xrootd/html/XrdMacaroonsHandler_8hh_source.html

#include <string>

#include <memory>

#include <stdexcept>

#include <vector>


#include "XrdHttp/XrdHttpExtHandler.hh"


class XrdOucEnv;

class XrdOucStream;

class XrdSecEntity;

class XrdAccAuthorize;


namespace Macaroons {


enum LogMask {

    Debug = 0x01,

    Info = 0x02,

    Warning = 0x04,

    Error = 0x08,

    All = 0xff

};


class Handler : public XrdHttpExtHandler {

public:

    Handler(XrdSysError *log, const char *config, XrdOucEnv *myEnv,

        XrdAccAuthorize *chain) :

        m_max_duration(86400),

        m_chain(chain),

        m_log(log)

    {

        AuthzBehavior behavior;

        if (!Config(config, myEnv, m_log, m_location, m_secret, m_max_duration, behavior))

        {

            throw std::runtime_error("Macaroon handler config failed.");

        }

    }


    enum AuthzBehavior {

        PASSTHROUGH,

        ALLOW,

        DENY

    };


    virtual ~Handler();


    virtual bool MatchesPath(const char *verb, const char *path) override;

    virtual int ProcessReq(XrdHttpExtReq &req) override;


    virtual int Init(const char *cfgfile) override {return 0;}


    // Static configuration method; made static to allow Authz object to reuse

    // this code.

    static bool Config(const char *config, XrdOucEnv *env, XrdSysError *log,

        std::string &location, std::string &secret, ssize_t &max_duration,

        AuthzBehavior &behavior);


private:

    std::string GenerateID(const std::string &, const XrdSecEntity &, const std::string &, const std::vector<std::string> &, const std::string &);

    std::string GenerateActivities(const XrdHttpExtReq &, const std::string &) const;


    int ProcessOAuthConfig(XrdHttpExtReq &req);

    int ProcessTokenRequest(XrdHttpExtReq& req);

    int GenerateMacaroonResponse(XrdHttpExtReq& req, const std::string &response, const std::vector<std::string> &, ssize_t validity, bool oauth_response);


    static bool xsecretkey(XrdOucStream &Config, XrdSysError *log, std::string &secret);

    static bool xsitename(XrdOucStream &Config, XrdSysError *log, std::string &location);

    static bool xtrace(XrdOucStream &Config, XrdSysError *log);

    static bool xmaxduration(XrdOucStream &Config, XrdSysError *log, ssize_t &max_duration);


    ssize_t m_max_duration;

    XrdAccAuthorize *m_chain;

    XrdSysError *m_log;

    std::string m_location;

    std::string m_secret;

};


}

XrdHttpExtHandler.hh

Macaroons::Handler
Definition: XrdMacaroonsHandler.hh:24

Macaroons::Handler::GenerateID
std::string GenerateID(const std::string &, const XrdSecEntity &, const std::string &, const std::vector< std::string > &, const std::string &)

Macaroons::Handler::m_location
std::string m_location
Definition: XrdMacaroonsHandler.hh:74

Macaroons::Handler::Handler
Handler(XrdSysError *log, const char *config, XrdOucEnv *myEnv, XrdAccAuthorize *chain)
Definition: XrdMacaroonsHandler.hh:26

Macaroons::Handler::m_max_duration
ssize_t m_max_duration
Definition: XrdMacaroonsHandler.hh:71

Macaroons::Handler::xsecretkey
static bool xsecretkey(XrdOucStream &Config, XrdSysError *log, std::string &secret)

Macaroons::Handler::Init
virtual int Init(const char *cfgfile) override
Initializes the external request handler.
Definition: XrdMacaroonsHandler.hh:50

Macaroons::Handler::AuthzBehavior
AuthzBehavior
Definition: XrdMacaroonsHandler.hh:39

Macaroons::Handler::DENY
@ DENY
Definition: XrdMacaroonsHandler.hh:42

Macaroons::Handler::ALLOW
@ ALLOW
Definition: XrdMacaroonsHandler.hh:41

Macaroons::Handler::PASSTHROUGH
@ PASSTHROUGH
Definition: XrdMacaroonsHandler.hh:40

Macaroons::Handler::m_chain
XrdAccAuthorize * m_chain
Definition: XrdMacaroonsHandler.hh:72

Macaroons::Handler::ProcessOAuthConfig
int ProcessOAuthConfig(XrdHttpExtReq &req)

Macaroons::Handler::m_log
XrdSysError * m_log
Definition: XrdMacaroonsHandler.hh:73

Macaroons::Handler::GenerateMacaroonResponse
int GenerateMacaroonResponse(XrdHttpExtReq &req, const std::string &response, const std::vector< std::string > &, ssize_t validity, bool oauth_response)

Macaroons::Handler::xmaxduration
static bool xmaxduration(XrdOucStream &Config, XrdSysError *log, ssize_t &max_duration)

Macaroons::Handler::ProcessReq
virtual int ProcessReq(XrdHttpExtReq &req) override

Macaroons::Handler::Config
static bool Config(const char *config, XrdOucEnv *env, XrdSysError *log, std::string &location, std::string &secret, ssize_t &max_duration, AuthzBehavior &behavior)

Macaroons::Handler::xtrace
static bool xtrace(XrdOucStream &Config, XrdSysError *log)

Macaroons::Handler::~Handler
virtual ~Handler()

Macaroons::Handler::GenerateActivities
std::string GenerateActivities(const XrdHttpExtReq &, const std::string &) const

Macaroons::Handler::xsitename
static bool xsitename(XrdOucStream &Config, XrdSysError *log, std::string &location)

Macaroons::Handler::ProcessTokenRequest
int ProcessTokenRequest(XrdHttpExtReq &req)

Macaroons::Handler::m_secret
std::string m_secret
Definition: XrdMacaroonsHandler.hh:75

Macaroons::Handler::MatchesPath
virtual bool MatchesPath(const char *verb, const char *path) override
Tells if the incoming path is recognized as one of the paths that have to be processed.

XrdAccAuthorize
Definition: XrdAccAuthorize.hh:65

XrdHttpExtHandler
Definition: XrdHttpExtHandler.hh:79

XrdHttpExtReq
Definition: XrdHttpExtHandler.hh:45

XrdOucEnv
Definition: XrdOucEnv.hh:42

XrdOucStream
Definition: XrdOucStream.hh:46

XrdSecEntity
Definition: XrdSecEntity.hh:52

XrdSysError
Definition: XrdSysError.hh:90

Macaroons
Definition: XrdMacaroonsAuthz.hh:9

Macaroons::LogMask
LogMask
Definition: XrdMacaroonsHandler.hh:16

Macaroons::Debug
@ Debug
Definition: XrdMacaroonsHandler.hh:17

Macaroons::Error
@ Error
Definition: XrdMacaroonsHandler.hh:20

Macaroons::Info
@ Info
Definition: XrdMacaroonsHandler.hh:18

Macaroons::Warning
@ Warning
Definition: XrdMacaroonsHandler.hh:19

Macaroons::All
@ All
Definition: XrdMacaroonsHandler.hh:21