at://did:plc:oio4hkxaop4ao4wz2pp3f4cr/app.bsky.feed.generator/atproto", 317 - })), 318 - hydration_sources: vec![ 319 - HydrationSource { 320 - path: "feed[].post".to_string(), 321 - shape: "at-uri".to_string(), 322 - } 323 - ], 324 - } 325 - } 326 - } 327 - 328 - #[derive(Object)] 329 #[oai(example = true)] 330 struct FoundDidResponseObject { 331 /// the DID, bi-directionally verified if using Slingshot ··· 356 struct Xrpc { 357 cache: HybridCache<String, CachedRecord>, 358 identity: Identity, 359 - proxy: Arc<Proxy>, 360 repo: Arc<Repo>, 361 } 362 ··· 611 #[oai(example = "example_handle")] 612 Query(identifier): Query<String>, 613 ) -> ResolveMiniIDResponse { 614 - Self::resolve_mini_doc_impl(&identifier, self.identity.clone()).await 615 - } 616 - 617 - async fn resolve_mini_doc_impl(identifier: &str, identity: Identity) -> ResolveMiniIDResponse { 618 let invalid = |reason: &'static str| { 619 ResolveMiniIDResponse::BadRequest(xrpc_error("InvalidRequest", reason)) 620 }; 621 622 let mut unverified_handle = None; 623 - let did = match Did::new(identifier.to_string()) { 624 Ok(did) => did, 625 Err(_) => { 626 let Ok(alleged_handle) = Handle::new(identifier.to_lowercase()) else { 627 return invalid("Identifier was not a valid DID or handle"); 628 }; 629 630 - match identity.handle_to_did(alleged_handle.clone()).await { 631 Ok(res) => { 632 if let Some(did) = res { 633 // we did it joe ··· 645 } 646 } 647 }; 648 - let Ok(partial_doc) = identity.did_to_partial_mini_doc(&did).await else { 649 return invalid("Failed to get DID doc"); 650 }; 651 let Some(partial_doc) = partial_doc else { ··· 665 "handle.invalid".to_string() 666 } 667 } else { 668 - let Ok(handle_did) = identity 669 .handle_to_did(partial_doc.unverified_handle.clone()) 670 .await 671 else { ··· 689 })) 690 } 691 692 - /// com.bad-example.proxy.hydrateQueryResponse 693 - /// 694 - /// > [!important] 695 - /// > Unstable! This endpoint is experimental and may change. 696 - /// 697 - /// Fetch + include records referenced from an upstream xrpc query response 698 - #[oai( 699 - path = "/com.bad-example.proxy.hydrateQueryResponse", 700 - method = "post", 701 - tag = "ApiTags::Custom" 702 - )] 703 - async fn proxy_hydrate_query( 704 - &self, 705 - Json(payload): Json<ProxyQueryPayload>, 706 - ) -> ProxyHydrateResponse { 707 - // TODO: the Accept request header, if present, gotta be json 708 - // TODO: find any Authorization header and verify it. TBD about `aud`. 709 - 710 - let params = if let Some(p) = payload.params { 711 - let serde_json::Value::Object(map) = p else { 712 - panic!("params have to be an object"); 713 - }; 714 - Some(map) 715 - } else { None }; 716 - 717 - match self.proxy.proxy( 718 - payload.xrpc, 719 - payload.atproto_proxy, 720 - params, 721 - ).await { 722 - Ok(skeleton) => { 723 - let links = match extract_links(payload.hydration_sources, &skeleton) { 724 - Ok(l) => l, 725 - Err(e) => { 726 - log::warn!("problem extracting: {e:?}"); 727 - return ProxyHydrateResponse::BadRequest(xrpc_error("oop", "sorry, error extracting")) 728 - } 729 - }; 730 - let mut records = HashMap::new(); 731 - let mut identifiers = HashMap::new(); 732 - let mut blobs = HashMap::new(); 733 - 734 - enum GetThing { 735 - Record(String, Hydration<ProxyHydrationRecordFound>), 736 - Identifier(String, Hydration<ProxyHydrationIdentifierFound>), 737 - Blob(String, Hydration<ProxyHydrationBlobFound>), 738 - } 739 - 740 - let (tx, mut rx) = mpsc::channel(1); 741 - 742 - for link in links { 743 - match link { 744 - MatchedRef::AtUri { uri, cid } => { 745 - if records.contains_key(&uri) { 746 - log::warn!("skipping duplicate record without checking cid"); 747 - continue; 748 - } 749 - let mut u = url::Url::parse("https://example.com").unwrap(); 750 - u.query_pairs_mut().append_pair("at_uri", &uri); // BLEH todo 751 - records.insert(uri.clone(), Hydration::Pending(ProxyHydrationPending { 752 - url: format!("/xrpc/blue.microcosm.repo.getRecordByUri?{}", u.query().unwrap()), // TODO better; with cid, etc. 753 - })); 754 - let tx = tx.clone(); 755 - let identity = self.identity.clone(); 756 - let repo = self.repo.clone(); 757 - tokio::task::spawn(async move { 758 - let rest = uri.strip_prefix("at://").unwrap(); 759 - let (identifier, rest) = rest.split_once('/').unwrap(); 760 - let (collection, rkey) = rest.split_once('/').unwrap(); 761 - 762 - let did = if identifier.starts_with("did:") { 763 - Did::new(identifier.to_string()).unwrap() 764 - } else { 765 - let handle = Handle::new(identifier.to_string()).unwrap(); 766 - identity.handle_to_did(handle).await.unwrap().unwrap() 767 - }; 768 - 769 - let res = match repo.get_record( 770 - &did, 771 - &Nsid::new(collection.to_string()).unwrap(), 772 - &RecordKey::new(rkey.to_string()).unwrap(), 773 - &cid.as_ref().map(|s| Cid::from_str(s).unwrap()), 774 - ).await { 775 - Ok(CachedRecord::Deleted) => 776 - Hydration::Error(ProxyHydrationError { 777 - reason: "record deleted".to_string(), 778 - }), 779 - Ok(CachedRecord::Found(RawRecord { cid: found_cid, record })) => { 780 - if let Some(c) = cid && found_cid.as_ref().to_string() != c { 781 - log::warn!("ignoring cid mismatch"); 782 - } 783 - let value = serde_json::from_str(&record).unwrap(); 784 - Hydration::Found(ProxyHydrationRecordFound { 785 - record: value, 786 - }) 787 - } 788 - Err(e) => { 789 - log::warn!("finally oop {e:?}"); 790 - Hydration::Error(ProxyHydrationError { 791 - reason: "failed to fetch record".to_string(), 792 - }) 793 - } 794 - }; 795 - tx.send(GetThing::Record(uri, res)).await 796 - }); 797 - } 798 - MatchedRef::Identifier(id) => { 799 - if identifiers.contains_key(&id) { 800 - continue; 801 - } 802 - let mut u = url::Url::parse("https://example.com").unwrap(); 803 - u.query_pairs_mut().append_pair("identifier", &id); 804 - identifiers.insert(id.clone(), Hydration::Pending(ProxyHydrationPending { 805 - url: format!("/xrpc/blue.microcosm.identity.resolveMiniDoc?{}", u.query().unwrap()), // gross 806 - })); 807 - let tx = tx.clone(); 808 - let identity = self.identity.clone(); 809 - tokio::task::spawn(async move { 810 - let res = match Self::resolve_mini_doc_impl(&id, identity).await { 811 - ResolveMiniIDResponse::Ok(Json(mini_doc)) => Hydration::Found(ProxyHydrationIdentifierFound { 812 - mini_doc 813 - }), 814 - ResolveMiniIDResponse::BadRequest(e) => { 815 - log::warn!("minidoc fail: {:?}", e.0); 816 - Hydration::Error(ProxyHydrationError { 817 - reason: "failed to resolve mini doc".to_string(), 818 - }) 819 - } 820 - }; 821 - tx.send(GetThing::Identifier(id, res)).await 822 - }); 823 - } 824 - MatchedRef::Blob { link, mime, size: _ } => { 825 - if blobs.contains_key(&link) { 826 - continue; 827 - } 828 - if mime != "image/jpeg" { 829 - Hydration::<ProxyHydrationBlobFound>::Error(ProxyHydrationError { 830 - reason: "only image/jpeg supported for now".to_string(), 831 - }); 832 - } 833 - todo!("oops we need to know the account too") 834 - } 835 - } 836 - } 837 - // so the channel can close when all are completed 838 - // (we shoudl be doing a timeout...) 839 - drop(tx); 840 - 841 - while let Some(hydration) = rx.recv().await { 842 - match hydration { 843 - GetThing::Record(uri, h) => { records.insert(uri, h); } 844 - GetThing::Identifier(uri, md) => { identifiers.insert(uri, md); } 845 - GetThing::Blob(cid, asdf) => { blobs.insert(cid, asdf); } 846 - }; 847 - } 848 - 849 - ProxyHydrateResponse::Ok(Json(ProxyHydrateResponseObject { 850 - output: skeleton, 851 - records, 852 - identifiers, 853 - blobs, 854 - })) 855 - } 856 - Err(e) => { 857 - log::warn!("oh no: {e:?}"); 858 - ProxyHydrateResponse::BadRequest(xrpc_error("oop", "sorry")) 859 - } 860 - } 861 - 862 - } 863 - 864 async fn get_record_impl( 865 &self, 866 repo: String, ··· 1059 cache: HybridCache<String, CachedRecord>, 1060 identity: Identity, 1061 repo: Repo, 1062 - proxy: Proxy, 1063 acme_domain: Option<String>, 1064 acme_contact: Option<String>, 1065 acme_cache_path: Option<PathBuf>, ··· 1068 bind: std::net::SocketAddr, 1069 ) -> Result<(), ServerError> { 1070 let repo = Arc::new(repo); 1071 - let proxy = Arc::new(proxy); 1072 let api_service = OpenApiService::new( 1073 Xrpc { 1074 cache, 1075 identity, 1076 - proxy, 1077 repo, 1078 }, 1079 "Slingshot", ··· 1137 .with( 1138 Cors::new() 1139 .allow_origin_regex("*") 1140 - .allow_methods([Method::GET, Method::POST]) 1141 .allow_credentials(false), 1142 ) 1143 .with(CatchPanic::new())
··· 1 use crate::{ 2 + CachedRecord, ErrorResponseObject, Identity, Repo, 3 error::{RecordError, ServerError}, 4 }; 5 use atrium_api::types::string::{Cid, Did, Handle, Nsid, RecordKey}; 6 use foyer::HybridCache; 7 use links::at_uri::parse_at_uri as normalize_at_uri; 8 use serde::Serialize; 9 + use std::path::PathBuf; 10 + use std::str::FromStr; 11 + use std::sync::Arc; 12 + use std::time::Instant; 13 use tokio_util::sync::CancellationToken; 14 15 use poem::{ ··· 24 }; 25 use poem_openapi::{ 26 ApiResponse, ContactObject, ExternalDocumentObject, Object, OpenApi, OpenApiService, Tags, 27 param::Query, payload::Json, types::Example, 28 }; 29 ··· 54 "zQ3shpq1g134o7HGDb86CtQFxnHqzx5pZWknrVX2Waum3fF6j".to_string() 55 } 56 57 + #[derive(Object)] 58 #[oai(example = true)] 59 struct XrpcErrorResponseObject { 60 /// Should correspond an error `name` in the lexicon errors array ··· 87 88 fn bad_request_handler_resolve_mini(err: poem::Error) -> ResolveMiniIDResponse { 89 ResolveMiniIDResponse::BadRequest(Json(XrpcErrorResponseObject { 90 error: "InvalidRequest".to_string(), 91 message: format!("Bad request, here's some info that maybe should not be exposed: {err}"), 92 })) ··· 191 } 192 193 #[derive(Object)] 194 #[oai(example = true)] 195 struct FoundDidResponseObject { 196 /// the DID, bi-directionally verified if using Slingshot ··· 221 struct Xrpc { 222 cache: HybridCache<String, CachedRecord>, 223 identity: Identity, 224 repo: Arc<Repo>, 225 } 226 ··· 475 #[oai(example = "example_handle")] 476 Query(identifier): Query<String>, 477 ) -> ResolveMiniIDResponse { 478 let invalid = |reason: &'static str| { 479 ResolveMiniIDResponse::BadRequest(xrpc_error("InvalidRequest", reason)) 480 }; 481 482 let mut unverified_handle = None; 483 + let did = match Did::new(identifier.clone()) { 484 Ok(did) => did, 485 Err(_) => { 486 let Ok(alleged_handle) = Handle::new(identifier.to_lowercase()) else { 487 return invalid("Identifier was not a valid DID or handle"); 488 }; 489 490 + match self.identity.handle_to_did(alleged_handle.clone()).await { 491 Ok(res) => { 492 if let Some(did) = res { 493 // we did it joe ··· 505 } 506 } 507 }; 508 + let Ok(partial_doc) = self.identity.did_to_partial_mini_doc(&did).await else { 509 return invalid("Failed to get DID doc"); 510 }; 511 let Some(partial_doc) = partial_doc else { ··· 525 "handle.invalid".to_string() 526 } 527 } else { 528 + let Ok(handle_did) = self 529 + .identity 530 .handle_to_did(partial_doc.unverified_handle.clone()) 531 .await 532 else { ··· 550 })) 551 } 552 553 async fn get_record_impl( 554 &self, 555 repo: String, ··· 748 cache: HybridCache<String, CachedRecord>, 749 identity: Identity, 750 repo: Repo, 751 acme_domain: Option<String>, 752 acme_contact: Option<String>, 753 acme_cache_path: Option<PathBuf>, ··· 756 bind: std::net::SocketAddr, 757 ) -> Result<(), ServerError> { 758 let repo = Arc::new(repo); 759 let api_service = OpenApiService::new( 760 Xrpc { 761 cache, 762 identity, 763 repo, 764 }, 765 "Slingshot", ··· 823 .with( 824 Cors::new() 825 .allow_origin_regex("*") 826 + .allow_methods([Method::GET]) 827 .allow_credentials(false), 828 ) 829 .with(CatchPanic::new())