1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
|
// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
// vim: ts=8 sw=2 smarttab ft=cpp
#ifndef CEPH_RGW_OIDC_PROVIDER_H
#define CEPH_RGW_OIDC_PROVIDER_H
#include <string>
#include "common/ceph_context.h"
#include "common/ceph_json.h"
#include "rgw/rgw_rados.h"
class RGWCtl;
class RGWOIDCProvider
{
using string = std::string;
static const string oidc_url_oid_prefix;
static const string oidc_arn_prefix;
static constexpr int MAX_OIDC_NUM_CLIENT_IDS = 100;
static constexpr int MAX_OIDC_CLIENT_ID_LEN = 255;
static constexpr int MAX_OIDC_NUM_THUMBPRINTS = 5;
static constexpr int MAX_OIDC_THUMBPRINT_LEN = 40;
static constexpr int MAX_OIDC_URL_LEN = 255;
CephContext *cct;
RGWCtl *ctl;
string id;
string provider_url;
string arn;
string creation_date;
string tenant;
vector<string> client_ids;
vector<string> thumbprints;
int get_tenant_url_from_arn(string& tenant, string& url);
int store_url(const DoutPrefixProvider *dpp, const string& url, bool exclusive, optional_yield y);
int read_url(const DoutPrefixProvider *dpp, const string& url, const string& tenant);
bool validate_input();
public:
RGWOIDCProvider(CephContext *cct,
RGWCtl *ctl,
string provider_url,
string tenant,
vector<string> client_ids,
vector<string> thumbprints)
: cct(cct),
ctl(ctl),
provider_url(std::move(provider_url)),
tenant(std::move(tenant)),
client_ids(std::move(client_ids)),
thumbprints(std::move(thumbprints)) {
}
RGWOIDCProvider(CephContext *cct,
RGWCtl *ctl,
string arn,
string tenant)
: cct(cct),
ctl(ctl),
arn(std::move(arn)),
tenant(std::move(tenant)) {
}
RGWOIDCProvider(CephContext *cct,
RGWCtl *ctl,
string tenant)
: cct(cct),
ctl(ctl),
tenant(std::move(tenant)) {}
RGWOIDCProvider(CephContext *cct,
RGWCtl *ctl)
: cct(cct),
ctl(ctl) {}
RGWOIDCProvider() {}
~RGWOIDCProvider() = default;
void encode(bufferlist& bl) const {
ENCODE_START(3, 1, bl);
encode(id, bl);
encode(provider_url, bl);
encode(arn, bl);
encode(creation_date, bl);
encode(tenant, bl);
encode(client_ids, bl);
encode(thumbprints, bl);
ENCODE_FINISH(bl);
}
void decode(bufferlist::const_iterator& bl) {
DECODE_START(2, bl);
decode(id, bl);
decode(provider_url, bl);
decode(arn, bl);
decode(creation_date, bl);
decode(tenant, bl);
decode(client_ids, bl);
decode(thumbprints, bl);
DECODE_FINISH(bl);
}
const string& get_provider_url() const { return provider_url; }
const string& get_arn() const { return arn; }
const string& get_create_date() const { return creation_date; }
const vector<string>& get_client_ids() const { return client_ids;}
const vector<string>& get_thumbprints() const { return thumbprints; }
int create(const DoutPrefixProvider *dpp, bool exclusive, optional_yield y);
int delete_obj(const DoutPrefixProvider *dpp, optional_yield y);
int get(const DoutPrefixProvider *dpp);
void dump(Formatter *f) const;
void dump_all(Formatter *f) const;
void decode_json(JSONObj *obj);
static const string& get_url_oid_prefix();
static int get_providers(const DoutPrefixProvider *dpp, RGWRados *store,
const string& tenant,
vector<RGWOIDCProvider>& providers);
};
WRITE_CLASS_ENCODER(RGWOIDCProvider)
#endif /* CEPH_RGW_OIDC_PROVIDER_H */
|
