• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 //
2 // Copyright (C) 2019 The Android Open Source Project
3 //
4 // Licensed under the Apache License, Version 2.0 (the "License");
5 // you may not use this file except in compliance with the License.
6 // You may obtain a copy of the License at
7 //
8 //      http://www.apache.org/licenses/LICENSE-2.0
9 //
10 // Unless required by applicable law or agreed to in writing, software
11 // distributed under the License is distributed on an "AS IS" BASIS,
12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 // See the License for the specific language governing permissions and
14 // limitations under the License.
15 
16 #pragma once
17 
18 #include <chrono>
19 #include <memory>
20 
21 #include <json/json.h>
22 #include <openssl/evp.h>
23 
24 #include "common/libs/utils/result.h"
25 #include "host/libs/web/http_client/http_client.h"
26 
27 namespace cuttlefish {
28 
29 class CredentialSource {
30 public:
31   virtual ~CredentialSource() = default;
32   virtual Result<std::string> Credential() = 0;
33 };
34 
35 class GceMetadataCredentialSource : public CredentialSource {
36   HttpClient& http_client;
37   std::string latest_credential;
38   std::chrono::steady_clock::time_point expiration;
39 
40   Result<void> RefreshCredential();
41 
42  public:
43   GceMetadataCredentialSource(HttpClient&);
44   GceMetadataCredentialSource(GceMetadataCredentialSource&&) = default;
45 
46   Result<std::string> Credential() override;
47 
48   static std::unique_ptr<CredentialSource> make(HttpClient&);
49 };
50 
51 class FixedCredentialSource : public CredentialSource {
52   std::string credential;
53 public:
54   FixedCredentialSource(const std::string& credential);
55 
56   Result<std::string> Credential() override;
57 
58   static std::unique_ptr<CredentialSource> make(const std::string& credential);
59 };
60 
61 class RefreshCredentialSource : public CredentialSource {
62  public:
63   static Result<RefreshCredentialSource> FromOauth2ClientFile(
64       HttpClient& http_client, std::istream& stream);
65 
66   RefreshCredentialSource(HttpClient& http_client, const std::string& client_id,
67                           const std::string& client_secret,
68                           const std::string& refresh_token);
69 
70   Result<std::string> Credential() override;
71 
72  private:
73   Result<void> UpdateLatestCredential();
74 
75   HttpClient& http_client_;
76   std::string client_id_;
77   std::string client_secret_;
78   std::string refresh_token_;
79 
80   std::string latest_credential_;
81   std::chrono::steady_clock::time_point expiration_;
82 };
83 
84 class ServiceAccountOauthCredentialSource : public CredentialSource {
85  public:
86   static Result<ServiceAccountOauthCredentialSource> FromJson(
87       HttpClient& http_client, const Json::Value& service_account_json,
88       const std::string& scope);
89   ServiceAccountOauthCredentialSource(ServiceAccountOauthCredentialSource&&) =
90       default;
91 
92   Result<std::string> Credential() override;
93 
94  private:
95   ServiceAccountOauthCredentialSource(HttpClient& http_client);
96   Result<void> RefreshCredential();
97 
98   HttpClient& http_client_;
99   std::string email_;
100   std::string scope_;
101   std::unique_ptr<EVP_PKEY, void (*)(EVP_PKEY*)> private_key_;
102 
103   std::string latest_credential_;
104   std::chrono::steady_clock::time_point expiration_;
105 };
106 }
107