• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 //
2 // Copyright (C) 2019 The Android Open Source Project
3 //
4 // Licensed under the Apache License, Version 2.0 (the "License");
5 // you may not use this file except in compliance with the License.
6 // You may obtain a copy of the License at
7 //
8 //      http://www.apache.org/licenses/LICENSE-2.0
9 //
10 // Unless required by applicable law or agreed to in writing, software
11 // distributed under the License is distributed on an "AS IS" BASIS,
12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 // See the License for the specific language governing permissions and
14 // limitations under the License.
15 
16 #pragma once
17 
18 #include <chrono>
19 #include <memory>
20 
21 #include <json/json.h>
22 #include <openssl/evp.h>
23 
24 #include "common/libs/utils/result.h"
25 #include "host/libs/web/curl_wrapper.h"
26 
27 namespace cuttlefish {
28 
29 class CredentialSource {
30 public:
31   virtual ~CredentialSource() = default;
32   virtual std::string Credential() = 0;
33 };
34 
35 class GceMetadataCredentialSource : public CredentialSource {
36   CurlWrapper& curl;
37   std::string latest_credential;
38   std::chrono::steady_clock::time_point expiration;
39 
40   void RefreshCredential();
41 public:
42  GceMetadataCredentialSource(CurlWrapper&);
43  GceMetadataCredentialSource(GceMetadataCredentialSource&&) = default;
44 
45  virtual std::string Credential();
46 
47  static std::unique_ptr<CredentialSource> make(CurlWrapper&);
48 };
49 
50 class FixedCredentialSource : public CredentialSource {
51   std::string credential;
52 public:
53   FixedCredentialSource(const std::string& credential);
54 
55   virtual std::string Credential();
56 
57   static std::unique_ptr<CredentialSource> make(const std::string& credential);
58 };
59 
60 class RefreshCredentialSource : public CredentialSource {
61  public:
62   static Result<RefreshCredentialSource> FromOauth2ClientFile(
63       CurlWrapper& curl, std::istream& stream);
64 
65   RefreshCredentialSource(CurlWrapper& curl, const std::string& client_id,
66                           const std::string& client_secret,
67                           const std::string& refresh_token);
68 
69   std::string Credential() override;
70 
71  private:
72   void UpdateLatestCredential();
73 
74   CurlWrapper& curl_;
75   std::string client_id_;
76   std::string client_secret_;
77   std::string refresh_token_;
78 
79   std::string latest_credential_;
80   std::chrono::steady_clock::time_point expiration_;
81 };
82 
83 class ServiceAccountOauthCredentialSource : public CredentialSource {
84  public:
85   static Result<ServiceAccountOauthCredentialSource> FromJson(
86       CurlWrapper& curl, const Json::Value& service_account_json,
87       const std::string& scope);
88   ServiceAccountOauthCredentialSource(ServiceAccountOauthCredentialSource&&) =
89       default;
90 
91   std::string Credential() override;
92 
93  private:
94   ServiceAccountOauthCredentialSource(CurlWrapper& curl);
95   void RefreshCredential();
96 
97   CurlWrapper& curl_;
98   std::string email_;
99   std::string scope_;
100   std::unique_ptr<EVP_PKEY, void (*)(EVP_PKEY*)> private_key_;
101 
102   std::string latest_credential_;
103   std::chrono::steady_clock::time_point expiration_;
104 };
105 }
106