Исправление работы авторизации с помощью VK ID.

src/routes/auth/shared.rs

@@ -1,9 +1,6 @@
-use crate::utility::jwt::DEFAULT_ALGORITHM;
 use jsonwebtoken::errors::ErrorKind;
-use jsonwebtoken::{decode, DecodingKey, Validation};
+use jsonwebtoken::{decode, Algorithm, DecodingKey, Validation};
 use serde::{Deserialize, Serialize};
-use std::env;
-use std::sync::LazyLock;
 
 #[derive(Deserialize, Serialize)]
 struct TokenData {
@@ -17,7 +14,7 @@ struct TokenData {
 
 #[derive(Debug, Serialize, Deserialize)]
 struct Claims {
-    sub: String,
+    sub: i32,
     iis: String,
     jti: i32,
     app: i32,
@@ -52,17 +49,10 @@ const VK_PUBLIC_KEY: &str = concat!(
     "-----END PUBLIC KEY-----"
 );
 
-static VK_ID_CLIENT_ID: LazyLock<i32> = LazyLock::new(|| {
-    env::var("VK_ID_CLIENT_ID")
-        .expect("VK_ID_CLIENT_ID must be set")
-        .parse::<i32>()
-        .expect("VK_ID_CLIENT_ID must be i32")
-});
-
-pub fn parse_vk_id(token_str: &String) -> Result<i32, Error> {
+pub fn parse_vk_id(token_str: &String, client_id: i32) -> Result<i32, Error> {
     let dkey = DecodingKey::from_rsa_pem(VK_PUBLIC_KEY.as_bytes()).unwrap();
 
-    match decode::<Claims>(&token_str, &dkey, &Validation::new(DEFAULT_ALGORITHM)) {
+    match decode::<Claims>(&token_str, &dkey, &Validation::new(Algorithm::RS256)) {
         Ok(token_data) => {
             let claims = token_data.claims;
 
@@ -70,13 +60,10 @@ pub fn parse_vk_id(token_str: &String) -> Result<i32, Error> {
                 Err(Error::UnknownIssuer(claims.iis))
             } else if claims.jti != 21 {
                 Err(Error::UnknownType(claims.jti))
-            } else if claims.app != *VK_ID_CLIENT_ID {
+            } else if claims.app != client_id {
                 Err(Error::UnknownClientId(claims.app))
             } else {
-                match claims.sub.parse::<i32>() {
-                    Ok(sub) => Ok(sub),
-                    Err(_) => Err(Error::InvalidToken),
-                }
+                Ok(claims.sub)
             }
         }
         Err(err) => Err(match err.into_kind() {

src/routes/auth/sign_in.rs

@@ -71,7 +71,7 @@ pub async fn sign_in_vk(
 ) -> ServiceResponse {
     let data = data_json.into_inner();
 
-    match parse_vk_id(&data.access_token) {
+    match parse_vk_id(&data.access_token, app_state.vk_id.client_id) {
         Ok(id) => sign_in_combined(Vk(id), &app_state).await.into(),
         Err(_) => ErrorCode::InvalidVkAccessToken.into_response(),
     }

src/routes/auth/sign_up.rs

@@ -79,7 +79,7 @@ pub async fn sign_up_vk(
 ) -> ServiceResponse {
     let data = data_json.into_inner();
 
-    match parse_vk_id(&data.access_token) {
+    match parse_vk_id(&data.access_token, app_state.vk_id.client_id) {
         Ok(id) => sign_up_combined(
             SignUpData {
                 username: data.username,

src/routes/vk_id/oauth.rs

@@ -59,13 +59,16 @@ async fn oauth(data: web::Json<Request>, app_state: web::Data<AppState>) -> Serv
                 return ErrorCode::VkIdError.into_response();
             }
 
-            if let Ok(auth_data) = res.json::<VkIdAuthResponse>().await {
-                Ok(Response {
-                    access_token: auth_data.id_token,
-                })
-                .into()
-            } else {
-                ErrorCode::VkIdError.into_response()
+            match res.json::<VkIdAuthResponse>().await {
+                Ok(auth_data) =>
+                    Ok(Response {
+                        access_token: auth_data.id_token,
+                    }).into(),
+                Err(error) => {
+                    sentry::capture_error(&error);
+                    
+                    ErrorCode::VkIdError.into_response()
+                }
             }
         }
         Err(_) => ErrorCode::VkIdError.into_response(),