mysql-server/latest/oauth2__handler_8h_source.html

/*

 Copyright (c) 2021, 2025, Oracle and/or its affiliates.


 This program is free software; you can redistribute it and/or modify

 it under the terms of the GNU General Public License, version 2.0,

 as published by the Free Software Foundation.


 This program is designed to work with certain software (including

 but not limited to OpenSSL) that is licensed under separate terms,

 as designated in a particular file or component or in included license

 documentation.  The authors of MySQL hereby grant you an additional

 permission to link the program and your derivative works with the

 separately licensed software that they have either included with

 the program or referenced in the documentation.


 This program is distributed in the hope that it will be useful,

 but WITHOUT ANY WARRANTY; without even the implied warranty of

 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 GNU General Public License for more details.


 You should have received a copy of the GNU General Public License

 along with this program; if not, write to the Free Software

 Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA

 */


#ifndef ROUTER_SRC_REST_MRS_SRC_MRS_AUTHENTICATION_OAUTH2_HANDLER_H_

#define ROUTER_SRC_REST_MRS_SRC_MRS_AUTHENTICATION_OAUTH2_HANDLER_H_


#include <chrono>

#include <functional>

#include <optional>

#include <string>

#include <vector>


#include "helper/http/url.h"

#include "helper/variant_pointer.h"

#include "http/base/method.h"

#include "http/base/request.h"

#include "mrs/database/entry/auth_app.h"

#include "mrs/interface/authorize_handler.h"

#include "mrs/interface/query_factory.h"

#include "mrs/users/user_manager.h"


namespace mrs {

namespace authentication {


class Oauth2Handler : public interface::AuthorizeHandler {

 protected:

  using AuthApp = mrs::database::entry::AuthApp;

  using duration = std::chrono::steady_clock::duration;

  using seconds = std::chrono::seconds;

  using steady_clock = std::chrono::steady_clock;

  using time_point = std::chrono::steady_clock::time_point;

  using HttpMethodType = ::http::base::method::key_type;

  using Request = ::http::base::Request;

  using HttpUri = ::http::base::Uri;

  using UserManager = ::mrs::users::UserManager;

  using SessionManager = ::mrs::http::SessionManager;

  using VariantPointer = ::helper::VariantPointer;

  using Url = ::helper::http::Url;

  using QueryFactory = mrs::interface::QueryFactory;


 public:

  class RequestHandler {

   public:

    virtual ~RequestHandler() = default;


    virtual void before_send(Request *request) = 0;

    virtual bool response(const std::vector<uint8_t> &value) = 0;

  };

  using RequestHandlerPtr = std::unique_ptr<RequestHandler>;


  class GenericSessionData : public http::SessionManager::Session::SessionData {

   public:

    std::string access_token;

    std::string refresh_token;

    std::string auth_code;

    std::string redirection;

    std::string redirection_host;

    seconds expires;

    bool session_id_set{false};

    time_point acquired_at;

    std::string challange;

  };


 public:

  Oauth2Handler(const AuthApp &entry, QueryFactory *qf)

      : entry_{entry},

        um_{entry_.limit_to_registered_users, entry_.default_role_id, qf} {}


  const AuthApp &get_entry() const override;

  std::set<UniversalId> get_service_ids() const override;

  UniversalId get_id() const override;


  bool redirects(RequestContext &ctxt) const override;

  bool authorize(RequestContext &ctxt, const SessionPtr &session,

                 AuthUser *out_user) override;

  std::optional<std::string> get_session_id_from_request_data(

      RequestContext &ctxt) override;


  class RequestHandlerJsonSimpleObject : public RequestHandler {

   public:

    using OutPair = std::pair<const char *, VariantPointer>;

    using OutJsonObjectKeyValues = std::vector<OutPair>;


    RequestHandlerJsonSimpleObject(OutJsonObjectKeyValues output)

        : output_{std::move(output)} {}


    void before_send(Request *request) override;

    bool response(const std::vector<uint8_t> &value) override;


    OutJsonObjectKeyValues output_;

  };


  UserManager &get_user_manager() override { return um_; }


 protected:

  virtual std::string get_url_direct_auth() const = 0;

  virtual std::string get_url_location(GenericSessionData *data,

                                       Url *url) const = 0;

  virtual std::string get_url_validation(GenericSessionData *data) const = 0;

  virtual RequestHandlerPtr get_request_handler_access_token(

      GenericSessionData *session_data) = 0;

  virtual RequestHandlerPtr get_request_handler_verify_account(

      Session *session, GenericSessionData *session_data) = 0;

  virtual std::string get_body_access_token_request(

      GenericSessionData *session_data) const = 0;


 protected:

  std::string get_cookie_session_id(Request *request) const;

  void set_cookie_session_id(Request *request,

                             SessionManager::Session *session);


  void new_session_start_login(RequestContext &ctxt, Session *session);

  bool http_acquire_access_token(GenericSessionData *data);

  bool http_verify_account(Session *session, GenericSessionData *data,

                           SqlSessionCached *sql_session);


 protected:

  static bool send_http_request(HttpMethodType method, const std::string &url,

                                const std::string &body,

                                RequestHandler *request_handler = nullptr);


  AuthApp entry_;

  UserManager um_;

};


}  // namespace authentication

}  // namespace mrs


#endif  // ROUTER_SRC_REST_MRS_SRC_MRS_AUTHENTICATION_OAUTH2_HANDLER_H_

auth_app.h

authorize_handler.h

collector::CacheManager::CachedObject
Definition: cache_manager.h:41

helper::VariantPointer
Definition: variant_pointer.h:34

helper::http::Url
Definition: url.h:44

http::base::Request
Definition: request.h:44

http::base::Uri
Definition: uri.h:40

mrs::authentication::Oauth2Handler::GenericSessionData
Definition: oauth2_handler.h:73

mrs::authentication::Oauth2Handler::GenericSessionData::expires
seconds expires
Definition: oauth2_handler.h:80

mrs::authentication::Oauth2Handler::GenericSessionData::acquired_at
time_point acquired_at
Definition: oauth2_handler.h:82

mrs::authentication::Oauth2Handler::GenericSessionData::challange
std::string challange
Definition: oauth2_handler.h:83

mrs::authentication::Oauth2Handler::GenericSessionData::session_id_set
bool session_id_set
Definition: oauth2_handler.h:81

mrs::authentication::Oauth2Handler::GenericSessionData::auth_code
std::string auth_code
Definition: oauth2_handler.h:77

mrs::authentication::Oauth2Handler::GenericSessionData::redirection_host
std::string redirection_host
Definition: oauth2_handler.h:79

mrs::authentication::Oauth2Handler::GenericSessionData::refresh_token
std::string refresh_token
Definition: oauth2_handler.h:76

mrs::authentication::Oauth2Handler::GenericSessionData::redirection
std::string redirection
Definition: oauth2_handler.h:78

mrs::authentication::Oauth2Handler::GenericSessionData::access_token
std::string access_token
Definition: oauth2_handler.h:75

mrs::authentication::Oauth2Handler::RequestHandlerJsonSimpleObject
Definition: oauth2_handler.h:101

mrs::authentication::Oauth2Handler::RequestHandlerJsonSimpleObject::OutJsonObjectKeyValues
std::vector< OutPair > OutJsonObjectKeyValues
Definition: oauth2_handler.h:104

mrs::authentication::Oauth2Handler::RequestHandlerJsonSimpleObject::before_send
void before_send(Request *request) override
Definition: oauth2_handler.cc:65

mrs::authentication::Oauth2Handler::RequestHandlerJsonSimpleObject::RequestHandlerJsonSimpleObject
RequestHandlerJsonSimpleObject(OutJsonObjectKeyValues output)
Definition: oauth2_handler.h:106

mrs::authentication::Oauth2Handler::RequestHandlerJsonSimpleObject::OutPair
std::pair< const char *, VariantPointer > OutPair
Definition: oauth2_handler.h:103

mrs::authentication::Oauth2Handler::RequestHandlerJsonSimpleObject::output_
OutJsonObjectKeyValues output_
Definition: oauth2_handler.h:112

mrs::authentication::Oauth2Handler::RequestHandlerJsonSimpleObject::response
bool response(const std::vector< uint8_t > &value) override
Definition: oauth2_handler.cc:67

mrs::authentication::Oauth2Handler::RequestHandler
Definition: oauth2_handler.h:64

mrs::authentication::Oauth2Handler::RequestHandler::before_send
virtual void before_send(Request *request)=0

mrs::authentication::Oauth2Handler::RequestHandler::response
virtual bool response(const std::vector< uint8_t > &value)=0

mrs::authentication::Oauth2Handler::RequestHandler::~RequestHandler
virtual ~RequestHandler()=default

mrs::authentication::Oauth2Handler
Definition: oauth2_handler.h:47

mrs::authentication::Oauth2Handler::get_session_id_from_request_data
std::optional< std::string > get_session_id_from_request_data(RequestContext &ctxt) override
Definition: oauth2_handler.cc:305

mrs::authentication::Oauth2Handler::get_user_manager
UserManager & get_user_manager() override
Definition: oauth2_handler.h:115

mrs::authentication::Oauth2Handler::HttpMethodType
::http::base::method::key_type HttpMethodType
Definition: oauth2_handler.h:54

mrs::authentication::Oauth2Handler::send_http_request
static bool send_http_request(HttpMethodType method, const std::string &url, const std::string &body, RequestHandler *request_handler=nullptr)
Definition: oauth2_handler.cc:94

mrs::authentication::Oauth2Handler::get_service_ids
std::set< UniversalId > get_service_ids() const override
Definition: oauth2_handler.cc:86

mrs::authentication::Oauth2Handler::seconds
std::chrono::seconds seconds
Definition: oauth2_handler.h:51

mrs::authentication::Oauth2Handler::redirects
bool redirects(RequestContext &ctxt) const override
Definition: oauth2_handler.cc:60

mrs::authentication::Oauth2Handler::um_
UserManager um_
Definition: oauth2_handler.h:145

mrs::authentication::Oauth2Handler::get_url_direct_auth
virtual std::string get_url_direct_auth() const =0

mrs::authentication::Oauth2Handler::get_url_location
virtual std::string get_url_location(GenericSessionData *data, Url *url) const =0

mrs::authentication::Oauth2Handler::RequestHandlerPtr
std::unique_ptr< RequestHandler > RequestHandlerPtr
Definition: oauth2_handler.h:71

mrs::authentication::Oauth2Handler::get_body_access_token_request
virtual std::string get_body_access_token_request(GenericSessionData *session_data) const =0

mrs::authentication::Oauth2Handler::get_url_validation
virtual std::string get_url_validation(GenericSessionData *data) const =0

mrs::authentication::Oauth2Handler::http_acquire_access_token
bool http_acquire_access_token(GenericSessionData *data)
Definition: oauth2_handler.cc:161

mrs::authentication::Oauth2Handler::time_point
std::chrono::steady_clock::time_point time_point
Definition: oauth2_handler.h:53

mrs::authentication::Oauth2Handler::new_session_start_login
void new_session_start_login(RequestContext &ctxt, Session *session)
Definition: oauth2_handler.cc:188

mrs::authentication::Oauth2Handler::authorize
bool authorize(RequestContext &ctxt, const SessionPtr &session, AuthUser *out_user) override
Definition: oauth2_handler.cc:224

mrs::authentication::Oauth2Handler::get_id
UniversalId get_id() const override
Definition: oauth2_handler.cc:92

mrs::authentication::Oauth2Handler::get_entry
const AuthApp & get_entry() const override
Definition: oauth2_handler.cc:90

mrs::authentication::Oauth2Handler::entry_
AuthApp entry_
Definition: oauth2_handler.h:144

mrs::authentication::Oauth2Handler::Oauth2Handler
Oauth2Handler(const AuthApp &entry, QueryFactory *qf)
Definition: oauth2_handler.h:87

mrs::authentication::Oauth2Handler::duration
std::chrono::steady_clock::duration duration
Definition: oauth2_handler.h:50

mrs::authentication::Oauth2Handler::get_request_handler_access_token
virtual RequestHandlerPtr get_request_handler_access_token(GenericSessionData *session_data)=0

mrs::authentication::Oauth2Handler::steady_clock
std::chrono::steady_clock steady_clock
Definition: oauth2_handler.h:52

mrs::authentication::Oauth2Handler::http_verify_account
bool http_verify_account(Session *session, GenericSessionData *data, SqlSessionCached *sql_session)
Definition: oauth2_handler.cc:310

mrs::authentication::Oauth2Handler::get_request_handler_verify_account
virtual RequestHandlerPtr get_request_handler_verify_account(Session *session, GenericSessionData *session_data)=0

mrs::authentication::Oauth2Handler::get_cookie_session_id
std::string get_cookie_session_id(Request *request) const

mrs::authentication::Oauth2Handler::set_cookie_session_id
void set_cookie_session_id(Request *request, SessionManager::Session *session)

mrs::http::SessionManager::Session::SessionData
Definition: session_manager.h:66

mrs::http::SessionManager::Session
Definition: session_manager.h:64

mrs::http::SessionManager
Definition: session_manager.h:48

mrs::interface::AuthorizeHandler
Definition: authorize_handler.h:53

mrs::interface::AuthorizeHandler::AuthApp
mrs::database::entry::AuthApp AuthApp
Definition: authorize_handler.h:57

mrs::interface::AuthorizeHandler::RequestContext
rest::RequestContext RequestContext
Definition: authorize_handler.h:58

mrs::interface::QueryFactory
Definition: query_factory.h:55

mrs::users::UserManager
Definition: user_manager.h:41

request.h

query_factory.h

method.h

http::base::method::key_type
int key_type
Definition: method.h:38

http::client::Uri
Request::Uri Uri
Definition: request.cc:36

mrs::authentication::AuthApp
mrs::database::entry::AuthApp AuthApp
Definition: oauth2_handler.cc:58

mrs::authentication::Url
helper::http::Url Url
Definition: sasl_handler.cc:75

mrs::authentication::seconds
std::chrono::seconds seconds
Definition: authorize_manager.cc:69

mrs::authentication::AuthUser
mrs::database::entry::AuthUser AuthUser
Definition: scram_handler.cc:54

mrs::authentication::SessionPtr
AuthorizeManager::SessionPtr SessionPtr
Definition: authorize_manager.cc:79

mrs::database::inner::value
ValueType value(const std::optional< ValueType > &v)
Definition: gtid.h:83

mrs
Definition: authorize_manager.h:48

mrs::UniversalId
mrs::database::entry::UniversalId UniversalId
Definition: universal_id.h:33

std
Definition: gcs_xcom_synode.h:64

Request
RestClient::Request Request
Definition: rest_client.cc:29

_entry
Definition: completion_hash.h:35

mrs::rest::RequestContext
Definition: request_context.h:47

url.h

user_manager.h

variant_pointer.h