identity_service.hh

#ifndef __VEREIGN_SERVICE_IDENITY_SERVICE_HH
#define __VEREIGN_SERVICE_IDENITY_SERVICE_HH

#include <vereign/identity/provider.hh>
#include <vereign/client_library/common_types.pb.h>
#include <vereign/client_library/identity_types.pb.h>
#include <vereign/client_library/types.gen.pb.h>
#include <vereign/restapi/post_result.hh>
#include <vereign/service/gen/identity_service.hh>

#include <future>

namespace vereign {

namespace restapi {
  class ClientSession;
}

namespace service {

template <class Request, class Response>
using Result = restapi::PostResult<Request, Response>;

class IdentityService : public gen::IdentityService {
public:
  /**
   * Creates IdentityService instance.
   *
   * @param client_session HTTP client used for communicating with the Vereign Restful API.
   * @param identity_provider Local identity provider (manager).
   */
  IdentityService(
    restapi::ClientSession& client_session,
    identity::Provider& identity_provider
  );

  // disable copying
  IdentityService(const IdentityService&) = delete;
  auto operator=(const IdentityService&) -> IdentityService& = delete;

  /**
   * Login with existing identity public key.
   *
   * This API is for test purposes only. It is not exposed under the gRPC API, and thus is not
   * accessible by the integrators.
   *
   * **WARN: do not use this in production code**
   */
  void LoginWithExistingPubKey(
    const client_library::LoginWithExistingPubKeyForm* req,
    client_library::EmptyResponse* resp
  );

  /**
   * Registers a new device.
   *
   * req.pin is required only under Linux.
   *
   * Under windows the system cypto storage is used.
   * When the device is registered a master key is created and the user will be asked for his
   * consent by showing a dialog window.
   *
   * @param req Login request.
   * @param resp Operation response.
   *
   * @throws kvstore::InvalidPinCodeError Only under Linux. Thrown when the provided pin is invalid,
   *    currently that is when the pin is empty.
   */
  void LoginWithNewDevice(
    const client_library::LoginFormNewDevice* req,
    client_library::LoginFormNewDeviceResponse* resp
  );

  /**
   * Login with already registered device.
   *
   * req.pin is required only under Linux.
   *
   * Under windows the system cypto storage is used.
   * When the device is registered a master key is created and the user will be asked for his
   * consent by showing a dialog window.
   *
   * @param req Login request.
   * @param resp Operation response.
   *
   * @throws kvstore::StorageNotInitializedError when the crypto storage is empty, meaning that
   *    the device is not registered.
   * @throws kvstore::InvalidPinCodeError under Linux, when the provided pin is invalid, meaning
   *    that the pin does not match the pin used during the registration.
   * @throws kvstore::InvalidIdentityError under windows, when for some reason the RSA master key
   *    has been changed.
   */
  void LoginWithPreviouslyAddedDevice(
    const client_library::LoginFormPreviousAddedDevice* req,
    client_library::EmptyResponse* resp
  );

private:
  restapi::ClientSession& client_session_;
  identity::Provider& identity_provider_;
};

} // namespace service
} // namespace vereign


#endif // __VEREIGN_SERVICE_IDENITY_SERVICE_HH