blob: 81b2fd38703d89b34a576d31cf87c61c7f53049c [file] [log] [blame]
// Copyright (c) 2023 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef QUICHE_BLIND_SIGN_AUTH_BLIND_SIGN_AUTH_INTERFACE_H_
#define QUICHE_BLIND_SIGN_AUTH_BLIND_SIGN_AUTH_INTERFACE_H_
#include <string>
#include "absl/status/statusor.h"
#include "absl/time/time.h"
#include "absl/types/span.h"
#include "quiche/common/platform/api/quiche_export.h"
#include "quiche/common/quiche_callbacks.h"
namespace quiche {
// ProxyLayer indicates which proxy layer that tokens will be used with.
enum class ProxyLayer : int {
kProxyA,
kProxyB,
};
// A BlindSignToken is used to authenticate a request to a privacy proxy.
// The token string contains a serialized SpendTokenData proto.
// The token cannot be successfully redeemed after the expiration time.
struct QUICHE_EXPORT BlindSignToken {
std::string token;
absl::Time expiration;
};
using SignedTokenCallback =
SingleUseCallback<void(absl::StatusOr<absl::Span<BlindSignToken>>)>;
// BlindSignAuth provides signed, unblinded tokens to callers.
class QUICHE_EXPORT BlindSignAuthInterface {
public:
virtual ~BlindSignAuthInterface() = default;
// Returns signed unblinded tokens in a callback. Tokens are single-use.
virtual void GetTokens(std::string oauth_token, int num_tokens,
ProxyLayer proxy_layer,
SignedTokenCallback callback) = 0;
};
} // namespace quiche
#endif // QUICHE_BLIND_SIGN_AUTH_BLIND_SIGN_AUTH_INTERFACE_H_