chore: update rusty-jwt-tools repo to rust 2024 edition [WPB-16113]

acme/Cargo.toml

@@ -2,7 +2,7 @@
 name = "rusty-acme"
 description = "ACME types"
 version = "0.12.0"
-edition = "2021"
+edition = "2024"
 repository = "https://github.com/wireapp/rusty-jwt-tools"
 license = "MPL-2.0"
 publish = false

acme/src/authz.rs

@@ -41,7 +41,7 @@
                 return Err(RustyAcmeError::ClientImplementationError(
                     "an authorization is not supposed to be valid at this point. \
                     You should only use this method to parse the response of an authorization creation.",
-                ))
+                ));
             }
         }
         Ok(authz)
@@ -164,7 +164,7 @@
         use super::*;
 
         #[test]
         #[wasm_bindgen_test]
         fn can_deserialize_sample_response() {
             let rfc_sample = json!({
                 "status": "pending",

acme/src/certificate.rs

@@ -1,8 +1,8 @@
 use crate::{error::CertificateError, identifier::CanonicalIdentifier, prelude::*};
 use rusty_jwt_tools::prelude::*;
 use rusty_x509_check::revocation::{PkiEnvironment, PkiEnvironmentParams};
-use x509_cert::anchor::TrustAnchorChoice;
 use x509_cert::Certificate;
+use x509_cert::anchor::TrustAnchorChoice;
 
 impl RustyAcme {
     /// For fetching the generated certificate

acme/src/chall.rs

@@ -56,12 +56,12 @@ impl RustyAcme {
                 return Err(RustyAcmeError::ClientImplementationError(
                     "a challenge is not supposed to be pending at this point. \
                     It must either be 'valid' or 'processing'.",
-                ))
+                ));
             }
             None => {
                 return Err(RustyAcmeError::ClientImplementationError(
                     "at this point a challenge is supposed to have a status",
-                ))
+                ));
             }
         }
         Ok(chall)

acme/src/finalize.rs

@@ -250,7 +250,7 @@ impl AcmeFinalize {
                 return Err(RustyAcmeError::ClientImplementationError(
                     "finalize is not supposed to be 'pending | processing | ready' at this point. \
                     It means you have forgotten previous steps",
-                ))
+                ));
             }
             AcmeOrderStatus::Invalid => return Err(AcmeFinalizeError(AcmeOrderError::Invalid))?,
         }

acme/src/identity/mod.rs

@@ -1,8 +1,8 @@
 use x509_cert::der::Decode as _;
 
 use rusty_jwt_tools::prelude::*;
-use rusty_x509_check::revocation::PkiEnvironment;
 use rusty_x509_check::IdentityStatus;
+use rusty_x509_check::revocation::PkiEnvironment;
 
 use crate::error::CertificateError;
 use crate::prelude::*;
@@ -146,10 +146,16 @@ fn try_extract_san(cert: &x509_cert::TbsCertificate) -> RustyAcmeResult<(String,
         .try_for_each(|name| -> RustyAcmeResult<()> {
             // since both ClientId & handle are in the SAN we first try to parse the element as
             // a ClientId (since it's the most characterizable) and else fallback to a handle
-            if let Ok(cid) = ClientId::try_from_uri(name) {
-                client_id = Some(cid.to_qualified());
-            } else if let Ok(h) = name.parse::<QualifiedHandle>() {
-                handle = Some(h);
+            match ClientId::try_from_uri(name) {
+                Ok(cid) => {
+                    client_id = Some(cid.to_qualified());
+                }
+                _ => match name.parse::<QualifiedHandle>() {
+                    Ok(h) => {
+                        handle = Some(h);
+                    }
+                    _ => {}
+                },
             }
             Ok(())
         })?;

acme/src/identity/thumbprint.rs

@@ -40,7 +40,7 @@ pub(crate) fn try_compute_jwk_canonicalized_thumbprint(
 fn try_into_jwk(spki: &SubjectPublicKeyInfoOwned) -> RustyAcmeResult<Jwk> {
     use const_oid::db::{
         rfc5912::{ID_EC_PUBLIC_KEY, SECP_256_R_1, SECP_384_R_1, SECP_521_R_1},
-        rfc8410::{ID_ED_25519, ID_ED_448},
+        rfc8410::{ID_ED_448, ID_ED_25519},
     };
     let params = spki
         .algorithm

acme/src/order.rs

@@ -57,7 +57,7 @@ impl RustyAcme {
                 return Err(RustyAcmeError::ClientImplementationError(
                     "an order is not supposed to be 'processing | valid | ready' at this point. \
                     You should only be using this method after account creation, not after finalize",
-                ))
+                ));
             }
             AcmeOrderStatus::Invalid => return Err(AcmeOrderError::Invalid)?,
         }
@@ -96,21 +96,21 @@ impl RustyAcme {
                 return Err(RustyAcmeError::ClientImplementationError(
                     "an order is not supposed to be 'pending' at this point. \
                     It means you have forgotten to create authorizations",
-                ))
+                ));
             }
             AcmeOrderStatus::Processing => {
                 return Err(RustyAcmeError::ClientImplementationError(
                     "an order is not supposed to be 'processing' at this point. \
                     You should not have called finalize yet ; in fact, you should only call finalize \
                     once this order turns 'ready'",
-                ))
+                ));
             }
             AcmeOrderStatus::Valid => {
                 return Err(RustyAcmeError::ClientImplementationError(
                     "an order is not supposed to be 'valid' at this point. \
                     It means a certificate has already been delivered which defeats the purpose \
                     of using this method",
-                ))
+                ));
             }
             AcmeOrderStatus::Invalid => return Err(AcmeOrderError::Invalid)?,
         }

e2e-identity/Cargo.toml

@@ -2,7 +2,7 @@
 name = "wire-e2e-identity"
 description = "Public API for Wire end to end identity"
 version = "0.12.0"
-edition = "2021"
+edition = "2024"
 repository = "https://github.com/wireapp/rusty-jwt-tools"
 license = "MPL-2.0"
 publish = false

e2e-identity/src/lib.rs

@@ -17,21 +17,21 @@ mod types;
 pub mod prelude {
     pub use rusty_acme::prelude::x509;
     pub use rusty_acme::prelude::{
-        compute_raw_key_thumbprint, x509::IdentityStatus, AcmeDirectory, RustyAcme, RustyAcmeError, WireIdentity,
-        WireIdentityReader,
+        AcmeDirectory, RustyAcme, RustyAcmeError, WireIdentity, WireIdentityReader, compute_raw_key_thumbprint,
+        x509::IdentityStatus,
     };
     pub use rusty_jwt_tools::prelude::{
-        parse_json_jwk, ClientId as E2eiClientId, Handle, HashAlgorithm, JwsAlgorithm, RustyJwtError,
+        ClientId as E2eiClientId, Handle, HashAlgorithm, JwsAlgorithm, RustyJwtError, parse_json_jwk,
     };
 
     #[cfg(feature = "builder")]
     pub use rusty_jwt_tools::prelude::generate_jwk;
 
+    pub use super::RustyE2eIdentity;
     pub use super::error::{E2eIdentityError, E2eIdentityResult};
     pub use super::types::{
         E2eiAcmeAccount, E2eiAcmeAuthorization, E2eiAcmeChallenge, E2eiAcmeFinalize, E2eiAcmeOrder, E2eiNewAcmeOrder,
     };
-    pub use super::RustyE2eIdentity;
 }
 
 pub type Json = serde_json::Value;

e2e-identity/tests/e2e.rs

@@ -1,17 +1,17 @@
 #![cfg(not(target_family = "wasm"))]
 
 use jwt_simple::prelude::*;
-use serde_json::{json, Value};
+use serde_json::{Value, json};
 
 use rusty_acme::prelude::*;
 use rusty_jwt_tools::prelude::*;
 use utils::{
+    TestError,
     cfg::{E2eTest, EnrollmentFlow, OidcProvider},
     docker::{stepca::CaCfg, wiremock::WiremockImage},
     id_token::resign_id_token,
     rand_base64_str, rand_client_id,
     wire_server::OauthCfg,
-    TestError,
 };
 
 #[path = "utils/mod.rs"]
@@ -133,10 +133,10 @@
 #[cfg(not(ci))]
 mod acme_server {
     use super::*;
+    use rusty_acme::prelude::x509::RustyX509CheckError;
     use rusty_acme::prelude::x509::reexports::certval;
     use rusty_acme::prelude::x509::reexports::certval::PathValidationStatus;
     use rusty_acme::prelude::x509::revocation::{PkiEnvironment, PkiEnvironmentParams};
-    use rusty_acme::prelude::x509::RustyX509CheckError;
     use x509_cert::der::Decode;
 
     /// Acme server has been man-in-middle:ed and returns untrusted certificates

e2e-identity/tests/utils/cfg.rs

@@ -1,5 +1,5 @@
 use std::{
-    collections::{hash_map::RandomState, HashMap},
+    collections::{HashMap, hash_map::RandomState},
     net::SocketAddr,
 };
 
@@ -11,6 +11,7 @@ use rusty_acme::prelude::{AcmeAccount, AcmeAuthz, AcmeChallenge, AcmeDirectory,
 use rusty_jwt_tools::{jwk::TryIntoJwk, prelude::*};
 
 use crate::utils::{
+    TestResult,
     ctx::ctx_store_http_client,
     display::TestDisplay,
     docker::{
@@ -21,8 +22,7 @@ use crate::utils::{
         stepca::{AcmeServer, CaCfg},
     },
     rand_base64_str, rand_str,
-    wire_server::{oidc::OidcCfg, OauthCfg, WireServer},
-    TestResult,
+    wire_server::{OauthCfg, WireServer, oidc::OidcCfg},
 };
 
 pub struct E2eTest {

e2e-identity/tests/utils/ctx.rs

@@ -3,7 +3,7 @@
 
 use std::net::SocketAddr;
 use std::{
-    collections::{hash_map::RandomState, HashMap},
+    collections::{HashMap, hash_map::RandomState},
     str::FromStr,
 };
 

e2e-identity/tests/utils/docker/dex.rs

@@ -2,9 +2,9 @@ use std::{collections::HashMap, net::SocketAddr};
 
 use testcontainers::core::{ContainerPort, Mount};
 use testcontainers::runners::AsyncRunner;
-use testcontainers::{core::WaitFor, ContainerAsync, Image, ImageExt};
+use testcontainers::{ContainerAsync, Image, ImageExt, core::WaitFor};
 
-use crate::utils::docker::{ldap::LdapCfg, rand_str, SHM};
+use crate::utils::docker::{SHM, ldap::LdapCfg, rand_str};
 
 pub struct DexServer {
     pub uri: String,

e2e-identity/tests/utils/docker/keycloak.rs

@@ -4,14 +4,14 @@ use std::sync::OnceLock;
 use std::{collections::HashMap, env, net::SocketAddr};
 
 use keycloak::{
+    KeycloakAdmin, KeycloakAdminToken,
     types::ProtocolMapperRepresentation,
     types::{ClientRepresentation, CredentialRepresentation, UserRepresentation},
-    KeycloakAdmin, KeycloakAdminToken,
 };
 
 use testcontainers::core::{ContainerPort, IntoContainerPort, Mount};
 use testcontainers::runners::AsyncRunner;
-use testcontainers::{core::WaitFor, ContainerAsync, Image, ImageExt};
+use testcontainers::{ContainerAsync, Image, ImageExt, core::WaitFor};
 
 use crate::utils::docker::SHM;
 

e2e-identity/tests/utils/docker/ldap.rs

@@ -1,9 +1,9 @@
-use crate::utils::docker::{rand_str, SHM};
+use crate::utils::docker::{SHM, rand_str};
 use std::borrow::Cow;
 use std::{collections::HashMap, net::SocketAddr};
 use testcontainers::core::{ContainerPort, Mount};
 use testcontainers::runners::AsyncRunner;
-use testcontainers::{core::WaitFor, ContainerAsync, Image, ImageExt};
+use testcontainers::{ContainerAsync, Image, ImageExt, core::WaitFor};
 
 pub struct LdapServer {
     pub node: ContainerAsync<LdapImage>,

e2e-identity/tests/utils/docker/stepca.rs

@@ -4,9 +4,9 @@ use std::path::Path;
 
 use serde_json::json;
 use testcontainers::core::{CmdWaitFor, ContainerPort, ExecCommand, Mount};
-use testcontainers::{runners::AsyncRunner, ContainerAsync, GenericImage, ImageExt};
+use testcontainers::{ContainerAsync, GenericImage, ImageExt, runners::AsyncRunner};
 
-use crate::utils::docker::{rand_str, NETWORK, SHM};
+use crate::utils::docker::{NETWORK, SHM, rand_str};
 
 pub struct AcmeServer {
     pub uri: String,

e2e-identity/tests/utils/docker/wiremock.rs

@@ -3,7 +3,7 @@ use std::borrow::Cow;
 use std::{collections::HashMap, path::PathBuf};
 use testcontainers::core::{ContainerPort, Mount};
 use testcontainers::runners::AsyncRunner;
-use testcontainers::{core::WaitFor, ContainerAsync, Image, ImageExt};
+use testcontainers::{ContainerAsync, Image, ImageExt, core::WaitFor};
 
 /// Allows to run WireMock in Docker. Uses stubs to mock responses to predefined requests.
 /// The stubs are generated in [crate::E2eTest::new_jwks_uri_mock].

e2e-identity/tests/utils/fmk.rs

@@ -3,12 +3,12 @@
 use jwt_simple::prelude::*;
 use oauth2::{ClientSecret, CsrfToken, PkceCodeChallenge, RedirectUrl, RefreshToken, Scope};
 use openidconnect::{
-    core::{CoreAuthenticationFlow, CoreClient, CoreProviderMetadata},
     IssuerUrl, Nonce,
+    core::{CoreAuthenticationFlow, CoreClient, CoreProviderMetadata},
 };
 use reqwest::StatusCode;
-use serde_json::{json, Value};
-use std::collections::{hash_map::RandomState, HashMap};
+use serde_json::{Value, json};
+use std::collections::{HashMap, hash_map::RandomState};
 use url::Url;
 use x509_cert::der::{DecodePem, Encode};
 
@@ -21,14 +21,14 @@
 };
 
 use crate::utils::{
+    TestError, TestResult,
     cfg::{E2eTest, EnrollmentFlow, OidcProvider},
     ctx::*,
     display::Actor,
     docker::stepca,
     helpers::{AcmeAsserter, ClientHelper, RespHelper},
     rand_base64_str,
     wire_server::oidc::{scrap_grant, scrap_login},
-    TestError, TestResult,
 };
 
 // unsafe static mutable channels for the Google OIDC login since it requires tester interaction in browser
@@ -814,7 +814,7 @@
         // SAFETY: We initialized the reference earlier in this function, and the worst case if
         // someone has mutated it under us is that one of the unwraps causes a test to panic.
         let id_token = unsafe {
             let rx = GOOGLE_RECV.as_ref().unwrap().lock().unwrap();
             rx.recv().unwrap()
         };
         Ok(id_token)

e2e-identity/tests/utils/helpers.rs

@@ -1,6 +1,6 @@
 use crate::utils::TestResult;
 use http::header::AsHeaderName;
-use http::{header, HeaderName, HeaderValue};
+use http::{HeaderName, HeaderValue, header};
 use itertools::Itertools;
 
 pub trait ClientHelper {
@@ -84,10 +84,11 @@ impl AcmeAsserter for reqwest::Response {
         self
     }
     fn expect_content_type_json(&mut self) -> &mut Self {
-        assert!(self
-            .headers()
-            .iter()
-            .contains(&(&header::CONTENT_TYPE, &HeaderValue::from_static("application/json"))));
+        assert!(
+            self.headers()
+                .iter()
+                .contains(&(&header::CONTENT_TYPE, &HeaderValue::from_static("application/json")))
+        );
         self
     }
     fn has_replay_nonce(&mut self) -> &mut Self {

e2e-identity/tests/utils/wire_server/oidc.rs

@@ -3,8 +3,8 @@
 use hyper::body::{Bytes, Incoming};
 use hyper::{Request, Response, StatusCode};
 use openidconnect::{
-    core::{CoreAuthenticationFlow, CoreClient, CoreProviderMetadata},
     ClientSecret, CsrfToken, IssuerUrl, Nonce, PkceCodeChallenge, PkceCodeVerifier, RedirectUrl, Scope, TokenResponse,
+    core::{CoreAuthenticationFlow, CoreClient, CoreProviderMetadata},
 };
 use scraper::Html;
 
@@ -141,7 +141,7 @@
     // SAFETY: it's probably fine, this is in a test context anyway.
     // It's hard but not impossible to really mess with this struct... but it's just in the tests.
     // If we're using it wrong, it's meant to crash.
     if let Some(tx) = unsafe { GOOGLE_SND.as_ref() } {
         let tx = tx.lock().unwrap().clone();
         tx.send(id_token.clone()).unwrap();
         let id_token_url = format!("https://jwt.io/#id_token={id_token}");

ffi/Cargo.toml

@@ -2,7 +2,7 @@
 name = "rusty-jwt-tools-ffi"
 description = "Exposing utilities to handle JWTs in Haskell"
 version = "0.12.0"
-edition = "2021"
+edition = "2024"
 repository = "https://github.com/wireapp/rusty-jwt-tools"
 license = "MPL-2.0"
 publish = false