blob: bdf1bb5224c9d59a4ac69b937d7b295e05667e57 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
|
#pragma once
#include <library/cpp/tvmauth/checked_service_ticket.h>
#include <util/generic/ptr.h>
namespace NTvmAuth {
class TServiceContext: public TAtomicRefCount<TServiceContext> {
public:
/*!
* @struct TCheckFlags holds flags that control checking
*/
struct TCheckFlags {
TCheckFlags() {
}
bool NeedDstCheck = true;
};
/*!
* Create service context. Serivce contexts are used to store TVM keys and parse service tickets.
* @param selfTvmId
* @param secretBase64
* @param tvmKeysResponse
*/
TServiceContext(TStringBuf secretBase64, TTvmId selfTvmId, TStringBuf tvmKeysResponse);
TServiceContext(TServiceContext&&);
~TServiceContext();
/*!
* Create service context only for checking service tickets
* \param[in] selfTvmId
* \param[in] tvmKeysResponse
* \return
*/
static TServiceContext CheckingFactory(TTvmId selfTvmId, TStringBuf tvmKeysResponse);
/*!
* Create service context only for signing HTTP request to TVM-API
* \param[in] secretBase64
* \return
*/
static TServiceContext SigningFactory(TStringBuf secretBase64);
TServiceContext& operator=(TServiceContext&&);
/*!
* Parse and validate service ticket body then create TCheckedServiceTicket object.
* @param ticketBody
* @return TCheckedServiceTicket object
*/
TCheckedServiceTicket Check(TStringBuf ticketBody, const TCheckFlags& flags = {}) const;
/*!
* Sign params for TVM API
* @param ts Param 'ts' of request to TVM
* @param dst Param 'dst' of request to TVM
* @param scopes Param 'scopes' of request to TVM
* @return Signed string
*/
TString SignCgiParamsForTvm(TStringBuf ts, TStringBuf dst, TStringBuf scopes = TStringBuf()) const;
class TImpl;
private:
TServiceContext() = default;
private:
THolder<TImpl> Impl_;
};
using TServiceContextPtr = TIntrusiveConstPtr<TServiceContext>;
}
|
