/proc/self/cwd/jwt_verify_lib/check_audience.h

Source (jump to first uncovered line)
// Copyright 2018 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//    https://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.#pragma once

#pragma once

#include <memory>
#include <set>
#include <string>
#include <vector>

#include "jwt_verify_lib/status.h"

namespace google {
namespace jwt_verify {

/**
 * RFC for JWT `aud <https://tools.ietf.org/html/rfc7519#section-4.1.3>`_ only
 * specifies case sensitive comparison. But experiences showed that users
 * easily add wrong scheme and tailing slash to cause mis-match.
 * In this implemeation, scheme portion of URI and tailing slash is removed
 * before comparison.
 */
class CheckAudience {
 public:
  // Construct the object with a list audiences from config.
  CheckAudience(const std::vector<std::string>& config_audiences);

  // Check any of jwt_audiences is matched with one of configurated ones.
  bool areAudiencesAllowed(const std::vector<std::string>& jwt_audiences) const;

  // check if config audiences is empty
  bool empty() const { return config_audiences_.empty(); }

 private:
  // configured audiences;
  std::set<std::string> config_audiences_;
};

typedef std::unique_ptr<CheckAudience> CheckAudiencePtr;

}  // namespace jwt_verify
}  // namespace google

Coverage Report

Created: 2023-06-07 07:04

Line	Count	Source (jump to first uncovered line)
1		// Copyright 2018 Google LLC
2		//
3		// Licensed under the Apache License, Version 2.0 (the "License");
4		// you may not use this file except in compliance with the License.
5		// You may obtain a copy of the License at
6		//
7		// https://www.apache.org/licenses/LICENSE-2.0
8		//
9		// Unless required by applicable law or agreed to in writing, software
10		// distributed under the License is distributed on an "AS IS" BASIS,
11		// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12		// See the License for the specific language governing permissions and
13		// limitations under the License.#pragma once
14
15		#pragma once
16
17		#include <memory>
18		#include <set>
19		#include <string>
20		#include <vector>
21
22		#include "jwt_verify_lib/status.h"
23
24		namespace google {
25		namespace jwt_verify {
26
27		/**
28		* RFC for JWT `aud <https://tools.ietf.org/html/rfc7519#section-4.1.3>`_ only
29		* specifies case sensitive comparison. But experiences showed that users
30		* easily add wrong scheme and tailing slash to cause mis-match.
31		* In this implemeation, scheme portion of URI and tailing slash is removed
32		* before comparison.
33		*/
34		class CheckAudience {
35		public:
36		// Construct the object with a list audiences from config.
37		CheckAudience(const std::vector<std::string>& config_audiences);
38
39		// Check any of jwt_audiences is matched with one of configurated ones.
40		bool areAudiencesAllowed(const std::vector<std::string>& jwt_audiences) const;
41
42		// check if config audiences is empty
43	0	bool empty() const { return config_audiences_.empty(); }
44
45		private:
46		// configured audiences;
47		std::set<std::string> config_audiences_;
48		};
49
50		typedef std::unique_ptr<CheckAudience> CheckAudiencePtr;
51
52		} // namespace jwt_verify
53		} // namespace google