1 /*
2  *
3  * Copyright 2015 gRPC authors.
4  *
5  * Licensed under the Apache License, Version 2.0 (the "License");
6  * you may not use this file except in compliance with the License.
7  * You may obtain a copy of the License at
8  *
9  *     http://www.apache.org/licenses/LICENSE-2.0
10  *
11  * Unless required by applicable law or agreed to in writing, software
12  * distributed under the License is distributed on an "AS IS" BASIS,
13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  * See the License for the specific language governing permissions and
15  * limitations under the License.
16  *
17  */
18 
19 #ifndef GRPCPP_SECURITY_AUTH_METADATA_PROCESSOR_H
20 #define GRPCPP_SECURITY_AUTH_METADATA_PROCESSOR_H
21 
22 #include <map>
23 
24 #include <grpcpp/security/auth_context.h>
25 #include <grpcpp/support/status.h>
26 #include <grpcpp/support/string_ref.h>
27 
28 namespace grpc {
29 
30 /// Interface allowing custom server-side authorization based on credentials
31 /// encoded in metadata.  Objects of this type can be passed to
32 /// \a ServerCredentials::SetAuthMetadataProcessor().
33 class AuthMetadataProcessor {
34  public:
35   typedef std::multimap<grpc::string_ref, grpc::string_ref> InputMetadata;
36   typedef std::multimap<grpc::string, grpc::string> OutputMetadata;
37 
~AuthMetadataProcessor()38   virtual ~AuthMetadataProcessor() {}
39 
40   /// If this method returns true, the \a Process function will be scheduled in
41   /// a different thread from the one processing the call.
IsBlocking()42   virtual bool IsBlocking() const { return true; }
43 
44   /// context is read/write: it contains the properties of the channel peer and
45   /// it is the job of the Process method to augment it with properties derived
46   /// from the passed-in auth_metadata.
47   /// consumed_auth_metadata needs to be filled with metadata that has been
48   /// consumed by the processor and will be removed from the call.
49   /// response_metadata is the metadata that will be sent as part of the
50   /// response.
51   /// If the return value is not Status::OK, the rpc call will be aborted with
52   /// the error code and error message sent back to the client.
53   virtual Status Process(const InputMetadata& auth_metadata,
54                          AuthContext* context,
55                          OutputMetadata* consumed_auth_metadata,
56                          OutputMetadata* response_metadata) = 0;
57 };
58 
59 }  // namespace grpc
60 
61 #endif  // GRPCPP_SECURITY_AUTH_METADATA_PROCESSOR_H
62