userver: storages::secdist::SecdistConfig Class Reference
Loading...
Searching...
No Matches
storages::secdist::SecdistConfig Class Referencefinal

#include <userver/storages/secdist/secdist.hpp>

Detailed Description

Client to retrieve credentials from the components::Secdist.

Example usage:

Declare a type that would work with the credentials:

#include <userver/storages/secdist/provider_component.hpp>
#include <userver/utils/strong_typedef.hpp>
class UserPasswords {
public:
UserPasswords(const formats::json::Value& doc)
: user_passwords_(doc["user-passwords"].As<std::optional<Storage>>()) {}
bool IsMatching(const std::string& user, const Password& password) const {
if (!user_passwords_.has_value()) {
throw std::runtime_error(
"User passwords storage is missing. Field 'user-passwords' was "
"missing in json."
);
}
const auto* ptr = utils::FindOrNullptr(user_passwords_.value(), user);
return ptr && crypto::algorithm::AreStringsEqualConstTime(ptr->GetUnderlying(), password.GetUnderlying());
}
private:
using Storage = std::unordered_map<std::string, Password>;
std::optional<Storage> user_passwords_;
};

Fill the components::Secdist config from file with the secure data:

{
"user-passwords": {
"username": "password",
"another username": "another password"
}
}

Retrieve SecdistConfig from components::Secdist and get the type from it:

const auto& user_passwords = secdist_config.Get<UserPasswords>();
const auto password = UserPasswords::Password{"password"};
EXPECT_TRUE(user_passwords.IsMatching("username", password));
EXPECT_FALSE(user_passwords.IsMatching("username2", password));

Json with secure data can also be loaded from environment variable with name defined in environment_secrets_key. Sample variable value: {"user-passwords":{"username":"password","another username":"another password"}}. It has the same format as data from file. If both sources are presented, data from environment variable will be merged with data from file (json objects will be merged, duplicate fields of other types will be overridden by data from environment variable).

Examples
samples/digest_auth_service/auth_digest.cpp.

Definition at line 79 of file secdist.hpp.

Classes

struct  Settings
 

Public Member Functions

 SecdistConfig (const Settings &settings)
 
template<typename T >
const T & Get () const
 

Static Public Member Functions

template<typename T >
static std::size_t Register (std::function< std::any(const formats::json::Value &)> &&factory)
 

Member Function Documentation

◆ Get()

template<typename T >
const T & storages::secdist::SecdistConfig::Get ( ) const
inline

Definition at line 95 of file secdist.hpp.

◆ Register()

template<typename T >
static std::size_t storages::secdist::SecdistConfig::Register ( std::function< std::any(const formats::json::Value &)> && factory)
inlinestatic

Definition at line 90 of file secdist.hpp.


The documentation for this class was generated from the following file: