userver: storages::secdist::SecdistConfig Class Reference
⚠️ This is the documentation for an old userver version. Click here to switch to the latest version.
All Classes Namespaces Files Functions Variables Typedefs Enumerations Enumerator Friends Macros Modules Pages Concepts
Classes | Public Member Functions | Static Public Member Functions | List of all members
storages::secdist::SecdistConfig Class Referencefinal
Clients

Table of Contents

Client to retrieve credentials from the components::Secdist. More...

#include <userver/storages/secdist/secdist.hpp>

Classes

struct  Settings
 

Public Member Functions

 SecdistConfig (const Settings &settings)
 
template<typename T >
const T & Get () const
 

Static Public Member Functions

template<typename T >
static std::size_t Register (std::function< std::any(const formats::json::Value &)> &&factory)
 

Detailed Description

Client to retrieve credentials from the components::Secdist.

Example usage:

Declare a type that would work with the credentials:

#include <userver/storages/secdist/provider_component.hpp>
#include <userver/storages/secdist/secdist.hpp>
#include <userver/crypto/algorithm.hpp>
#include <userver/formats/parse/common_containers.hpp>
#include <userver/utils/algo.hpp>
#include <userver/utils/strong_typedef.hpp>
class UserPasswords {
public:
using Password = utils::NonLoggable<class PasswordTag, std::string>;
UserPasswords(const formats::json::Value& doc)
: user_password_(doc["user-passwords"].As<Storage>()) {}
bool IsMatching(const std::string& user, const Password& password) const {
const auto* ptr = utils::FindOrNullptr(user_password_, user);
return ptr && crypto::algorithm::AreStringsEqualConstTime(
ptr->GetUnderlying(), password.GetUnderlying());
}
private:
using Storage = std::unordered_map<std::string, Password>;
Storage user_password_;
};

Fill the components::Secdist config from file with the secure data:

{
"user-passwords": {
"username": "password",
"another username": "another password"
}
}

Retrieve SecdistConfig from components::Secdist and get the type from it:

const auto& user_passwords = secdist_config.Get<UserPasswords>();
const auto password = UserPasswords::Password{"password"};
EXPECT_TRUE(user_passwords.IsMatching("username", password));
EXPECT_FALSE(user_passwords.IsMatching("username2", password));

Json with secure data can also be loaded from environment variable with name defined in environment_secrets_key. Sample variable value: {"user-passwords":{"username":"password","another username":"another password"}}. It has the same format as data from file. If both sources are presented, data from environment variable will be merged with data from file (json objects will be merged, duplicate fields of other types will be overridden by data from environment variable).

Definition at line 78 of file secdist.hpp.

Member Function Documentation

◆ Get()

template<typename T >
const T & storages::secdist::SecdistConfig::Get ( ) const
inline

Definition at line 95 of file secdist.hpp.

◆ Register()

template<typename T >
static std::size_t storages::secdist::SecdistConfig::Register ( std::function< std::any(const formats::json::Value &)> &&  factory)
inlinestatic

Definition at line 89 of file secdist.hpp.

The documentation for this class was generated from the following file: