client/luci_context.h - infra/goma/client - Git at Google

 // Copyright 2017 The Goma Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 // https://github.com/luci/luci-py/blob/master/client/LUCI_CONTEXT.md

 #ifndef DEVTOOLS_GOMA_CLIENT_LUCI_CONTEXT_H_
 #define DEVTOOLS_GOMA_CLIENT_LUCI_CONTEXT_H_

 #include <string>
 #include <vector>

 namespace devtools_goma {

 struct LuciContextAuthAccount {
   // Logical identifier of the account (e.g "task" or "system").
   std::string id;
 };

 struct LuciContextAuth {
   // RPC port of LuciLocalAuthService
   int rpc_port;
   // secret used for OAuthTokenRequest.
   std::string secret;
   // list of accounts available through LUCI context.
   std::vector<LuciContextAuthAccount> accounts;
   // an account to use by default, see enabled().
   std::string default_account_id;

   LuciContextAuth() : rpc_port(-1) {}

   // Returns true if LUCI local auth should be used by default in this process.
   bool enabled() const {
     // There two flavors of the protocol:
     //  1. One doesn't use 'accounts' or 'default_account_id', and has local
     //     auth always enabled. This is deprecated.
     //  2. Another always uses 'accounts', and has local auth enabled only if
     //     'default_account_id' is set.
     return rpc_port > 0 && !secret.empty()
            && (accounts.empty() || !default_account_id.empty());
   }

   void clear() {
     rpc_port = -1;
     secret.clear();
     accounts.clear();
     default_account_id.clear();
   }
 };

 struct LuciContext {
   LuciContextAuth local_auth;
   // There may be more stuff here in the future.

   void clear() {
     local_auth.clear();
   }
 };

 struct LuciOAuthTokenRequest {
   std::vector<std::string> scopes;
   std::string secret;
   std::string account_id;

   std::string ToString() const;
 };

 struct LuciOAuthTokenResponse {
   // an error code (or 0 if success)
   int error_code;
   // optional error message
   std::string error_message;

   // the actual access token
   std::string access_token;
   // its expiration time, as unix timestamp
   int64_t expiry;

   LuciOAuthTokenResponse() : error_code(-1), expiry(-1) {}

   void clear() {
     error_code = -1;
     error_message.clear();
     access_token.clear();
     expiry = -1;
   }
 };

 // Parse LUCI_CONTEXT file contents.
 // Returns false on invalid JSON.
 // Or, return false if some required fields in LuciContextAuth are missing.
 //
 // Note that this function returns true even if local_auth is missing in
 // JSON, please use valid() method before using what is in local_auth.
 bool ParseLuciContext(
     const std::string& json_body, LuciContext* luci_context);

 bool ParseLuciOAuthTokenResponse(
     const std::string& json_body, LuciOAuthTokenResponse* resp);

 }  // namespace devtools_goma

 #endif  // DEVTOOLS_GOMA_CLIENT_LUCI_CONTEXT_H_
	// Copyright 2017 The Goma Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	// https://github.com/luci/luci-py/blob/master/client/LUCI_CONTEXT.md

	#ifndef DEVTOOLS_GOMA_CLIENT_LUCI_CONTEXT_H_
	#define DEVTOOLS_GOMA_CLIENT_LUCI_CONTEXT_H_

	#include <string>
	#include <vector>

	namespace devtools_goma {

	struct LuciContextAuthAccount {
	// Logical identifier of the account (e.g "task" or "system").
	std::string id;
	};

	struct LuciContextAuth {
	// RPC port of LuciLocalAuthService
	int rpc_port;
	// secret used for OAuthTokenRequest.
	std::string secret;
	// list of accounts available through LUCI context.
	std::vector<LuciContextAuthAccount> accounts;
	// an account to use by default, see enabled().
	std::string default_account_id;

	LuciContextAuth() : rpc_port(-1) {}

	// Returns true if LUCI local auth should be used by default in this process.
	bool enabled() const {
	// There two flavors of the protocol:
	// 1. One doesn't use 'accounts' or 'default_account_id', and has local
	// auth always enabled. This is deprecated.
	// 2. Another always uses 'accounts', and has local auth enabled only if
	// 'default_account_id' is set.
	return rpc_port > 0 && !secret.empty()
	&& (accounts.empty() \|\| !default_account_id.empty());
	}

	void clear() {
	rpc_port = -1;
	secret.clear();
	accounts.clear();
	default_account_id.clear();
	}
	};

	struct LuciContext {
	LuciContextAuth local_auth;
	// There may be more stuff here in the future.

	void clear() {
	local_auth.clear();
	}
	};

	struct LuciOAuthTokenRequest {
	std::vector<std::string> scopes;
	std::string secret;
	std::string account_id;

	std::string ToString() const;
	};

	struct LuciOAuthTokenResponse {
	// an error code (or 0 if success)
	int error_code;
	// optional error message
	std::string error_message;

	// the actual access token
	std::string access_token;
	// its expiration time, as unix timestamp
	int64_t expiry;

	LuciOAuthTokenResponse() : error_code(-1), expiry(-1) {}

	void clear() {
	error_code = -1;
	error_message.clear();
	access_token.clear();
	expiry = -1;
	}
	};

	// Parse LUCI_CONTEXT file contents.
	// Returns false on invalid JSON.
	// Or, return false if some required fields in LuciContextAuth are missing.
	//
	// Note that this function returns true even if local_auth is missing in
	// JSON, please use valid() method before using what is in local_auth.
	bool ParseLuciContext(
	const std::string& json_body, LuciContext* luci_context);

	bool ParseLuciOAuthTokenResponse(
	const std::string& json_body, LuciOAuthTokenResponse* resp);

	} // namespace devtools_goma

	#endif // DEVTOOLS_GOMA_CLIENT_LUCI_CONTEXT_H_