2020-05-28 11:07:32 +00:00
|
|
|
#pragma once
|
|
|
|
#include <optional>
|
|
|
|
#include <string>
|
2020-05-28 11:21:47 +00:00
|
|
|
#include <functional>
|
2020-05-28 11:07:32 +00:00
|
|
|
#include "address.hpp"
|
|
|
|
#include "handler.hpp"
|
2021-03-09 22:24:35 +00:00
|
|
|
#include <llarp/crypto/types.hpp>
|
2020-05-28 11:07:32 +00:00
|
|
|
|
|
|
|
namespace llarp::service
|
|
|
|
{
|
2021-02-24 12:14:15 +00:00
|
|
|
/// authentication status code
|
2021-02-24 18:50:45 +00:00
|
|
|
enum class AuthResultCode : uint64_t
|
2020-05-28 11:07:32 +00:00
|
|
|
{
|
|
|
|
/// explicitly accepted
|
2021-02-24 18:50:45 +00:00
|
|
|
eAuthAccepted = 0,
|
2020-05-28 11:07:32 +00:00
|
|
|
/// explicitly rejected
|
2021-02-24 18:50:45 +00:00
|
|
|
eAuthRejected = 1,
|
2020-05-28 11:07:32 +00:00
|
|
|
/// attempt failed
|
2021-02-24 18:50:45 +00:00
|
|
|
eAuthFailed = 2,
|
2020-05-28 11:07:32 +00:00
|
|
|
/// attempt rate limited
|
2021-02-24 18:50:45 +00:00
|
|
|
eAuthRateLimit = 3,
|
2020-05-28 11:07:32 +00:00
|
|
|
/// need mo munny
|
2021-02-24 18:50:45 +00:00
|
|
|
eAuthPaymentRequired = 4
|
2020-05-28 11:07:32 +00:00
|
|
|
};
|
|
|
|
|
2021-02-24 18:41:23 +00:00
|
|
|
/// turn an auth result code into an int
|
|
|
|
uint64_t
|
|
|
|
AuthResultCodeAsInt(AuthResultCode code);
|
|
|
|
|
|
|
|
/// may turn an int into an auth result code
|
|
|
|
std::optional<AuthResultCode>
|
|
|
|
AuthResultCodeFromInt(uint64_t code);
|
|
|
|
|
2021-02-24 12:14:15 +00:00
|
|
|
/// auth result object with code and reason
|
|
|
|
struct AuthResult
|
|
|
|
{
|
|
|
|
AuthResultCode code;
|
|
|
|
std::string reason;
|
|
|
|
};
|
2021-01-01 18:55:31 +00:00
|
|
|
|
2020-05-28 11:07:32 +00:00
|
|
|
/// maybe get auth result from string
|
2021-02-24 12:14:15 +00:00
|
|
|
std::optional<AuthResultCode>
|
|
|
|
ParseAuthResultCode(std::string data);
|
2020-05-28 11:07:32 +00:00
|
|
|
|
|
|
|
struct IAuthPolicy
|
|
|
|
{
|
2022-01-31 21:02:30 +00:00
|
|
|
virtual ~IAuthPolicy() = default;
|
2020-05-28 11:07:32 +00:00
|
|
|
|
|
|
|
/// asynchronously determine if we accept new convotag from remote service, call hook with
|
|
|
|
/// result later
|
|
|
|
virtual void
|
|
|
|
AuthenticateAsync(
|
2021-01-01 18:55:31 +00:00
|
|
|
std::shared_ptr<ProtocolMessage> msg, std::function<void(AuthResult)> hook) = 0;
|
|
|
|
|
|
|
|
/// return true if we are asynchronously processing authentication on this convotag
|
|
|
|
virtual bool
|
|
|
|
AsyncAuthPending(ConvoTag tag) const = 0;
|
2020-05-28 11:07:32 +00:00
|
|
|
};
|
2020-06-24 13:24:07 +00:00
|
|
|
|
|
|
|
/// info needed by clients in order to authenticate to a remote endpoint
|
|
|
|
struct AuthInfo
|
|
|
|
{
|
|
|
|
std::string token;
|
|
|
|
};
|
|
|
|
|
2020-06-30 16:02:29 +00:00
|
|
|
/// what kind of backend to use for auth
|
|
|
|
enum class AuthType
|
|
|
|
{
|
|
|
|
/// no authentication
|
|
|
|
eAuthTypeNone,
|
|
|
|
/// manual whitelist
|
|
|
|
eAuthTypeWhitelist,
|
|
|
|
/// LMQ server
|
2022-01-17 12:57:08 +00:00
|
|
|
eAuthTypeLMQ,
|
2022-04-01 16:52:25 +00:00
|
|
|
/// static file
|
2022-01-17 12:57:08 +00:00
|
|
|
eAuthTypeFile,
|
2020-06-30 16:02:29 +00:00
|
|
|
};
|
|
|
|
|
2022-04-01 16:52:25 +00:00
|
|
|
/// how to interpret an file for auth
|
|
|
|
enum class AuthFileType
|
|
|
|
{
|
|
|
|
eAuthFilePlain,
|
|
|
|
eAuthFileHashes,
|
|
|
|
};
|
|
|
|
|
2020-06-30 16:02:29 +00:00
|
|
|
/// get an auth type from a string
|
|
|
|
/// throws std::invalid_argument if arg is invalid
|
|
|
|
AuthType
|
|
|
|
ParseAuthType(std::string arg);
|
|
|
|
|
2022-04-01 16:52:25 +00:00
|
|
|
/// get an auth file type from a string
|
|
|
|
/// throws std::invalid_argument if arg is invalid
|
|
|
|
AuthFileType
|
|
|
|
ParseAuthFileType(std::string arg);
|
|
|
|
|
2022-01-17 12:57:08 +00:00
|
|
|
/// make an IAuthPolicy that reads out of a static file
|
|
|
|
std::shared_ptr<IAuthPolicy>
|
2022-04-01 16:52:25 +00:00
|
|
|
MakeFileAuthPolicy(AbstractRouter*, std::set<fs::path> files, AuthFileType fileType);
|
2022-01-17 12:57:08 +00:00
|
|
|
|
2020-05-28 11:07:32 +00:00
|
|
|
} // namespace llarp::service
|