aws-crt-cpp
C++ wrapper around the aws-c-* libraries. Provides Cross-Platform Transport Protocols and SSL/TLS implementations for C++.
Loading...
Searching...
No Matches
Credentials.h
Go to the documentation of this file.
1#pragma once
7#include <aws/crt/Exports.h>
8#include <aws/crt/Types.h>
9#include <aws/crt/http/HttpConnection.h>
10#include <aws/crt/io/TlsOptions.h>
11
12#include <chrono>
13#include <functional>
14
15struct aws_credentials;
16struct aws_credentials_provider;
17
18namespace Aws
19{
20 namespace Crt
21 {
22 namespace Io
23 {
24 class ClientBootstrap;
25 }
26
27 namespace Http
28 {
29 class HttpClientConnectionProxyOptions;
30 }
31
32 namespace Auth
33 {
37 class AWS_CRT_CPP_API Credentials
38 {
39 public:
40 Credentials(const aws_credentials *credentials) noexcept;
41 Credentials(
42 ByteCursor access_key_id,
43 ByteCursor secret_access_key,
44 ByteCursor session_token,
45 uint64_t expiration_timepoint_in_seconds,
46 Allocator *allocator = ApiAllocator()) noexcept;
47
53 Credentials(Allocator *allocator = ApiAllocator()) noexcept;
54
55 ~Credentials();
56
57 Credentials(const Credentials &) = delete;
58 Credentials(Credentials &&) = delete;
59 Credentials &operator=(const Credentials &) = delete;
60 Credentials &operator=(Credentials &&) = delete;
61
65 ByteCursor GetAccessKeyId() const noexcept;
66
70 ByteCursor GetSecretAccessKey() const noexcept;
71
75 ByteCursor GetSessionToken() const noexcept;
76
80 uint64_t GetExpirationTimepointInSeconds() const noexcept;
81
85 ByteCursor GetAccountId() const noexcept;
86
90 explicit operator bool() const noexcept;
91
95 const aws_credentials *GetUnderlyingHandle() const noexcept { return m_credentials; }
96
97 private:
98 const aws_credentials *m_credentials;
99 };
100
105 using OnCredentialsResolved = std::function<void(std::shared_ptr<Credentials>, int errorCode)>;
106
110 using GetCredentialsHandler = std::function<std::shared_ptr<Credentials>()>;
111
116 class AWS_CRT_CPP_API ICredentialsProvider : public std::enable_shared_from_this<ICredentialsProvider>
117 {
118 public:
119 virtual ~ICredentialsProvider() = default;
120
124 virtual bool GetCredentials(const OnCredentialsResolved &onCredentialsResolved) const = 0;
125
132 virtual aws_credentials_provider *GetUnderlyingHandle() const noexcept = 0;
133
137 virtual bool IsValid() const noexcept = 0;
138 };
139
143 struct AWS_CRT_CPP_API CredentialsProviderStaticConfig
144 {
145 CredentialsProviderStaticConfig()
146 {
147 AWS_ZERO_STRUCT(AccessKeyId);
148 AWS_ZERO_STRUCT(SecretAccessKey);
149 AWS_ZERO_STRUCT(SessionToken);
150 }
151
155 ByteCursor AccessKeyId;
156
160 ByteCursor SecretAccessKey;
161
165 ByteCursor SessionToken;
166 };
167
171 struct AWS_CRT_CPP_API CredentialsProviderProfileConfig
172 {
173 CredentialsProviderProfileConfig() : Bootstrap(nullptr), TlsContext(nullptr)
174 {
175 AWS_ZERO_STRUCT(ProfileNameOverride);
176 AWS_ZERO_STRUCT(ConfigFileNameOverride);
177 AWS_ZERO_STRUCT(CredentialsFileNameOverride);
178 }
179
183 ByteCursor ProfileNameOverride;
184
189 ByteCursor ConfigFileNameOverride;
190
195 ByteCursor CredentialsFileNameOverride;
196
201 Io::ClientBootstrap *Bootstrap;
202
211 Io::TlsContext *TlsContext;
212
216 Optional<Http::ProxyEnvVarOptions> ProxyEnvVarOptions;
217 };
218
235
250
254 struct AWS_CRT_CPP_API CredentialsProviderCachedConfig
255 {
256 CredentialsProviderCachedConfig() : Provider(), CachedCredentialTTL() {}
257
261 std::shared_ptr<ICredentialsProvider> Provider;
262
266 std::chrono::milliseconds CachedCredentialTTL;
267 };
268
296
300 struct AWS_CRT_CPP_API CredentialsProviderX509Config
301 {
302 CredentialsProviderX509Config()
303 : Bootstrap(nullptr), TlsOptions(), ThingName(), RoleAlias(), Endpoint(), ProxyOptions()
304 {
305 }
306
314 Io::ClientBootstrap *Bootstrap;
315
316 /* TLS connection options that have been initialized with your x509 certificate and private key */
317 Io::TlsConnectionOptions TlsOptions;
318
319 /* IoT thing name you registered with AWS IOT for your device, it will be used in http request header */
320 String ThingName;
321
322 /* Iot role alias you created with AWS IoT for your IAM role, it will be used in http request path */
323 String RoleAlias;
324
331 String Endpoint;
332
336 Optional<Http::HttpClientConnectionProxyOptions> ProxyOptions;
337 };
338
342 struct AWS_CRT_CPP_API CredentialsProviderDelegateConfig
343 {
344 /* handler to provider credentials */
345 GetCredentialsHandler Handler;
346 };
347
364
412
459
506
544
551 class AWS_CRT_CPP_API CredentialsProvider : public ICredentialsProvider
552 {
553 public:
554 CredentialsProvider(aws_credentials_provider *provider, Allocator *allocator = ApiAllocator()) noexcept;
555
556 virtual ~CredentialsProvider();
557
558 CredentialsProvider(const CredentialsProvider &) = delete;
559 CredentialsProvider(CredentialsProvider &&) = delete;
560 CredentialsProvider &operator=(const CredentialsProvider &) = delete;
561 CredentialsProvider &operator=(CredentialsProvider &&) = delete;
562
566 virtual bool GetCredentials(const OnCredentialsResolved &onCredentialsResolved) const override;
567
571 virtual aws_credentials_provider *GetUnderlyingHandle() const noexcept override { return m_provider; }
572
576 virtual bool IsValid() const noexcept override { return m_provider != nullptr; }
577
578 /*
579 * Factory methods for all of the basic credentials provider types
580 */
581
585 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderStatic(
586 const CredentialsProviderStaticConfig &config,
587 Allocator *allocator = ApiAllocator());
588
593 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderAnonymous(
594 Allocator *allocator = ApiAllocator());
595
599 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderEnvironment(
600 Allocator *allocator = ApiAllocator());
601
605 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderProfile(
606 const CredentialsProviderProfileConfig &config,
607 Allocator *allocator = ApiAllocator());
608
612 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderImds(
613 const CredentialsProviderImdsConfig &config,
614 Allocator *allocator = ApiAllocator());
615
620 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderChain(
621 const CredentialsProviderChainConfig &config,
622 Allocator *allocator = ApiAllocator());
623
624 /*
625 * Creates a provider that puts a simple time-based cache in front of its queries
626 * to a subordinate provider.
627 */
628 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderCached(
629 const CredentialsProviderCachedConfig &config,
630 Allocator *allocator = ApiAllocator());
631
638 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderChainDefault(
639 const CredentialsProviderChainDefaultConfig &config,
640 Allocator *allocator = ApiAllocator());
641
646 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderX509(
647 const CredentialsProviderX509Config &config,
648 Allocator *allocator = ApiAllocator());
649
654 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderDelegate(
655 const CredentialsProviderDelegateConfig &config,
656 Allocator *allocator = ApiAllocator());
657
661 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderCognito(
662 const CredentialsProviderCognitoConfig &config,
663 Allocator *allocator = ApiAllocator());
664
668 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderSTS(
669 const CredentialsProviderSTSConfig &config,
670 Allocator *allocator = ApiAllocator());
671
672 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderSTSWebIdentity(
673 const CredentialsProviderSTSWebIdentityConfig &config,
674 Allocator *allocator = ApiAllocator());
675
679 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderLogin(
680 const CredentialsProviderLoginConfig &config,
681 Allocator *allocator = ApiAllocator());
682
683 private:
684 static void s_onCredentialsResolved(aws_credentials *credentials, int error_code, void *user_data);
685
686 Allocator *m_allocator;
687 aws_credentials_provider *m_provider;
688 };
689 } // namespace Auth
690 } // namespace Crt
691} // namespace Aws
AWS_CRT_CPP_API
#define AWS_CRT_CPP_API
Definition Exports.h:36
Aws::Crt::Auth::Credentials
Definition Credentials.h:38
Aws::Crt::Auth::Credentials::operator=
Credentials & operator=(Credentials &&)=delete
Aws::Crt::Auth::Credentials::operator=
Credentials & operator=(const Credentials &)=delete
Aws::Crt::Auth::Credentials::Credentials
Credentials(const Credentials &)=delete
Aws::Crt::Auth::Credentials::Credentials
Credentials(Credentials &&)=delete
Aws::Crt::Auth::CredentialsProvider
Definition Credentials.h:552
Aws::Crt::Auth::CredentialsProvider::operator=
CredentialsProvider & operator=(CredentialsProvider &&)=delete
Aws::Crt::Auth::CredentialsProvider::GetUnderlyingHandle
virtual aws_credentials_provider * GetUnderlyingHandle() const noexcept override
Definition Credentials.h:571
Aws::Crt::Auth::CredentialsProvider::CredentialsProvider
CredentialsProvider(const CredentialsProvider &)=delete
Aws::Crt::Auth::CredentialsProvider::IsValid
virtual bool IsValid() const noexcept override
Definition Credentials.h:576
Aws::Crt::Auth::CredentialsProvider::CredentialsProvider
CredentialsProvider(CredentialsProvider &&)=delete
Aws::Crt::Auth::CredentialsProvider::operator=
CredentialsProvider & operator=(const CredentialsProvider &)=delete
Aws::Crt::Auth::ICredentialsProvider
Definition Credentials.h:117
Aws::Crt::Auth::ICredentialsProvider::GetCredentials
virtual bool GetCredentials(const OnCredentialsResolved &onCredentialsResolved) const =0
Aws::Crt::Auth::ICredentialsProvider::GetUnderlyingHandle
virtual aws_credentials_provider * GetUnderlyingHandle() const noexcept=0
Aws::Crt::Io::ClientBootstrap
Definition Bootstrap.h:35
Aws::Crt::Io::TlsConnectionOptions
Definition TlsOptions.h:293
Aws::Crt::Io::TlsContext
Definition TlsOptions.h:350
Aws::Crt::Optional
Definition Optional.h:19
Aws::Crt::Auth::OnCredentialsResolved
std::function< void(std::shared_ptr< Credentials >, int errorCode)> OnCredentialsResolved
Definition Credentials.h:105
Aws::Crt::Auth::GetCredentialsHandler
std::function< std::shared_ptr< Credentials >()> GetCredentialsHandler
Definition Credentials.h:110
Aws::Crt::ByteCursor
aws_byte_cursor ByteCursor
Definition Types.h:31
Aws::Crt::Allocator
aws_allocator Allocator
Definition Allocator.h:14
Aws::Crt::ApiAllocator
AWS_CRT_CPP_API Allocator * ApiAllocator() noexcept
Definition Allocator.cpp:24
Aws::Crt::String
std::basic_string< char, std::char_traits< char >, StlAllocator< char > > String
Definition Types.h:45
Aws::Crt::Vector
std::vector< T, StlAllocator< T > > Vector
Definition Types.h:53
Aws
Definition Allocator.h:11
Aws::Crt::Auth::CognitoLoginPair
Definition Credentials.h:352
Aws::Crt::Auth::CognitoLoginPair::IdentityProviderName
String IdentityProviderName
Definition Credentials.h:357
Aws::Crt::Auth::CognitoLoginPair::IdentityProviderToken
String IdentityProviderToken
Definition Credentials.h:362
Aws::Crt::Auth::CredentialsProviderCachedConfig::Provider
std::shared_ptr< ICredentialsProvider > Provider
Definition Credentials.h:261
Aws::Crt::Auth::CredentialsProviderCachedConfig::CredentialsProviderCachedConfig
CredentialsProviderCachedConfig()
Definition Credentials.h:256
Aws::Crt::Auth::CredentialsProviderCachedConfig::CachedCredentialTTL
std::chrono::milliseconds CachedCredentialTTL
Definition Credentials.h:266
Aws::Crt::Auth::CredentialsProviderChainConfig::CredentialsProviderChainConfig
CredentialsProviderChainConfig()
Definition Credentials.h:243
Aws::Crt::Auth::CredentialsProviderChainConfig::Providers
Vector< std::shared_ptr< ICredentialsProvider > > Providers
Definition Credentials.h:248
Aws::Crt::Auth::CredentialsProviderChainDefaultConfig::TlsContext
Io::TlsContext * TlsContext
Definition Credentials.h:294
Aws::Crt::Auth::CredentialsProviderChainDefaultConfig::Bootstrap
Io::ClientBootstrap * Bootstrap
Definition Credentials.h:285
Aws::Crt::Auth::CredentialsProviderChainDefaultConfig::CredentialsProviderChainDefaultConfig
CredentialsProviderChainDefaultConfig()
Definition Credentials.h:277
Aws::Crt::Auth::CredentialsProviderCognitoConfig::Logins
Optional< Vector< CognitoLoginPair > > Logins
Definition Credentials.h:385
Aws::Crt::Auth::CredentialsProviderCognitoConfig::CustomRoleArn
Optional< String > CustomRoleArn
Definition Credentials.h:391
Aws::Crt::Auth::CredentialsProviderCognitoConfig::ProxyOptions
Optional< Http::HttpClientConnectionProxyOptions > ProxyOptions
Definition Credentials.h:410
Aws::Crt::Auth::CredentialsProviderCognitoConfig::Bootstrap
Io::ClientBootstrap * Bootstrap
Definition Credentials.h:400
Aws::Crt::Auth::CredentialsProviderCognitoConfig::Endpoint
String Endpoint
Definition Credentials.h:375
Aws::Crt::Auth::CredentialsProviderCognitoConfig::TlsCtx
Io::TlsContext TlsCtx
Definition Credentials.h:405
Aws::Crt::Auth::CredentialsProviderCognitoConfig::Identity
String Identity
Definition Credentials.h:380
Aws::Crt::Auth::CredentialsProviderDelegateConfig::Handler
GetCredentialsHandler Handler
Definition Credentials.h:345
Aws::Crt::Auth::CredentialsProviderImdsConfig::CredentialsProviderImdsConfig
CredentialsProviderImdsConfig()
Definition Credentials.h:224
Aws::Crt::Auth::CredentialsProviderImdsConfig::Bootstrap
Io::ClientBootstrap * Bootstrap
Definition Credentials.h:233
Aws::Crt::Auth::CredentialsProviderLoginConfig::LoginCacheOverride
String LoginCacheOverride
Definition Credentials.h:523
Aws::Crt::Auth::CredentialsProviderLoginConfig::TlsConnectionOptions
Io::TlsConnectionOptions TlsConnectionOptions
Definition Credentials.h:542
Aws::Crt::Auth::CredentialsProviderLoginConfig::LoginRegion
String LoginRegion
Definition Credentials.h:528
Aws::Crt::Auth::CredentialsProviderLoginConfig::Bootstrap
Io::ClientBootstrap * Bootstrap
Definition Credentials.h:537
Aws::Crt::Auth::CredentialsProviderLoginConfig::LoginSession
String LoginSession
Definition Credentials.h:517
Aws::Crt::Auth::CredentialsProviderProfileConfig::ConfigFileNameOverride
ByteCursor ConfigFileNameOverride
Definition Credentials.h:189
Aws::Crt::Auth::CredentialsProviderProfileConfig::CredentialsFileNameOverride
ByteCursor CredentialsFileNameOverride
Definition Credentials.h:195
Aws::Crt::Auth::CredentialsProviderProfileConfig::ProfileNameOverride
ByteCursor ProfileNameOverride
Definition Credentials.h:183
Aws::Crt::Auth::CredentialsProviderProfileConfig::ProxyEnvVarOptions
Optional< Http::ProxyEnvVarOptions > ProxyEnvVarOptions
Definition Credentials.h:216
Aws::Crt::Auth::CredentialsProviderProfileConfig::Bootstrap
Io::ClientBootstrap * Bootstrap
Definition Credentials.h:201
Aws::Crt::Auth::CredentialsProviderProfileConfig::CredentialsProviderProfileConfig
CredentialsProviderProfileConfig()
Definition Credentials.h:173
Aws::Crt::Auth::CredentialsProviderProfileConfig::TlsContext
Io::TlsContext * TlsContext
Definition Credentials.h:211
Aws::Crt::Auth::CredentialsProviderSTSConfig::ProxyOptions
Optional< Http::HttpClientConnectionProxyOptions > ProxyOptions
Definition Credentials.h:457
Aws::Crt::Auth::CredentialsProviderSTSConfig::Bootstrap
Io::ClientBootstrap * Bootstrap
Definition Credentials.h:447
Aws::Crt::Auth::CredentialsProviderSTSConfig::DurationSeconds
uint16_t DurationSeconds
Definition Credentials.h:438
Aws::Crt::Auth::CredentialsProviderSTSConfig::Provider
std::shared_ptr< ICredentialsProvider > Provider
Definition Credentials.h:423
Aws::Crt::Auth::CredentialsProviderSTSConfig::SessionName
String SessionName
Definition Credentials.h:433
Aws::Crt::Auth::CredentialsProviderSTSConfig::TlsCtx
Io::TlsContext TlsCtx
Definition Credentials.h:452
Aws::Crt::Auth::CredentialsProviderSTSConfig::RoleArn
String RoleArn
Definition Credentials.h:428
Aws::Crt::Auth::CredentialsProviderSTSWebIdentityConfig::TlsConnectionOptions
Io::TlsConnectionOptions TlsConnectionOptions
Definition Credentials.h:499
Aws::Crt::Auth::CredentialsProviderSTSWebIdentityConfig::TokenFilePath
String TokenFilePath
Definition Credentials.h:485
Aws::Crt::Auth::CredentialsProviderSTSWebIdentityConfig::ProxyEnvVarOptions
Optional< Http::ProxyEnvVarOptions > ProxyEnvVarOptions
Definition Credentials.h:504
Aws::Crt::Auth::CredentialsProviderSTSWebIdentityConfig::Bootstrap
Io::ClientBootstrap * Bootstrap
Definition Credentials.h:494
Aws::Crt::Auth::CredentialsProviderSTSWebIdentityConfig::SessionName
String SessionName
Definition Credentials.h:475
Aws::Crt::Auth::CredentialsProviderStaticConfig::SecretAccessKey
ByteCursor SecretAccessKey
Definition Credentials.h:160
Aws::Crt::Auth::CredentialsProviderStaticConfig::AccessKeyId
ByteCursor AccessKeyId
Definition Credentials.h:155
Aws::Crt::Auth::CredentialsProviderStaticConfig::CredentialsProviderStaticConfig
CredentialsProviderStaticConfig()
Definition Credentials.h:145
Aws::Crt::Auth::CredentialsProviderStaticConfig::SessionToken
ByteCursor SessionToken
Definition Credentials.h:165
Aws::Crt::Auth::CredentialsProviderX509Config::ProxyOptions
Optional< Http::HttpClientConnectionProxyOptions > ProxyOptions
Definition Credentials.h:336
Aws::Crt::Auth::CredentialsProviderX509Config::CredentialsProviderX509Config
CredentialsProviderX509Config()
Definition Credentials.h:302
Aws::Crt::Auth::CredentialsProviderX509Config::Endpoint
String Endpoint
Definition Credentials.h:331
Aws::Crt::Auth::CredentialsProviderX509Config::ThingName
String ThingName
Definition Credentials.h:320
Aws::Crt::Auth::CredentialsProviderX509Config::RoleAlias
String RoleAlias
Definition Credentials.h:323
Aws::Crt::Auth::CredentialsProviderX509Config::Bootstrap
Io::ClientBootstrap * Bootstrap
Definition Credentials.h:314
Aws::Crt::Auth::CredentialsProviderX509Config::TlsOptions
Io::TlsConnectionOptions TlsOptions
Definition Credentials.h:317
Generated by doxygen 1.9.8