aws-crt-cpp
C++ wrapper around the aws-c-* libraries. Provides Cross-Platform Transport Protocols and SSL/TLS implementations for C++.
Loading...
Searching...
No Matches
Credentials.h
Go to the documentation of this file.
1#pragma once
7#include <aws/crt/Exports.h>
8#include <aws/crt/Types.h>
9#include <aws/crt/http/HttpConnection.h>
10#include <aws/crt/io/TlsOptions.h>
11
12#include <chrono>
13#include <functional>
14
15struct aws_credentials;
16struct aws_credentials_provider;
17
18namespace Aws
19{
20 namespace Crt
21 {
22 namespace Io
23 {
24 class ClientBootstrap;
25 }
26
27 namespace Http
28 {
29 class HttpClientConnectionProxyOptions;
30 }
31
32 namespace Auth
33 {
37 class AWS_CRT_CPP_API Credentials
38 {
39 public:
40 Credentials(const aws_credentials *credentials) noexcept;
41 Credentials(
42 ByteCursor access_key_id,
43 ByteCursor secret_access_key,
44 ByteCursor session_token,
45 uint64_t expiration_timepoint_in_seconds,
46 Allocator *allocator = ApiAllocator()) noexcept;
47
53 Credentials(Allocator *allocator = ApiAllocator()) noexcept;
54
55 ~Credentials();
56
57 Credentials(const Credentials &) = delete;
58 Credentials(Credentials &&) = delete;
59 Credentials &operator=(const Credentials &) = delete;
60 Credentials &operator=(Credentials &&) = delete;
61
65 ByteCursor GetAccessKeyId() const noexcept;
66
70 ByteCursor GetSecretAccessKey() const noexcept;
71
75 ByteCursor GetSessionToken() const noexcept;
76
80 uint64_t GetExpirationTimepointInSeconds() const noexcept;
81
85 ByteCursor GetAccountId() const noexcept;
86
90 explicit operator bool() const noexcept;
91
95 const aws_credentials *GetUnderlyingHandle() const noexcept { return m_credentials; }
96
97 private:
98 const aws_credentials *m_credentials;
99 };
100
105 using OnCredentialsResolved = std::function<void(std::shared_ptr<Credentials>, int errorCode)>;
106
110 using GetCredentialsHandler = std::function<std::shared_ptr<Credentials>()>;
111
116 class AWS_CRT_CPP_API ICredentialsProvider : public std::enable_shared_from_this<ICredentialsProvider>
117 {
118 public:
119 virtual ~ICredentialsProvider() = default;
120
124 virtual bool GetCredentials(const OnCredentialsResolved &onCredentialsResolved) const = 0;
125
132 virtual aws_credentials_provider *GetUnderlyingHandle() const noexcept = 0;
133
137 virtual bool IsValid() const noexcept = 0;
138 };
139
143 struct AWS_CRT_CPP_API CredentialsProviderStaticConfig
144 {
145 CredentialsProviderStaticConfig()
146 {
147 AWS_ZERO_STRUCT(AccessKeyId);
148 AWS_ZERO_STRUCT(SecretAccessKey);
149 AWS_ZERO_STRUCT(SessionToken);
150 }
151
155 ByteCursor AccessKeyId;
156
160 ByteCursor SecretAccessKey;
161
165 ByteCursor SessionToken;
166 };
167
171 struct AWS_CRT_CPP_API CredentialsProviderProfileConfig
172 {
173 CredentialsProviderProfileConfig() : Bootstrap(nullptr), TlsContext(nullptr)
174 {
175 AWS_ZERO_STRUCT(ProfileNameOverride);
176 AWS_ZERO_STRUCT(ConfigFileNameOverride);
177 AWS_ZERO_STRUCT(CredentialsFileNameOverride);
178 }
179
183 ByteCursor ProfileNameOverride;
184
189 ByteCursor ConfigFileNameOverride;
190
195 ByteCursor CredentialsFileNameOverride;
196
201 Io::ClientBootstrap *Bootstrap;
202
212 Io::TlsContext *TlsContext;
213 Io::TlsConnectionOptions TlsConnectionOptions;
214
218 Optional<Http::ProxyEnvVarOptions> ProxyEnvVarOptions;
219 };
220
237
252
256 struct AWS_CRT_CPP_API CredentialsProviderCachedConfig
257 {
258 CredentialsProviderCachedConfig() : Provider(), CachedCredentialTTL() {}
259
263 std::shared_ptr<ICredentialsProvider> Provider;
264
268 std::chrono::milliseconds CachedCredentialTTL;
269 };
270
298
302 struct AWS_CRT_CPP_API CredentialsProviderX509Config
303 {
304 CredentialsProviderX509Config()
305 : Bootstrap(nullptr), TlsOptions(), ThingName(), RoleAlias(), Endpoint(), ProxyOptions()
306 {
307 }
308
316 Io::ClientBootstrap *Bootstrap;
317
318 /* TLS connection options that have been initialized with your x509 certificate and private key */
319 Io::TlsConnectionOptions TlsOptions;
320
321 /* IoT thing name you registered with AWS IOT for your device, it will be used in http request header */
322 String ThingName;
323
324 /* Iot role alias you created with AWS IoT for your IAM role, it will be used in http request path */
325 String RoleAlias;
326
333 String Endpoint;
334
338 Optional<Http::HttpClientConnectionProxyOptions> ProxyOptions;
339 };
340
344 struct AWS_CRT_CPP_API CredentialsProviderDelegateConfig
345 {
346 /* handler to provider credentials */
347 GetCredentialsHandler Handler;
348 };
349
366
414
461
508
546
553 class AWS_CRT_CPP_API CredentialsProvider : public ICredentialsProvider
554 {
555 public:
556 CredentialsProvider(aws_credentials_provider *provider, Allocator *allocator = ApiAllocator()) noexcept;
557
558 virtual ~CredentialsProvider();
559
560 CredentialsProvider(const CredentialsProvider &) = delete;
561 CredentialsProvider(CredentialsProvider &&) = delete;
562 CredentialsProvider &operator=(const CredentialsProvider &) = delete;
563 CredentialsProvider &operator=(CredentialsProvider &&) = delete;
564
568 virtual bool GetCredentials(const OnCredentialsResolved &onCredentialsResolved) const override;
569
573 virtual aws_credentials_provider *GetUnderlyingHandle() const noexcept override { return m_provider; }
574
578 virtual bool IsValid() const noexcept override { return m_provider != nullptr; }
579
580 /*
581 * Factory methods for all of the basic credentials provider types
582 */
583
587 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderStatic(
588 const CredentialsProviderStaticConfig &config,
589 Allocator *allocator = ApiAllocator());
590
595 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderAnonymous(
596 Allocator *allocator = ApiAllocator());
597
601 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderEnvironment(
602 Allocator *allocator = ApiAllocator());
603
607 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderProfile(
608 const CredentialsProviderProfileConfig &config,
609 Allocator *allocator = ApiAllocator());
610
614 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderImds(
615 const CredentialsProviderImdsConfig &config,
616 Allocator *allocator = ApiAllocator());
617
622 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderChain(
623 const CredentialsProviderChainConfig &config,
624 Allocator *allocator = ApiAllocator());
625
626 /*
627 * Creates a provider that puts a simple time-based cache in front of its queries
628 * to a subordinate provider.
629 */
630 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderCached(
631 const CredentialsProviderCachedConfig &config,
632 Allocator *allocator = ApiAllocator());
633
640 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderChainDefault(
641 const CredentialsProviderChainDefaultConfig &config,
642 Allocator *allocator = ApiAllocator());
643
648 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderX509(
649 const CredentialsProviderX509Config &config,
650 Allocator *allocator = ApiAllocator());
651
656 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderDelegate(
657 const CredentialsProviderDelegateConfig &config,
658 Allocator *allocator = ApiAllocator());
659
663 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderCognito(
664 const CredentialsProviderCognitoConfig &config,
665 Allocator *allocator = ApiAllocator());
666
670 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderSTS(
671 const CredentialsProviderSTSConfig &config,
672 Allocator *allocator = ApiAllocator());
673
674 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderSTSWebIdentity(
675 const CredentialsProviderSTSWebIdentityConfig &config,
676 Allocator *allocator = ApiAllocator());
677
681 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderLogin(
682 const CredentialsProviderLoginConfig &config,
683 Allocator *allocator = ApiAllocator());
684
685 private:
686 static void s_onCredentialsResolved(aws_credentials *credentials, int error_code, void *user_data);
687
688 Allocator *m_allocator;
689 aws_credentials_provider *m_provider;
690 };
691 } // namespace Auth
692 } // namespace Crt
693} // namespace Aws
AWS_CRT_CPP_API
#define AWS_CRT_CPP_API
Definition Exports.h:36
Aws::Crt::Auth::Credentials
Definition Credentials.h:38
Aws::Crt::Auth::Credentials::operator=
Credentials & operator=(Credentials &&)=delete
Aws::Crt::Auth::Credentials::operator=
Credentials & operator=(const Credentials &)=delete
Aws::Crt::Auth::Credentials::Credentials
Credentials(const Credentials &)=delete
Aws::Crt::Auth::Credentials::Credentials
Credentials(Credentials &&)=delete
Aws::Crt::Auth::CredentialsProvider
Definition Credentials.h:554
Aws::Crt::Auth::CredentialsProvider::operator=
CredentialsProvider & operator=(CredentialsProvider &&)=delete
Aws::Crt::Auth::CredentialsProvider::GetUnderlyingHandle
virtual aws_credentials_provider * GetUnderlyingHandle() const noexcept override
Definition Credentials.h:573
Aws::Crt::Auth::CredentialsProvider::CredentialsProvider
CredentialsProvider(const CredentialsProvider &)=delete
Aws::Crt::Auth::CredentialsProvider::IsValid
virtual bool IsValid() const noexcept override
Definition Credentials.h:578
Aws::Crt::Auth::CredentialsProvider::CredentialsProvider
CredentialsProvider(CredentialsProvider &&)=delete
Aws::Crt::Auth::CredentialsProvider::operator=
CredentialsProvider & operator=(const CredentialsProvider &)=delete
Aws::Crt::Auth::ICredentialsProvider
Definition Credentials.h:117
Aws::Crt::Auth::ICredentialsProvider::GetCredentials
virtual bool GetCredentials(const OnCredentialsResolved &onCredentialsResolved) const =0
Aws::Crt::Auth::ICredentialsProvider::GetUnderlyingHandle
virtual aws_credentials_provider * GetUnderlyingHandle() const noexcept=0
Aws::Crt::Io::ClientBootstrap
Definition Bootstrap.h:35
Aws::Crt::Io::TlsConnectionOptions
Definition TlsOptions.h:293
Aws::Crt::Io::TlsContext
Definition TlsOptions.h:350
Aws::Crt::Optional
Definition Optional.h:19
Aws::Crt::Auth::OnCredentialsResolved
std::function< void(std::shared_ptr< Credentials >, int errorCode)> OnCredentialsResolved
Definition Credentials.h:105
Aws::Crt::Auth::GetCredentialsHandler
std::function< std::shared_ptr< Credentials >()> GetCredentialsHandler
Definition Credentials.h:110
Aws::Crt::ByteCursor
aws_byte_cursor ByteCursor
Definition Types.h:31
Aws::Crt::Allocator
aws_allocator Allocator
Definition Allocator.h:14
Aws::Crt::ApiAllocator
AWS_CRT_CPP_API Allocator * ApiAllocator() noexcept
Definition Allocator.cpp:24
Aws::Crt::String
std::basic_string< char, std::char_traits< char >, StlAllocator< char > > String
Definition Types.h:45
Aws::Crt::Vector
std::vector< T, StlAllocator< T > > Vector
Definition Types.h:53
Aws
Definition Allocator.h:11
Aws::Crt::Auth::CognitoLoginPair
Definition Credentials.h:354
Aws::Crt::Auth::CognitoLoginPair::IdentityProviderName
String IdentityProviderName
Definition Credentials.h:359
Aws::Crt::Auth::CognitoLoginPair::IdentityProviderToken
String IdentityProviderToken
Definition Credentials.h:364
Aws::Crt::Auth::CredentialsProviderCachedConfig::Provider
std::shared_ptr< ICredentialsProvider > Provider
Definition Credentials.h:263
Aws::Crt::Auth::CredentialsProviderCachedConfig::CredentialsProviderCachedConfig
CredentialsProviderCachedConfig()
Definition Credentials.h:258
Aws::Crt::Auth::CredentialsProviderCachedConfig::CachedCredentialTTL
std::chrono::milliseconds CachedCredentialTTL
Definition Credentials.h:268
Aws::Crt::Auth::CredentialsProviderChainConfig::CredentialsProviderChainConfig
CredentialsProviderChainConfig()
Definition Credentials.h:245
Aws::Crt::Auth::CredentialsProviderChainConfig::Providers
Vector< std::shared_ptr< ICredentialsProvider > > Providers
Definition Credentials.h:250
Aws::Crt::Auth::CredentialsProviderChainDefaultConfig::TlsContext
Io::TlsContext * TlsContext
Definition Credentials.h:296
Aws::Crt::Auth::CredentialsProviderChainDefaultConfig::Bootstrap
Io::ClientBootstrap * Bootstrap
Definition Credentials.h:287
Aws::Crt::Auth::CredentialsProviderChainDefaultConfig::CredentialsProviderChainDefaultConfig
CredentialsProviderChainDefaultConfig()
Definition Credentials.h:279
Aws::Crt::Auth::CredentialsProviderCognitoConfig::Logins
Optional< Vector< CognitoLoginPair > > Logins
Definition Credentials.h:387
Aws::Crt::Auth::CredentialsProviderCognitoConfig::CustomRoleArn
Optional< String > CustomRoleArn
Definition Credentials.h:393
Aws::Crt::Auth::CredentialsProviderCognitoConfig::ProxyOptions
Optional< Http::HttpClientConnectionProxyOptions > ProxyOptions
Definition Credentials.h:412
Aws::Crt::Auth::CredentialsProviderCognitoConfig::Bootstrap
Io::ClientBootstrap * Bootstrap
Definition Credentials.h:402
Aws::Crt::Auth::CredentialsProviderCognitoConfig::Endpoint
String Endpoint
Definition Credentials.h:377
Aws::Crt::Auth::CredentialsProviderCognitoConfig::TlsCtx
Io::TlsContext TlsCtx
Definition Credentials.h:407
Aws::Crt::Auth::CredentialsProviderCognitoConfig::Identity
String Identity
Definition Credentials.h:382
Aws::Crt::Auth::CredentialsProviderDelegateConfig::Handler
GetCredentialsHandler Handler
Definition Credentials.h:347
Aws::Crt::Auth::CredentialsProviderImdsConfig::CredentialsProviderImdsConfig
CredentialsProviderImdsConfig()
Definition Credentials.h:226
Aws::Crt::Auth::CredentialsProviderImdsConfig::Bootstrap
Io::ClientBootstrap * Bootstrap
Definition Credentials.h:235
Aws::Crt::Auth::CredentialsProviderLoginConfig::LoginCacheOverride
String LoginCacheOverride
Definition Credentials.h:525
Aws::Crt::Auth::CredentialsProviderLoginConfig::TlsConnectionOptions
Io::TlsConnectionOptions TlsConnectionOptions
Definition Credentials.h:544
Aws::Crt::Auth::CredentialsProviderLoginConfig::LoginRegion
String LoginRegion
Definition Credentials.h:530
Aws::Crt::Auth::CredentialsProviderLoginConfig::Bootstrap
Io::ClientBootstrap * Bootstrap
Definition Credentials.h:539
Aws::Crt::Auth::CredentialsProviderLoginConfig::LoginSession
String LoginSession
Definition Credentials.h:519
Aws::Crt::Auth::CredentialsProviderProfileConfig::ConfigFileNameOverride
ByteCursor ConfigFileNameOverride
Definition Credentials.h:189
Aws::Crt::Auth::CredentialsProviderProfileConfig::CredentialsFileNameOverride
ByteCursor CredentialsFileNameOverride
Definition Credentials.h:195
Aws::Crt::Auth::CredentialsProviderProfileConfig::ProfileNameOverride
ByteCursor ProfileNameOverride
Definition Credentials.h:183
Aws::Crt::Auth::CredentialsProviderProfileConfig::ProxyEnvVarOptions
Optional< Http::ProxyEnvVarOptions > ProxyEnvVarOptions
Definition Credentials.h:218
Aws::Crt::Auth::CredentialsProviderProfileConfig::Bootstrap
Io::ClientBootstrap * Bootstrap
Definition Credentials.h:201
Aws::Crt::Auth::CredentialsProviderProfileConfig::TlsConnectionOptions
Io::TlsConnectionOptions TlsConnectionOptions
Definition Credentials.h:213
Aws::Crt::Auth::CredentialsProviderProfileConfig::CredentialsProviderProfileConfig
CredentialsProviderProfileConfig()
Definition Credentials.h:173
Aws::Crt::Auth::CredentialsProviderProfileConfig::TlsContext
Io::TlsContext * TlsContext
Definition Credentials.h:212
Aws::Crt::Auth::CredentialsProviderSTSConfig::ProxyOptions
Optional< Http::HttpClientConnectionProxyOptions > ProxyOptions
Definition Credentials.h:459
Aws::Crt::Auth::CredentialsProviderSTSConfig::Bootstrap
Io::ClientBootstrap * Bootstrap
Definition Credentials.h:449
Aws::Crt::Auth::CredentialsProviderSTSConfig::DurationSeconds
uint16_t DurationSeconds
Definition Credentials.h:440
Aws::Crt::Auth::CredentialsProviderSTSConfig::Provider
std::shared_ptr< ICredentialsProvider > Provider
Definition Credentials.h:425
Aws::Crt::Auth::CredentialsProviderSTSConfig::SessionName
String SessionName
Definition Credentials.h:435
Aws::Crt::Auth::CredentialsProviderSTSConfig::TlsCtx
Io::TlsContext TlsCtx
Definition Credentials.h:454
Aws::Crt::Auth::CredentialsProviderSTSConfig::RoleArn
String RoleArn
Definition Credentials.h:430
Aws::Crt::Auth::CredentialsProviderSTSWebIdentityConfig::TlsConnectionOptions
Io::TlsConnectionOptions TlsConnectionOptions
Definition Credentials.h:501
Aws::Crt::Auth::CredentialsProviderSTSWebIdentityConfig::TokenFilePath
String TokenFilePath
Definition Credentials.h:487
Aws::Crt::Auth::CredentialsProviderSTSWebIdentityConfig::ProxyEnvVarOptions
Optional< Http::ProxyEnvVarOptions > ProxyEnvVarOptions
Definition Credentials.h:506
Aws::Crt::Auth::CredentialsProviderSTSWebIdentityConfig::Bootstrap
Io::ClientBootstrap * Bootstrap
Definition Credentials.h:496
Aws::Crt::Auth::CredentialsProviderSTSWebIdentityConfig::SessionName
String SessionName
Definition Credentials.h:477
Aws::Crt::Auth::CredentialsProviderStaticConfig::SecretAccessKey
ByteCursor SecretAccessKey
Definition Credentials.h:160
Aws::Crt::Auth::CredentialsProviderStaticConfig::AccessKeyId
ByteCursor AccessKeyId
Definition Credentials.h:155
Aws::Crt::Auth::CredentialsProviderStaticConfig::CredentialsProviderStaticConfig
CredentialsProviderStaticConfig()
Definition Credentials.h:145
Aws::Crt::Auth::CredentialsProviderStaticConfig::SessionToken
ByteCursor SessionToken
Definition Credentials.h:165
Aws::Crt::Auth::CredentialsProviderX509Config::ProxyOptions
Optional< Http::HttpClientConnectionProxyOptions > ProxyOptions
Definition Credentials.h:338
Aws::Crt::Auth::CredentialsProviderX509Config::CredentialsProviderX509Config
CredentialsProviderX509Config()
Definition Credentials.h:304
Aws::Crt::Auth::CredentialsProviderX509Config::Endpoint
String Endpoint
Definition Credentials.h:333
Aws::Crt::Auth::CredentialsProviderX509Config::ThingName
String ThingName
Definition Credentials.h:322
Aws::Crt::Auth::CredentialsProviderX509Config::RoleAlias
String RoleAlias
Definition Credentials.h:325
Aws::Crt::Auth::CredentialsProviderX509Config::Bootstrap
Io::ClientBootstrap * Bootstrap
Definition Credentials.h:316
Aws::Crt::Auth::CredentialsProviderX509Config::TlsOptions
Io::TlsConnectionOptions TlsOptions
Definition Credentials.h:319
Generated by doxygen 1.9.8