lokinet/llarp/service/auth.hpp

110 lines
2.3 KiB
C++
Raw Normal View History

2020-05-28 11:07:32 +00:00
#pragma once
#include "address.hpp"
2023-10-19 21:59:57 +00:00
#include <llarp/crypto/types.hpp>
#include <functional>
2020-05-28 11:07:32 +00:00
#include <optional>
#include <string>
2023-10-03 20:00:23 +00:00
namespace llarp
{
struct Router;
}
2020-05-28 11:07:32 +00:00
namespace llarp::service
{
2021-02-24 12:14:15 +00:00
/// authentication status code
2023-11-03 13:40:14 +00:00
enum class AuthCode : uint64_t
2020-05-28 11:07:32 +00:00
{
/// explicitly accepted
2023-11-03 13:40:14 +00:00
ACCEPTED = 0,
2020-05-28 11:07:32 +00:00
/// explicitly rejected
2023-11-03 13:40:14 +00:00
REJECTED = 1,
2020-05-28 11:07:32 +00:00
/// attempt failed
2023-11-03 13:40:14 +00:00
FAILED = 2,
2020-05-28 11:07:32 +00:00
/// attempt rate limited
2023-11-03 13:40:14 +00:00
RATE_LIMIT = 3,
2020-05-28 11:07:32 +00:00
/// need mo munny
2023-11-03 13:40:14 +00:00
PAYMENT_REQUIRED = 4
2020-05-28 11:07:32 +00:00
};
2021-02-24 18:41:23 +00:00
/// turn an auth result code into an int
uint64_t
2023-11-03 13:40:14 +00:00
auth_code_to_int(AuthCode code);
2021-02-24 18:41:23 +00:00
/// may turn an int into an auth result code
2023-11-03 13:40:14 +00:00
std::optional<AuthCode>
int_to_auth_code(uint64_t code);
2021-02-24 18:41:23 +00:00
2021-02-24 12:14:15 +00:00
/// auth result object with code and reason
struct AuthResult
{
2023-11-03 13:40:14 +00:00
AuthCode code;
2021-02-24 12:14:15 +00:00
std::string reason;
};
2021-01-01 18:55:31 +00:00
2023-10-03 20:00:23 +00:00
struct ProtocolMessage;
struct ConvoTag;
2020-05-28 11:07:32 +00:00
/// maybe get auth result from string
2023-11-03 13:40:14 +00:00
std::optional<AuthCode>
parse_auth_code(std::string data);
2020-05-28 11:07:32 +00:00
struct IAuthPolicy
{
2022-01-31 21:02:30 +00:00
virtual ~IAuthPolicy() = default;
2020-05-28 11:07:32 +00:00
/// asynchronously determine if we accept new convotag from remote service, call hook with
/// result later
virtual void
2023-11-03 13:40:14 +00:00
authenticate_async(
std::shared_ptr<ProtocolMessage> msg, std::function<void(std::string, bool)> hook) = 0;
2021-01-01 18:55:31 +00:00
/// return true if we are asynchronously processing authentication on this convotag
virtual bool
2023-11-03 13:40:14 +00:00
auth_async_pending(ConvoTag tag) const = 0;
2020-05-28 11:07:32 +00:00
};
/// info needed by clients in order to authenticate to a remote endpoint
struct AuthInfo
{
std::string token;
};
/// what kind of backend to use for auth
enum class AuthType
{
/// no authentication
2023-11-03 13:40:14 +00:00
NONE,
/// manual whitelist
2023-11-03 13:40:14 +00:00
WHITELIST,
/// LMQ server
2023-11-03 13:40:14 +00:00
OMQ,
/// static file
2023-11-03 13:40:14 +00:00
FILE,
};
/// how to interpret an file for auth
enum class AuthFileType
{
2023-11-03 13:40:14 +00:00
PLAIN,
HASHES,
};
/// get an auth type from a string
/// throws std::invalid_argument if arg is invalid
AuthType
2023-11-03 13:40:14 +00:00
parse_auth_type(std::string arg);
/// get an auth file type from a string
/// throws std::invalid_argument if arg is invalid
AuthFileType
2023-11-03 13:40:14 +00:00
parse_auth_file_type(std::string arg);
2022-01-17 12:57:08 +00:00
/// make an IAuthPolicy that reads out of a static file
std::shared_ptr<IAuthPolicy>
2023-11-03 13:40:14 +00:00
make_file_auth_policy(Router*, std::set<fs::path> files, AuthFileType fileType);
2022-01-17 12:57:08 +00:00
2020-05-28 11:07:32 +00:00
} // namespace llarp::service