Skip to content

Commit 1c8bd64

Browse files
cynthiajianga-maurice
cynthiajiang
authored andcommitted
[Auth] Add linux secure manager file.
+ Support Save/Load/Delete/DeleteAll + Add Tests PiperOrigin-RevId: 243900946
1 parent 13c25ce commit 1c8bd64

6 files changed

+481
-0
lines changed
Lines changed: 60 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,60 @@
1+
// Copyright 2019 Google LLC
2+
//
3+
// Licensed under the Apache License, Version 2.0 (the "License");
4+
// you may not use this file except in compliance with the License.
5+
// You may obtain a copy of the License at
6+
//
7+
// http://www.apache.org/licenses/LICENSE-2.0
8+
//
9+
// Unless required by applicable law or agreed to in writing, software
10+
// distributed under the License is distributed on an "AS IS" BASIS,
11+
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12+
// See the License for the specific language governing permissions and
13+
// limitations under the License.
14+
15+
#ifndef FIREBASE_AUTH_CLIENT_CPP_SRC_DESKTOP_SECURE_USER_SECURE_DATA_HANDLE_H_
16+
#define FIREBASE_AUTH_CLIENT_CPP_SRC_DESKTOP_SECURE_USER_SECURE_DATA_HANDLE_H_
17+
18+
#include <string>
19+
20+
#include "app/src/include/firebase/future.h"
21+
#include "app/src/reference_counted_future_impl.h"
22+
23+
namespace firebase {
24+
namespace auth {
25+
namespace secure {
26+
27+
enum UserSecureFn {
28+
kUserSecureFnLoad,
29+
kUserSecureFnSave,
30+
kUserSecureFnDelete,
31+
kUserSecureFnDeleteAll,
32+
kUserSecureFnCount
33+
};
34+
35+
enum UserSecureFutureResult {
36+
kSuccess,
37+
kNoEntry,
38+
};
39+
40+
template <typename T>
41+
struct UserSecureDataHandle {
42+
UserSecureDataHandle(const std::string& appName, const std::string& userData,
43+
ReferenceCountedFutureImpl* futureApi,
44+
const SafeFutureHandle<T>& futureHandle)
45+
: app_name(appName),
46+
user_data(userData),
47+
future_api(futureApi),
48+
future_handle(futureHandle) {}
49+
50+
const std::string app_name;
51+
const std::string user_data;
52+
ReferenceCountedFutureImpl* future_api;
53+
SafeFutureHandle<T> future_handle;
54+
};
55+
56+
} // namespace secure
57+
} // namespace auth
58+
} // namespace firebase
59+
60+
#endif // FIREBASE_AUTH_CLIENT_CPP_SRC_DESKTOP_SECURE_USER_SECURE_DATA_HANDLE_H_
Lines changed: 50 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,50 @@
1+
// Copyright 2019 Google LLC
2+
//
3+
// Licensed under the Apache License, Version 2.0 (the "License");
4+
// you may not use this file except in compliance with the License.
5+
// You may obtain a copy of the License at
6+
//
7+
// http://www.apache.org/licenses/LICENSE-2.0
8+
//
9+
// Unless required by applicable law or agreed to in writing, software
10+
// distributed under the License is distributed on an "AS IS" BASIS,
11+
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12+
// See the License for the specific language governing permissions and
13+
// limitations under the License.
14+
15+
#ifndef FIREBASE_AUTH_CLIENT_CPP_SRC_DESKTOP_SECURE_USER_SECURE_INTERNAL_H_
16+
#define FIREBASE_AUTH_CLIENT_CPP_SRC_DESKTOP_SECURE_USER_SECURE_INTERNAL_H_
17+
18+
#include <string>
19+
20+
#include "app/src/scheduler.h"
21+
#include "auth/src/desktop/secure/user_secure_data_handle.h"
22+
23+
namespace firebase {
24+
namespace auth {
25+
namespace secure {
26+
27+
class UserSecureInternal {
28+
public:
29+
UserSecureInternal() = default;
30+
virtual ~UserSecureInternal() = default;
31+
32+
// Load persisted user data for given app name.
33+
virtual std::string LoadUserData(const std::string appName) = 0;
34+
35+
// Save user data under the key of given app name.
36+
virtual void SaveUserData(const std::string appName,
37+
const std::string userData) = 0;
38+
39+
// Delete user data under the given app name.
40+
virtual void DeleteUserData(const std::string appName) = 0;
41+
42+
// Delete all user data.
43+
virtual void DeleteAllData() = 0;
44+
};
45+
46+
} // namespace secure
47+
} // namespace auth
48+
} // namespace firebase
49+
50+
#endif // FIREBASE_AUTH_CLIENT_CPP_SRC_DESKTOP_SECURE_USER_SECURE_INTERNAL_H_
Lines changed: 109 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,109 @@
1+
// Copyright 2019 Google LLC
2+
//
3+
// Licensed under the Apache License, Version 2.0 (the "License");
4+
// you may not use this file except in compliance with the License.
5+
// You may obtain a copy of the License at
6+
//
7+
// http://www.apache.org/licenses/LICENSE-2.0
8+
//
9+
// Unless required by applicable law or agreed to in writing, software
10+
// distributed under the License is distributed on an "AS IS" BASIS,
11+
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12+
// See the License for the specific language governing permissions and
13+
// limitations under the License.
14+
15+
#include "auth/src/desktop/secure/user_secure_linux_internal.h"
16+
17+
#include <dlfcn.h>
18+
19+
#include <iostream>
20+
21+
#include "auth/src/desktop/secure/user_secure_data_handle.h"
22+
23+
namespace firebase {
24+
namespace auth {
25+
namespace secure {
26+
27+
namespace {
28+
29+
// key entry for the app name in the schema. When save the user data with a
30+
// given app name, the app name is the attribute of this key inside schema.
31+
const char kAppNameKey[] = "auth_app_name";
32+
// A common attribute-value pair is added to all the device keys. This makes it
33+
// possible to match all the keys easily (and remove them all at once).
34+
const char kCommonKeyId[] = "common_key_id";
35+
const char kCommonKeyValue[] = "common_key_value";
36+
// Helper function to build the right schema using the provided namespace, for
37+
// storing keys. For instance, helps create separate storage schema for storing
38+
// actual vs testing keys
39+
const char kAuthKeyName[] = "com.google.firebase.auth.Keys";
40+
SecretSchema BuildSchema(const char key_namespace[]) {
41+
SecretSchema schema = {key_namespace,
42+
SECRET_SCHEMA_NONE,
43+
{
44+
{kAppNameKey, SECRET_SCHEMA_ATTRIBUTE_STRING},
45+
{kCommonKeyId, SECRET_SCHEMA_ATTRIBUTE_STRING},
46+
}};
47+
return schema;
48+
}
49+
50+
} // namespace
51+
52+
UserSecureLinuxInternal::UserSecureLinuxInternal()
53+
: UserSecureLinuxInternal(kAuthKeyName) {}
54+
55+
UserSecureLinuxInternal::UserSecureLinuxInternal(const char key_namespace[])
56+
: storage_schema_(BuildSchema(key_namespace)) {}
57+
58+
UserSecureLinuxInternal::~UserSecureLinuxInternal() {}
59+
60+
std::string UserSecureLinuxInternal::LoadUserData(const std::string appName) {
61+
fprintf(stderr, "internal loading start\n");
62+
std::string empty_str("");
63+
GError* error = nullptr;
64+
char* result =
65+
secret_password_lookup_sync(&storage_schema_,
66+
/* cancellable= */ nullptr,
67+
/* error= */ &error,
68+
/* key1= */ kAppNameKey,
69+
/* value1= */ appName.c_str(), nullptr);
70+
if (error) {
71+
g_error_free(error);
72+
return empty_str;
73+
}
74+
75+
if (result == nullptr) {
76+
return empty_str;
77+
}
78+
std::string str_result(result);
79+
secret_password_free(result);
80+
81+
return str_result;
82+
}
83+
84+
void UserSecureLinuxInternal::SaveUserData(const std::string appName,
85+
const std::string userData) {
86+
secret_password_store_sync(
87+
&storage_schema_, SECRET_COLLECTION_DEFAULT, /* label= */ "UserSecure",
88+
/* password= */ userData.c_str(), /* cancellable= */ nullptr,
89+
/* error= */ nullptr, /* key1= */ kAppNameKey,
90+
/* value1= */ appName.c_str(),
91+
/* key2= */ kCommonKeyId, /* value2= */ kCommonKeyValue, nullptr);
92+
}
93+
94+
void UserSecureLinuxInternal::DeleteUserData(const std::string appName) {
95+
secret_password_clear_sync(&storage_schema_,
96+
/* cancellable= */ nullptr, /* error= */ nullptr,
97+
/* key1= */ kAppNameKey,
98+
/* value1= */ appName.c_str(), nullptr);
99+
}
100+
101+
void UserSecureLinuxInternal::DeleteAllData() {
102+
secret_password_clear_sync(&storage_schema_, /* cancellable= */ nullptr,
103+
/* error= */ nullptr, /* key2= */ kCommonKeyId,
104+
/* value2= */ kCommonKeyValue, nullptr);
105+
}
106+
107+
} // namespace secure
108+
} // namespace auth
109+
} // namespace firebase
Lines changed: 54 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,54 @@
1+
// Copyright 2019 Google LLC
2+
//
3+
// Licensed under the Apache License, Version 2.0 (the "License");
4+
// you may not use this file except in compliance with the License.
5+
// You may obtain a copy of the License at
6+
//
7+
// http://www.apache.org/licenses/LICENSE-2.0
8+
//
9+
// Unless required by applicable law or agreed to in writing, software
10+
// distributed under the License is distributed on an "AS IS" BASIS,
11+
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12+
// See the License for the specific language governing permissions and
13+
// limitations under the License.
14+
15+
#ifndef FIREBASE_AUTH_CLIENT_CPP_SRC_DESKTOP_SECURE_USER_SECURE_LINUX_INTERNAL_H_
16+
#define FIREBASE_AUTH_CLIENT_CPP_SRC_DESKTOP_SECURE_USER_SECURE_LINUX_INTERNAL_H_
17+
18+
#include <string>
19+
20+
#include "app/src/reference_counted_future_impl.h"
21+
#include "auth/src/desktop/secure/user_secure_data_handle.h"
22+
#include "auth/src/desktop/secure/user_secure_internal.h"
23+
#include "third_party/libsecret/libsecret/secret.h"
24+
namespace firebase {
25+
namespace auth {
26+
namespace secure {
27+
28+
// Linux specific implementation for the secure manager of user data.
29+
class UserSecureLinuxInternal : public UserSecureInternal {
30+
public:
31+
UserSecureLinuxInternal();
32+
~UserSecureLinuxInternal() override;
33+
34+
// Overloaded constructor to set the storage schema for keys.
35+
explicit UserSecureLinuxInternal(const char key_namespace[]);
36+
37+
std::string LoadUserData(const std::string appName) override;
38+
39+
void SaveUserData(const std::string appName,
40+
const std::string userData) override;
41+
42+
void DeleteUserData(const std::string appName) override;
43+
44+
void DeleteAllData() override;
45+
46+
private:
47+
const SecretSchema storage_schema_;
48+
};
49+
50+
} // namespace secure
51+
} // namespace auth
52+
} // namespace firebase
53+
54+
#endif // FIREBASE_AUTH_CLIENT_CPP_SRC_DESKTOP_SECURE_USER_SECURE_LINUX_INTERNAL_H_

0 commit comments

Comments
 (0)