aws-crt-cpp
C++ wrapper around the aws-c-* libraries. Provides Cross-Platform Transport Protocols and SSL/TLS implementations for C++.
Loading...
Searching...
No Matches
Credentials.h
Go to the documentation of this file.
1#pragma once
7#include <aws/crt/Exports.h>
8#include <aws/crt/Types.h>
11
12#include <chrono>
13#include <functional>
14
15struct aws_credentials;
16struct aws_credentials_provider;
17
18namespace Aws
19{
20 namespace Crt
21 {
22 namespace Io
23 {
24 class ClientBootstrap;
25 }
26
27 namespace Http
28 {
30 }
31
32 namespace Auth
33 {
38 {
39 public:
40 Credentials(const aws_credentials *credentials) noexcept;
42 ByteCursor access_key_id,
43 ByteCursor secret_access_key,
44 ByteCursor session_token,
45 uint64_t expiration_timepoint_in_seconds,
46 Allocator *allocator = ApiAllocator()) noexcept;
47
53 Credentials(Allocator *allocator = ApiAllocator()) noexcept;
54
56
57 Credentials(const Credentials &) = delete;
59 Credentials &operator=(const Credentials &) = delete;
61
65 ByteCursor GetAccessKeyId() const noexcept;
66
70 ByteCursor GetSecretAccessKey() const noexcept;
71
75 ByteCursor GetSessionToken() const noexcept;
76
80 uint64_t GetExpirationTimepointInSeconds() const noexcept;
81
85 ByteCursor GetAccountId() const noexcept;
86
90 explicit operator bool() const noexcept;
91
95 const aws_credentials *GetUnderlyingHandle() const noexcept { return m_credentials; }
96
97 private:
98 const aws_credentials *m_credentials;
99 };
100
105 using OnCredentialsResolved = std::function<void(std::shared_ptr<Credentials>, int errorCode)>;
106
110 using GetCredentialsHandler = std::function<std::shared_ptr<Credentials>()>;
111
116 class AWS_CRT_CPP_API ICredentialsProvider : public std::enable_shared_from_this<ICredentialsProvider>
117 {
118 public:
119 virtual ~ICredentialsProvider() = default;
120
124 virtual bool GetCredentials(const OnCredentialsResolved &onCredentialsResolved) const = 0;
125
132 virtual aws_credentials_provider *GetUnderlyingHandle() const noexcept = 0;
133
137 virtual bool IsValid() const noexcept = 0;
138 };
139
144 {
146 {
147 AWS_ZERO_STRUCT(AccessKeyId);
148 AWS_ZERO_STRUCT(SecretAccessKey);
149 AWS_ZERO_STRUCT(SessionToken);
150 }
151
156
161
166 };
167
172 {
173 CredentialsProviderProfileConfig() : Bootstrap(nullptr), TlsContext(nullptr)
174 {
175 AWS_ZERO_STRUCT(ProfileNameOverride);
176 AWS_ZERO_STRUCT(ConfigFileNameOverride);
177 AWS_ZERO_STRUCT(CredentialsFileNameOverride);
178 }
179
184
190
196
202
212 };
213
230
245
250 {
251 CredentialsProviderCachedConfig() : Provider(), CachedCredentialTTL() {}
252
256 std::shared_ptr<ICredentialsProvider> Provider;
257
261 std::chrono::milliseconds CachedCredentialTTL;
262 };
263
291
296 {
298 : Bootstrap(nullptr), TlsOptions(), ThingName(), RoleAlias(), Endpoint(), ProxyOptions()
299 {
300 }
301
310
311 /* TLS connection options that have been initialized with your x509 certificate and private key */
313
314 /* IoT thing name you registered with AWS IOT for your device, it will be used in http request header */
316
317 /* Iot role alias you created with AWS IoT for your IAM role, it will be used in http request path */
319
327
332 };
333
338 {
339 /* handler to provider credentials */
341 };
342
359
407
454
496
504 {
505 public:
506 CredentialsProvider(aws_credentials_provider *provider, Allocator *allocator = ApiAllocator()) noexcept;
507
508 virtual ~CredentialsProvider();
509
514
518 virtual bool GetCredentials(const OnCredentialsResolved &onCredentialsResolved) const override;
519
523 virtual aws_credentials_provider *GetUnderlyingHandle() const noexcept override { return m_provider; }
524
528 virtual bool IsValid() const noexcept override { return m_provider != nullptr; }
529
530 /*
531 * Factory methods for all of the basic credentials provider types
532 */
533
537 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderStatic(
539 Allocator *allocator = ApiAllocator());
540
545 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderAnonymous(
546 Allocator *allocator = ApiAllocator());
547
551 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderEnvironment(
552 Allocator *allocator = ApiAllocator());
553
557 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderProfile(
559 Allocator *allocator = ApiAllocator());
560
564 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderImds(
565 const CredentialsProviderImdsConfig &config,
566 Allocator *allocator = ApiAllocator());
567
572 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderChain(
573 const CredentialsProviderChainConfig &config,
574 Allocator *allocator = ApiAllocator());
575
576 /*
577 * Creates a provider that puts a simple time-based cache in front of its queries
578 * to a subordinate provider.
579 */
580 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderCached(
582 Allocator *allocator = ApiAllocator());
583
590 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderChainDefault(
592 Allocator *allocator = ApiAllocator());
593
598 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderX509(
599 const CredentialsProviderX509Config &config,
600 Allocator *allocator = ApiAllocator());
601
606 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderDelegate(
608 Allocator *allocator = ApiAllocator());
609
613 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderCognito(
615 Allocator *allocator = ApiAllocator());
616
620 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderSTS(
621 const CredentialsProviderSTSConfig &config,
622 Allocator *allocator = ApiAllocator());
623
624 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderSTSWebIdentity(
626 Allocator *allocator = ApiAllocator());
627
628 private:
629 static void s_onCredentialsResolved(aws_credentials *credentials, int error_code, void *user_data);
630
631 Allocator *m_allocator;
632 aws_credentials_provider *m_provider;
633 };
634 } // namespace Auth
635 } // namespace Crt
636} // namespace Aws
#define AWS_CRT_CPP_API
Definition Exports.h:36
Definition Credentials.h:38
Credentials & operator=(Credentials &&)=delete
Credentials & operator=(const Credentials &)=delete
Credentials(const Credentials &)=delete
Credentials(Credentials &&)=delete
Definition Credentials.h:504
CredentialsProvider & operator=(CredentialsProvider &&)=delete
virtual aws_credentials_provider * GetUnderlyingHandle() const noexcept override
Definition Credentials.h:523
CredentialsProvider(const CredentialsProvider &)=delete
virtual bool IsValid() const noexcept override
Definition Credentials.h:528
CredentialsProvider(CredentialsProvider &&)=delete
CredentialsProvider & operator=(const CredentialsProvider &)=delete
Definition Credentials.h:117
virtual bool GetCredentials(const OnCredentialsResolved &onCredentialsResolved) const =0
virtual aws_credentials_provider * GetUnderlyingHandle() const noexcept=0
Definition Bootstrap.h:35
Definition TlsOptions.h:293
Definition TlsOptions.h:350
Definition Optional.h:19
std::function< void(std::shared_ptr< Credentials >, int errorCode)> OnCredentialsResolved
Definition Credentials.h:105
std::function< std::shared_ptr< Credentials >()> GetCredentialsHandler
Definition Credentials.h:110
aws_byte_cursor ByteCursor
Definition Types.h:31
aws_allocator Allocator
Definition Allocator.h:14
AWS_CRT_CPP_API Allocator * ApiAllocator() noexcept
Definition Allocator.cpp:24
std::basic_string< char, std::char_traits< char >, StlAllocator< char > > String
Definition Types.h:45
std::vector< T, StlAllocator< T > > Vector
Definition Types.h:53
Definition Allocator.h:11
Definition Credentials.h:347
String IdentityProviderName
Definition Credentials.h:352
String IdentityProviderToken
Definition Credentials.h:357
std::shared_ptr< ICredentialsProvider > Provider
Definition Credentials.h:256
CredentialsProviderCachedConfig()
Definition Credentials.h:251
std::chrono::milliseconds CachedCredentialTTL
Definition Credentials.h:261
CredentialsProviderChainConfig()
Definition Credentials.h:238
Vector< std::shared_ptr< ICredentialsProvider > > Providers
Definition Credentials.h:243
Io::TlsContext * TlsContext
Definition Credentials.h:289
Io::ClientBootstrap * Bootstrap
Definition Credentials.h:280
CredentialsProviderChainDefaultConfig()
Definition Credentials.h:272
Optional< Vector< CognitoLoginPair > > Logins
Definition Credentials.h:380
Optional< String > CustomRoleArn
Definition Credentials.h:386
Optional< Http::HttpClientConnectionProxyOptions > ProxyOptions
Definition Credentials.h:405
Io::ClientBootstrap * Bootstrap
Definition Credentials.h:395
String Endpoint
Definition Credentials.h:370
Io::TlsContext TlsCtx
Definition Credentials.h:400
String Identity
Definition Credentials.h:375
GetCredentialsHandler Handler
Definition Credentials.h:340
CredentialsProviderImdsConfig()
Definition Credentials.h:219
Io::ClientBootstrap * Bootstrap
Definition Credentials.h:228
ByteCursor ConfigFileNameOverride
Definition Credentials.h:189
ByteCursor CredentialsFileNameOverride
Definition Credentials.h:195
ByteCursor ProfileNameOverride
Definition Credentials.h:183
Io::ClientBootstrap * Bootstrap
Definition Credentials.h:201
CredentialsProviderProfileConfig()
Definition Credentials.h:173
Io::TlsContext * TlsContext
Definition Credentials.h:211
Optional< Http::HttpClientConnectionProxyOptions > ProxyOptions
Definition Credentials.h:452
Io::ClientBootstrap * Bootstrap
Definition Credentials.h:442
uint16_t DurationSeconds
Definition Credentials.h:433
std::shared_ptr< ICredentialsProvider > Provider
Definition Credentials.h:418
String SessionName
Definition Credentials.h:428
Io::TlsContext TlsCtx
Definition Credentials.h:447
String RoleArn
Definition Credentials.h:423
Io::TlsConnectionOptions TlsConnectionOptions
Definition Credentials.h:494
String TokenFilePath
Definition Credentials.h:480
Io::ClientBootstrap * Bootstrap
Definition Credentials.h:489
String SessionName
Definition Credentials.h:470
ByteCursor SecretAccessKey
Definition Credentials.h:160
ByteCursor AccessKeyId
Definition Credentials.h:155
CredentialsProviderStaticConfig()
Definition Credentials.h:145
ByteCursor SessionToken
Definition Credentials.h:165
Optional< Http::HttpClientConnectionProxyOptions > ProxyOptions
Definition Credentials.h:331
CredentialsProviderX509Config()
Definition Credentials.h:297
String Endpoint
Definition Credentials.h:326
String ThingName
Definition Credentials.h:315
String RoleAlias
Definition Credentials.h:318
Io::ClientBootstrap * Bootstrap
Definition Credentials.h:309
Io::TlsConnectionOptions TlsOptions
Definition Credentials.h:312