auth: auth-server: Define key management API

Cargo.toml

@@ -1,13 +1,14 @@
 [workspace]
 members = [
+    "auth/auth-server",
+    "auth/auth-server-api",
     "compliance/compliance-server",
     "compliance/compliance-api",
     "dealer/renegade-dealer",
     "dealer/renegade-dealer-api",
     "funds-manager/funds-manager-api",
     "funds-manager/funds-manager-server",
     "price-reporter",
-    "auth-server",
 ]
 
 [profile.bench]

auth/auth-server-api/Cargo.toml

@@ -0,0 +1,8 @@
+[package]
+name = "auth-server-api"
+version = "0.1.0"
+edition = "2021"
+
+[dependencies]
+serde = { version = "1.0", features = ["derive"] }
+uuid = "1.0"

auth/auth-server-api/src/lib.rs

@@ -0,0 +1,36 @@
+//! API types for the auth server
+
+#![deny(missing_docs)]
+#![deny(clippy::missing_docs_in_private_items)]
+#![deny(unsafe_code)]
+#![deny(clippy::needless_pass_by_ref_mut)]
+#![feature(trivial_bounds)]
+
+use serde::Deserialize;
+use uuid::Uuid;
+
+// ----------------------
+// | API Key Management |
+// ----------------------
+
+/// The path to create a new API key
+///
+/// POST /api-keys
+pub const API_KEYS_PATH: &str = "api-keys";
+/// The path to mark an API key as inactive
+///
+/// POST /api-keys/{id}/deactivate
+pub const DEACTIVATE_API_KEY_PATH: &str = "deactivate";
+
+/// A request to create a new API key
+#[derive(Debug, Deserialize)]
+pub struct CreateApiKeyRequest {
+    /// The API key id
+    pub id: Uuid,
+    /// The API key secret
+    ///
+    /// Expected as a base64 encoded string
+    pub secret: String,
+    /// The name of the API key
+    pub name: String,
+}

auth-server/Cargo.toml → auth/auth-server/Cargo.toml

@@ -14,16 +14,27 @@ warp = "0.3"
 
 # === Database === #
 bb8 = "0.8"
-diesel = { version = "2", features = ["postgres"] }
+diesel = { version = "2", features = ["postgres", "chrono", "uuid"] }
 diesel-async = { version = "0.4", features = ["postgres", "bb8"] }
 tokio-postgres = "0.7"
 postgres-native-tls = "0.5"
 native-tls = "0.2"
 
+# === Cryptography === #
+aes-gcm = "0.10.1"
+rand = "0.8.5"
+
+# === Renegade Dependencies === #
+auth-server-api = { path = "../auth-server-api" }
+renegade-utils = { package = "util", git = "https://github.com/renegade-fi/renegade" }
+
 # === Misc Dependencies === #
+base64 = "0.22.1"
 bytes = "1.0"
+chrono = { version = "0.4", features = ["serde"] }
 futures-util = "0.3"
 serde = { version = "1.0", features = ["derive"] }
 serde_json = "1.0"
 thiserror = "1.0"
 tracing = "0.1"
+uuid = { version = "1.0", features = ["serde", "v4"] }

auth/auth-server/src/error.rs

@@ -0,0 +1,38 @@
+//! Error types for the auth server
+
+use thiserror::Error;
+
+/// Custom error type for server errors
+#[derive(Error, Debug)]
+pub enum AuthServerError {
+    /// Database connection error
+    #[error("Database connection error: {0}")]
+    DatabaseConnection(String),
+
+    /// Encryption error
+    #[error("Encryption error: {0}")]
+    Encryption(String),
+
+    /// Decryption error
+    #[error("Decryption error: {0}")]
+    Decryption(String),
+}
+
+impl AuthServerError {
+    /// Create a new database connection error
+    pub fn db<T: ToString>(msg: T) -> Self {
+        Self::DatabaseConnection(msg.to_string())
+    }
+
+    /// Create a new encryption error
+    pub fn encryption<T: ToString>(msg: T) -> Self {
+        Self::Encryption(msg.to_string())
+    }
+
+    /// Create a new decryption error
+    pub fn decryption<T: ToString>(msg: T) -> Self {
+        Self::Decryption(msg.to_string())
+    }
+}
+
+impl warp::reject::Reject for AuthServerError {}