Add Basic and Bearer Authorization to the CPP Pistache generator (#22337)

* [cpp][pistache-server] Add extraction and forwarding of credentials for HTTP Basic protected endpoints.

* [cpp][pistache-server] Change HTTP Basic credentials to be contained on a struct instead of two std::strings

* [cpp][pistache-server] Add callbacks to authenticate http basic credentials.

* [cpp][pistache-server] Add `void* userdata` to HttpBasicCredentials.

This allows for data ft be passed on from the authenticator to the
handler implementation. For example a userid that has already been
looked up

* [cpp][pistache-server] Add support for HTTP Bearer authentication.

* [cpp][pistache-server] Add new file `api-base-source.mustache`

`api-base-source.mustache` contain implementations of security
related methods and also the empty constructor.

* [cpp][pistache-server] Add re-generated samples.

* Fix PR 19978: Updated indentation levels and fixed test problems

---------

Co-authored-by: Morten Winkler <[email protected]>

Author: KRJ-RTX

modules/openapi-generator/src/main/java/org/openapitools/codegen/languages/CppPistacheServerCodegen.java

@@ -191,6 +191,7 @@ public CppPistacheServerCodegen() {
     private void setupSupportingFiles() {
         supportingFiles.clear();
         supportingFiles.add(new SupportingFile("api-base-header.mustache", "api", "ApiBase.h"));
+        supportingFiles.add(new SupportingFile("api-base-source.mustache", "api", "ApiBase.cpp"));
         supportingFiles.add(new SupportingFile("helpers-header.mustache", "model", modelNamePrefix + "Helpers.h"));
         supportingFiles.add(new SupportingFile("helpers-source.mustache", "model", modelNamePrefix + "Helpers.cpp"));
         supportingFiles.add(new SupportingFile("main-api-server.mustache", "", modelNamePrefix + "main-api-server.cpp"));

modules/openapi-generator/src/main/resources/cpp-pistache-server/api-base-header.mustache

@@ -14,14 +14,47 @@
 namespace {{apiNamespace}}
 {
 
+
+    {{#authMethods}}{{#isBasicBasic}}
+    typedef struct
+    {
+        std::string user;
+        std::string password;
+        std::unique_ptr<void, std::function<void(void*)>> userdata;
+    } HttpBasicCredentials;
+
+    typedef std::function<bool(HttpBasicCredentials &)> BasicCredentialsAuthenticator;
+    {{/isBasicBasic}}
+
+    {{#isBasicBearer}}
+    typedef struct
+    {
+        std::string token;
+        std::unique_ptr<void, std::function<void(void*)>> userdata;
+    } HttpBearerToken;
+
+    typedef std::function<bool(HttpBearerToken &)> BearerTokenAuthenticator;
+    {{/isBasicBearer}}
+    {{/authMethods}}
+
+
+
 class ApiBase {
 public:
-    explicit ApiBase(const std::shared_ptr<Pistache::Rest::Router>& rtr) : router(rtr) {};
+    explicit ApiBase(const std::shared_ptr<Pistache::Rest::Router>& rtr);
     virtual ~ApiBase() = default;
     virtual void init() = 0;
 
+    {{#authMethods}}{{#isBasicBasic}}void setBasicCredentialsAuthenticator( const BasicCredentialsAuthenticator &newBasicCredentialsAuthenticator);{{/isBasicBasic}}{{/authMethods}}
+    {{#authMethods}}{{#isBasicBearer}}void setBearerTokenAuthenticator( const BearerTokenAuthenticator &newbearerTokenAuthenticator);{{/isBasicBearer}}{{/authMethods}}
+
+
 protected:
     const std::shared_ptr<Pistache::Rest::Router> router;
+    {{#authMethods}}{{#isBasicBasic}}std::optional<BasicCredentialsAuthenticator> basicCredentialsAuthenticator;{{/isBasicBasic}}{{/authMethods}}
+    {{#authMethods}}{{#isBasicBearer}}std::optional<BearerTokenAuthenticator> bearerTokenAuthenticator;{{/isBasicBearer}}{{/authMethods}}
+
+
 };
 
 } // namespace {{apiNamespace}}

modules/openapi-generator/src/main/resources/cpp-pistache-server/api-base-source.mustache

@@ -0,0 +1,25 @@
+{{>licenseInfo}}
+#include "ApiBase.h"
+
+namespace {{apiNamespace}}
+{
+
+ApiBase::ApiBase(const std::shared_ptr<Pistache::Rest::Router>& rtr) : router(rtr)
+{
+}
+
+{{#authMethods}}{{#isBasicBasic}}
+void ApiBase::setBasicCredentialsAuthenticator( const BasicCredentialsAuthenticator &newBasicCredentialsAuthenticator)
+{
+    basicCredentialsAuthenticator = newBasicCredentialsAuthenticator;
+}
+{{/isBasicBasic}}
+{{#isBasicBearer}}
+void ApiBase::setBearerTokenAuthenticator( const BearerTokenAuthenticator &newbearerTokenAuthenticator)
+{
+    bearerTokenAuthenticator = newbearerTokenAuthenticator;
+}
+{{/isBasicBearer}}
+{{/authMethods}}
+
+} // Namespace {{apiNamespace}}

modules/openapi-generator/src/main/resources/cpp-pistache-server/api-header.mustache

@@ -79,7 +79,7 @@ private:
     {{#allParams}}
     /// <param name="{{paramName}}">{{description}}{{^required}} (optional{{#defaultValue}}, default to {{.}}{{/defaultValue}}){{/required}}</param>
     {{/allParams}}
-    virtual void {{operationIdSnakeCase}}({{#allParams}}const {{#isModel}}{{^isOptional}}{{modelNamespace}}::{{/isOptional}}{{/isModel}}{{{dataType}}} &{{paramName}}{{^-last}}, {{/-last}}{{/allParams}}{{#hasParams}}, {{/hasParams}}Pistache::Http::ResponseWriter &response) = 0;
+    virtual void {{operationIdSnakeCase}}({{#authMethods}}{{#isBasicBasic}}const HttpBasicCredentials &credentials, {{/isBasicBasic}}{{#isBasicBearer}}const HttpBearerToken &accessToken, {{/isBasicBearer}}{{/authMethods}} {{#allParams}}const {{#isModel}}{{^isOptional}}{{modelNamespace}}::{{/isOptional}}{{/isModel}}{{{dataType}}} &{{paramName}}{{^-last}}, {{/-last}}{{/allParams}}{{#hasParams}}, {{/hasParams}}Pistache::Http::ResponseWriter &response) = 0;
     {{/vendorExtensions.x-codegen-pistache-is-parsing-supported}}
     {{^vendorExtensions.x-codegen-pistache-is-parsing-supported}}
     virtual void {{operationIdSnakeCase}}(const Pistache::Rest::Request &request, Pistache::Http::ResponseWriter &response) = 0;

modules/openapi-generator/src/main/resources/cpp-pistache-server/api-impl-header.mustache

@@ -26,7 +26,8 @@ namespace {{apiNamespace}}
 {
 
 {{#hasModelImport}}
-using namespace {{modelNamespace}};{{/hasModelImport}}
+using namespace {{modelNamespace}};
+{{/hasModelImport}}
 
 class {{declspec}} {{classname}}Impl : public {{apiNamespace}}::{{classname}} {
 public:
@@ -35,7 +36,7 @@ public:
 
     {{#operation}}
     {{#vendorExtensions.x-codegen-pistache-is-parsing-supported}}
-    void {{operationIdSnakeCase}}({{#allParams}}const {{{dataType}}} &{{paramName}}{{^-last}}, {{/-last}}{{/allParams}}{{#hasParams}}, {{/hasParams}}Pistache::Http::ResponseWriter &response);
+    void {{operationIdSnakeCase}}({{#authMethods}}{{#isBasicBasic}}const HttpBasicCredentials &credentials,{{/isBasicBasic}}{{#isBasicBearer}}const HttpBearerToken &bearerToken, {{/isBasicBearer}}{{/authMethods}}{{#allParams}}const {{{dataType}}} &{{paramName}}{{^-last}}, {{/-last}}{{/allParams}}{{#hasParams}}, {{/hasParams}}Pistache::Http::ResponseWriter &response);
     {{/vendorExtensions.x-codegen-pistache-is-parsing-supported}}
     {{^vendorExtensions.x-codegen-pistache-is-parsing-supported}}
     void {{operationIdSnakeCase}}(const Pistache::Rest::Request &request, Pistache::Http::ResponseWriter &response);

modules/openapi-generator/src/main/resources/cpp-pistache-server/api-impl-source.mustache

@@ -8,21 +8,140 @@ namespace {{this}} {
 {{/apiNamespaceDeclarations}}
 
 {{#hasModelImport}}
-using namespace {{modelNamespace}};{{/hasModelImport}}
+using namespace {{modelNamespace}};
+{{/hasModelImport}}
 
 {{classname}}Impl::{{classname}}Impl(const std::shared_ptr<Pistache::Rest::Router>& rtr)
     : {{classname}}(rtr)
 {
+    {{#authMethods}}{{#isBasicBasic}}/*
+
+    Http Basic Auth
+    ===============
+
+    Do this in the individual classes in the constructor
+
+    this->setBasicCredentialsAuthenticator(
+        [](HttpBasicCredentials &credentials)->bool
+        {
+            if(credentials.user == "foo" && credentials.password == "bar")
+            {
+
+                const int userIdOfFoo = 66;
+                credentials.userdata = std::unique_ptr<void, std::function<void(void*)>> (
+                    reinterpret_cast<void*>(new int(userIdOfFoo)),
+                    [&](void* ptr)
+                    {
+                        int * value = reinterpret_cast<int*>(ptr);
+                        delete value;
+                    }
+                );
+                return true;
+            }
+            return false;
+        }
+        );
+
+    or in main:
+
+    for (auto api : apiImpls) {
+        api->init();
+
+        api->setBasicCredentialsAuthenticator(
+        []( HttpBasicCredentials &credentials)->bool
+        {
+            if(credentials.user == "foo" && credentials.password == "bar")
+            {
+
+                const int userIdOfFoo = 66;
+                credentials.userdata = std::unique_ptr<void, std::function<void(void*)>> (
+                    reinterpret_cast<void*>(new int(userIdOfFoo)),
+                    [&](void* ptr)
+                    {
+                        int * value = reinterpret_cast<int*>(ptr);
+                        delete value;
+                    }
+                );
+                return true;
+            }
+            return false;
+        }
+        );
+    }
+
+    or a mix.
+
+    Until you do either, protected resources will result in a 401.
+    */{{/isBasicBasic}}
+    {{#isBasicBearer}}/*
+
+    Http Basic Bearer
+    ===============
+
+    Do this in the individual classes in the constructor
+
+    this->setBearerTokenAuthenticator(
+        [](HttpBearerToken &token)->bool
+        {
+            if(token.token == "Zm9vYmFyCg==")
+            {
+                const int userIdOfFoo = 99;
+                token.userdata = std::unique_ptr<void,std::function<void(void*)>>(
+                    reinterpret_cast<void*>(new int(userIdOfFoo)),
+                    [&](void* ptr)
+                    {
+                        int * value = reinterpret_cast<int*>(ptr);
+                        delete value;
+                    }
+                );
+                return true;
+            }
+            return false;
+        }
+        );
+
+    or in main:
+
+    for (auto api : apiImpls) {
+        api->init();
+
+        api->setBearerTokenAuthenticator(
+        [](HttpBearerToken &token)->bool
+        {
+            if(token.token == "Zm9vYmFyCg==")
+            {
+                const int userIdOfFoo = 99;
+                token.userdata = std::unique_ptr<void,std::function<void(void*)>>(
+                    reinterpret_cast<void*>(new int(userIdOfFoo)),
+                    [&](void* ptr)
+                    {
+                        int * value = reinterpret_cast<int*>(ptr);
+                        delete value;
+                    }
+                );
+                return true;
+            }
+            return false;
+        }
+        );
+    }
+
+    or a mix.
+
+    Until you do either, protected resources will result in a 401.
+    */{{/isBasicBearer}}
+    {{/authMethods}}
+
 }
 
 {{#operation}}
 {{#vendorExtensions.x-codegen-pistache-is-parsing-supported}}
-void {{classname}}Impl::{{operationIdSnakeCase}}({{#allParams}}const {{{dataType}}} &{{paramName}}{{^-last}}, {{/-last}}{{/allParams}}{{#hasParams}}, {{/hasParams}}Pistache::Http::ResponseWriter &response) {
+void {{classname}}Impl::{{operationIdSnakeCase}}({{#authMethods}}{{#isBasicBasic}}const HttpBasicCredentials &credentials, {{/isBasicBasic}}{{#isBasicBearer}}const HttpBearerToken &bearerToken, {{/isBasicBearer}}{{/authMethods}}{{#allParams}}const {{{dataType}}} &{{paramName}}{{^-last}}, {{/-last}}{{/allParams}}{{#hasParams}}, {{/hasParams}}Pistache::Http::ResponseWriter &response) {
     response.send(Pistache::Http::Code::Ok, "Do some magic\n");
 }
 {{/vendorExtensions.x-codegen-pistache-is-parsing-supported}}
 {{^vendorExtensions.x-codegen-pistache-is-parsing-supported}}
-void {{classname}}Impl::{{operationIdSnakeCase}}(const Pistache::Rest::Request &request, Pistache::Http::ResponseWriter &response){
+void {{classname}}Impl::{{operationIdSnakeCase}}(const Pistache::Rest::Request &request, Pistache::Http::ResponseWriter &response) {
     response.send(Pistache::Http::Code::Ok, "Do some magic\n");
 }
 {{/vendorExtensions.x-codegen-pistache-is-parsing-supported}}