Different functional behavior between the Rust library and the Go module

[euskadi31]

Hi,

I wanted to retrieve the user id via a Query but it returned an empty slice.

Example:

Public Key iWlbYg08RKVFTobd/O5U9UOkgtc4vyp6I3eOXLRp7AE= // use base64.StdEncoding.DecodeString

Token: EnkKDxIAGAMiCQoHCAoSAxDRCRIkCAASIDw-FMjPGu38xq_hhpx7__ESWLn4TaPP25SiOIkK3AJAGkAmyrsV1iJn7x8fRBra2f9VPAtO1wuOQwlqU-GUivSNdLef8ksUUGTwKMeQXrZzOyWthKOodgCrSqAet9DimPYFIiIKIHekAqed-ehAMGbz1eXeul0J5j_CvnF7U-kw-Lwe_7o9 // use base64.URLEncoding.DecodeString

Biscuit Authority Block :

user(1233);

PoC:

authorizer, _ := b.Authorizer(ed25519.PublicKey(...))

rule, _ := parser.FromStringRule(`data($id) <- user($id)`)

facts, _ := authorizer.Query(rule)

spew.Dump(facts)

Current

(biscuit.FactSet) []

Expected:

(biscuit.FactSet) (len=1 cap=1) [
    data(1233)
]

Problem:

In Go the world is build in func (v *authorizer) Authorize() error see: https://github.com/biscuit-auth/biscuit-go/blob/ec4a70121782d1357c5a53e738ed46b0134ef770/authorizer.go#L114

In Rust the world is build in pub fn authorizer(&self) -> Result<Authorizer, error::Token> see: https://github.com/biscuit-auth/biscuit-rust/blob/132b0c9ddc02d2266ab9e06b3a0ef6808fe040f7/biscuit-auth/src/token/authorizer.rs#L150

Thx @akanoa for help !

[divarvel]

Hi, thanks for the report! So currently the workaround would be to create an authorizer and call authorize before querying it.

I think that the go library could benefit from an API overhaul anyway, to make it consistent with other libraries. The issues you mentioned would be in the list of needed improvements.

I have limited time and go knowledge to handle it myself, but i would be happy providing guidance to anyone willing to carry this project out.