1 /*
2 * Copyright (c) 2019-present, Facebook, Inc.
3 * All rights reserved.
4 *
5 * This source code is licensed under the BSD-style license found in the
6 * LICENSE file in the root directory of this source tree.
7 */
8 #include <fizz/extensions/delegatedcred/DelegatedCredentialCertManager.h>
9 #include <fizz/extensions/delegatedcred/DelegatedCredentialUtils.h>
10
11 using namespace fizz::server;
12
13 namespace fizz {
14 namespace extensions {
15
getCert(const folly::Optional<std::string> & sni,const std::vector<SignatureScheme> & supportedSigSchemes,const std::vector<SignatureScheme> & peerSigSchemes,const std::vector<Extension> & peerExtensions) const16 CertManager::CertMatch DelegatedCredentialCertManager::getCert(
17 const folly::Optional<std::string>& sni,
18 const std::vector<SignatureScheme>& supportedSigSchemes,
19 const std::vector<SignatureScheme>& peerSigSchemes,
20 const std::vector<Extension>& peerExtensions) const {
21 auto credential = getExtension<DelegatedCredentialSupport>(peerExtensions);
22
23 if (credential) {
24 auto dcRes = dcMgr_.getCert(
25 sni,
26 supportedSigSchemes,
27 credential->supported_signature_algorithms,
28 peerExtensions);
29 if (dcRes && dcRes->type == MatchType::Direct) {
30 return dcRes;
31 }
32 }
33 return mainMgr_.getCert(
34 sni, supportedSigSchemes, peerSigSchemes, peerExtensions);
35 }
36
37 // Falls back to non-delegated if no match.
getCert(const std::string & identity) const38 std::shared_ptr<SelfCert> DelegatedCredentialCertManager::getCert(
39 const std::string& identity) const {
40 auto dcRes = dcMgr_.getCert(identity);
41 return dcRes ? dcRes : mainMgr_.getCert(identity);
42 }
43
addCert(std::shared_ptr<SelfCert> cert,bool defaultCert)44 void DelegatedCredentialCertManager::addCert(
45 std::shared_ptr<SelfCert> cert,
46 bool defaultCert) {
47 VLOG(8) << "Adding undelegated cert";
48 mainMgr_.addCert(std::move(cert), defaultCert);
49 }
50
addDelegatedCredential(std::shared_ptr<SelfDelegatedCredential> cred)51 void DelegatedCredentialCertManager::addDelegatedCredential(
52 std::shared_ptr<SelfDelegatedCredential> cred) {
53 VLOG(8) << "Adding delegated credential";
54 dcMgr_.addCert(std::move(cred), false);
55 }
56
57 } // namespace extensions
58 } // namespace fizz
59