Poco::OSP::Auth

class AuthService

File Information

Library: OSP
Package: Auth
Header: Poco/OSP/Auth/AuthService.h

Description

The AuthService (authentication/authorization service) is used to authenticate users using a user name/credentials combination, and to assign certain permissions to users.

The specific format of user credentials is defined by the actual implementation of this service. In the simplest form, the credentials are a simple password.

Permissions are simple strings identifying the permissions a specific user has. The AuthService itself does not care about the syntax and format of permissions.

Inheritance

Direct Base Classes: Poco::OSP::Service

All Base Classes: Poco::OSP::Service, Poco::RefCountedObject

Known Derived Classes: Poco::OSP::Auth::Data::AuthAdminServiceImpl, AuthAdminService, AbstractLDAPAuthAdminService, PooledAuthAdminService

Member Summary

Member Functions: authenticate, authorize, isA, type, userExists

Inherited Functions: duplicate, isA, referenceCount, release, type

Types Aliases

Ptr

using Ptr = Poco::AutoPtr < AuthService >;

Constructors

AuthService

AuthService();

Creates the AuthService.

Destructor

~AuthService virtual

~AuthService();

Destroys the AuthService.

Member Functions

authenticate virtual

virtual bool authenticate(
    const std::string & userName,
    const std::string & credentials
) const = 0;

Checks if the userName and credentials combination is valid.

Returns true if the user specified by userName is known and the specified credentials confirm the identity of the user. Returns false otherwise.

authorize virtual

virtual bool authorize(
    const std::string & userName,
    const std::string & permission
) const = 0;

Checks if a user has a specific permission.

Returns true if the user specified by userName has the specified permission.

authorize virtual

virtual bool authorize(
    const std::string & userName,
    const std::string & roleOrScope,
    const std::string & permission
) const = 0;

Checks if a user has a specific permission within the given role or scope.

If roleOrScope is empty, the result is the same as the two-argument version. If a non-empty roleOrScope is given, the method checks whether the user has the given permission within that given role or scope.

Role or scope is defined by the specific implementation.

Returns true if the user specified by userName has the specified permission.

isA virtual

bool isA(
    const std::type_info & otherType
) const;

type virtual

const std::type_info & type() const;

userExists virtual

virtual bool userExists(
    const std::string & userName
) const = 0;

Checks if a user has exists.

Returns true if the user specified by userName exists, otherwise false.

Securely control IoT edge devices from anywhere   Connect a Device