diff options
| author | qrort <qrort@yandex-team.com> | 2022-12-02 11:31:25 +0300 |
|---|---|---|
| committer | qrort <qrort@yandex-team.com> | 2022-12-02 11:31:25 +0300 |
| commit | b1f4ffc9c8abff3ba58dc1ec9a9f92d2f0de6806 (patch) | |
| tree | 2a23209faf0fea5586a6d4b9cee60d1b318d29fe /library/cpp/monlib/service | |
| parent | 559174a9144de40d6bb3997ea4073c82289b4974 (diff) | |
| download | ydb-b1f4ffc9c8abff3ba58dc1ec9a9f92d2f0de6806.tar.gz | |
remove kikimr/driver DEPENDS
Diffstat (limited to 'library/cpp/monlib/service')
| -rw-r--r-- | library/cpp/monlib/service/auth/tvm/auth.cpp | 93 | ||||
| -rw-r--r-- | library/cpp/monlib/service/auth/tvm/auth.h | 33 |
2 files changed, 0 insertions, 126 deletions
diff --git a/library/cpp/monlib/service/auth/tvm/auth.cpp b/library/cpp/monlib/service/auth/tvm/auth.cpp deleted file mode 100644 index e071c11ebc..0000000000 --- a/library/cpp/monlib/service/auth/tvm/auth.cpp +++ /dev/null @@ -1,93 +0,0 @@ -#include "auth.h" - -#include <util/generic/hash_set.h> - - -using namespace NTvmAuth; - - -namespace NMonitoring { -namespace { - template <class TTvmClientPtr = THolder<TTvmClient>> - class TTvmManager final: public ITvmManager { - public: - TTvmManager(NTvmApi::TClientSettings settings, TVector<TTvmId> clients, TLoggerPtr logger) - : AllowedClients_{clients.begin(), clients.end()} - , Tvm_(new TTvmClient{std::move(settings), std::move(logger)}) - { - } - - TTvmManager(NTvmTool::TClientSettings settings, TVector<TTvmId> clients, TLoggerPtr logger) - : AllowedClients_{clients.begin(), clients.end()} - , Tvm_(new TTvmClient{std::move(settings), std::move(logger)}) - { - } - - TTvmManager(TTvmClientPtr tvm, TVector<TTvmId> clients) - : AllowedClients_{clients.begin(), clients.end()} - , Tvm_(std::move(tvm)) - { - } - - bool IsAllowedClient(TTvmId clientId) override { - return AllowedClients_.contains(clientId); - } - - TCheckedServiceTicket CheckServiceTicket(TStringBuf ticket) override { - return Tvm_->CheckServiceTicket(ticket); - } - - private: - THashSet<TTvmId> AllowedClients_; - TTvmClientPtr Tvm_; - }; - - class TTvmAuthProvider final: public IAuthProvider { - public: - TTvmAuthProvider(THolder<ITvmManager> manager) - : TvmManager_{std::move(manager)} - { - } - - TAuthResult Check(const IHttpRequest& req) override { - auto ticketHeader = req.GetHeaders().FindHeader("X-Ya-Service-Ticket"); - if (!ticketHeader) { - return TAuthResult::NoCredentials(); - } - - const auto ticket = TvmManager_->CheckServiceTicket(ticketHeader->Value()); - if (!ticket) { - return TAuthResult::Denied(); - } - - return TvmManager_->IsAllowedClient(ticket.GetSrc()) - ? TAuthResult::Ok() - : TAuthResult::Denied(); - } - - private: - THolder<ITvmManager> TvmManager_; - }; -} // namespace - -THolder<ITvmManager> CreateDefaultTvmManager(NTvmApi::TClientSettings settings, TVector<TTvmId> allowedClients, TLoggerPtr logger) { - return MakeHolder<TTvmManager<>>(std::move(settings), std::move(allowedClients), std::move(logger)); -} - -THolder<ITvmManager> CreateDefaultTvmManager(NTvmTool::TClientSettings settings, TVector<TTvmId> allowedClients, TLoggerPtr logger) { - return MakeHolder<TTvmManager<>>(std::move(settings), std::move(allowedClients), std::move(logger)); -} - -THolder<ITvmManager> CreateDefaultTvmManager(TAtomicSharedPtr<NTvmAuth::TTvmClient> client, TVector<TTvmId> allowedClients) { - return MakeHolder<TTvmManager<TAtomicSharedPtr<NTvmAuth::TTvmClient>>>(std::move(client), std::move(allowedClients)); -} - -THolder<ITvmManager> CreateDefaultTvmManager(std::shared_ptr<NTvmAuth::TTvmClient> client, TVector<TTvmId> allowedClients) { - return MakeHolder<TTvmManager<std::shared_ptr<NTvmAuth::TTvmClient>>>(std::move(client), std::move(allowedClients)); -} - -THolder<IAuthProvider> CreateTvmAuth(THolder<ITvmManager> manager) { - return MakeHolder<TTvmAuthProvider>(std::move(manager)); -} - -} // namespace NMonitoring diff --git a/library/cpp/monlib/service/auth/tvm/auth.h b/library/cpp/monlib/service/auth/tvm/auth.h deleted file mode 100644 index 432beff9d6..0000000000 --- a/library/cpp/monlib/service/auth/tvm/auth.h +++ /dev/null @@ -1,33 +0,0 @@ -#pragma once - -#include <library/cpp/monlib/service/mon_service_http_request.h> -#include <library/cpp/monlib/service/auth.h> -#include <library/cpp/tvmauth/client/facade.h> - -namespace NMonitoring { - struct ITvmManager { - virtual ~ITvmManager() = default; - virtual bool IsAllowedClient(NTvmAuth::TTvmId clientId) = 0; - virtual NTvmAuth::TCheckedServiceTicket CheckServiceTicket(TStringBuf ticket) = 0; - }; - - THolder<ITvmManager> CreateDefaultTvmManager( - NTvmAuth::NTvmApi::TClientSettings settings, - TVector<NTvmAuth::TTvmId> allowedClients, - NTvmAuth::TLoggerPtr logger = NTvmAuth::TDevNullLogger::IAmBrave()); - - THolder<ITvmManager> CreateDefaultTvmManager( - NTvmAuth::NTvmTool::TClientSettings settings, - TVector<NTvmAuth::TTvmId> allowedClients, - NTvmAuth::TLoggerPtr logger = NTvmAuth::TDevNullLogger::IAmBrave()); - - THolder<ITvmManager> CreateDefaultTvmManager( - TAtomicSharedPtr<NTvmAuth::TTvmClient> client, - TVector<NTvmAuth::TTvmId> allowedClients); - - THolder<ITvmManager> CreateDefaultTvmManager( - std::shared_ptr<NTvmAuth::TTvmClient> client, - TVector<NTvmAuth::TTvmId> allowedClients); - - THolder<IAuthProvider> CreateTvmAuth(THolder<ITvmManager> tvmManager); -} // namespace NMonitoring |