lokinet/llarp/service/auth.hpp

101 lines
2.4 KiB
C++
Raw Normal View History

2020-05-28 11:07:32 +00:00
#pragma once
#include <optional>
#include <string>
2020-05-28 11:21:47 +00:00
#include <functional>
2020-05-28 11:07:32 +00:00
#include "address.hpp"
#include "handler.hpp"
#include <llarp/crypto/types.hpp>
2020-05-28 11:07:32 +00:00
namespace llarp::service
{
2021-02-24 12:14:15 +00:00
/// authentication status code
2021-02-24 18:50:45 +00:00
enum class AuthResultCode : uint64_t
2020-05-28 11:07:32 +00:00
{
/// explicitly accepted
2021-02-24 18:50:45 +00:00
eAuthAccepted = 0,
2020-05-28 11:07:32 +00:00
/// explicitly rejected
2021-02-24 18:50:45 +00:00
eAuthRejected = 1,
2020-05-28 11:07:32 +00:00
/// attempt failed
2021-02-24 18:50:45 +00:00
eAuthFailed = 2,
2020-05-28 11:07:32 +00:00
/// attempt rate limited
2021-02-24 18:50:45 +00:00
eAuthRateLimit = 3,
2020-05-28 11:07:32 +00:00
/// need mo munny
2021-02-24 18:50:45 +00:00
eAuthPaymentRequired = 4
2020-05-28 11:07:32 +00:00
};
2021-02-24 18:41:23 +00:00
/// turn an auth result code into an int
uint64_t
AuthResultCodeAsInt(AuthResultCode code);
/// may turn an int into an auth result code
std::optional<AuthResultCode>
AuthResultCodeFromInt(uint64_t code);
2021-02-24 12:14:15 +00:00
/// auth result object with code and reason
struct AuthResult
{
AuthResultCode code;
std::string reason;
};
2021-01-01 18:55:31 +00:00
2020-05-28 11:07:32 +00:00
/// maybe get auth result from string
2021-02-24 12:14:15 +00:00
std::optional<AuthResultCode>
ParseAuthResultCode(std::string data);
2020-05-28 11:07:32 +00:00
struct IAuthPolicy
{
2022-01-31 21:02:30 +00:00
virtual ~IAuthPolicy() = default;
2020-05-28 11:07:32 +00:00
/// asynchronously determine if we accept new convotag from remote service, call hook with
/// result later
virtual void
AuthenticateAsync(
2021-01-01 18:55:31 +00:00
std::shared_ptr<ProtocolMessage> msg, std::function<void(AuthResult)> hook) = 0;
/// return true if we are asynchronously processing authentication on this convotag
virtual bool
AsyncAuthPending(ConvoTag tag) const = 0;
2020-05-28 11:07:32 +00:00
};
/// info needed by clients in order to authenticate to a remote endpoint
struct AuthInfo
{
std::string token;
};
/// what kind of backend to use for auth
enum class AuthType
{
/// no authentication
eAuthTypeNone,
/// manual whitelist
eAuthTypeWhitelist,
/// LMQ server
2022-01-17 12:57:08 +00:00
eAuthTypeLMQ,
/// static file
2022-01-17 12:57:08 +00:00
eAuthTypeFile,
};
/// how to interpret an file for auth
enum class AuthFileType
{
eAuthFilePlain,
eAuthFileHashes,
};
/// get an auth type from a string
/// throws std::invalid_argument if arg is invalid
AuthType
ParseAuthType(std::string arg);
/// get an auth file type from a string
/// throws std::invalid_argument if arg is invalid
AuthFileType
ParseAuthFileType(std::string arg);
2022-01-17 12:57:08 +00:00
/// make an IAuthPolicy that reads out of a static file
std::shared_ptr<IAuthPolicy>
MakeFileAuthPolicy(AbstractRouter*, std::set<fs::path> files, AuthFileType fileType);
2022-01-17 12:57:08 +00:00
2020-05-28 11:07:32 +00:00
} // namespace llarp::service