ClickHouse/src/Interpreters/InterserverCredentials.h

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

70 lines
2.3 KiB
C++
Raw Normal View History

#pragma once
#include <Poco/Util/AbstractConfiguration.h>
#include <Common/Exception.h>
2021-04-07 13:52:11 +00:00
#include <unordered_set>
namespace DB
{
2021-04-07 13:52:11 +00:00
/// InterserverCredentials implements authentication using a CurrentCredentials, which
/// is configured, e.g.
/// <interserver_http_credentials>
/// <user>admin</user>
/// <password>222</password>
/// <!-- To support mix of un/authenticated clients -->
/// <!-- <allow_empty>true</allow_empty> -->
2021-04-07 13:52:11 +00:00
/// <old>
/// <!-- Allow authentication using previous passwords during rotation -->
2021-04-07 13:52:11 +00:00
/// <user>admin</user>
/// <password>qqq</password>
/// </old>
/// <old>
/// <!-- Allow authentication using previous users during rotation -->
/// <user>johny</user>
/// <password>333</password>
/// </old>
/// </interserver_http_credentials>
2021-04-07 13:52:11 +00:00
class InterserverCredentials
{
public:
2021-04-07 13:52:11 +00:00
using UserWithPassword = std::pair<std::string, std::string>;
using CheckResult = std::pair<std::string, bool>;
using CurrentCredentials = std::vector<UserWithPassword>;
InterserverCredentials(const InterserverCredentials &) = delete;
2021-04-07 13:52:11 +00:00
static std::unique_ptr<InterserverCredentials> make(const Poco::Util::AbstractConfiguration & config, const std::string & root_tag);
2021-04-07 13:52:11 +00:00
InterserverCredentials(const std::string & current_user_, const std::string & current_password_, const CurrentCredentials & all_users_store_)
: current_user(current_user_)
, current_password(current_password_)
, all_users_store(all_users_store_)
{}
2021-04-07 13:52:11 +00:00
CheckResult isValidUser(const UserWithPassword & credentials) const;
2021-04-07 13:59:18 +00:00
CheckResult isValidUser(const std::string & user, const std::string & password) const;
2021-04-07 13:52:11 +00:00
std::string getUser() const { return current_user; }
std::string getPassword() const { return current_password; }
private:
2021-04-07 13:52:11 +00:00
std::string current_user;
std::string current_password;
2021-04-07 13:52:11 +00:00
/// In common situation this store contains one record
CurrentCredentials all_users_store;
static CurrentCredentials parseCredentialsFromConfig(
const std::string & current_user_,
const std::string & current_password_,
const Poco::Util::AbstractConfiguration & config,
2021-04-07 13:52:11 +00:00
const std::string & root_tag);
};
2021-04-07 13:52:11 +00:00
using InterserverCredentialsPtr = std::shared_ptr<const InterserverCredentials>;
}