Apache Mesos
authenticator.hpp
Go to the documentation of this file.
1 // Licensed under the Apache License, Version 2.0 (the "License");
2 // you may not use this file except in compliance with the License.
3 // You may obtain a copy of the License at
4 //
5 // http://www.apache.org/licenses/LICENSE-2.0
6 //
7 // Unless required by applicable law or agreed to in writing, software
8 // distributed under the License is distributed on an "AS IS" BASIS,
9 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
10 // See the License for the specific language governing permissions and
11 // limitations under the License
12 
13 #ifndef __PROCESS_AUTHENTICATOR_HPP__
14 #define __PROCESS_AUTHENTICATOR_HPP__
15 
16 #include <iosfwd>
17 #include <string>
18 
19 #include <process/future.hpp>
20 #include <process/http.hpp>
21 
22 #include <stout/hashmap.hpp>
23 #include <stout/option.hpp>
24 
25 namespace process {
26 namespace http {
27 namespace authentication {
28 
29 class BasicAuthenticatorProcess;
30 #ifdef USE_SSL_SOCKET
31 class JWTAuthenticatorProcess;
32 #endif // USE_SSL_SOCKET
33 
41 struct Principal
42 {
43  Principal() = delete;
44 
46  : value(_value) {}
47 
49  const Option<std::string>& _value,
50  const hashmap<std::string, std::string>& _claims)
51  : value(_value), claims(_claims) {}
52 
53  bool operator==(const Principal& that) const
54  {
55  return this->value == that.value && this->claims == that.claims;
56  }
57 
58  bool operator==(const std::string& that) const
59  {
60  return this->value == that;
61  }
62 
63  bool operator!=(const std::string& that) const
64  {
65  return !(*this == that);
66  }
67 
70 };
71 
72 
73 std::ostream& operator<<(std::ostream& stream, const Principal& principal);
74 
75 
92 {
96 };
97 
98 
104 {
105 public:
106  virtual ~Authenticator() {}
107 
116  // TODO(arojas): Add support for per-connection authentication.
117  // Note that passing the socket is dangerous here because the
118  // authenticator may hold a copy preventing the reference
119  // counted socket from being closed.
121  const Request& request) = 0;
122 
126  virtual std::string scheme() const = 0;
127 };
128 
129 
135 {
136 public:
138  const std::string& realm,
139  const hashmap<std::string, std::string>& credentials);
140 
141  ~BasicAuthenticator() override;
142 
144  const http::Request& request) override;
145 
146  std::string scheme() const override;
147 
148 private:
150 };
151 
152 
153 #ifdef USE_SSL_SOCKET
154 
164 class JWTAuthenticator : public Authenticator
165 {
166 public:
167  JWTAuthenticator(const std::string& realm, const std::string& secret);
168 
169  ~JWTAuthenticator() override;
170 
171  Future<AuthenticationResult> authenticate(
172  const http::Request& request) override;
173 
174  std::string scheme() const override;
175 
176 private:
178 };
179 #endif // USE_SSL_SOCKET
180 
181 } // namespace authentication {
182 } // namespace http {
183 } // namespace process {
184 
185 #endif // __PROCESS_AUTHENTICATOR_HPP__
virtual ~Authenticator()
Definition: authenticator.hpp:106
Future< Response > request(const Request &request, bool streamedResponse=false)
Asynchronously sends an HTTP request to the process and returns the HTTP response once the entire res...
Principal(const Option< std::string > &_value, const hashmap< std::string, std::string > &_claims)
Definition: authenticator.hpp:48
BasicAuthenticator(const std::string &realm, const hashmap< std::string, std::string > &credentials)
virtual Future< AuthenticationResult > authenticate(const Request &request)=0
Authenticates the given HTTP request.
bool operator==(const std::string &that) const
Definition: authenticator.hpp:58
Option< std::string > value
Definition: authenticator.hpp:68
Definition: http.hpp:518
Option< Principal > principal
Definition: authenticator.hpp:93
Represents the result of authenticating a request.
Definition: authenticator.hpp:91
Option< Forbidden > forbidden
Definition: authenticator.hpp:95
The Authenticator interface allows us to implement different authenticators based on the scheme (e...
Definition: authenticator.hpp:103
Implements the &quot;Basic&quot; authentication scheme using a fixed set of credentials.
Definition: authenticator.hpp:134
Principal(const Option< std::string > &_value)
Definition: authenticator.hpp:45
bool operator!=(const std::string &that) const
Definition: authenticator.hpp:63
bool operator==(const Principal &that) const
Definition: authenticator.hpp:53
Future< AuthenticationResult > authenticate(const http::Request &request) override
Authenticates the given HTTP request.
Option< Unauthorized > unauthorized
Definition: authenticator.hpp:94
Result< Process > process(pid_t pid)
Definition: freebsd.hpp:30
virtual std::string scheme() const =0
Returns the name of the authentication scheme implemented.
Contains information associated with an authenticated principal.
Definition: authenticator.hpp:41
URI http(const std::string &host, const std::string &path="/", const Option< int > &port=None(), const Option< std::string > &query=None(), const Option< std::string > &fragment=None(), const Option< std::string > &user=None(), const Option< std::string > &password=None())
Creates an http URI with the given parameters.
Definition: http.hpp:35
std::string scheme() const override
Returns the name of the authentication scheme implemented.
hashmap< std::string, std::string > claims
Definition: authenticator.hpp:69
std::ostream & operator<<(std::ostream &stream, const Principal &principal)
Definition: future.hpp:57