main/doxygen/jwt__auth_8h_source.html

// Copyright (c) Microsoft Corporation. All rights reserved.

// Licensed under the Apache 2.0 License.

#pragma once


#include "ccf/endpoints/authentication/authentication_types.h"


namespace ccf

{


  struct JwtAuthnIdentity : public AuthnIdentity

  {

    std::string key_issuer;

    nlohmann::json header;

    nlohmann::json payload;

  };


  struct PublicKeysCache;


  bool validate_issuer(

    const std::string& iss,

    const std::optional<std::string>& tid,

    std::string constraint);


  class JwtAuthnPolicy : public AuthnPolicy

  {

  protected:

    static const OpenAPISecuritySchema security_schema;

    std::unique_ptr<PublicKeysCache> keys_cache;


  public:

    static constexpr auto SECURITY_SCHEME_NAME = "jwt";


    JwtAuthnPolicy();

    virtual ~JwtAuthnPolicy();


    std::unique_ptr<AuthnIdentity> authenticate(

      ccf::kv::ReadOnlyTx& tx,

      const std::shared_ptr<ccf::RpcContext>& ctx,

      std::string& error_reason) override;


    void set_unauthenticated_error(

      std::shared_ptr<ccf::RpcContext> ctx,

      std::string&& error_reason) override;


    std::optional<OpenAPISecuritySchema> get_openapi_security_schema()

      const override

    {

      return security_schema;

    }


    std::string get_security_scheme_name() override

    {

      return SECURITY_SCHEME_NAME;

    }


  };


}

authentication_types.h

ccf::AuthnPolicy
Definition authentication_types.h:28

ccf::JwtAuthnPolicy
Definition jwt_auth.h:28

ccf::JwtAuthnPolicy::SECURITY_SCHEME_NAME
static constexpr auto SECURITY_SCHEME_NAME
Definition jwt_auth.h:34

ccf::JwtAuthnPolicy::keys_cache
std::unique_ptr< PublicKeysCache > keys_cache
Definition jwt_auth.h:31

ccf::JwtAuthnPolicy::set_unauthenticated_error
void set_unauthenticated_error(std::shared_ptr< ccf::RpcContext > ctx, std::string &&error_reason) override
Definition jwt_auth.cpp:307

ccf::JwtAuthnPolicy::~JwtAuthnPolicy
virtual ~JwtAuthnPolicy()

ccf::JwtAuthnPolicy::security_schema
static const OpenAPISecuritySchema security_schema
Definition jwt_auth.h:30

ccf::JwtAuthnPolicy::get_security_scheme_name
std::string get_security_scheme_name() override
Definition jwt_auth.h:54

ccf::JwtAuthnPolicy::get_openapi_security_schema
std::optional< OpenAPISecuritySchema > get_openapi_security_schema() const override
Definition jwt_auth.h:48

ccf::JwtAuthnPolicy::authenticate
std::unique_ptr< AuthnIdentity > authenticate(ccf::kv::ReadOnlyTx &tx, const std::shared_ptr< ccf::RpcContext > &ctx, std::string &error_reason) override
Definition jwt_auth.cpp:161

ccf::JwtAuthnPolicy::JwtAuthnPolicy
JwtAuthnPolicy()
Definition jwt_auth.cpp:155

ccf::kv::ReadOnlyTx
Definition tx.h:160

ccf
Definition app_interface.h:14

ccf::OpenAPISecuritySchema
std::pair< std::string, nlohmann::json > OpenAPISecuritySchema
Definition authentication_types.h:23

ccf::validate_issuer
bool validate_issuer(const std::string &iss, const std::optional< std::string > &tid, std::string constraint)
Definition jwt_auth.cpp:38

ccf::AuthnIdentity
Definition authentication_types.h:19

ccf::JwtAuthnIdentity
Definition jwt_auth.h:10

ccf::JwtAuthnIdentity::key_issuer
std::string key_issuer
Definition jwt_auth.h:13

ccf::JwtAuthnIdentity::header
nlohmann::json header
Definition jwt_auth.h:15

ccf::JwtAuthnIdentity::payload
nlohmann::json payload
Definition jwt_auth.h:17

ccf::PublicKeysCache
Definition jwt_auth.cpp:88