Security.h

Go to the documentation of this file.

 
#include "RobotRaconteur/DataTypes.h"
 
#pragma once
 
namespace RobotRaconteur
{
class ROBOTRACONTEUR_CORE_API UserAuthenticator;
class ROBOTRACONTEUR_CORE_API ServerContext;
 
class ROBOTRACONTEUR_CORE_API ServiceSecurityPolicy
{
  public:
    RR_SHARED_PTR<UserAuthenticator> Authenticator;
    std::map<std::string, std::string> Policies;
 
    ServiceSecurityPolicy();
 
    ServiceSecurityPolicy(const RR_SHARED_PTR<UserAuthenticator>& Authenticator,
                          const std::map<std::string, std::string>& Policies);
};
 
class ROBOTRACONTEUR_CORE_API AuthenticatedUser
{
  private:
    std::string m_Username;
    std::vector<std::string> m_Privileges;
    std::vector<std::string> m_Properties;
    boost::posix_time::ptime m_LoginTime;
    boost::posix_time::ptime m_LastAccessTime;
 
    boost::mutex m_LastAccessTime_lock;
 
    RR_WEAK_PTR<ServerContext> context;
 
  public:
    virtual std::string GetUsername();
 
    virtual std::vector<std::string> GetPrivileges();
 
    virtual std::vector<std::string> GetProperties();
 
    virtual boost::posix_time::ptime GetLoginTime();
 
    virtual boost::posix_time::ptime GetLastAccessTime();
 
    AuthenticatedUser(boost::string_ref username, const std::vector<std::string>& privileges,
                      const std::vector<std::string>& properties, const RR_SHARED_PTR<ServerContext>& context);
 
    virtual void UpdateLastAccess();
 
    virtual ~AuthenticatedUser() {}
};
 
class ROBOTRACONTEUR_CORE_API UserAuthenticator
{
  public:
    virtual RR_SHARED_PTR<AuthenticatedUser> AuthenticateUser(
        boost::string_ref username, const std::map<std::string, RR_INTRUSIVE_PTR<RRValue> >& credentials,
        const RR_SHARED_PTR<ServerContext>& context, const RR_SHARED_PTR<ITransportConnection>& transport) = 0;
 
    virtual ~UserAuthenticator() {}
};
 
class ROBOTRACONTEUR_CORE_API PasswordFileUserAuthenticator : public UserAuthenticator
{
 
  private:
    class ROBOTRACONTEUR_CORE_API User
    {
      public:
        std::string username;
        std::string passwordhash;
        std::vector<std::string> privileges;
        std::vector<NodeID> allowed_client_nodeid;
    };
 
    std::map<std::string, RR_SHARED_PTR<User> > validusers;
    bool require_verified_client;
 
  public:
    PasswordFileUserAuthenticator(std::istream& file, bool require_verified_client = false);
 
    PasswordFileUserAuthenticator(boost::string_ref data, bool require_verified_client = false);
 
    RR_OVIRTUAL ~PasswordFileUserAuthenticator() RR_OVERRIDE {}
 
  private:
    void load(boost::string_ref data);
 
  public:
    RR_OVIRTUAL RR_SHARED_PTR<AuthenticatedUser> AuthenticateUser(
        boost::string_ref username, const std::map<std::string, RR_INTRUSIVE_PTR<RRValue> >& credentials,
        const RR_SHARED_PTR<ServerContext>& context, const RR_SHARED_PTR<ITransportConnection>& transport) RR_OVERRIDE;
 
    static std::string MD5Hash(boost::string_ref text);
};
 
#ifndef ROBOTRACONTEUR_NO_CXX11_TEMPLATE_ALIASES
using ServiceSecurityPolicyPtr = RR_SHARED_PTR<ServiceSecurityPolicy>;
using AuthenticatedUserPtr = RR_SHARED_PTR<AuthenticatedUser>;
using UserAuthenticatorPtr = RR_SHARED_PTR<UserAuthenticator>;
using PasswordFileUserAuthenticatorPtr = RR_SHARED_PTR<PasswordFileUserAuthenticator>;
#endif
 
} // namespace RobotRaconteur