MySQL 9.0.0
Source Code Documentation
http_auth_backend_metadata_cache.h
Go to the documentation of this file.
1/*
2 Copyright (c) 2020, 2024, Oracle and/or its affiliates.
3
4 This program is free software; you can redistribute it and/or modify
5 it under the terms of the GNU General Public License, version 2.0,
6 as published by the Free Software Foundation.
7
8 This program is designed to work with certain software (including
9 but not limited to OpenSSL) that is licensed under separate terms,
10 as designated in a particular file or component or in included license
11 documentation. The authors of MySQL hereby grant you an additional
12 permission to link the program and your derivative works with the
13 separately licensed software that they have either included with
14 the program or referenced in the documentation.
15
16 This program is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 GNU General Public License for more details.
20
21 You should have received a copy of the GNU General Public License
22 along with this program; if not, write to the Free Software
23 Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
24*/
25
26#ifndef ROUTER_HTTP_AUTH_METADATA_CACHE_INCLUDED
27#define ROUTER_HTTP_AUTH_METADATA_CACHE_INCLUDED
28
29#include "http_auth_backend.h"
30
32
33/**
34 * Authentication backend based on the information stored in the metadata.
35 *
36 * Authentication is based on the credentials stored in the
37 * 'router_rest_accounts' table. Password hashes are stored according to the
38 * following pattern:
39 * `$<id>$<rounds>$<salt>$<hash>`
40 * Where:
41 * id - set to "A", only caching_sha2_password is supported currently
42 * rounds - three digits number containing hashing rounds divided by 1000
43 * salt - password salt, length 20
44 * hash - password hash
45 */
47 : public HttpAuthBackend {
48 public:
49 /**
50 * validate user and authdata against backend.
51 *
52 * @returns error
53 * @retval false no authentication error
54 */
55 std::error_code authenticate(const std::string &username,
56 const std::string &authdata) override;
57
58 /**
59 * Check user privileges and perform authorization. Empty privileges document
60 * means 'all privileges'.
61 *
62 * @param[in] privileges - JSON document containing user privileges.
63 * @returns error
64 * @retval false no authorization error
65 */
66 std::error_code authorize(const rapidjson::Document &privileges);
67};
68
69#endif // ROUTER_HTTP_AUTH_METADATA_CACHE_INCLUDED
Authentication backend based on the information stored in the metadata.
Definition: http_auth_backend_metadata_cache.h:47
Base class of all AuthBackends.
Definition: http_auth_backend.h:45
virtual std::error_code authenticate(const std::string &username, const std::string &authdata)=0
authentication username with authdata against backend.
#define HTTP_AUTH_BACKEND_EXPORT
Definition: http_auth_backend_export.h:15