aws-crt-cpp
C++ wrapper around the aws-c-* libraries. Provides Cross-Platform Transport Protocols and SSL/TLS implementations for C++.
Credentials.h
Go to the documentation of this file.
1#pragma once
7#include <aws/crt/Exports.h>
8#include <aws/crt/Types.h>
11
12#include <chrono>
13#include <functional>
14
15struct aws_credentials;
16struct aws_credentials_provider;
17
18namespace Aws
19{
20 namespace Crt
21 {
22 namespace Io
23 {
24 class ClientBootstrap;
25 }
26
27 namespace Http
28 {
30 }
31
32 namespace Auth
33 {
38 {
39 public:
40 Credentials(const aws_credentials *credentials) noexcept;
42 ByteCursor access_key_id,
43 ByteCursor secret_access_key,
44 ByteCursor session_token,
45 uint64_t expiration_timepoint_in_seconds,
46 Allocator *allocator = g_allocator) noexcept;
47
49
50 Credentials(const Credentials &) = delete;
52 Credentials &operator=(const Credentials &) = delete;
54
58 ByteCursor GetAccessKeyId() const noexcept;
59
63 ByteCursor GetSecretAccessKey() const noexcept;
64
68 ByteCursor GetSessionToken() const noexcept;
69
73 uint64_t GetExpirationTimepointInSeconds() const noexcept;
74
78 explicit operator bool() const noexcept;
79
83 const aws_credentials *GetUnderlyingHandle() const noexcept { return m_credentials; }
84
85 private:
86 const aws_credentials *m_credentials;
87 };
88
93 using OnCredentialsResolved = std::function<void(std::shared_ptr<Credentials>, int errorCode)>;
94
98 using GetCredentialsHandler = std::function<std::shared_ptr<Credentials>()>;
99
104 class AWS_CRT_CPP_API ICredentialsProvider : public std::enable_shared_from_this<ICredentialsProvider>
105 {
106 public:
107 virtual ~ICredentialsProvider() = default;
108
112 virtual bool GetCredentials(const OnCredentialsResolved &onCredentialsResolved) const = 0;
113
120 virtual aws_credentials_provider *GetUnderlyingHandle() const noexcept = 0;
121
125 virtual bool IsValid() const noexcept = 0;
126 };
127
132 {
134 {
135 AWS_ZERO_STRUCT(AccessKeyId);
136 AWS_ZERO_STRUCT(SecretAccessKey);
137 AWS_ZERO_STRUCT(SessionToken);
138 }
139
144
149
154 };
155
160 {
161 CredentialsProviderProfileConfig() : Bootstrap(nullptr), TlsContext(nullptr)
162 {
163 AWS_ZERO_STRUCT(ProfileNameOverride);
164 AWS_ZERO_STRUCT(ConfigFileNameOverride);
165 AWS_ZERO_STRUCT(CredentialsFileNameOverride);
166 }
167
172
178
184
190
200 };
201
206 {
207 CredentialsProviderImdsConfig() : Bootstrap(nullptr) {}
208
214 };
215
222 {
224
229 };
230
235 {
236 CredentialsProviderCachedConfig() : Provider(), CachedCredentialTTL() {}
237
241 std::shared_ptr<ICredentialsProvider> Provider;
242
246 std::chrono::milliseconds CachedCredentialTTL;
247 };
248
256 {
257 CredentialsProviderChainDefaultConfig() : Bootstrap(nullptr), TlsContext(nullptr) {}
258
263
272 };
273
278 {
280 : Bootstrap(nullptr), TlsOptions(), ThingName(), RoleAlias(), Endpoint(), ProxyOptions()
281 {
282 }
283
289
290 /* TLS connection options that have been initialized with your x509 certificate and private key */
292
293 /* IoT thing name you registered with AWS IOT for your device, it will be used in http request header */
295
296 /* Iot role alias you created with AWS IoT for your IAM role, it will be used in http request path */
298
306
311 };
312
317 {
318 /* handler to provider credentials */
320 };
321
329 {
330 public:
331 CredentialsProvider(aws_credentials_provider *provider, Allocator *allocator = g_allocator) noexcept;
332
333 virtual ~CredentialsProvider();
334
339
343 virtual bool GetCredentials(const OnCredentialsResolved &onCredentialsResolved) const override;
344
348 virtual aws_credentials_provider *GetUnderlyingHandle() const noexcept override { return m_provider; }
349
353 virtual bool IsValid() const noexcept override { return m_provider != nullptr; }
354
355 /*
356 * Factory methods for all of the basic credentials provider types
357 *
358 * NYI: X509, ECS
359 */
360
364 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderStatic(
366 Allocator *allocator = g_allocator);
367
371 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderEnvironment(
372 Allocator *allocator = g_allocator);
373
377 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderProfile(
379 Allocator *allocator = g_allocator);
380
384 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderImds(
385 const CredentialsProviderImdsConfig &config,
386 Allocator *allocator = g_allocator);
387
392 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderChain(
393 const CredentialsProviderChainConfig &config,
394 Allocator *allocator = g_allocator);
395
396 /*
397 * Creates a provider that puts a simple time-based cache in front of its queries
398 * to a subordinate provider.
399 */
400 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderCached(
402 Allocator *allocator = g_allocator);
403
410 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderChainDefault(
412 Allocator *allocator = g_allocator);
413
418 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderX509(
419 const CredentialsProviderX509Config &config,
420 Allocator *allocator = g_allocator);
421
426 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderDelegate(
428 Allocator *allocator = g_allocator);
429
430 private:
431 static void s_onCredentialsResolved(aws_credentials *credentials, int error_code, void *user_data);
432
433 Allocator *m_allocator;
434 aws_credentials_provider *m_provider;
435 };
436 } // namespace Auth
437 } // namespace Crt
438} // namespace Aws
#define AWS_CRT_CPP_API
Definition: Exports.h:37
Definition: Credentials.h:38
Credentials & operator=(Credentials &&)=delete
Credentials & operator=(const Credentials &)=delete
Credentials(const Credentials &)=delete
Credentials(Credentials &&)=delete
Definition: Credentials.h:329
CredentialsProvider & operator=(CredentialsProvider &&)=delete
virtual aws_credentials_provider * GetUnderlyingHandle() const noexcept override
Definition: Credentials.h:348
CredentialsProvider(const CredentialsProvider &)=delete
virtual bool IsValid() const noexcept override
Definition: Credentials.h:353
CredentialsProvider(CredentialsProvider &&)=delete
CredentialsProvider & operator=(const CredentialsProvider &)=delete
Definition: Credentials.h:105
virtual bool GetCredentials(const OnCredentialsResolved &onCredentialsResolved) const =0
virtual aws_credentials_provider * GetUnderlyingHandle() const noexcept=0
Definition: HttpConnection.h:258
Definition: Bootstrap.h:35
Definition: TlsOptions.h:169
Definition: TlsOptions.h:219
Definition: Optional.h:13
std::function< void(std::shared_ptr< Credentials >, int errorCode)> OnCredentialsResolved
Definition: Credentials.h:93
std::function< std::shared_ptr< Credentials >()> GetCredentialsHandler
Definition: Credentials.h:98
aws_byte_cursor ByteCursor
Definition: Types.h:33
aws_allocator Allocator
Definition: StlAllocator.h:17
AWS_CRT_CPP_API Allocator * g_allocator
Definition: Api.cpp:21
std::basic_string< char, std::char_traits< char >, StlAllocator< char > > String
Definition: Types.h:47
std::vector< T, StlAllocator< T > > Vector
Definition: Types.h:55
Definition: Api.h:17
std::shared_ptr< ICredentialsProvider > Provider
Definition: Credentials.h:241
CredentialsProviderCachedConfig()
Definition: Credentials.h:236
std::chrono::milliseconds CachedCredentialTTL
Definition: Credentials.h:246
CredentialsProviderChainConfig()
Definition: Credentials.h:223
Vector< std::shared_ptr< ICredentialsProvider > > Providers
Definition: Credentials.h:228
Io::TlsContext * TlsContext
Definition: Credentials.h:271
Io::ClientBootstrap * Bootstrap
Definition: Credentials.h:262
CredentialsProviderChainDefaultConfig()
Definition: Credentials.h:257
GetCredentialsHandler Handler
Definition: Credentials.h:319
CredentialsProviderImdsConfig()
Definition: Credentials.h:207
Io::ClientBootstrap * Bootstrap
Definition: Credentials.h:213
ByteCursor ConfigFileNameOverride
Definition: Credentials.h:177
ByteCursor CredentialsFileNameOverride
Definition: Credentials.h:183
ByteCursor ProfileNameOverride
Definition: Credentials.h:171
Io::ClientBootstrap * Bootstrap
Definition: Credentials.h:189
CredentialsProviderProfileConfig()
Definition: Credentials.h:161
Io::TlsContext * TlsContext
Definition: Credentials.h:199
ByteCursor SecretAccessKey
Definition: Credentials.h:148
ByteCursor AccessKeyId
Definition: Credentials.h:143
CredentialsProviderStaticConfig()
Definition: Credentials.h:133
ByteCursor SessionToken
Definition: Credentials.h:153
Optional< Http::HttpClientConnectionProxyOptions > ProxyOptions
Definition: Credentials.h:310
CredentialsProviderX509Config()
Definition: Credentials.h:279
String Endpoint
Definition: Credentials.h:305
String ThingName
Definition: Credentials.h:294
String RoleAlias
Definition: Credentials.h:297
Io::ClientBootstrap * Bootstrap
Definition: Credentials.h:288
Io::TlsConnectionOptions TlsOptions
Definition: Credentials.h:291