aws-crt-cpp
C++ wrapper around the aws-c-* libraries. Provides Cross-Platform Transport Protocols and SSL/TLS implementations for C++.
Loading...
Searching...
No Matches
Credentials.h
Go to the documentation of this file.
1#pragma once
7#include <aws/crt/Exports.h>
8#include <aws/crt/Types.h>
9#include <aws/crt/http/HttpConnection.h>
10#include <aws/crt/io/TlsOptions.h>
11
12#include <chrono>
13#include <functional>
14
15struct aws_credentials;
16struct aws_credentials_provider;
17
18namespace Aws
19{
20 namespace Crt
21 {
22 namespace Io
23 {
24 class ClientBootstrap;
25 }
26
27 namespace Http
28 {
29 class HttpClientConnectionProxyOptions;
30 }
31
32 namespace Auth
33 {
37 class AWS_CRT_CPP_API Credentials
38 {
39 public:
40 Credentials(const aws_credentials *credentials) noexcept;
41 Credentials(
42 ByteCursor access_key_id,
43 ByteCursor secret_access_key,
44 ByteCursor session_token,
45 uint64_t expiration_timepoint_in_seconds,
46 Allocator *allocator = ApiAllocator()) noexcept;
47
53 Credentials(Allocator *allocator = ApiAllocator()) noexcept;
54
55 ~Credentials();
56
57 Credentials(const Credentials &) = delete;
58 Credentials(Credentials &&) = delete;
59 Credentials &operator=(const Credentials &) = delete;
60 Credentials &operator=(Credentials &&) = delete;
61
65 ByteCursor GetAccessKeyId() const noexcept;
66
70 ByteCursor GetSecretAccessKey() const noexcept;
71
75 ByteCursor GetSessionToken() const noexcept;
76
80 uint64_t GetExpirationTimepointInSeconds() const noexcept;
81
85 explicit operator bool() const noexcept;
86
90 const aws_credentials *GetUnderlyingHandle() const noexcept { return m_credentials; }
91
92 private:
93 const aws_credentials *m_credentials;
94 };
95
100 using OnCredentialsResolved = std::function<void(std::shared_ptr<Credentials>, int errorCode)>;
101
105 using GetCredentialsHandler = std::function<std::shared_ptr<Credentials>()>;
106
111 class AWS_CRT_CPP_API ICredentialsProvider : public std::enable_shared_from_this<ICredentialsProvider>
112 {
113 public:
114 virtual ~ICredentialsProvider() = default;
115
119 virtual bool GetCredentials(const OnCredentialsResolved &onCredentialsResolved) const = 0;
120
127 virtual aws_credentials_provider *GetUnderlyingHandle() const noexcept = 0;
128
132 virtual bool IsValid() const noexcept = 0;
133 };
134
138 struct AWS_CRT_CPP_API CredentialsProviderStaticConfig
139 {
140 CredentialsProviderStaticConfig()
141 {
142 AWS_ZERO_STRUCT(AccessKeyId);
143 AWS_ZERO_STRUCT(SecretAccessKey);
144 AWS_ZERO_STRUCT(SessionToken);
145 }
146
150 ByteCursor AccessKeyId;
151
155 ByteCursor SecretAccessKey;
156
160 ByteCursor SessionToken;
161 };
162
166 struct AWS_CRT_CPP_API CredentialsProviderProfileConfig
167 {
168 CredentialsProviderProfileConfig() : Bootstrap(nullptr), TlsContext(nullptr)
169 {
170 AWS_ZERO_STRUCT(ProfileNameOverride);
171 AWS_ZERO_STRUCT(ConfigFileNameOverride);
172 AWS_ZERO_STRUCT(CredentialsFileNameOverride);
173 }
174
178 ByteCursor ProfileNameOverride;
179
184 ByteCursor ConfigFileNameOverride;
185
190 ByteCursor CredentialsFileNameOverride;
191
196 Io::ClientBootstrap *Bootstrap;
197
206 Io::TlsContext *TlsContext;
207 };
208
225
240
244 struct AWS_CRT_CPP_API CredentialsProviderCachedConfig
245 {
246 CredentialsProviderCachedConfig() : Provider(), CachedCredentialTTL() {}
247
251 std::shared_ptr<ICredentialsProvider> Provider;
252
256 std::chrono::milliseconds CachedCredentialTTL;
257 };
258
286
290 struct AWS_CRT_CPP_API CredentialsProviderX509Config
291 {
292 CredentialsProviderX509Config()
293 : Bootstrap(nullptr), TlsOptions(), ThingName(), RoleAlias(), Endpoint(), ProxyOptions()
294 {
295 }
296
304 Io::ClientBootstrap *Bootstrap;
305
306 /* TLS connection options that have been initialized with your x509 certificate and private key */
307 Io::TlsConnectionOptions TlsOptions;
308
309 /* IoT thing name you registered with AWS IOT for your device, it will be used in http request header */
310 String ThingName;
311
312 /* Iot role alias you created with AWS IoT for your IAM role, it will be used in http request path */
313 String RoleAlias;
314
321 String Endpoint;
322
326 Optional<Http::HttpClientConnectionProxyOptions> ProxyOptions;
327 };
328
332 struct AWS_CRT_CPP_API CredentialsProviderDelegateConfig
333 {
334 /* handler to provider credentials */
335 GetCredentialsHandler Handler;
336 };
337
354
402
449
456 class AWS_CRT_CPP_API CredentialsProvider : public ICredentialsProvider
457 {
458 public:
459 CredentialsProvider(aws_credentials_provider *provider, Allocator *allocator = ApiAllocator()) noexcept;
460
461 virtual ~CredentialsProvider();
462
463 CredentialsProvider(const CredentialsProvider &) = delete;
464 CredentialsProvider(CredentialsProvider &&) = delete;
465 CredentialsProvider &operator=(const CredentialsProvider &) = delete;
466 CredentialsProvider &operator=(CredentialsProvider &&) = delete;
467
471 virtual bool GetCredentials(const OnCredentialsResolved &onCredentialsResolved) const override;
472
476 virtual aws_credentials_provider *GetUnderlyingHandle() const noexcept override { return m_provider; }
477
481 virtual bool IsValid() const noexcept override { return m_provider != nullptr; }
482
483 /*
484 * Factory methods for all of the basic credentials provider types
485 */
486
490 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderStatic(
491 const CredentialsProviderStaticConfig &config,
492 Allocator *allocator = ApiAllocator());
493
498 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderAnonymous(
499 Allocator *allocator = ApiAllocator());
500
504 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderEnvironment(
505 Allocator *allocator = ApiAllocator());
506
510 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderProfile(
511 const CredentialsProviderProfileConfig &config,
512 Allocator *allocator = ApiAllocator());
513
517 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderImds(
518 const CredentialsProviderImdsConfig &config,
519 Allocator *allocator = ApiAllocator());
520
525 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderChain(
526 const CredentialsProviderChainConfig &config,
527 Allocator *allocator = ApiAllocator());
528
529 /*
530 * Creates a provider that puts a simple time-based cache in front of its queries
531 * to a subordinate provider.
532 */
533 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderCached(
534 const CredentialsProviderCachedConfig &config,
535 Allocator *allocator = ApiAllocator());
536
543 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderChainDefault(
544 const CredentialsProviderChainDefaultConfig &config,
545 Allocator *allocator = ApiAllocator());
546
551 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderX509(
552 const CredentialsProviderX509Config &config,
553 Allocator *allocator = ApiAllocator());
554
559 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderDelegate(
560 const CredentialsProviderDelegateConfig &config,
561 Allocator *allocator = ApiAllocator());
562
566 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderCognito(
567 const CredentialsProviderCognitoConfig &config,
568 Allocator *allocator = ApiAllocator());
569
573 static std::shared_ptr<ICredentialsProvider> CreateCredentialsProviderSTS(
574 const CredentialsProviderSTSConfig &config,
575 Allocator *allocator = ApiAllocator());
576
577 private:
578 static void s_onCredentialsResolved(aws_credentials *credentials, int error_code, void *user_data);
579
580 Allocator *m_allocator;
581 aws_credentials_provider *m_provider;
582 };
583 } // namespace Auth
584 } // namespace Crt
585} // namespace Aws
AWS_CRT_CPP_API
#define AWS_CRT_CPP_API
Definition Exports.h:36
Aws::Crt::Auth::Credentials
Definition Credentials.h:38
Aws::Crt::Auth::Credentials::operator=
Credentials & operator=(Credentials &&)=delete
Aws::Crt::Auth::Credentials::operator=
Credentials & operator=(const Credentials &)=delete
Aws::Crt::Auth::Credentials::Credentials
Credentials(const Credentials &)=delete
Aws::Crt::Auth::Credentials::Credentials
Credentials(Credentials &&)=delete
Aws::Crt::Auth::CredentialsProvider
Definition Credentials.h:457
Aws::Crt::Auth::CredentialsProvider::operator=
CredentialsProvider & operator=(CredentialsProvider &&)=delete
Aws::Crt::Auth::CredentialsProvider::GetUnderlyingHandle
virtual aws_credentials_provider * GetUnderlyingHandle() const noexcept override
Definition Credentials.h:476
Aws::Crt::Auth::CredentialsProvider::CredentialsProvider
CredentialsProvider(const CredentialsProvider &)=delete
Aws::Crt::Auth::CredentialsProvider::IsValid
virtual bool IsValid() const noexcept override
Definition Credentials.h:481
Aws::Crt::Auth::CredentialsProvider::CredentialsProvider
CredentialsProvider(CredentialsProvider &&)=delete
Aws::Crt::Auth::CredentialsProvider::operator=
CredentialsProvider & operator=(const CredentialsProvider &)=delete
Aws::Crt::Auth::ICredentialsProvider
Definition Credentials.h:112
Aws::Crt::Auth::ICredentialsProvider::GetCredentials
virtual bool GetCredentials(const OnCredentialsResolved &onCredentialsResolved) const =0
Aws::Crt::Auth::ICredentialsProvider::GetUnderlyingHandle
virtual aws_credentials_provider * GetUnderlyingHandle() const noexcept=0
Aws::Crt::Io::ClientBootstrap
Definition Bootstrap.h:35
Aws::Crt::Io::TlsConnectionOptions
Definition TlsOptions.h:293
Aws::Crt::Io::TlsContext
Definition TlsOptions.h:350
Aws::Crt::Optional
Definition Optional.h:19
Aws::Crt::Auth::OnCredentialsResolved
std::function< void(std::shared_ptr< Credentials >, int errorCode)> OnCredentialsResolved
Definition Credentials.h:100
Aws::Crt::Auth::GetCredentialsHandler
std::function< std::shared_ptr< Credentials >()> GetCredentialsHandler
Definition Credentials.h:105
Aws::Crt::ByteCursor
aws_byte_cursor ByteCursor
Definition Types.h:31
Aws::Crt::Allocator
aws_allocator Allocator
Definition Allocator.h:14
Aws::Crt::ApiAllocator
AWS_CRT_CPP_API Allocator * ApiAllocator() noexcept
Definition Allocator.cpp:24
Aws::Crt::String
std::basic_string< char, std::char_traits< char >, StlAllocator< char > > String
Definition Types.h:45
Aws::Crt::Vector
std::vector< T, StlAllocator< T > > Vector
Definition Types.h:53
Aws
Definition Allocator.h:11
Aws::Crt::Auth::CognitoLoginPair
Definition Credentials.h:342
Aws::Crt::Auth::CognitoLoginPair::IdentityProviderName
String IdentityProviderName
Definition Credentials.h:347
Aws::Crt::Auth::CognitoLoginPair::IdentityProviderToken
String IdentityProviderToken
Definition Credentials.h:352
Aws::Crt::Auth::CredentialsProviderCachedConfig::Provider
std::shared_ptr< ICredentialsProvider > Provider
Definition Credentials.h:251
Aws::Crt::Auth::CredentialsProviderCachedConfig::CredentialsProviderCachedConfig
CredentialsProviderCachedConfig()
Definition Credentials.h:246
Aws::Crt::Auth::CredentialsProviderCachedConfig::CachedCredentialTTL
std::chrono::milliseconds CachedCredentialTTL
Definition Credentials.h:256
Aws::Crt::Auth::CredentialsProviderChainConfig::CredentialsProviderChainConfig
CredentialsProviderChainConfig()
Definition Credentials.h:233
Aws::Crt::Auth::CredentialsProviderChainConfig::Providers
Vector< std::shared_ptr< ICredentialsProvider > > Providers
Definition Credentials.h:238
Aws::Crt::Auth::CredentialsProviderChainDefaultConfig::TlsContext
Io::TlsContext * TlsContext
Definition Credentials.h:284
Aws::Crt::Auth::CredentialsProviderChainDefaultConfig::Bootstrap
Io::ClientBootstrap * Bootstrap
Definition Credentials.h:275
Aws::Crt::Auth::CredentialsProviderChainDefaultConfig::CredentialsProviderChainDefaultConfig
CredentialsProviderChainDefaultConfig()
Definition Credentials.h:267
Aws::Crt::Auth::CredentialsProviderCognitoConfig::Logins
Optional< Vector< CognitoLoginPair > > Logins
Definition Credentials.h:375
Aws::Crt::Auth::CredentialsProviderCognitoConfig::CustomRoleArn
Optional< String > CustomRoleArn
Definition Credentials.h:381
Aws::Crt::Auth::CredentialsProviderCognitoConfig::ProxyOptions
Optional< Http::HttpClientConnectionProxyOptions > ProxyOptions
Definition Credentials.h:400
Aws::Crt::Auth::CredentialsProviderCognitoConfig::Bootstrap
Io::ClientBootstrap * Bootstrap
Definition Credentials.h:390
Aws::Crt::Auth::CredentialsProviderCognitoConfig::Endpoint
String Endpoint
Definition Credentials.h:365
Aws::Crt::Auth::CredentialsProviderCognitoConfig::TlsCtx
Io::TlsContext TlsCtx
Definition Credentials.h:395
Aws::Crt::Auth::CredentialsProviderCognitoConfig::Identity
String Identity
Definition Credentials.h:370
Aws::Crt::Auth::CredentialsProviderDelegateConfig::Handler
GetCredentialsHandler Handler
Definition Credentials.h:335
Aws::Crt::Auth::CredentialsProviderImdsConfig::CredentialsProviderImdsConfig
CredentialsProviderImdsConfig()
Definition Credentials.h:214
Aws::Crt::Auth::CredentialsProviderImdsConfig::Bootstrap
Io::ClientBootstrap * Bootstrap
Definition Credentials.h:223
Aws::Crt::Auth::CredentialsProviderProfileConfig::ConfigFileNameOverride
ByteCursor ConfigFileNameOverride
Definition Credentials.h:184
Aws::Crt::Auth::CredentialsProviderProfileConfig::CredentialsFileNameOverride
ByteCursor CredentialsFileNameOverride
Definition Credentials.h:190
Aws::Crt::Auth::CredentialsProviderProfileConfig::ProfileNameOverride
ByteCursor ProfileNameOverride
Definition Credentials.h:178
Aws::Crt::Auth::CredentialsProviderProfileConfig::Bootstrap
Io::ClientBootstrap * Bootstrap
Definition Credentials.h:196
Aws::Crt::Auth::CredentialsProviderProfileConfig::CredentialsProviderProfileConfig
CredentialsProviderProfileConfig()
Definition Credentials.h:168
Aws::Crt::Auth::CredentialsProviderProfileConfig::TlsContext
Io::TlsContext * TlsContext
Definition Credentials.h:206
Aws::Crt::Auth::CredentialsProviderSTSConfig::ProxyOptions
Optional< Http::HttpClientConnectionProxyOptions > ProxyOptions
Definition Credentials.h:447
Aws::Crt::Auth::CredentialsProviderSTSConfig::Bootstrap
Io::ClientBootstrap * Bootstrap
Definition Credentials.h:437
Aws::Crt::Auth::CredentialsProviderSTSConfig::DurationSeconds
uint16_t DurationSeconds
Definition Credentials.h:428
Aws::Crt::Auth::CredentialsProviderSTSConfig::Provider
std::shared_ptr< ICredentialsProvider > Provider
Definition Credentials.h:413
Aws::Crt::Auth::CredentialsProviderSTSConfig::SessionName
String SessionName
Definition Credentials.h:423
Aws::Crt::Auth::CredentialsProviderSTSConfig::TlsCtx
Io::TlsContext TlsCtx
Definition Credentials.h:442
Aws::Crt::Auth::CredentialsProviderSTSConfig::RoleArn
String RoleArn
Definition Credentials.h:418
Aws::Crt::Auth::CredentialsProviderStaticConfig::SecretAccessKey
ByteCursor SecretAccessKey
Definition Credentials.h:155
Aws::Crt::Auth::CredentialsProviderStaticConfig::AccessKeyId
ByteCursor AccessKeyId
Definition Credentials.h:150
Aws::Crt::Auth::CredentialsProviderStaticConfig::CredentialsProviderStaticConfig
CredentialsProviderStaticConfig()
Definition Credentials.h:140
Aws::Crt::Auth::CredentialsProviderStaticConfig::SessionToken
ByteCursor SessionToken
Definition Credentials.h:160
Aws::Crt::Auth::CredentialsProviderX509Config::ProxyOptions
Optional< Http::HttpClientConnectionProxyOptions > ProxyOptions
Definition Credentials.h:326
Aws::Crt::Auth::CredentialsProviderX509Config::CredentialsProviderX509Config
CredentialsProviderX509Config()
Definition Credentials.h:292
Aws::Crt::Auth::CredentialsProviderX509Config::Endpoint
String Endpoint
Definition Credentials.h:321
Aws::Crt::Auth::CredentialsProviderX509Config::ThingName
String ThingName
Definition Credentials.h:310
Aws::Crt::Auth::CredentialsProviderX509Config::RoleAlias
String RoleAlias
Definition Credentials.h:313
Aws::Crt::Auth::CredentialsProviderX509Config::Bootstrap
Io::ClientBootstrap * Bootstrap
Definition Credentials.h:304
Aws::Crt::Auth::CredentialsProviderX509Config::TlsOptions
Io::TlsConnectionOptions TlsOptions
Definition Credentials.h:307
Generated by doxygen 1.9.8