Home Explore Help
Sign In
SMusatov
/
ydb
mirror of https://github.com/ydb-platform/ydb.git
1
0
Fork 0
Files
Tree: c1baa486d9
Branches Tags
ydb
/
contrib
/
restricted
/
aws
/
aws-c-auth
/
source
/
credentials_provider_chain.c

credentials_provider_chain.c 6.4 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195 
  1. /**
    2. 

  2.  * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
    3. 

  3.  * SPDX-License-Identifier: Apache-2.0.
    4. 

  4.  */
    5. 

  5. 

  6. #include <aws/auth/credentials.h>
    7. 

  7. 

  8. #include <aws/auth/private/credentials_utils.h>
    9. 

  9. 

  10. struct aws_credentials_provider_chain_impl {
    11. 

  11.     struct aws_array_list providers;
    12. 

  12. };
    13. 

  13. 

  14. struct aws_credentials_provider_chain_user_data {
    15. 

  15.     struct aws_allocator *allocator;
    16. 

  16.     struct aws_credentials_provider *provider_chain;
    17. 

  17.     size_t current_provider_index;
    18. 

  18.     aws_on_get_credentials_callback_fn *original_callback;
    19. 

  19.     void *original_user_data;
    20. 

  20. };
    21. 

  21. 

  22. static void s_aws_provider_chain_member_callback(struct aws_credentials *credentials, int error_code, void *user_data) {
    23. 

  23.     struct aws_credentials_provider_chain_user_data *wrapped_user_data = user_data;
    24. 

  24.     struct aws_credentials_provider *provider = wrapped_user_data->provider_chain;
    25. 

  25.     struct aws_credentials_provider_chain_impl *impl = provider->impl;
    26. 

  26. 

  27.     size_t provider_count = aws_array_list_length(&impl->providers);
    28. 

  28. 

  29.     if (credentials != NULL || wrapped_user_data->current_provider_index + 1 >= provider_count) {
    30. 

  30.         AWS_LOGF_INFO(
    31. 

  31.             AWS_LS_AUTH_CREDENTIALS_PROVIDER,
    32. 

  32.             "(id=%p) Credentials provider chain callback terminating on index %zu, with %s credentials and error code "
    33. 

  33.             "%d",
    34. 

  34.             (void *)provider,
    35. 

  35.             wrapped_user_data->current_provider_index + 1,
    36. 

  36.             (credentials != NULL) ? "valid" : "invalid",
    37. 

  37.             error_code);
    38. 

  38. 

  39.         goto on_terminate_chain;
    40. 

  40.     }
    41. 

  41. 

  42.     AWS_LOGF_DEBUG(
    43. 

  43.         AWS_LS_AUTH_CREDENTIALS_PROVIDER,
    44. 

  44.         "(id=%p) Credentials provider chain callback %zu invoked with %s credentials and error code %d",
    45. 

  45.         (void *)provider,
    46. 

  46.         wrapped_user_data->current_provider_index + 1,
    47. 

  47.         (credentials != NULL) ? "valid" : "invalid",
    48. 

  48.         error_code);
    49. 

  49. 

  50.     wrapped_user_data->current_provider_index++;
    51. 

  51. 

  52.     /*
    53. 

  53.      * TODO: Immutable data, shouldn't need a lock, but we might need a fence and we don't have one atm
    54. 

  54.      */
    55. 

  55.     struct aws_credentials_provider *next_provider = NULL;
    56. 

  56.     if (aws_array_list_get_at(&impl->providers, &next_provider, wrapped_user_data->current_provider_index)) {
    57. 

  57.         goto on_terminate_chain;
    58. 

  58.     }
    59. 

  59. 

  60.     AWS_LOGF_DEBUG(
    61. 

  61.         AWS_LS_AUTH_CREDENTIALS_PROVIDER,
    62. 

  62.         "(id=%p) Credentials provider chain invoking chain member #%zu",
    63. 

  63.         (void *)provider,
    64. 

  64.         wrapped_user_data->current_provider_index);
    65. 

  65. 

  66.     aws_credentials_provider_get_credentials(next_provider, s_aws_provider_chain_member_callback, wrapped_user_data);
    67. 

  67. 

  68.     return;
    69. 

  69. 

  70. on_terminate_chain:
    71. 

  71. 

  72.     wrapped_user_data->original_callback(credentials, error_code, wrapped_user_data->original_user_data);
    73. 

  73.     aws_credentials_provider_release(provider);
    74. 

  74.     aws_mem_release(wrapped_user_data->allocator, wrapped_user_data);
    75. 

  75. }
    76. 

  76. 

  77. static int s_credentials_provider_chain_get_credentials_async(
    78. 

  78.     struct aws_credentials_provider *provider,
    79. 

  79.     aws_on_get_credentials_callback_fn callback,
    80. 

  80.     void *user_data) {
    81. 

  81. 

  82.     struct aws_credentials_provider_chain_impl *impl = provider->impl;
    83. 

  83. 

  84.     struct aws_credentials_provider *first_provider = NULL;
    85. 

  85.     if (aws_array_list_get_at(&impl->providers, &first_provider, 0)) {
    86. 

  86.         return AWS_OP_ERR;
    87. 

  87.     }
    88. 

  88. 

  89.     struct aws_credentials_provider_chain_user_data *wrapped_user_data =
    90. 

  90.         aws_mem_acquire(provider->allocator, sizeof(struct aws_credentials_provider_chain_user_data));
    91. 

  91.     if (wrapped_user_data == NULL) {
    92. 

  92.         return AWS_OP_ERR;
    93. 

  93.     }
    94. 

  94. 

  95.     AWS_ZERO_STRUCT(*wrapped_user_data);
    96. 

  96. 

  97.     wrapped_user_data->allocator = provider->allocator;
    98. 

  98.     wrapped_user_data->provider_chain = provider;
    99. 

  99.     wrapped_user_data->current_provider_index = 0;
    100. 

  100.     wrapped_user_data->original_user_data = user_data;
    101. 

  101.     wrapped_user_data->original_callback = callback;
    102. 

  102. 

  103.     aws_credentials_provider_acquire(provider);
    104. 

  104. 

  105.     AWS_LOGF_DEBUG(
    106. 

  106.         AWS_LS_AUTH_CREDENTIALS_PROVIDER,
    107. 

  107.         "(id=%p) Credentials provider chain get credentials dispatch",
    108. 

  108.         (void *)provider);
    109. 

  109. 

  110.     aws_credentials_provider_get_credentials(first_provider, s_aws_provider_chain_member_callback, wrapped_user_data);
    111. 

  111. 

  112.     return AWS_OP_SUCCESS;
    113. 

  113. }
    114. 

  114. 

  115. static void s_credentials_provider_chain_destroy(struct aws_credentials_provider *provider) {
    116. 

  116.     struct aws_credentials_provider_chain_impl *impl = provider->impl;
    117. 

  117.     if (impl == NULL) {
    118. 

  118.         return;
    119. 

  119.     }
    120. 

  120. 

  121.     size_t provider_count = aws_array_list_length(&impl->providers);
    122. 

  122.     for (size_t i = 0; i < provider_count; ++i) {
    123. 

  123.         struct aws_credentials_provider *chain_member = NULL;
    124. 

  124.         if (aws_array_list_get_at(&impl->providers, &chain_member, i)) {
    125. 

  125.             continue;
    126. 

  126.         }
    127. 

  127. 

  128.         aws_credentials_provider_release(chain_member);
    129. 

  129.     }
    130. 

  130. 

  131.     /* Invoke our own shutdown callback */
    132. 

  132.     aws_credentials_provider_invoke_shutdown_callback(provider);
    133. 

  133. 

  134.     aws_array_list_clean_up(&impl->providers);
    135. 

  135. 

  136.     aws_mem_release(provider->allocator, provider);
    137. 

  137. }
    138. 

  138. 

  139. static struct aws_credentials_provider_vtable s_aws_credentials_provider_chain_vtable = {
    140. 

  140.     .get_credentials = s_credentials_provider_chain_get_credentials_async,
    141. 

  141.     .destroy = s_credentials_provider_chain_destroy,
    142. 

  142. };
    143. 

  143. 

  144. struct aws_credentials_provider *aws_credentials_provider_new_chain(
    145. 

  145.     struct aws_allocator *allocator,
    146. 

  146.     const struct aws_credentials_provider_chain_options *options) {
    147. 

  147. 

  148.     if (options->provider_count == 0) {
    149. 

  149.         return NULL;
    150. 

  150.     }
    151. 

  151. 

  152.     struct aws_credentials_provider *provider = NULL;
    153. 

  153.     struct aws_credentials_provider_chain_impl *impl = NULL;
    154. 

  154. 

  155.     aws_mem_acquire_many(
    156. 

  156.         allocator,
    157. 

  157.         2,
    158. 

  158.         &provider,
    159. 

  159.         sizeof(struct aws_credentials_provider),
    160. 

  160.         &impl,
    161. 

  161.         sizeof(struct aws_credentials_provider_chain_impl));
    162. 

  162. 

  163.     if (!provider) {
    164. 

  164.         return NULL;
    165. 

  165.     }
    166. 

  166. 

  167.     AWS_ZERO_STRUCT(*provider);
    168. 

  168.     AWS_ZERO_STRUCT(*impl);
    169. 

  169. 

  170.     aws_credentials_provider_init_base(provider, allocator, &s_aws_credentials_provider_chain_vtable, impl);
    171. 

  171. 

  172.     if (aws_array_list_init_dynamic(
    173. 

  173.             &impl->providers, allocator, options->provider_count, sizeof(struct aws_credentials_provider *))) {
    174. 

  174.         goto on_error;
    175. 

  175.     }
    176. 

  176. 

  177.     for (size_t i = 0; i < options->provider_count; ++i) {
    178. 

  178.         struct aws_credentials_provider *sub_provider = options->providers[i];
    179. 

  179.         if (aws_array_list_push_back(&impl->providers, &sub_provider)) {
    180. 

  180.             goto on_error;
    181. 

  181.         }
    182. 

  182. 

  183.         aws_credentials_provider_acquire(sub_provider);
    184. 

  184.     }
    185. 

  185. 

  186.     provider->shutdown_options = options->shutdown_options;
    187. 

  187. 

  188.     return provider;
    189. 

  189. 

  190. on_error:
    191. 

  191. 

  192.     aws_credentials_provider_destroy(provider);
    193. 

  193. 

  194.     return NULL;
    195. 

  195. }
    196.