include/grpcpp/security/authorization_policy_provider.h - platform/external/grpc-grpc - Git at Google

 // Copyright 2021 gRPC authors.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 //     http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.

 #ifndef GRPCPP_SECURITY_AUTHORIZATION_POLICY_PROVIDER_H
 #define GRPCPP_SECURITY_AUTHORIZATION_POLICY_PROVIDER_H

 #include <memory>

 #include <grpc/grpc_security.h>
 #include <grpc/status.h>
 #include <grpcpp/impl/codegen/status.h>

 namespace grpc {
 namespace experimental {

 // Wrapper around C-core grpc_authorization_policy_provider. Internally, it
 // handles creating and updating authorization engine objects, using SDK
 // authorization policy.
 class AuthorizationPolicyProviderInterface {
  public:
   virtual ~AuthorizationPolicyProviderInterface() = default;
   virtual grpc_authorization_policy_provider* c_provider() = 0;
 };

 // Implementation obtains authorization policy from static string. This provider
 // will always return the same authorization engines.
 class StaticDataAuthorizationPolicyProvider
     : public AuthorizationPolicyProviderInterface {
  public:
   static std::shared_ptr<StaticDataAuthorizationPolicyProvider> Create(
       const std::string& authz_policy, grpc::Status* status);

   // Use factory method "Create" to create an instance of
   // StaticDataAuthorizationPolicyProvider.
   explicit StaticDataAuthorizationPolicyProvider(
       grpc_authorization_policy_provider* provider)
       : c_provider_(provider) {}

   ~StaticDataAuthorizationPolicyProvider() override;

   grpc_authorization_policy_provider* c_provider() override {
     return c_provider_;
   }

  private:
   grpc_authorization_policy_provider* c_provider_ = nullptr;
 };

 // Implementation obtains authorization policy by watching for changes in
 // filesystem.
 class FileWatcherAuthorizationPolicyProvider
     : public AuthorizationPolicyProviderInterface {
  public:
   static std::shared_ptr<FileWatcherAuthorizationPolicyProvider> Create(
       const std::string& authz_policy_path, unsigned int refresh_interval_sec,
       grpc::Status* status);

   // Use factory method "Create" to create an instance of
   // FileWatcherAuthorizationPolicyProvider.
   explicit FileWatcherAuthorizationPolicyProvider(
       grpc_authorization_policy_provider* provider)
       : c_provider_(provider) {}

   ~FileWatcherAuthorizationPolicyProvider() override;

   grpc_authorization_policy_provider* c_provider() override {
     return c_provider_;
   }

  private:
   grpc_authorization_policy_provider* c_provider_ = nullptr;
 };

 }  // namespace experimental
 }  // namespace grpc

 #endif  // GRPCPP_SECURITY_AUTHORIZATION_POLICY_PROVIDER_H
	// Copyright 2021 gRPC authors.
	//
	// Licensed under the Apache License, Version 2.0 (the "License");
	// you may not use this file except in compliance with the License.
	// You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing, software
	// distributed under the License is distributed on an "AS IS" BASIS,
	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	// See the License for the specific language governing permissions and
	// limitations under the License.

	#ifndef GRPCPP_SECURITY_AUTHORIZATION_POLICY_PROVIDER_H
	#define GRPCPP_SECURITY_AUTHORIZATION_POLICY_PROVIDER_H

	#include <memory>

	#include <grpc/grpc_security.h>
	#include <grpc/status.h>
	#include <grpcpp/impl/codegen/status.h>

	namespace grpc {
	namespace experimental {

	// Wrapper around C-core grpc_authorization_policy_provider. Internally, it
	// handles creating and updating authorization engine objects, using SDK
	// authorization policy.
	class AuthorizationPolicyProviderInterface {
	public:
	virtual ~AuthorizationPolicyProviderInterface() = default;
	virtual grpc_authorization_policy_provider* c_provider() = 0;
	};

	// Implementation obtains authorization policy from static string. This provider
	// will always return the same authorization engines.
	class StaticDataAuthorizationPolicyProvider
	: public AuthorizationPolicyProviderInterface {
	public:
	static std::shared_ptr<StaticDataAuthorizationPolicyProvider> Create(
	const std::string& authz_policy, grpc::Status* status);

	// Use factory method "Create" to create an instance of
	// StaticDataAuthorizationPolicyProvider.
	explicit StaticDataAuthorizationPolicyProvider(
	grpc_authorization_policy_provider* provider)
	: c_provider_(provider) {}

	~StaticDataAuthorizationPolicyProvider() override;

	grpc_authorization_policy_provider* c_provider() override {
	return c_provider_;
	}

	private:
	grpc_authorization_policy_provider* c_provider_ = nullptr;
	};

	// Implementation obtains authorization policy by watching for changes in
	// filesystem.
	class FileWatcherAuthorizationPolicyProvider
	: public AuthorizationPolicyProviderInterface {
	public:
	static std::shared_ptr<FileWatcherAuthorizationPolicyProvider> Create(
	const std::string& authz_policy_path, unsigned int refresh_interval_sec,
	grpc::Status* status);

	// Use factory method "Create" to create an instance of
	// FileWatcherAuthorizationPolicyProvider.
	explicit FileWatcherAuthorizationPolicyProvider(
	grpc_authorization_policy_provider* provider)
	: c_provider_(provider) {}

	~FileWatcherAuthorizationPolicyProvider() override;

	grpc_authorization_policy_provider* c_provider() override {
	return c_provider_;
	}

	private:
	grpc_authorization_policy_provider* c_provider_ = nullptr;
	};

	} // namespace experimental
	} // namespace grpc

	#endif // GRPCPP_SECURITY_AUTHORIZATION_POLICY_PROVIDER_H