aboutsummaryrefslogtreecommitdiffstats
path: root/library/cpp/tvmauth/deprecated/service_context.h
diff options
context:
space:
mode:
authorqrort <qrort@yandex-team.com>2022-11-30 23:47:12 +0300
committerqrort <qrort@yandex-team.com>2022-11-30 23:47:12 +0300
commit22f8ae0e3f5d68b92aecccdf96c1d841a0334311 (patch)
treebffa27765faf54126ad44bcafa89fadecb7a73d7 /library/cpp/tvmauth/deprecated/service_context.h
parent332b99e2173f0425444abb759eebcb2fafaa9209 (diff)
downloadydb-22f8ae0e3f5d68b92aecccdf96c1d841a0334311.tar.gz
validate canons without yatest_common
Diffstat (limited to 'library/cpp/tvmauth/deprecated/service_context.h')
-rw-r--r--library/cpp/tvmauth/deprecated/service_context.h72
1 files changed, 72 insertions, 0 deletions
diff --git a/library/cpp/tvmauth/deprecated/service_context.h b/library/cpp/tvmauth/deprecated/service_context.h
new file mode 100644
index 0000000000..bdf1bb5224
--- /dev/null
+++ b/library/cpp/tvmauth/deprecated/service_context.h
@@ -0,0 +1,72 @@
+#pragma once
+
+#include <library/cpp/tvmauth/checked_service_ticket.h>
+
+#include <util/generic/ptr.h>
+
+namespace NTvmAuth {
+ class TServiceContext: public TAtomicRefCount<TServiceContext> {
+ public:
+ /*!
+ * @struct TCheckFlags holds flags that control checking
+ */
+ struct TCheckFlags {
+ TCheckFlags() {
+ }
+ bool NeedDstCheck = true;
+ };
+
+ /*!
+ * Create service context. Serivce contexts are used to store TVM keys and parse service tickets.
+ * @param selfTvmId
+ * @param secretBase64
+ * @param tvmKeysResponse
+ */
+ TServiceContext(TStringBuf secretBase64, TTvmId selfTvmId, TStringBuf tvmKeysResponse);
+ TServiceContext(TServiceContext&&);
+ ~TServiceContext();
+
+ /*!
+ * Create service context only for checking service tickets
+ * \param[in] selfTvmId
+ * \param[in] tvmKeysResponse
+ * \return
+ */
+ static TServiceContext CheckingFactory(TTvmId selfTvmId, TStringBuf tvmKeysResponse);
+
+ /*!
+ * Create service context only for signing HTTP request to TVM-API
+ * \param[in] secretBase64
+ * \return
+ */
+ static TServiceContext SigningFactory(TStringBuf secretBase64);
+
+ TServiceContext& operator=(TServiceContext&&);
+
+ /*!
+ * Parse and validate service ticket body then create TCheckedServiceTicket object.
+ * @param ticketBody
+ * @return TCheckedServiceTicket object
+ */
+ TCheckedServiceTicket Check(TStringBuf ticketBody, const TCheckFlags& flags = {}) const;
+
+ /*!
+ * Sign params for TVM API
+ * @param ts Param 'ts' of request to TVM
+ * @param dst Param 'dst' of request to TVM
+ * @param scopes Param 'scopes' of request to TVM
+ * @return Signed string
+ */
+ TString SignCgiParamsForTvm(TStringBuf ts, TStringBuf dst, TStringBuf scopes = TStringBuf()) const;
+
+ class TImpl;
+
+ private:
+ TServiceContext() = default;
+
+ private:
+ THolder<TImpl> Impl_;
+ };
+
+ using TServiceContextPtr = TIntrusiveConstPtr<TServiceContext>;
+}