add CredentialProvider and AuthnCredential

Signed-off-by: Emelia Lei <[email protected]>

Author: emelialei88

src/groups/bmq/bmqa/bmqa_session.cpp

@@ -33,6 +33,8 @@
 #include <bmqp_ctrlmsg_messages.h>
 #include <bmqp_messageguidgenerator.h>
 #include <bmqp_protocol.h>
+#include <bmqpi_credentialprovider.h>
+#include <bmqt_authncredential.h>
 #include <bmqt_correlationid.h>
 #include <bmqt_queueflags.h>
 
@@ -59,6 +61,7 @@
 #include <bsls_assert.h>
 #include <bsls_atomic.h>
 #include <bsls_performancehint.h>
+#include <bslstl_sharedptr.h>
 
 namespace BloombergLP {
 namespace bmqa {
@@ -251,11 +254,18 @@ int SessionUtil::createApplication(SessionImpl* sessionImpl)
 
     // Authentication Message
     bmqp_ctrlmsg::AuthenticationMessage authenticaionMessage;
-    bmqp_ctrlmsg::AuthenticateRequest&  ar =
-        authenticaionMessage.makeAuthenticateRequest();
-    bsl::string str = "username:password";
-    ar.mechanism()  = "basic";
-    ar.data()       = bsl::vector<char>(str.begin(), str.end());  // hexBinary
+
+    bmqt::AuthnCredential                             credential;
+    const bsl::shared_ptr<bmqpi::CredentialProvider>& credentialProvider =
+        sessionImpl->d_sessionOptions.credentialProvider();
+    if (credentialProvider) {
+        credentialProvider->loadCredential(&credential);
+
+        bmqp_ctrlmsg::AuthenticateRequest& ar =
+            authenticaionMessage.makeAuthenticateRequest();
+        ar.mechanism() = credential.mechanism();
+        ar.data()      = credential.data();
+    }
 
     // Negotiation Message
     bmqp_ctrlmsg::NegotiationMessage negotiationMessage;

src/groups/bmq/bmqimp/bmqimp_application.cpp

@@ -605,14 +605,12 @@ Application::Application(
           allocator),
       allocator)
 , d_initialConnectionChannelFactory(
-      InitialConnectionChannelFactoryConfig(
-          &d_statChannelFactory,
-          authenticationMessage,
-          sessionOptions.connectTimeout(),  // TODO: different for authn?
-          negotiationMessage,
-          sessionOptions.connectTimeout(),
-          d_blobSpPool_sp.get(),
-          allocator),
+      InitialConnectionChannelFactoryConfig(&d_statChannelFactory,
+                                            authenticationMessage,
+                                            negotiationMessage,
+                                            sessionOptions.connectTimeout(),
+                                            d_blobSpPool_sp.get(),
+                                            allocator),
       allocator)
 , d_connectHandle_mp()
 , d_brokerSession(&d_scheduler,

src/groups/bmq/bmqimp/bmqimp_initialconnectionchannelfactory.cpp

@@ -68,16 +68,14 @@ enum RcEnum {
 InitialConnectionChannelFactoryConfig::InitialConnectionChannelFactoryConfig(
     bmqio::ChannelFactory*                     base,
     const bmqp_ctrlmsg::AuthenticationMessage& authenticationMessage,
-    const bsls::TimeInterval&                  authenticationTimeout,
     const bmqp_ctrlmsg::NegotiationMessage&    negotiationMessage,
-    const bsls::TimeInterval&                  negotiationTimeout,
+    const bsls::TimeInterval&                  connectTimeout,
     BlobSpPool*                                blobSpPool_p,
     bslma::Allocator*                          basicAllocator)
 : d_baseFactory_p(base)
 , d_authenticationMessage(authenticationMessage, basicAllocator)
-, d_authenticationTimeout(authenticationTimeout)
 , d_negotiationMessage(negotiationMessage, basicAllocator)
-, d_negotiationTimeout(negotiationTimeout)
+, d_connectTimeout(connectTimeout)
 , d_blobSpPool_p(blobSpPool_p)
 , d_allocator_p(bslma::Default::allocator(basicAllocator))
 {
@@ -90,9 +88,8 @@ InitialConnectionChannelFactoryConfig::InitialConnectionChannelFactoryConfig(
     bslma::Allocator*                            basicAllocator)
 : d_baseFactory_p(original.d_baseFactory_p)
 , d_authenticationMessage(original.d_authenticationMessage, basicAllocator)
-, d_authenticationTimeout(original.d_authenticationTimeout)
 , d_negotiationMessage(original.d_negotiationMessage, basicAllocator)
-, d_negotiationTimeout(original.d_negotiationTimeout)
+, d_connectTimeout(original.d_connectTimeout)
 , d_blobSpPool_p(original.d_blobSpPool_p)
 , d_allocator_p(bslma::Default::allocator(basicAllocator))
 {
@@ -215,17 +212,15 @@ void InitialConnectionChannelFactory::readResponse(
 
     bsl::string        actionStr;
     bsl::string        errorProperty;
-    bsls::TimeInterval timeout;
+    bsls::TimeInterval timeout = d_config.d_connectTimeout;
 
     if (action == AUTHENTICATION) {
         actionStr     = "authentication";
         errorProperty = "authenticationError";
-        timeout       = d_config.d_authenticationTimeout;
     }
     else if (action == NEGOTIATION) {
         actionStr     = "negotiation";
         errorProperty = "negotiationError";
-        timeout       = d_config.d_negotiationTimeout;
     }
 
     BALL_LOG_INFO << "Read response (" << actionStr << ")";
@@ -255,6 +250,16 @@ void InitialConnectionChannelFactory::authenticate(
     const ResultCallback&                  cb) const
 {
     BALL_LOG_INFO << "Client authenticate";
+
+    // If the authentication message is not an AuthenticateRequest,
+    // then we assume that the broker is not using authentication.
+    // In this case, we will skip the authentication step and proceed
+    // directly to the negotiation step.
+    if (!d_config.d_authenticationMessage.isAuthenticateRequestValue()) {
+        negotiate(channel, cb);
+        return;  // RETURN
+    }
+
     sendRequest(channel, AUTHENTICATION, cb);
     readResponse(channel, AUTHENTICATION, cb);
 }
@@ -457,7 +462,7 @@ void InitialConnectionChannelFactory::onBrokerAuthenticationResponse(
     // Authentication SUCCEEDED
     BALL_LOG_INFO << "Authentication with broker was successful: " << response;
 
-    // TODO: do something
+    // TODO: reauthenticate
 
     negotiate(channel, cb);
 }

src/groups/bmq/bmqimp/bmqimp_initialconnectionchannelfactory.h

@@ -66,9 +66,8 @@ class InitialConnectionChannelFactoryConfig {
     // PRIVATE DATA
     bmqio::ChannelFactory*              d_baseFactory_p;
     bmqp_ctrlmsg::AuthenticationMessage d_authenticationMessage;
-    bsls::TimeInterval                  d_authenticationTimeout;
     bmqp_ctrlmsg::NegotiationMessage    d_negotiationMessage;
-    bsls::TimeInterval                  d_negotiationTimeout;
+    bsls::TimeInterval                  d_connectTimeout;
     BlobSpPool*                         d_blobSpPool_p;
     bslma::Allocator*                   d_allocator_p;
 
@@ -84,9 +83,8 @@ class InitialConnectionChannelFactoryConfig {
     InitialConnectionChannelFactoryConfig(
         bmqio::ChannelFactory*                     base,
         const bmqp_ctrlmsg::AuthenticationMessage& authenticationMessage,
-        const bsls::TimeInterval&                  authenticationTimeout,
         const bmqp_ctrlmsg::NegotiationMessage&    negotiationMessage,
-        const bsls::TimeInterval&                  negotiationTimeout,
+        const bsls::TimeInterval&                  d_connectTimeout,
         BlobSpPool*                                blobSpPool_p,
         bslma::Allocator*                          basicAllocator = 0);
 

src/groups/bmq/bmqpi/bmqpi_credentialprovider.cpp

@@ -0,0 +1,33 @@
+// Copyright 2021-2025 Bloomberg Finance L.P.
+// SPDX-License-Identifier: Apache-2.0
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// bmqpi_credentialprovider.cpp                                 -*-C++-*-
+#include <bmqpi_credentialprovider.h>
+
+#include <bmqscm_version.h>
+namespace BloombergLP {
+namespace bmqpi {
+
+// ------------------------
+// class CredentialProvider
+// ------------------------
+
+CredentialProvider::~CredentialProvider()
+{
+    // NOTHING
+}
+
+}  // close package namespace
+}  // close enterprise namespace

src/groups/bmq/bmqpi/bmqpi_credentialprovider.h

@@ -0,0 +1,53 @@
+// Copyright 2021-2025 Bloomberg Finance L.P.
+// SPDX-License-Identifier: Apache-2.0
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// bmqpi_credentialprovider.h                                  -*-C++-*-
+#ifndef INCLUDED_BMQPI_CREDENTIALPROVIDER
+#define INCLUDED_BMQPI_CREDENTIALPROVIDER
+
+/// @file bmqpi_credentialprovider.h
+///
+/// @brief Provide an interface for providing the credential of the client.
+
+// BMQ
+#include <bmqt_authncredential.h>
+
+// BDE
+#include <bsl_functional.h>
+
+namespace BloombergLP {
+namespace bmqpi {
+
+// ========================
+// class CredentialProvider
+// ========================
+
+/// A pure interface for providing the credential of the client.
+class CredentialProvider {
+  public:
+    // CREATORS
+
+    /// Destructor
+    virtual ~CredentialProvider();
+
+    // MANIPULATORS
+
+    virtual void loadCredential(bmqt::AuthnCredential* credential) const = 0;
+};
+
+}  // close package namespace
+}  // close enterprise namespace
+
+#endif

src/groups/bmq/bmqpi/bmqpi_credentialprovider.t.cpp

@@ -0,0 +1,117 @@
+// Copyright 2025 Bloomberg Finance L.P.
+// SPDX-License-Identifier: Apache-2.0
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// bmqpi_credentialprovide.t.cpp                                -*-C++-*-
+#include <bmqpi_credentialprovider.h>
+
+// BMQ
+#include <bmqt_authncredential.h>
+#include <bsla_unused.h>
+#include <bsls_protocoltest.h>
+
+// TEST DRIVER
+#include <bmqtst_testhelper.h>
+
+// CONVENIENCE
+using namespace BloombergLP;
+using namespace bsl;
+
+/// A test implementation of the 'bmqpi::CredentialProvider` protocol.
+struct CredentialProviderTestImp
+: public bsls::ProtocolTestImp<bmqpi::CredentialProvider> {
+    void loadCredential(bmqt::AuthnCredential* credential) const
+        BSLS_KEYWORD_OVERRIDE;
+};
+
+// Define one of CredentialProviderTestImp methods out-of-line, to instruct the
+// compiler to bake the class's vtable into *this* translation unit.
+void CredentialProviderTestImp::loadCredential(
+    BSLA_UNUSED bmqt::AuthnCredential* credential) const
+{
+    markDone();
+}
+
+// ============================================================================
+//                                    TESTS
+// ============================================================================
+
+static void test1_breathingTest()
+// ------------------------------------------------------------------------
+// PROTOCOL TEST:
+//   Ensure this class is a properly defined protocol class.
+//
+// Plan:
+//: 1 Define a concrete derived implementation, 'CredentialProviderTestImp',
+//:   of the protocol.
+//:
+//: 2 Create an object of the 'bsls::ProtocolTest' class template
+//:   parameterized by 'CredentialProviderTestImp', and use it to verify
+//:   that:
+//:
+//:   1 The protocol is abstract. (C-1)
+//:
+//:   2 The protocol has no data members. (C-2)
+//:
+//:   3 The protocol has a virtual destructor. (C-3)
+//:
+//: 3 Use the 'BSLS_PROTOCOLTEST_ASSERT' macro to verify that
+//:   non-creator methods of the protocol are:
+//:
+//:   1 virtual, (C-4)
+//:
+//:   2 publicly accessible. (C-5)
+//
+// Testing:
+//   PROTOCOL TEST
+// ------------------------------------------------------------------------
+{
+    bmqtst::TestHelper::printTestName("BREATHING TEST");
+
+    PV("Creating a concrete object");
+    bsls::ProtocolTest<CredentialProviderTestImp> provider;
+
+    PV("Verify that the protocol is abstract");
+    BMQTST_ASSERT(provider.testAbstract());
+
+    PV("Verify that there are no data members");
+    BMQTST_ASSERT(provider.testNoDataMembers());
+
+    PV("Verify that the destructor is virtual");
+    BMQTST_ASSERT(provider.testVirtualDestructor());
+
+    PV("Verify that all methods are public and virtual");
+
+    BSLS_PROTOCOLTEST_ASSERT(provider, loadCredential(NULL));
+}
+
+// ============================================================================
+//                                 MAIN PROGRAM
+// ----------------------------------------------------------------------------
+
+int main(int argc, char* argv[])
+{
+    TEST_PROLOG(bmqtst::TestHelper::e_DEFAULT);
+
+    switch (_testCase) {
+    case 0:
+    case 1: test1_breathingTest(); break;
+    default: {
+        cerr << "WARNING: CASE '" << _testCase << "' NOT FOUND." << bsl::endl;
+        bmqtst::TestHelperUtil::testStatus() = -1;
+    } break;
+    }
+
+    TEST_EPILOG(bmqtst::TestHelper::e_CHECK_DEF_GBL_ALLOC);
+}

src/groups/bmq/bmqpi/package/bmqpi.mem

@@ -1,3 +1,4 @@
+bmqpi_credentialprovider
 bmqpi_dtcontext
 bmqpi_dtspan
 bmqpi_dttracer