Grcov report - check

1

#pragma once

2

3

// Copyright 2018 Google LLC

4

// Copyright Envoy Project Authors

5

// SPDX-License-Identifier: Apache-2.0

6

7

#pragma once

8

9

#include <memory>

10

#include <set>

11

#include <string>

12

#include <vector>

13

14

#include "source/common/jwt/status.h"

15

16

namespace Envoy {

17

namespace JwtVerify {

18

19

/**

20

 * RFC for JWT `aud <https://tools.ietf.org/html/rfc7519#section-4.1.3>`_ only

21

 * specifies case sensitive comparison. But experiences showed that users

22

 * easily add wrong scheme and trailing slash to cause mismatch.

23

 * In this implementation, scheme portion of URI and trailing slash is removed

24

 * before comparison.

25

*/

26

class CheckAudience {

27

public:

28

  // Construct the object with a list audiences from config.

29

  CheckAudience(const std::vector<std::string>& config_audiences);

30

31

  // Check any of jwt_audiences is matched with one of configured ones.

32

  bool areAudiencesAllowed(const std::vector<std::string>& jwt_audiences) const;

33

34

  // check if config audiences is empty

35

  bool empty() const { return config_audiences_.empty(); }

36

37

private:

38

  // configured audiences;

39

  std::set<std::string> config_audiences_;

40

};

41

42

typedef std::unique_ptr<CheckAudience> CheckAudiencePtr;

43

44

} // namespace JwtVerify

45

} // namespace Envoy