CCF
Loading...
Searching...
No Matches
jwt.h
Go to the documentation of this file.
1// Copyright (c) Microsoft Corporation. All rights reserved.
2// Licensed under the Apache 2.0 License.
3#pragma once
4
5#include "ccf/crypto/jwk.h"
6#include "ccf/ds/json.h"
7#include "ccf/service/map.h"
8
9#include <map>
10#include <optional>
11#include <string>
12
13namespace ccf
14{
15 enum class JwtIssuerKeyFilter : uint8_t
16 {
17 All
18 };
19
20 DECLARE_JSON_ENUM(JwtIssuerKeyFilter, {{JwtIssuerKeyFilter::All, "all"}});
21
22 struct JwtIssuerMetadata
23 {
25 std::optional<std::string> ca_cert_bundle_name;
27 bool auto_refresh = false;
28 };
29
30 DECLARE_JSON_TYPE_WITH_OPTIONAL_FIELDS(JwtIssuerMetadata);
31 DECLARE_JSON_REQUIRED_FIELDS(JwtIssuerMetadata);
32 DECLARE_JSON_OPTIONAL_FIELDS(
33 JwtIssuerMetadata, ca_cert_bundle_name, auto_refresh);
34
35 using JwtIssuer = std::string;
36 using JwtKeyId = std::string;
37 using Cert = std::vector<uint8_t>;
38 using ECPublicKey = std::vector<uint8_t>;
39
40 struct OpenIDJWKMetadata
41 {
42 ECPublicKey public_key;
43 JwtIssuer issuer;
44 std::optional<JwtIssuer> constraint;
45 };
46 DECLARE_JSON_TYPE_WITH_OPTIONAL_FIELDS(OpenIDJWKMetadata);
47 DECLARE_JSON_REQUIRED_FIELDS(OpenIDJWKMetadata, issuer, public_key);
48 DECLARE_JSON_OPTIONAL_FIELDS(OpenIDJWKMetadata, constraint);
49
50 using JwtPublicSigningKeysMetadata =
51 ServiceMap<JwtKeyId, std::vector<OpenIDJWKMetadata>>;
52
53 struct OpenIDJWKMetadataLegacy
54 {
55 Cert cert;
56 JwtIssuer issuer;
57 std::optional<JwtIssuer> constraint;
58 };
59 DECLARE_JSON_TYPE_WITH_OPTIONAL_FIELDS(OpenIDJWKMetadataLegacy);
60 DECLARE_JSON_REQUIRED_FIELDS(OpenIDJWKMetadataLegacy, issuer, cert);
61 DECLARE_JSON_OPTIONAL_FIELDS(OpenIDJWKMetadataLegacy, constraint);
62
63 using JwtPublicSigningKeysMetadataLegacy =
64 ServiceMap<JwtKeyId, std::vector<OpenIDJWKMetadataLegacy>>;
65
66 using JwtIssuers = ServiceMap<JwtIssuer, JwtIssuerMetadata>;
67
68 namespace Tables
69 {
70 static constexpr auto JWT_ISSUERS = "public:ccf.gov.jwt.issuers";
71
72 static constexpr auto JWT_PUBLIC_SIGNING_KEYS_METADATA =
73 "public:ccf.gov.jwt.public_signing_keys_metadata_v2";
74 }
75
76 struct JsonWebKeySet
77 {
78 std::vector<ccf::crypto::JsonWebKeyData> keys;
79
80 bool operator!=(const JsonWebKeySet& rhs) const
81 {
82 return keys != rhs.keys;
83 }
84 };
85 DECLARE_JSON_TYPE(JsonWebKeySet)
86 DECLARE_JSON_REQUIRED_FIELDS(JsonWebKeySet, keys)
87}
ccf::kv::TypedMap
Definition map.h:30
DECLARE_JSON_REQUIRED_FIELDS
#define DECLARE_JSON_REQUIRED_FIELDS(TYPE,...)
Definition json.h:718
DECLARE_JSON_TYPE
#define DECLARE_JSON_TYPE(TYPE)
Definition json.h:667
DECLARE_JSON_TYPE_WITH_OPTIONAL_FIELDS
#define DECLARE_JSON_TYPE_WITH_OPTIONAL_FIELDS(TYPE)
Definition json.h:694
DECLARE_JSON_OPTIONAL_FIELDS
#define DECLARE_JSON_OPTIONAL_FIELDS(TYPE,...)
Definition json.h:790
DECLARE_JSON_ENUM
#define DECLARE_JSON_ENUM(TYPE,...)
Definition json.h:841
ccf
Definition app_interface.h:14
ccf::Cert
std::vector< uint8_t > Cert
Definition jwt.h:37
ccf::JwtIssuer
std::string JwtIssuer
Definition jwt.h:35
ccf::JwtIssuerKeyFilter
JwtIssuerKeyFilter
Definition jwt.h:16
ccf::ECPublicKey
std::vector< uint8_t > ECPublicKey
Definition jwt.h:38
ccf::JwtKeyId
std::string JwtKeyId
Definition jwt.h:36
ccf::JsonWebKeySet
Definition jwt.h:77
ccf::JsonWebKeySet::keys
std::vector< ccf::crypto::JsonWebKeyData > keys
Definition jwt.h:78
ccf::JsonWebKeySet::operator!=
bool operator!=(const JsonWebKeySet &rhs) const
Definition jwt.h:80
ccf::JwtIssuerMetadata
Definition jwt.h:23
ccf::JwtIssuerMetadata::auto_refresh
bool auto_refresh
Whether to auto-refresh keys from the issuer.
Definition jwt.h:27
ccf::JwtIssuerMetadata::ca_cert_bundle_name
std::optional< std::string > ca_cert_bundle_name
Optional CA bundle name used for authentication when auto-refreshing.
Definition jwt.h:25
ccf::OpenIDJWKMetadataLegacy
Definition jwt.h:54
ccf::OpenIDJWKMetadataLegacy::cert
Cert cert
Definition jwt.h:55
ccf::OpenIDJWKMetadataLegacy::constraint
std::optional< JwtIssuer > constraint
Definition jwt.h:57
ccf::OpenIDJWKMetadataLegacy::issuer
JwtIssuer issuer
Definition jwt.h:56
ccf::OpenIDJWKMetadata
Definition jwt.h:41
ccf::OpenIDJWKMetadata::issuer
JwtIssuer issuer
Definition jwt.h:43
ccf::OpenIDJWKMetadata::public_key
ECPublicKey public_key
Definition jwt.h:42
ccf::OpenIDJWKMetadata::constraint
std::optional< JwtIssuer > constraint
Definition jwt.h:44
Generated by doxygen 1.9.8