aws-crt-cpp
C++ wrapper around the aws-c-* libraries. Provides Cross-Platform Transport Protocols and SSL/TLS implementations for C++.
Credentials.h
Go to the documentation of this file.
1#pragma once
7#include <aws/crt/Exports.h>
8#include <aws/crt/Types.h>
11
12#include <chrono>
13#include <functional>
14
15struct aws_credentials;
16struct aws_credentials_provider;
17
18namespace Aws
19{
20 namespace Crt
21 {
22 namespace Io
23 {
24 class ClientBootstrap;
25 }
26
27 namespace Http
28 {
30 }
31
32 namespace Auth
33 {
38 {
39 public:
40 Credentials(const aws_credentials *credentials) noexcept;
42 ByteCursor access_key_id,
43 ByteCursor secret_access_key,
44 ByteCursor session_token,
45 uint64_t expiration_timepoint_in_seconds,
46 Allocator *allocator = g_allocator) noexcept;
47
49
50 Credentials(const Credentials &) = delete;
52 Credentials &operator=(const Credentials &) = delete;
54
58 ByteCursor GetAccessKeyId() const noexcept;
59
63 ByteCursor GetSecretAccessKey() const noexcept;
64
68 ByteCursor GetSessionToken() const noexcept;
69
73 uint64_t GetExpirationTimepointInSeconds() const noexcept;
74
78 explicit operator bool() const noexcept;
79
83 const aws_credentials *GetUnderlyingHandle() const noexcept { return m_credentials; }
84
85 private:
86 const aws_credentials *m_credentials;
87 };
88
93 using OnCredentialsResolved = std::function<void(std::shared_ptr<Credentials>, int errorCode)>;
94
98 using GetCredentialsHandler = std::function<std::shared_ptr<Credentials>()>;
99
104 class AWS_CRT_CPP_API ICredentialsProvider : public std::enable_shared_from_this<ICredentialsProvider>
105 {
106 public:
107 virtual ~ICredentialsProvider() = default;
108
112 virtual bool GetCredentials(const OnCredentialsResolved &onCredentialsResolved) const = 0;
113
120 virtual aws_credentials_provider *GetUnderlyingHandle() const noexcept = 0;
121
125 virtual bool IsValid() const noexcept = 0;
126 };
127
132 {
134 {
135 AWS_ZERO_STRUCT(AccessKeyId);
136 AWS_ZERO_STRUCT(SecretAccessKey);
137 AWS_ZERO_STRUCT(SessionToken);
138 }
139
144
149
154 };
155
160 {
161 CredentialsProviderProfileConfig() : Bootstrap(nullptr), TlsContext(nullptr)
162 {
163 AWS_ZERO_STRUCT(ProfileNameOverride);
164 AWS_ZERO_STRUCT(ConfigFileNameOverride);
165 AWS_ZERO_STRUCT(CredentialsFileNameOverride);
166 }
167
172
178
184
190
200 };
201
206 {
207 CredentialsProviderImdsConfig() : Bootstrap(nullptr) {}
208
217 };
218
225 {
227
232 };
233
238 {
239 CredentialsProviderCachedConfig() : Provider(), CachedCredentialTTL() {}
240
244 std::shared_ptr<ICredentialsProvider> Provider;
245
249 std::chrono::milliseconds CachedCredentialTTL;
250 };
251
259 {
260 CredentialsProviderChainDefaultConfig() : Bootstrap(nullptr), TlsContext(nullptr) {}
261
269
278 };
279
284 {
286 : Bootstrap(nullptr), TlsOptions(), ThingName(), RoleAlias(), Endpoint(), ProxyOptions()
287 {
288 }
289
298
299 /* TLS connection options that have been initialized with your x509 certificate and private key */
301
302 /* IoT thing name you registered with AWS IOT for your device, it will be used in http request header */
304
305 /* Iot role alias you created with AWS IoT for your IAM role, it will be used in http request path */
307
315
320 };
321
326 {
327 /* handler to provider credentials */
329 };
330
338 {
339 public:
340 CredentialsProvider(aws_credentials_provider *provider, Allocator *allocator = g_allocator) noexcept;
341
342 virtual ~CredentialsProvider();
343
348
352 virtual bool GetCredentials(const OnCredentialsResolved &onCredentialsResolved) const override;
353
357 virtual aws_credentials_provider *GetUnderlyingHandle() const noexcept override { return m_provider; }
358
362 virtual bool IsValid() const noexcept override { return m_provider != nullptr; }
363
364 /*
365 * Factory methods for all of the basic credentials provider types
366 */
367
371 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderStatic(
373 Allocator *allocator = g_allocator);
374
378 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderEnvironment(
379 Allocator *allocator = g_allocator);
380
384 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderProfile(
386 Allocator *allocator = g_allocator);
387
391 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderImds(
392 const CredentialsProviderImdsConfig &config,
393 Allocator *allocator = g_allocator);
394
399 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderChain(
400 const CredentialsProviderChainConfig &config,
401 Allocator *allocator = g_allocator);
402
403 /*
404 * Creates a provider that puts a simple time-based cache in front of its queries
405 * to a subordinate provider.
406 */
407 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderCached(
409 Allocator *allocator = g_allocator);
410
417 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderChainDefault(
419 Allocator *allocator = g_allocator);
420
425 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderX509(
426 const CredentialsProviderX509Config &config,
427 Allocator *allocator = g_allocator);
428
433 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderDelegate(
435 Allocator *allocator = g_allocator);
436
437 private:
438 static void s_onCredentialsResolved(aws_credentials *credentials, int error_code, void *user_data);
439
440 Allocator *m_allocator;
441 aws_credentials_provider *m_provider;
442 };
443 } // namespace Auth
444 } // namespace Crt
445} // namespace Aws
#define AWS_CRT_CPP_API
Definition: Exports.h:37
Definition: Credentials.h:38
Credentials & operator=(Credentials &&)=delete
Credentials & operator=(const Credentials &)=delete
Credentials(const Credentials &)=delete
Credentials(Credentials &&)=delete
Definition: Credentials.h:338
CredentialsProvider & operator=(CredentialsProvider &&)=delete
virtual aws_credentials_provider * GetUnderlyingHandle() const noexcept override
Definition: Credentials.h:357
CredentialsProvider(const CredentialsProvider &)=delete
virtual bool IsValid() const noexcept override
Definition: Credentials.h:362
CredentialsProvider(CredentialsProvider &&)=delete
CredentialsProvider & operator=(const CredentialsProvider &)=delete
Definition: Credentials.h:105
virtual bool GetCredentials(const OnCredentialsResolved &onCredentialsResolved) const =0
virtual aws_credentials_provider * GetUnderlyingHandle() const noexcept=0
Definition: HttpConnection.h:270
Definition: Bootstrap.h:35
Definition: TlsOptions.h:286
Definition: TlsOptions.h:343
Definition: Optional.h:17
std::function< void(std::shared_ptr< Credentials >, int errorCode)> OnCredentialsResolved
Definition: Credentials.h:93
std::function< std::shared_ptr< Credentials >()> GetCredentialsHandler
Definition: Credentials.h:98
aws_byte_cursor ByteCursor
Definition: Types.h:33
aws_allocator Allocator
Definition: StlAllocator.h:17
AWS_CRT_CPP_API Allocator * g_allocator
Definition: Api.cpp:23
std::basic_string< char, std::char_traits< char >, StlAllocator< char > > String
Definition: Types.h:47
std::vector< T, StlAllocator< T > > Vector
Definition: Types.h:55
Definition: Api.h:14
std::shared_ptr< ICredentialsProvider > Provider
Definition: Credentials.h:244
CredentialsProviderCachedConfig()
Definition: Credentials.h:239
std::chrono::milliseconds CachedCredentialTTL
Definition: Credentials.h:249
CredentialsProviderChainConfig()
Definition: Credentials.h:226
Vector< std::shared_ptr< ICredentialsProvider > > Providers
Definition: Credentials.h:231
Io::TlsContext * TlsContext
Definition: Credentials.h:277
Io::ClientBootstrap * Bootstrap
Definition: Credentials.h:268
CredentialsProviderChainDefaultConfig()
Definition: Credentials.h:260
GetCredentialsHandler Handler
Definition: Credentials.h:328
CredentialsProviderImdsConfig()
Definition: Credentials.h:207
Io::ClientBootstrap * Bootstrap
Definition: Credentials.h:216
ByteCursor ConfigFileNameOverride
Definition: Credentials.h:177
ByteCursor CredentialsFileNameOverride
Definition: Credentials.h:183
ByteCursor ProfileNameOverride
Definition: Credentials.h:171
Io::ClientBootstrap * Bootstrap
Definition: Credentials.h:189
CredentialsProviderProfileConfig()
Definition: Credentials.h:161
Io::TlsContext * TlsContext
Definition: Credentials.h:199
ByteCursor SecretAccessKey
Definition: Credentials.h:148
ByteCursor AccessKeyId
Definition: Credentials.h:143
CredentialsProviderStaticConfig()
Definition: Credentials.h:133
ByteCursor SessionToken
Definition: Credentials.h:153
Optional< Http::HttpClientConnectionProxyOptions > ProxyOptions
Definition: Credentials.h:319
CredentialsProviderX509Config()
Definition: Credentials.h:285
String Endpoint
Definition: Credentials.h:314
String ThingName
Definition: Credentials.h:303
String RoleAlias
Definition: Credentials.h:306
Io::ClientBootstrap * Bootstrap
Definition: Credentials.h:297
Io::TlsConnectionOptions TlsOptions
Definition: Credentials.h:300