db/dc7/XrdMacaroonsAuthz_8hh_source.html

#include "XrdAcc/XrdAccAuthorize.hh"

#include "XrdSciTokens/XrdSciTokensHelper.hh"

#include "XrdSys/XrdSysError.hh"


namespace Macaroons {


class Authz final : public XrdAccAuthorize, public XrdSciTokensHelper

{

public:

    Authz(XrdSysLogger *lp, const char *parms, XrdAccAuthorize *chain);


    virtual ~Authz() {}


    virtual XrdAccPrivs Access(const XrdSecEntity     *Entity,

                               const char             *path,

                               const Access_Operation  oper,

                                     XrdOucEnv        *env) override;


    // Do a minimal validation that this is a non-expired token; used

    // for session tokens.

    virtual bool Validate(const char   *token,

                          std::string  &emsg,

                          long long    *expT,

                          XrdSecEntity *entP) override;


    virtual int Audit(const int accok, const XrdSecEntity *Entity,

                      const char *path, const Access_Operation oper,

                      XrdOucEnv *Env) override

    {

        return 0;

    }


    virtual int Test(const XrdAccPrivs priv,

                     const Access_Operation oper) override

    {

        return 0;

    }


    // Macaroons don't have a concept off an "issuers"; return an empty

    // list.

    virtual Issuers IssuerList() override {return Issuers();}


private:

    XrdAccPrivs OnMissing(const XrdSecEntity     *Entity,

                          const char             *path,

                          const Access_Operation  oper,

                                XrdOucEnv        *env);


    ssize_t m_max_duration;

    XrdAccAuthorize *m_chain;

    XrdSysError m_log;

    std::string m_secret;

    std::string m_location;

    int m_authz_behavior;

};


} // namespace Macaroons


XrdAccAuthorize.hh

Access_Operation
Access_Operation
The following are supported operations.
Definition XrdAccAuthorize.hh:41

XrdAccPrivs
XrdAccPrivs
Definition XrdAccPrivs.hh:39

XrdSciTokensHelper.hh

emsg
int emsg(int rc, char *msg)
Definition XrdSectestServer.cc:309

XrdSysError.hh

Macaroons::Authz::Validate
virtual bool Validate(const char *token, std::string &emsg, long long *expT, XrdSecEntity *entP) override
Definition XrdMacaroonsAuthz.cc:269

Macaroons::Authz::Audit
virtual int Audit(const int accok, const XrdSecEntity *Entity, const char *path, const Access_Operation oper, XrdOucEnv *Env) override
Definition XrdMacaroonsAuthz.hh:26

Macaroons::Authz::Authz
Authz(XrdSysLogger *lp, const char *parms, XrdAccAuthorize *chain)
Definition XrdMacaroonsAuthz.cc:126

Macaroons::Authz::Test
virtual int Test(const XrdAccPrivs priv, const Access_Operation oper) override
Definition XrdMacaroonsAuthz.hh:33

Macaroons::Authz::Access
virtual XrdAccPrivs Access(const XrdSecEntity *Entity, const char *path, const Access_Operation oper, XrdOucEnv *env) override
Definition XrdMacaroonsAuthz.cc:158

Macaroons::Authz::~Authz
virtual ~Authz()
Definition XrdMacaroonsAuthz.hh:12

Macaroons::Authz::IssuerList
virtual Issuers IssuerList() override
Definition XrdMacaroonsAuthz.hh:41

XrdAccAuthorize
Definition XrdAccAuthorize.hh:68

XrdAccAuthorize::XrdAccAuthorize
XrdAccAuthorize()
Constructor.
Definition XrdAccAuthorize.hh:134

XrdOucEnv
Definition XrdOucEnv.hh:42

XrdSciTokensHelper::XrdSciTokensHelper
XrdSciTokensHelper()
Constructor and Destructor.
Definition XrdSciTokensHelper.hh:67

XrdSciTokensHelper::Issuers
std::vector< ValidIssuer > Issuers
Definition XrdSciTokensHelper.hh:39

XrdSecEntity
Definition XrdSecEntity.hh:65

XrdSysError
Definition XrdSysError.hh:90

XrdSysLogger
Definition XrdSysLogger.hh:53

Macaroons
Definition XrdMacaroonsAuthz.hh:5