2020-08-26 08:36:58 +00:00
|
|
|
#pragma once
|
|
|
|
|
|
|
|
#include <Poco/Util/AbstractConfiguration.h>
|
|
|
|
#include <Common/Exception.h>
|
2021-04-07 13:52:11 +00:00
|
|
|
#include <unordered_set>
|
2020-08-26 08:36:58 +00:00
|
|
|
|
|
|
|
namespace DB
|
|
|
|
{
|
|
|
|
|
2021-04-07 13:52:11 +00:00
|
|
|
/// InterserverCredentials implements authentication using a CurrentCredentials, which
|
2020-08-26 08:36:58 +00:00
|
|
|
/// is configured, e.g.
|
|
|
|
/// <interserver_http_credentials>
|
|
|
|
/// <user>admin</user>
|
|
|
|
/// <password>222</password>
|
|
|
|
/// <!-- To support mix of un/authenticated clients -->
|
|
|
|
/// <!-- <allow_empty>true</allow_empty> -->
|
2021-04-07 13:52:11 +00:00
|
|
|
/// <old>
|
2020-08-26 08:36:58 +00:00
|
|
|
/// <!-- Allow authentication using previous passwords during rotation -->
|
2021-04-07 13:52:11 +00:00
|
|
|
/// <user>admin</user>
|
|
|
|
/// <password>qqq</password>
|
|
|
|
/// </old>
|
|
|
|
/// <old>
|
|
|
|
/// <!-- Allow authentication using previous users during rotation -->
|
|
|
|
/// <user>johny</user>
|
|
|
|
/// <password>333</password>
|
|
|
|
/// </old>
|
2020-08-26 08:36:58 +00:00
|
|
|
/// </interserver_http_credentials>
|
2021-04-07 13:52:11 +00:00
|
|
|
class InterserverCredentials
|
2020-08-26 08:36:58 +00:00
|
|
|
{
|
|
|
|
public:
|
2021-04-07 13:52:11 +00:00
|
|
|
using UserWithPassword = std::pair<std::string, std::string>;
|
|
|
|
using CheckResult = std::pair<std::string, bool>;
|
|
|
|
using CurrentCredentials = std::vector<UserWithPassword>;
|
|
|
|
|
|
|
|
InterserverCredentials(const InterserverCredentials &) = delete;
|
2020-08-26 08:36:58 +00:00
|
|
|
|
2021-04-07 13:52:11 +00:00
|
|
|
static std::unique_ptr<InterserverCredentials> make(const Poco::Util::AbstractConfiguration & config, const std::string & root_tag);
|
2020-08-26 08:36:58 +00:00
|
|
|
|
2021-04-07 13:52:11 +00:00
|
|
|
InterserverCredentials(const std::string & current_user_, const std::string & current_password_, const CurrentCredentials & all_users_store_)
|
|
|
|
: current_user(current_user_)
|
|
|
|
, current_password(current_password_)
|
|
|
|
, all_users_store(all_users_store_)
|
|
|
|
{}
|
2020-08-26 08:36:58 +00:00
|
|
|
|
2021-04-07 13:52:11 +00:00
|
|
|
CheckResult isValidUser(const UserWithPassword & credentials) const;
|
2021-04-07 13:59:18 +00:00
|
|
|
CheckResult isValidUser(const std::string & user, const std::string & password) const;
|
2020-08-26 08:36:58 +00:00
|
|
|
|
2021-04-07 13:52:11 +00:00
|
|
|
std::string getUser() const { return current_user; }
|
|
|
|
|
|
|
|
std::string getPassword() const { return current_password; }
|
2020-08-26 08:36:58 +00:00
|
|
|
|
|
|
|
|
|
|
|
private:
|
2021-04-07 13:52:11 +00:00
|
|
|
std::string current_user;
|
|
|
|
std::string current_password;
|
2020-08-26 08:36:58 +00:00
|
|
|
|
2021-04-07 13:52:11 +00:00
|
|
|
/// In common situation this store contains one record
|
|
|
|
CurrentCredentials all_users_store;
|
|
|
|
|
|
|
|
static CurrentCredentials parseCredentialsFromConfig(
|
|
|
|
const std::string & current_user_,
|
|
|
|
const std::string & current_password_,
|
2020-08-26 08:36:58 +00:00
|
|
|
const Poco::Util::AbstractConfiguration & config,
|
2021-04-07 13:52:11 +00:00
|
|
|
const std::string & root_tag);
|
2020-08-26 08:36:58 +00:00
|
|
|
};
|
|
|
|
|
2021-04-07 13:52:11 +00:00
|
|
|
using InterserverCredentialsPtr = std::shared_ptr<const InterserverCredentials>;
|
|
|
|
|
2020-08-26 08:36:58 +00:00
|
|
|
}
|