Skip to content
Snippets Groups Projects
Select Git revision
  • 9d461b7ebae2db4b5402b8af8dbeb321d18158c5
  • main default protected
  • dev protected
  • f-linkahead-rename
  • f-real-id
  • f-filesystem-import
  • f-filesystem-link
  • f-filesystem-directory
  • f-filesystem-core
  • f-filesystem-cleanup
  • f-filesystem-main
  • f-name
  • keep_changes
  • f-permission-checks-2
  • f-mysql8-tests
  • f-retrieve-history
  • t-distinct-parents
  • v8.1.0
  • v8.0.0
  • v7.0.2
  • v7.0.1
  • v7.0.0
  • v6.0.1
  • v6.0.0
  • v5.0.0
  • v4.1.0
  • v4.0.0
  • v3.0
  • v2.0.30
29 results

helpers.sh

    • Code owners
    Assign users and groups as approvers for specific file changes. Learn more.
    authentication.h 3.02 KiB 
    /*
 * This file is a part of the CaosDB Project.
 *
 * Copyright (C) 2021 Timm Fitschen <t.fitschen@indiscale.com>
 * Copyright (C) 2021 IndiScale GmbH <info@indiscale.com>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as
 * published by the Free Software Foundation, either version 3 of the
 * License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program. If not, see <https://www.gnu.org/licenses/>.
 *
 */

#ifndef CAOSDB_AUTHENTICATION_H
#define CAOSDB_AUTHENTICATION_H
/**
 * @file caosdb/authentication.h
 * @author Timm Fitschen
 * @date 2021-06-28
 * @brief Configuration and setup of the client authentication.
 */

#include <grpcpp/security/credentials.h>               // for CallCredentials
#include <map>                                         // for multimap
#include <memory>                                      // for shared_ptr
#include <string>                                      // for string
#include "caosdb/utility.h"                            // for base64_encode
#include "grpcpp/impl/codegen/interceptor.h"           // for Status
#include "grpcpp/impl/codegen/security/auth_context.h" // for AuthContext
#include "grpcpp/impl/codegen/status.h"                // for Status
#include "grpcpp/impl/codegen/string_ref.h"            // for string_ref

namespace caosdb {
namespace authentication {
using caosdb::utility::base64_encode;
using grpc::AuthContext;
using grpc::MetadataCredentialsPlugin;
using grpc::Status;
using grpc::string_ref;

/**
 * @brief Abstract base class for authenticators.
 */
class Authenticator {
public:
  [[nodiscard]] virtual auto GetCallCredentials() const
    -> std::shared_ptr<grpc::CallCredentials> = 0;
};

/**
 * @brief Implementation of a MetadataCredentialsPlugin which my be created by
 * any implementation of the Authenticator class. Only intended for internal
 * use.
 */
class MetadataCredentialsPluginImpl : public MetadataCredentialsPlugin {
private:
  std::string key;
  std::string value;

public:
  MetadataCredentialsPluginImpl(std::string key, std::string value);

      auto GetMetadata(string_ref service_url, string_ref method_name,
                   const AuthContext &channel_auth_context,
                   std::multimap<grpc::string, grpc::string> *metadata)
    -> Status override;
};

class PlainPasswordAuthenticator : public Authenticator {
private:
  std::string basic;

public:
  PlainPasswordAuthenticator(const std::string &username,
                             const std::string &password);

  [[nodiscard]] auto GetCallCredentials() const
    -> std::shared_ptr<grpc::CallCredentials> override;
};
} // namespace authentication
} // namespace caosdb
#endif