main/doxygen/acme__subsystem_8h_source.html

// Copyright (c) Microsoft Corporation. All rights reserved.

// Licensed under the Apache 2.0 License.

#pragma once


#include "ccf/http_header_map.h"

#include "ccf/http_status.h"

#include "ccf/node/acme_subsystem_interface.h"

#include "ccf/rest_verb.h"

#include "ccf/service/node_info_network.h"

#include "http/http_parser.h"

#include "node/rpc/node_interface.h"


#include <optional>


namespace ccf

{


  class ACMESubsystem : public ACMESubsystemInterface

  {

  protected:

    AbstractNodeState& node_state;


  public:

    ACMESubsystem(AbstractNodeState& node_state_) : node_state(node_state_) {}


    virtual void install_challenge_handler(

      const ccf::NodeInfoNetwork::RpcInterfaceID& interface_id,

      std::shared_ptr<ACMEChallengeHandler> h) override

    {

      node_state.install_custom_acme_challenge_handler(interface_id, h);

    };


    virtual std::optional<const ccf::ACMEClientConfig*> config(

      const NodeInfoNetwork::RpcInterfaceID& id) override

    {

      const auto& acme_cfgs =

        node_state.get_node_config().network.acme->configurations;

      const auto& cfgit = acme_cfgs.find(id);

      if (cfgit == acme_cfgs.end())

      {

        return std::nullopt;

      }

      else

      {

        return &cfgit->second;

      }

    }


    virtual ccf::crypto::Pem network_cert() override

    {

      return node_state.get_network_cert();

    }


    // make_http_request is just a convenient way to offer https requests to

    // custom challenge handlers. This will be removed in the future, when there

    // are other, equally convenient ways.


    virtual void make_http_request(

      const std::string& method,

      const std::string& url,

      const http::HeaderMap& headers,

      const std::vector<uint8_t>& body,

      std::function<bool(

        const http_status&,

        const ccf::http::HeaderMap&,

        const std::vector<uint8_t>&)> callback,

      const std::vector<std::string>& ca_certs = {},

      const std::string& app_protocol = "HTTP1",

      bool authenticate_as_node_client_certificate = false) override

    {

      llhttp_method_t m = http_method_from_str(method.c_str());

      ::http::URL urlobj = ::http::parse_url_full(url);

      ::http::Request r(urlobj.path, m);

      if (!body.empty())

      {

        r.set_body(&body);

      }

      for (const auto& [k, v] : headers)

      {

        r.set_header(k, v);

      }

      node_state.make_http_request(

        urlobj,

        std::move(r),

        callback,

        ca_certs,

        app_protocol,

        authenticate_as_node_client_certificate);

    }


  };


}

acme_subsystem_interface.h

ccf::ACMESubsystemInterface
Definition acme_subsystem_interface.h:19

ccf::ACMESubsystem
Definition acme_subsystem.h:18

ccf::ACMESubsystem::make_http_request
virtual void make_http_request(const std::string &method, const std::string &url, const http::HeaderMap &headers, const std::vector< uint8_t > &body, std::function< bool(const http_status &, const ccf::http::HeaderMap &, const std::vector< uint8_t > &)> callback, const std::vector< std::string > &ca_certs={}, const std::string &app_protocol="HTTP1", bool authenticate_as_node_client_certificate=false) override
Definition acme_subsystem.h:56

ccf::ACMESubsystem::ACMESubsystem
ACMESubsystem(AbstractNodeState &node_state_)
Definition acme_subsystem.h:23

ccf::ACMESubsystem::network_cert
virtual ccf::crypto::Pem network_cert() override
Definition acme_subsystem.h:48

ccf::ACMESubsystem::node_state
AbstractNodeState & node_state
Definition acme_subsystem.h:20

ccf::ACMESubsystem::config
virtual std::optional< const ccf::ACMEClientConfig * > config(const NodeInfoNetwork::RpcInterfaceID &id) override
Definition acme_subsystem.h:32

ccf::ACMESubsystem::install_challenge_handler
virtual void install_challenge_handler(const ccf::NodeInfoNetwork::RpcInterfaceID &interface_id, std::shared_ptr< ACMEChallengeHandler > h) override
Definition acme_subsystem.h:25

ccf::AbstractNodeState
Definition node_interface.h:23

ccf::AbstractNodeState::install_custom_acme_challenge_handler
virtual void install_custom_acme_challenge_handler(const NodeInfoNetwork::RpcInterfaceID &interface_id, std::shared_ptr< ACMEChallengeHandler > h)=0

ccf::AbstractNodeState::get_network_cert
virtual ccf::crypto::Pem get_network_cert()=0

ccf::AbstractNodeState::get_node_config
virtual const ccf::StartupConfig & get_node_config() const =0

ccf::AbstractNodeState::make_http_request
virtual void make_http_request(const ::http::URL &url, ::http::Request &&req, std::function< bool(ccf::http_status status, ccf::http::HeaderMap &&, std::vector< uint8_t > &&)> callback, const std::vector< std::string > &ca_certs={}, const std::string &app_protocol="HTTP1", bool use_node_client_certificate=false)=0

ccf::crypto::Pem
Definition pem.h:18

http::Request
Definition http_builder.h:118

http_header_map.h

http_parser.h

http_status.h

ccf::http::HeaderMap
std::map< std::string, std::string, std::less<> > HeaderMap
Definition http_header_map.h:10

ccf
Definition app_interface.h:14

ccf::http_status
llhttp_status http_status
Definition http_status.h:9

http::parse_url_full
URL parse_url_full(const std::string &url)
Definition http_parser.h:145

node_info_network.h

node_interface.h

rest_verb.h

ccf::CCFConfig::network
ccf::NodeInfoNetwork network
Definition startup_config.h:31

ccf::NodeInfoNetwork_v2::acme
std::optional< ACME > acme
ACME configuration.
Definition node_info_network.h:162

ccf::NodeInfoNetwork_v2::RpcInterfaceID
std::string RpcInterfaceID
Definition node_info_network.h:87

http::URL
Definition http_parser.h:136

http::URL::path
std::string path
Definition http_parser.h:140