MySQL 8.2.0
Source Code Documentation
http_auth_backend_metadata_cache.h
Go to the documentation of this file.
1/*
2 Copyright (c) 2020, 2023, Oracle and/or its affiliates.
3
4 This program is free software; you can redistribute it and/or modify
5 it under the terms of the GNU General Public License, version 2.0,
6 as published by the Free Software Foundation.
7
8 This program is also distributed with certain software (including
9 but not limited to OpenSSL) that is licensed under separate terms,
10 as designated in a particular file or component or in included license
11 documentation. The authors of MySQL hereby grant you an additional
12 permission to link the program and your derivative works with the
13 separately licensed software that they have included with MySQL.
14
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
19
20 You should have received a copy of the GNU General Public License
21 along with this program; if not, write to the Free Software
22 Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
23*/
24
25#ifndef ROUTER_HTTP_AUTH_METADATA_CACHE_INCLUDED
26#define ROUTER_HTTP_AUTH_METADATA_CACHE_INCLUDED
27
28#include "http_auth_backend.h"
29
31
32/**
33 * Authentication backend based on the information stored in the metadata.
34 *
35 * Authentication is based on the credentials stored in the
36 * 'router_rest_accounts' table. Password hashes are stored according to the
37 * following pattern:
38 * `$<id>$<rounds>$<salt>$<hash>`
39 * Where:
40 * id - set to "A", only caching_sha2_password is supported currently
41 * rounds - three digits number containing hashing rounds divided by 1000
42 * salt - password salt, length 20
43 * hash - password hash
44 */
46 : public HttpAuthBackend {
47 public:
48 /**
49 * validate user and authdata against backend.
50 *
51 * @returns error
52 * @retval false no authentication error
53 */
54 std::error_code authenticate(const std::string &username,
55 const std::string &authdata) override;
56
57 /**
58 * Check user privileges and perform authorization. Empty privileges document
59 * means 'all privileges'.
60 *
61 * @param[in] privileges - JSON document containing user privileges.
62 * @returns error
63 * @retval false no authorization error
64 */
65 std::error_code authorize(const rapidjson::Document &privileges);
66};
67
68#endif // ROUTER_HTTP_AUTH_METADATA_CACHE_INCLUDED
Authentication backend based on the information stored in the metadata.
Definition: http_auth_backend_metadata_cache.h:46
Base class of all AuthBackends.
Definition: http_auth_backend.h:44
virtual std::error_code authenticate(const std::string &username, const std::string &authdata)=0
authentication username with authdata against backend.
#define HTTP_AUTH_BACKEND_EXPORT
Definition: http_auth_backend_export.h:15