authorization_policy_provider.h source code [include/grpcpp/security/authorization_policy_provider.h]

1	// Copyright 2021 gRPC authors.
2	//
3	// Licensed under the Apache License, Version 2.0 (the "License");
4	// you may not use this file except in compliance with the License.
5	// You may obtain a copy of the License at
6	//
7	// http://www.apache.org/licenses/LICENSE-2.0
8	//
9	// Unless required by applicable law or agreed to in writing, software
10	// distributed under the License is distributed on an "AS IS" BASIS,
11	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12	// See the License for the specific language governing permissions and
13	// limitations under the License.
14
15	#ifndef GRPCPP_SECURITY_AUTHORIZATION_POLICY_PROVIDER_H
16	#define GRPCPP_SECURITY_AUTHORIZATION_POLICY_PROVIDER_H
17
18	#include <memory>
19
20	#include <grpc/grpc_security.h>
21	#include <grpc/status.h>
22	#include <grpcpp/impl/codegen/grpc_library.h>
23
24	namespace grpc {
25	namespace experimental {
26
27	// Wrapper around C-core grpc_authorization_policy_provider. Internally, it
28	// handles creating and updating authorization engine objects, using SDK
29	// authorization policy.
30	class AuthorizationPolicyProviderInterface {
31	public:
32	virtual ~AuthorizationPolicyProviderInterface() = default;
33	virtual grpc_authorization_policy_provider* c_provider() = `0`;
34	};
35
36	// Implementation obtains authorization policy from static string. This provider
37	// will always return the same authorization engines.
38	class StaticDataAuthorizationPolicyProvider
39	: public AuthorizationPolicyProviderInterface {
40	public:
41	static std::shared_ptr<StaticDataAuthorizationPolicyProvider> Create(
42	const std::string& authz_policy, grpc::Status* status);
43
44	// Use factory method "Create" to create an instance of
45	// StaticDataAuthorizationPolicyProvider.
46	explicit StaticDataAuthorizationPolicyProvider(
47	grpc_authorization_policy_provider* provider)
48	: c_provider_(provider) {}
49
50	~StaticDataAuthorizationPolicyProvider() override;
51
52	grpc_authorization_policy_provider* c_provider() override {
53	return c_provider_;
54	}
55
56	private:
57	grpc_authorization_policy_provider* c_provider_ = nullptr;
58	};
59
60	// Implementation obtains authorization policy by watching for changes in
61	// filesystem.
62	class FileWatcherAuthorizationPolicyProvider
63	: public AuthorizationPolicyProviderInterface {
64	public:
65	static std::shared_ptr<FileWatcherAuthorizationPolicyProvider> Create(
66	const std::string& authz_policy_path, unsigned int refresh_interval_sec,
67	grpc::Status* status);
68
69	// Use factory method "Create" to create an instance of
70	// FileWatcherAuthorizationPolicyProvider.
71	explicit FileWatcherAuthorizationPolicyProvider(
72	grpc_authorization_policy_provider* provider)
73	: c_provider_(provider) {}
74
75	~FileWatcherAuthorizationPolicyProvider() override;
76
77	grpc_authorization_policy_provider* c_provider() override {
78	return c_provider_;
79	}
80
81	private:
82	grpc_authorization_policy_provider* c_provider_ = nullptr;
83	};
84
85	} // namespace experimental
86	} // namespace grpc
87
88	#endif // GRPCPP_SECURITY_AUTHORIZATION_POLICY_PROVIDER_H
89

source code of include/grpcpp/security/authorization_policy_provider.h