xrootd
Loading...
Searching...
No Matches
XrdMacaroonsAuthz.hh
Go to the documentation of this file.
1
2#include "XrdAcc/XrdAccAuthorize.hh"
3#include "XrdSciTokens/XrdSciTokensHelper.hh"
4#include "XrdSys/XrdSysError.hh"
5
6
7class XrdSysError;
8
9namespace Macaroons
10{
11
12class Authz final : public XrdAccAuthorize, public XrdSciTokensHelper
13{
14public:
15 Authz(XrdSysLogger *lp, const char *parms, XrdAccAuthorize *chain);
16
17 virtual ~Authz() {}
18
19 virtual XrdAccPrivs Access(const XrdSecEntity *Entity,
20 const char *path,
21 const Access_Operation oper,
22 XrdOucEnv *env) override;
23
24 // Do a minimal validation that this is a non-expired token; used
25 // for session tokens.
26 virtual bool Validate(const char *token,
27 std::string &emsg,
28 long long *expT,
29 XrdSecEntity *entP) override;
30
31 virtual int Audit(const int accok, const XrdSecEntity *Entity,
32 const char *path, const Access_Operation oper,
33 XrdOucEnv *Env) override
34 {
35 return 0;
36 }
37
38 virtual int Test(const XrdAccPrivs priv,
39 const Access_Operation oper) override
40 {
41 return 0;
42 }
43
44 // Macaroons don't have a concept off an "issuers"; return an empty
45 // list.
46 virtual Issuers IssuerList() override {return Issuers();}
47
48private:
49 XrdAccPrivs OnMissing(const XrdSecEntity *Entity,
50 const char *path,
51 const Access_Operation oper,
52 XrdOucEnv *env);
53
54 ssize_t m_max_duration;
55 XrdAccAuthorize *m_chain;
56 XrdSysError m_log;
57 std::string m_secret;
58 std::string m_location;
59 int m_authz_behavior;
60};
61
62}
Access_Operation
Access_Operation
The following are supported operations.
Definition XrdAccAuthorize.hh:41
XrdAccPrivs
XrdAccPrivs
Definition XrdAccPrivs.hh:39
Macaroons::Authz
Definition XrdMacaroonsAuthz.hh:13
Macaroons::Authz::m_location
std::string m_location
Definition XrdMacaroonsAuthz.hh:58
Macaroons::Authz::Audit
virtual int Audit(const int accok, const XrdSecEntity *Entity, const char *path, const Access_Operation oper, XrdOucEnv *Env) override
Definition XrdMacaroonsAuthz.hh:31
Macaroons::Authz::m_authz_behavior
int m_authz_behavior
Definition XrdMacaroonsAuthz.hh:59
Macaroons::Authz::Test
virtual int Test(const XrdAccPrivs priv, const Access_Operation oper) override
Definition XrdMacaroonsAuthz.hh:38
Macaroons::Authz::m_max_duration
ssize_t m_max_duration
Definition XrdMacaroonsAuthz.hh:54
Macaroons::Authz::~Authz
virtual ~Authz()
Definition XrdMacaroonsAuthz.hh:17
Macaroons::Authz::m_log
XrdSysError m_log
Definition XrdMacaroonsAuthz.hh:56
Macaroons::Authz::Validate
virtual bool Validate(const char *token, std::string &emsg, long long *expT, XrdSecEntity *entP) override
Macaroons::Authz::m_secret
std::string m_secret
Definition XrdMacaroonsAuthz.hh:57
Macaroons::Authz::Authz
Authz(XrdSysLogger *lp, const char *parms, XrdAccAuthorize *chain)
Macaroons::Authz::IssuerList
virtual Issuers IssuerList() override
Definition XrdMacaroonsAuthz.hh:46
Macaroons::Authz::m_chain
XrdAccAuthorize * m_chain
Definition XrdMacaroonsAuthz.hh:55
Macaroons::Authz::OnMissing
XrdAccPrivs OnMissing(const XrdSecEntity *Entity, const char *path, const Access_Operation oper, XrdOucEnv *env)
Macaroons::Authz::Access
virtual XrdAccPrivs Access(const XrdSecEntity *Entity, const char *path, const Access_Operation oper, XrdOucEnv *env) override
XrdAccAuthorize
Definition XrdAccAuthorize.hh:68
XrdOucEnv
Definition XrdOucEnv.hh:42
XrdSciTokensHelper
Definition XrdSciTokensHelper.hh:23
XrdSciTokensHelper::Issuers
std::vector< ValidIssuer > Issuers
Definition XrdSciTokensHelper.hh:39
XrdSecEntity
Definition XrdSecEntity.hh:65
XrdSysError
Definition XrdSysError.hh:90
XrdSysLogger
Definition XrdSysLogger.hh:53
Macaroons
Definition XrdMacaroonsAuthz.hh:10
Generated by doxygen 1.9.8