1 // Copyright 2021 gRPC authors. 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 #ifndef GRPC_SRC_CORE_LIB_SECURITY_AUTHORIZATION_EVALUATE_ARGS_H 16 #define GRPC_SRC_CORE_LIB_SECURITY_AUTHORIZATION_EVALUATE_ARGS_H 17 18 #include <grpc/grpc_security.h> 19 #include <grpc/support/port_platform.h> 20 21 #include <string> 22 #include <vector> 23 24 #include "absl/strings/string_view.h" 25 #include "absl/types/optional.h" 26 #include "src/core/lib/channel/channel_args.h" 27 #include "src/core/lib/iomgr/resolved_address.h" 28 #include "src/core/lib/transport/metadata_batch.h" 29 30 namespace grpc_core { 31 32 class EvaluateArgs final { 33 public: 34 // Caller is responsible for ensuring auth_context outlives PerChannelArgs 35 // struct. 36 struct PerChannelArgs { 37 struct Address { 38 // The address in sockaddr form. 39 grpc_resolved_address address; 40 // The same address with only the host part. 41 std::string address_str; 42 int port = 0; 43 }; 44 45 PerChannelArgs(grpc_auth_context* auth_context, const ChannelArgs& args); 46 47 absl::string_view transport_security_type; 48 absl::string_view spiffe_id; 49 std::vector<absl::string_view> uri_sans; 50 std::vector<absl::string_view> dns_sans; 51 absl::string_view common_name; 52 absl::string_view subject; 53 Address local_address; 54 Address peer_address; 55 }; 56 EvaluateArgs(grpc_metadata_batch * metadata,PerChannelArgs * channel_args)57 EvaluateArgs(grpc_metadata_batch* metadata, PerChannelArgs* channel_args) 58 : metadata_(metadata), channel_args_(channel_args) {} 59 60 absl::string_view GetPath() const; 61 absl::string_view GetAuthority() const; 62 absl::string_view GetMethod() const; 63 // Returns metadata value(s) for the specified key. 64 // If the key is not present in the batch, returns absl::nullopt. 65 // If the key is present exactly once in the batch, returns a string_view of 66 // that value. 67 // If the key is present more than once in the batch, constructs a 68 // comma-concatenated string of all values in concatenated_value and returns a 69 // string_view of that string. 70 absl::optional<absl::string_view> GetHeaderValue( 71 absl::string_view key, std::string* concatenated_value) const; 72 73 grpc_resolved_address GetLocalAddress() const; 74 absl::string_view GetLocalAddressString() const; 75 int GetLocalPort() const; 76 grpc_resolved_address GetPeerAddress() const; 77 absl::string_view GetPeerAddressString() const; 78 int GetPeerPort() const; 79 absl::string_view GetTransportSecurityType() const; 80 absl::string_view GetSpiffeId() const; 81 std::vector<absl::string_view> GetUriSans() const; 82 std::vector<absl::string_view> GetDnsSans() const; 83 absl::string_view GetCommonName() const; 84 absl::string_view GetSubject() const; 85 86 private: 87 grpc_metadata_batch* metadata_; 88 PerChannelArgs* channel_args_; 89 }; 90 91 } // namespace grpc_core 92 93 #endif // GRPC_SRC_CORE_LIB_SECURITY_AUTHORIZATION_EVALUATE_ARGS_H 94