Google APIs Client Library for C++
Public Member Functions | Static Public Member Functions
FileCredentialStoreFactory Class Reference
Auth Support - Generic Components

A concrete CredentialStore that writes to files. More...

#include "client/auth/file_credential_store.h"

+ Inheritance diagram for FileCredentialStoreFactory:

List of all members.

Public Member Functions

 FileCredentialStoreFactory (const StringPiece &root_path)
 Standard constructor.
 ~FileCredentialStoreFactory ()
 Standard destructor.
const string & root_path () const
 Returns the root path the store was constructed with.
virtual CredentialStoreNewCredentialStore (const string &client_id, util::Status *status) const
 Creates a new store for the given client id.

Static Public Member Functions

static util::Status GetSystemHomeDirectoryStorePath (string *path)
 Returns the path in the $HOME directory for the googleapis store.

Detailed Description

A concrete CredentialStore that writes to files.

Stores credentials as individual files using the user_name name. The root_path is the root directory of the store. It must be user-read/writable only. If the path does not exist, then it will be created with user-only read/write/examine permissions.

Note:
The store is in the structure [root]/[user name]/[client id] which is not quite how the API feels but might make more sense to manage.
Warning:
This factory stores plain text files to the given path. It only permits user read/write permissions on the files and directories, however is still dangerous because if the files are compramised, the refresh tokens will be insecure.
You can encrypt/decrypt the files by binding an CodecFactory that performs encryption/decryption to this factory. However, such a factory is not included with the SDK at this time. You will need to write one yourself.
The user_name used here is not verified in any way. It corresponds to the cloud user, not the user on the local device. A given device user may have multiple cloud user names. The expectation is that the provided user_name is the cloud name, but it is not enforced. This could lead to accidents if the files are compramised or the program provides a name to the store different than the name with which it received the credentials being stored.
See also:
Codec

Constructor & Destructor Documentation

FileCredentialStoreFactory ( const StringPiece &  root_path) [explicit]

Standard constructor.

Parameters:
[in]root_pathIt is expected, but not required, that root_path is the result of GetSystemHomeDirectoryStorePath().
~FileCredentialStoreFactory ( )

Standard destructor.

Member Function Documentation

static util::Status GetSystemHomeDirectoryStorePath ( string *  path) [static]

Returns the path in the $HOME directory for the googleapis store.

This user is the local OS user, not the googleapis cloud user. The cloud user data will be stored within this local OS user.

Parameters:
[out]pathThe home directory path for storing credentials.
Returns:
ok or reason for directory could not be determined.
virtual CredentialStore* NewCredentialStore ( const string &  client_id,
util::Status status 
) const [virtual]

Creates a new store for the given client id.

Parameters:
[in]client_idThe client this store is for is used as the filename.
[out]statusSet witth the reason for failure if NULL is returned.
Returns:
NULL is returned on failure.

Implements CredentialStoreFactory.

const string& root_path ( ) const [inline]

Returns the root path the store was constructed with.

The documentation for this class was generated from the following file:
 All Classes Namespaces Files Functions Variables Typedefs Enumerations Enumerator Friends Defines