diff --git a/acrate_rd/src/any.rs b/acrate_rd/src/any.rs index eca9ef5..d4e5ce0 100644 --- a/acrate_rd/src/any.rs +++ b/acrate_rd/src/any.rs @@ -15,17 +15,16 @@ impl ResourceDescriptor { /// /// In order, this method attempts: /// - /// 1. HTTPS [XRD](ResourceDescriptorJRD::get) - /// 2. HTTPS [JRD](ResourceDescriptorJRD::get) - /// 3. HTTPS [JRD](ResourceDescriptorJRD::get) with .json path suffix - /// 4. HTTP [XRD](ResourceDescriptorJRD::get) - /// 5. HTTP [JRD](ResourceDescriptorJRD::get) - /// 6. HTTP [JRD](ResourceDescriptorJRD::get) with .json path suffix + /// 1. [XRD](ResourceDescriptorJRD::get) + /// 2. [JRD](ResourceDescriptorJRD::get) + /// 3. [JRD](ResourceDescriptorJRD::get) with .json path suffix /// /// # Notes /// /// This follows redirects until the redirect chain is 10 hops; see [`reqwest::redirect`] for more info. /// + /// Only the protocol specified in the passed [`reqwest::Url`] is used to fetch the [`ResourceDescriptor`]; despite the specification allowing servers to use only one between HTTP and HTTPS, no implicit downgrade is ever performed to prevent MITM attacks. + /// /// # Examples /// /// ``` @@ -53,121 +52,51 @@ impl ResourceDescriptor { log::trace!("Unsetting URL fragment..."); url.set_fragment(None); - log::trace!("Setting URL scheme to HTTPS..."); - url.set_scheme("https") - .map_err(UrlManipulation)?; - - log::trace!("Cloning URL for HTTPS XRD retrieval..."); - let https_xrd_url = url.clone(); - - log::trace!("Attempting HTTPS XRD retrieval..."); - let https_xrd = match ResourceDescriptorXRD::get(client, https_xrd_url).await { + log::trace!("Attempting XRD retrieval..."); + let xrd = match ResourceDescriptorXRD::get(client, url.clone()).await { Ok(data) => { - log::trace!("HTTPS XRD retrieval was successful, returning..."); + log::trace!("XRD retrieval was successful, returning..."); return Ok(Self::XRD(data)) } Err(err) => { - log::warn!("HTTPS XRD retrieval failed."); + log::warn!("XRD retrieval failed."); err } }; - log::trace!("Cloning URL for HTTPS JRD retrieval..."); - let https_jrd_url = url.clone(); - - log::trace!("Attempting HTTPS JRD retrieval..."); - let https_jrd = match ResourceDescriptorJRD::get(client, https_jrd_url).await { + log::trace!("Attempting JRD retrieval..."); + let jrd = match ResourceDescriptorJRD::get(client, url.clone()).await { Ok(data) => { - log::trace!("HTTPS JRD retrieval was successful, returning..."); + log::trace!("JRD retrieval was successful, returning..."); return Ok(Self::JRD(data)) } Err(err) => { - log::warn!("HTTPS JRD retrieval failed."); + log::warn!("JRD retrieval failed."); err } }; - log::trace!("Cloning URL for HTTPS JRD .json retrieval..."); - let mut https_jrdj_url = url.clone(); - - log::trace!("Altering URL path for HTTPS JRD .json retrieval..."); - https_jrdj_url.set_path( - &format!("{}.json", https_jrdj_url.path()) + log::trace!("Altering URL path for JRD .json retrieval..."); + url.set_path( + &format!("{}.json", url.path()) ); - log::trace!("Attempting HTTPS JRD .json retrieval..."); - let https_jrdj = match ResourceDescriptorJRD::get(client, https_jrdj_url).await { + log::trace!("Attempting JRD .json retrieval..."); + let jrdj = match ResourceDescriptorJRD::get(client, url.clone()).await { Ok(data) => { - log::trace!("HTTPS JRD .json retrieval was successful, returning..."); + log::trace!("JRD .json retrieval was successful, returning..."); return Ok(Self::JRD(data)) } Err(err) => { - log::warn!("HTTPS JRD .json retrieval failed."); - err - } - }; - - log::trace!("Setting URL scheme to HTTP..."); - url.set_scheme("http") - .map_err(UrlManipulation)?; - - log::trace!("Cloning URL for HTTP XRD retrieval..."); - let http_xrd_url = url.clone(); - - log::trace!("Attempting HTTP XRD retrieval..."); - let http_xrd = match ResourceDescriptorXRD::get(client, http_xrd_url).await { - Ok(data) => { - log::trace!("HTTP XRD retrieval was successful, returning..."); - return Ok(Self::XRD(data)) - } - Err(err) => { - log::warn!("HTTP XRD retrieval failed."); - err - } - }; - - log::trace!("Cloning URL for HTTP JRD retrieval..."); - let http_jrd_url = url.clone(); - - log::trace!("Attempting HTTP JRD retrieval..."); - let http_jrd = match ResourceDescriptorJRD::get(client, http_jrd_url).await { - Ok(data) => { - log::trace!("HTTP JRD retrieval was successful, returning..."); - return Ok(Self::JRD(data)) - } - Err(err) => { - log::warn!("HTTP JRD retrieval failed."); - err - } - }; - - log::trace!("Cloning URL for HTTP JRD .json retrieval..."); - let mut http_jrdj_url = url.clone(); - - log::trace!("Altering URL path for HTTPS JRD .json retrieval..."); - http_jrdj_url.set_path( - &format!("{}.json", http_jrdj_url.path()) - ); - - log::trace!("Attempting HTTP JRD .json retrieval..."); - let http_jrdj = match ResourceDescriptorJRD::get(client, http_jrdj_url).await { - Ok(data) => { - log::trace!("HTTP JRD .json retrieval was successful, returning..."); - return Ok(Self::JRD(data)) - } - Err(err) => { - log::warn!("HTTP JRD .json retrieval failed."); + log::warn!("JRD .json retrieval failed."); err } }; Err(Fetch(GetFetchFailures { - https_xrd, - https_jrd, - https_jrdj, - http_xrd, - http_jrd, - http_jrdj, + xrd, + jrd, + jrdj, })) } @@ -262,7 +191,7 @@ pub enum GetError { Fetch(GetFetchFailures), } -/// Request errors occurred during [`ResourceDescriptor::discover_http`] or [`ResourceDescriptor::discover`]. +/// Request errors occurred during [`ResourceDescriptor::get`]. #[derive(Debug, Error)] #[error("all attempts of fetching the resource descriptor document failed")] pub struct GetFetchFailures { @@ -275,14 +204,3 @@ pub struct GetFetchFailures { /// JRD with .json extension retrieval. pub jrdj: GetJRDError, } - -/// Request errors occurred during [`ResourceDescriptor::discover`]. -#[derive(Debug, Error)] -#[error("all attempts of fetching the resource descriptor document failed with all protocols")] -pub struct GetFetchFailuresMultiprotocol { - /// HTTPS. - pub https: GetFetchFailures, - - /// HTTP. - pub http: GetFetchFailures, -}