Apache Mesos
Public Member Functions | List of all members
mesos::http::authentication::CombinedAuthenticator Class Reference

An authenticator which holds references to multiple authenticators. More...

#include <combined_authenticator.hpp>

Inheritance diagram for mesos::http::authentication::CombinedAuthenticator:
process::http::authentication::Authenticator

Public Member Functions

 CombinedAuthenticator (const std::string &realm, std::vector< process::Owned< process::http::authentication::Authenticator >> &&authenticators)
 
 CombinedAuthenticator (const CombinedAuthenticator &)=delete
 Non-copyable to protect the ownership of the installed authenticators. More...
 
 ~CombinedAuthenticator () override
 
process::Future
< process::http::authentication::AuthenticationResult
authenticate (const process::http::Request &request) override
 Authenticates using the installed authenticators. More...
 
std::string scheme () const override
 Returns the authentication schemes offered by the installed authenticators, separated by whitespace. More...
 
- Public Member Functions inherited from process::http::authentication::Authenticator
virtual ~Authenticator ()
 

Detailed Description

An authenticator which holds references to multiple authenticators.

Constructor & Destructor Documentation

mesos::http::authentication::CombinedAuthenticator::CombinedAuthenticator ( const std::string &  realm,
std::vector< process::Owned< process::http::authentication::Authenticator >> &&  authenticators 
)
mesos::http::authentication::CombinedAuthenticator::CombinedAuthenticator ( const CombinedAuthenticator )
delete

Non-copyable to protect the ownership of the installed authenticators.

mesos::http::authentication::CombinedAuthenticator::~CombinedAuthenticator ( )
override

Member Function Documentation

process::Future<process::http::authentication::AuthenticationResult> mesos::http::authentication::CombinedAuthenticator::authenticate ( const process::http::Request request)
overridevirtual

Authenticates using the installed authenticators.

When called, the authenticate() method of each authenticator is called serially, and the first successful result is returned. If all authentication attempts fail, the failed results are combined as follows:

  • If any results are Unauthorized, then the Unauthorized results are merged and returned.
  • If no Unauthorized results are found, then multiple Forbidden results may be present. The Forbidden results are combined and returned.
  • If no Forbidden results are found, then failed futures may be present. Their error messages are combined and returned in a failed future.

Below are examples illustrating various combinations of authentication results when two authenticators are installed. In these examples, the scheme() method of one authenticator returns "Basic". The other returns "Bearer". These schemes are used when combining response bodies.

Both authentication results are Unauthorized:

  • First result: Status code: 401 'WWW-Authenticate' header: 'Basic realm="mesos"' Response body: 'Incorrect credentials'
  • Second result: Status code: 401 'WWW-Authenticate' header: 'Bearer realm="mesos"' Response body: 'Invalid token'
  • Returned result: Status code: 401 'WWW-Authenticate' header: 'Basic realm="mesos",Bearer realm="mesos"' Response body: '"Basic" authenticator returned:
    ' 'Incorrect credentials

    ' '"Bearer" authenticator returned:
    ' 'Invalid token'

One Unauthorized result and one Forbidden:

  • First result: Status code: 401 'WWW-Authenticate' header: 'Basic realm="mesos"' Response body: 'Incorrect credentials'
  • Second result: Status code: 403 Response body: 'Not authorized'
  • Returned result: Status code: 401 'WWW-Authenticate' header: 'Basic realm="mesos"' Response body: 'Incorrect credentials'

Both authentication results are Forbidden:

  • First result: Status code: 403 Response body: 'Basic: not authorized'
  • Second result: Status code: 403 Response body: 'Bearer: not authorized'
  • Returned result: Status code: 403 Response body: '"Basic" authenticator returned:
    ' 'Basic: not authorized

    ' '"Bearer" authenticator returned:
    ' 'Bearer: not authorized'

Implements process::http::authentication::Authenticator.

std::string mesos::http::authentication::CombinedAuthenticator::scheme ( ) const
overridevirtual

Returns the authentication schemes offered by the installed authenticators, separated by whitespace.

Implements process::http::authentication::Authenticator.


The documentation for this class was generated from the following file: