Namespace reeflogic::commons C++ API Reference
| Header |
Classes |
Functions |
Macros |
reeflogic/commons/authorizer.h |
3 |
0 |
0 |
reeflogic/commons/base64_utility.h |
1 |
0 |
0 |
reeflogic/commons/db_operation_utility.h |
1 |
0 |
0 |
reeflogic/commons/exceptions.h |
21 |
1 |
0 |
reeflogic/commons/grpc_auth_filters.h |
1 |
0 |
0 |
reeflogic/commons/grpc_server_bootstrap.h |
1 |
0 |
0 |
reeflogic/commons/jwt_utility.h |
1 |
0 |
0 |
reeflogic/commons/logger.h |
6 |
0 |
9 |
reeflogic/commons/mlkem.h |
1 |
0 |
0 |
reeflogic/commons/oidc_subject_resolver.h |
1 |
0 |
0 |
reeflogic/commons/oidc_token_validator.h |
1 |
0 |
0 |
reeflogic/commons/openssl_utility.h |
1 |
0 |
0 |
reeflogic/commons/pg_utility.h |
1 |
0 |
0 |
reeflogic/commons/pin_utility.h |
1 |
0 |
0 |
reeflogic/commons/process_context.h |
1 |
0 |
0 |
reeflogic/commons/proto_utility.h |
1 |
0 |
0 |
reeflogic/commons/query_operation.h |
2 |
0 |
0 |
reeflogic/commons/rpc_subject_context.h |
1 |
0 |
0 |
reeflogic/commons/secret_key.h |
1 |
0 |
0 |
reeflogic/commons/server_config_parser.h |
5 |
0 |
0 |
reeflogic/commons/subject.h |
0 |
0 |
0 |
reeflogic/commons/ttl_cache.h |
1 |
0 |
0 |
reeflogic/commons/utility.h |
2 |
10 |
0 |
reeflogic/commons/uuid_validation.h |
0 |
1 |
0 |
Classes
Authorizer
| Public Member Signature |
Description |
Referenced Types |
Authorizer(); |
- |
- |
virtual ~Authorizer(); |
- |
- |
[[nodiscard]] virtual AuthorizationDecision AuthorizeDetailed( const Subject &subject, std::string_view permission_name, std::uint64_t required_mask ) const = 0; |
Evaluates authorization and returns explicit allow/deny details. subject: Authenticated subject bound to current RPC. permission_name: Permission identifier (for example oidc). required_mask: Required CRUDX bitmask. Returns: Decision result with is_allowed flag and deny message. |
- |
AdminAuthorizer
| Public Member Signature |
Description |
Referenced Types |
AdminAuthorizer(); |
Loads global ADMIN AUTHZ role/permission snapshot from PostgreSQL. Snapshot source: - t_roles where tenant_id IS NULL, role = ADMIN, domain = AUTHZ - joined grants from t_role_grants -> t_permission_definitions - grant rows are included only when valid_until IS NULL OR valid_until >= now() Permission rows with identical name are merged with bitwise OR on mask. |
- |
explicit AdminAuthorizer(RolesByUuidMap roles_by_uuid); |
Builds authorizer from explicit role/permission snapshot. Intended for tests and deterministic policy evaluation. |
- |
[[nodiscard]] AuthorizationDecision AuthorizeDetailed( const Subject &subject, std::string_view permission_name, std::uint64_t required_mask ) const override; |
Authorizes using loaded ADMIN role/permission snapshot. Decision rules: - Subject.tenant_id must be empty. - Subject must contain at least one ADMIN role. - At least one subject ADMIN role UUID must exist in loaded DB ADMIN roles. - For matched role, permission_name must exist and include all required_mask bits. Deny-message rules: - Missing permission -> "subject has no permission '<permission_name>'". - Missing CRUDX bits -> "subject has no CRUDX '<crudx>' for permission '<permission_name>' ...". |
- |
AuthorizerFactory
| Public Member Signature |
Description |
Referenced Types |
[[nodiscard]] static std::shared_ptr<const Authorizer> ResolveCachedAuthorizer(const Subject &subject); |
Returns cached authorizer or resolves and caches a new one. subject: Subject used for authorizer-type resolution. Returns: Shared immutable authorizer instance. Throws: AuthorizerResolutionError when no implemented authorizer exists for subject. Throws: ProcessContextError when resolving the selected authorizer requires a process-scoped dependency that has not been initialized. |
- |
static void ClearCache(); |
Clears process-local authorizer cache. Primarily intended for tests. |
- |
Classes
Base64Utility
| Public Member Signature |
Description |
Referenced Types |
[[nodiscard]] static std::string EncodeUrlNoPadding(const ByteArray &input); |
Encodes binary bytes into URL-safe Base64 without = trailers. |
- |
[[nodiscard]] static std::string EncodeUrlNoPadding(std::string_view input); |
Encodes text bytes into URL-safe Base64 without = trailers. |
- |
[[nodiscard]] static ByteArray DecodeUrlNoPadding(std::string_view input); |
Decodes URL-safe Base64 (without = trailers) into raw bytes. Throws: Base64DecodeError on invalid alphabet, invalid length, invalid whitespace/padding, or non-canonical trailing bits. |
- |
[[nodiscard]] static std::string DecodeUrlNoPaddingToString(std::string_view input); |
Decodes URL-safe Base64 into a byte-preserving string. Throws: Base64DecodeError on invalid input (same validation as DecodeUrlNoPadding). |
- |
Classes
DbOperationUtility
| Public Member Signature |
Description |
Referenced Types |
std::function<AdminAuthorizer::RolesByUuidMap(pqxx::read_transaction &)>; |
- |
- |
[[nodiscard]] static LoadAdminAuthorizerRolePermissionsOperation MakeLoadAdminAuthorizerRolePermissionsOperation(); |
Builds operation that loads global ADMIN AUTHZ role/permission snapshot. Query scope: - roles from t_roles where: - tenant_id IS NULL - role = ADMIN - domain = AUTHZ - valid_until IS NULL OR valid_until >= now() - role grants from t_role_grants with: - valid_until IS NULL OR valid_until >= now() - joined permission names and masks from t_permission_definitions and t_role_grants.mask. Roles are included even when they currently have no active grants (LEFT JOIN semantics); in that case permissions_by_name is empty. Permission rows with the same permission name are merged with bitwise OR on mask. Returns: Read operation compatible with PgUtility::ExecuteRead. Throws: DbOperationError on malformed DB rows. |
- |
Classes
ReefLogicLogicError
No public method declarations found.
ReefLogicRuntimeError
No public method declarations found.
EncodingError
No public method declarations found.
Base64DecodeError
No public method declarations found.
CryptoError
No public method declarations found.
OpenSslError
No public method declarations found.
SecretKeyError
No public method declarations found.
MLKEMError
No public method declarations found.
PinGenerationError
No public method declarations found.
BootstrapError
No public method declarations found.
GrpcServerBootstrapError
No public method declarations found.
DatabaseError
No public method declarations found.
PgUtilityError
No public method declarations found.
PgConnectionError
No public method declarations found.
PgQueueError
No public method declarations found.
DbOperationError
No public method declarations found.
ProcessContextError
No public method declarations found.
AuthorizerResolutionError
No public method declarations found.
IdentityProviderError
No public method declarations found.
OidcTokenValidatorError
No public method declarations found.
OidcSubjectResolutionError
No public method declarations found.
Functions
| Signature |
Description |
Referenced Types |
[[nodiscard]] inline std::string FormatErrorMessage(const ErrorCode code, const std::string_view message) { return std::format("<{}> {}", code.ToString(), message); |
- |
- |
Classes
GrpcAuthFilterChain
| Public Member Signature |
Description |
Referenced Types |
[[nodiscard]] static FinalDecision Evaluate(const Options &options, const RequestView &request); |
Runs AuthN then AuthZ for a request and returns the final decision. Evaluation order is always: 1. method scope check 2. AuthN callback (if scoped) 3. AuthZ callback (only when AuthN allowed) options: Filter-chain configuration. request: Request context view. Returns: Final allow/deny outcome with status. |
- |
[[nodiscard]] static std::vector<std::unique_ptr<grpc::experimental::ServerInterceptorFactoryInterface> > BuildServerInterceptorCreators(Options options); |
Builds server interceptor creators for this filter chain. The returned creator list can be plugged directly into: grpc::ServerBuilder::experimental().SetInterceptorCreators(...). options: Filter-chain configuration moved into interceptor state. Returns: Interceptor creator vector. |
- |
[[nodiscard]] static std::optional<std::string> FindClientMetadataValue( const RequestView &request, std::string_view key ); |
Finds a client metadata value by exact key match. Lookup order: 1. request.client_metadata when provided 2. request.server_context->client_metadata() as fallback request: Request view. key: Metadata key (case-sensitive). Returns: Metadata value when found; otherwise std::nullopt. |
- |
Classes
GrpcServerBootstrap
| Public Member Signature |
Description |
Referenced Types |
static std::shared_ptr<grpc::ServerCredentials> BuildCredentialsOrThrow( const GrpcServerConfig &grpc_config ); |
Builds server credentials from configured TLS mode and cert paths. Behavior: - kInsecure => grpc::InsecureServerCredentials() - kTls => one-way TLS with server cert + key - kMutualTls => mTLS with server cert + key + client CA roots grpc_config: Parsed gRPC server config. Returns: Shared credential object for ServerBuilder::AddListeningPort. Throws: GrpcServerBootstrapError when TLS credential files cannot be read. |
- |
static void ConfigureBuilder(const GrpcServerConfig &grpc_config, grpc::ServerBuilder &builder); |
Applies non-service gRPC runtime options to a ServerBuilder. This method configures size limits, resource quota, sync polling options, keepalive, and connection-age arguments. Service registration and listening ports remain caller responsibility. grpc_config: Parsed gRPC server config. builder: Target builder to mutate. |
- |
Classes
JwtUtility
| Public Member Signature |
Description |
Referenced Types |
[[nodiscard]] static bool ValidateWithHmac( std::string_view token, std::string_view shared_secret, std::string_view issuer, std::string_view audience ); |
Validates a JWT signed with HMAC (HS256/HS384/HS512). token: Encoded JWT. shared_secret: Shared HMAC secret. issuer: Expected iss claim value. audience: Expected aud claim value. Returns: true when token signature and required claims are valid. |
- |
[[nodiscard]] static bool ValidateWithPublicKey( std::string_view token, const EVP_PKEY &public_key, std::string_view issuer, std::string_view audience ); |
Validates a JWT signed with an asymmetric key using an OpenSSL key. Supported key families: - RSA (RS*, PS*) - EC (ES256, ES384, ES512, ES256K) - Ed25519 / Ed448 token: Encoded JWT. public_key: OpenSSL public key used to verify signature. issuer: Expected iss claim value. audience: Expected aud claim value. Returns: true when token signature and required claims are valid. |
- |
[[nodiscard]] static std::optional<std::string> CreateSignedEs256Token( std::string_view encrypted_private_key_pem, std::string_view private_key_password, std::string_view issuer, std::string_view audience, std::string_view subject, std::chrono::seconds time_to_live ); |
Creates an ES256-signed JWT using an encrypted EC private key PEM. The generated token always contains: - iss (issuer) - aud (single audience value) - sub (subject) - iat (issued-at) - nbf (not-before, same as issued-at) - exp (expires-at = now + time_to_live) Signing uses JOSE algorithm ES256. encrypted_private_key_pem: EC private key (PKCS#8 PEM), encrypted with private_key_password. private_key_password: Passphrase used to decrypt encrypted_private_key_pem. issuer: Token issuer (iss). audience: Token audience (aud). subject: Token subject (sub). time_to_live: Positive token lifetime duration. Returns: Encoded JWT string when signing succeeds; std::nullopt otherwise. |
- |
[[nodiscard]] static std::optional<RegisteredClaims> ExtractRegisteredClaims(std::string_view token); |
Extracts required registered claims from a JWT. Extraction succeeds only when sub, iss, aud, and iat are all present. token: Encoded JWT. Returns: Parsed claims when decode and required-claim extraction succeed. |
- |
[[nodiscard]] static std::optional<SignatureInput> ExtractSignatureInput(std::string_view token); |
Extracts detached signature inputs from a JWT token. This does not verify claims or signature; it only parses: - alg - signature_data (header.payload) - raw signature bytes token: Encoded JWT. Returns: Parsed signature input when decode succeeds and extracted alg, signature_data, and signature bytes are non-empty. |
- |
[[nodiscard]] static bool IssuerMatches( const RegisteredClaims &claims, std::string_view expected_issuer ); |
Returns whether extracted iss matches expected issuer exactly. |
- |
[[nodiscard]] static bool AudienceMatches( const RegisteredClaims &claims, std::string_view expected_audience ); |
Returns whether expected audience exists in extracted aud values. |
- |
[[nodiscard]] static TimeClaimsCheckResult CheckTimeClaims( const RegisteredClaims &claims, std::chrono::system_clock::time_point now, std::chrono::seconds expiration_leeway ); |
Validates registered time claims against a reference clock value. Rules: - iat must not be in the future. - if nbf exists, now must be >= nbf. - if exp exists, now must be <= exp + expiration_leeway. |
- |
[[nodiscard]] static std::optional<std::string> ExtractSubject(std::string_view token); |
Extracts subject claim (sub) from a JWT token. token: Encoded JWT. Returns: Subject string when available and string-typed; std::nullopt otherwise. |
- |
[[nodiscard]] static std::optional<std::string> ExtractTenantClaim(std::string_view token); |
Extracts tenant claim (urn:reeflogic:tenant) from a JWT token. token: Encoded JWT. Returns: Tenant claim string when available and string-typed; std::nullopt otherwise. |
- |
Classes
LoggerNotInitializedError
| Public Member Signature |
Description |
Referenced Types |
explicit LoggerNotInitializedError(std::string_view message); |
Default code: <002-001-0001>. |
- |
Logger
| Public Member Signature |
Description |
Referenced Types |
static void Initialize(std::string_view file_name); |
Initializes the singleton logger exactly once for the process. Additional calls are ignored after the first successful initialization. file_name: Desired log file name (Unix-like) or event source seed (Windows). Throws: std::exception when sink creation fails. |
- |
static bool IsInitialized() noexcept; |
Returns true when the singleton has been initialized. |
- |
static std::string ActiveLogTarget(); |
Returns the currently active target selected at initialization. On Unix-like systems this is the resolved absolute/relative file path. On Windows this is the Event Log source name. |
- |
static std::string ResolveLogTarget(std::string_view file_name); |
Resolves platform-specific target information from a raw file name. On Unix-like systems this returns <base-path>/<normalized-file>.log. On Windows this returns an Event Log source name. |
- |
static void SetLevel(); |
Sets runtime logging level from REEFLOGIC_LOG_LEVEL. Accepted values are case-insensitive: trace, debug, info, warning, error, critical, off, or the equivalent integer enum value. Missing, empty, or invalid values default to info. |
- |
static void SetLevel(spdlog::level::level_enum level); |
Sets runtime logging level explicitly for the singleton logger. |
- |
static void Flush(); |
Flushes all pending sink buffers. |
- |
static void Debug(spdlog::format_string_t<Args...> format, Args&&... args); |
- |
- |
static void Info(spdlog::format_string_t<Args...> format, Args&&... args); |
- |
- |
static void Warn(spdlog::format_string_t<Args...> format, Args&&... args); |
- |
- |
static void Error(spdlog::format_string_t<Args...> format, Args&&... args); |
- |
- |
static void Critical(spdlog::format_string_t<Args...> format, Args&&... args); |
- |
- |
LoggerInitializeEntryPoint
No public method declarations found.
LoggerSetLevelEntryPoint
No public method declarations found.
LoggerLevelEntryPoint
No public method declarations found.
LoggerGenericEntryPoint
No public method declarations found.
Macros
| Name |
Signature |
Description |
Referenced Types |
REEFLOGIC_LOG_INIT |
REEFLOGIC_LOG_INIT |
Initializes ReefLogic logger once for the current process. This is an object-like macro alias that resolves to a callable C++ wrapper so existing call sites can keep the REEFLOGIC_LOG_INIT(...) syntax without a function-like macro. |
- |
REEFLOGIC_LOG_SET_LEVEL |
REEFLOGIC_LOG_SET_LEVEL |
Applies REEFLOGIC_LOG_LEVEL to the singleton logger. This is an object-like macro alias that resolves to a callable C++ wrapper. |
- |
REEFLOGIC_LOG_TRACE |
REEFLOGIC_LOG_TRACE |
Logs trace-level message. This is an object-like macro alias that resolves to a callable C++ wrapper. |
- |
REEFLOGIC_LOG_DEBUG |
REEFLOGIC_LOG_DEBUG |
Logs debug-level message. This is an object-like macro alias that resolves to a callable C++ wrapper. |
- |
REEFLOGIC_LOG_INFO |
REEFLOGIC_LOG_INFO |
Logs info-level message. This is an object-like macro alias that resolves to a callable C++ wrapper. |
- |
REEFLOGIC_LOG_WARN |
REEFLOGIC_LOG_WARN |
Logs warning-level message. This is an object-like macro alias that resolves to a callable C++ wrapper. |
- |
REEFLOGIC_LOG_ERROR |
REEFLOGIC_LOG_ERROR |
Logs error-level message. This is an object-like macro alias that resolves to a callable C++ wrapper. |
- |
REEFLOGIC_LOG_CRITICAL |
REEFLOGIC_LOG_CRITICAL |
Logs critical-level message. This is an object-like macro alias that resolves to a callable C++ wrapper. |
- |
REEFLOGIC_LOG |
REEFLOGIC_LOG |
Logs message with explicit spdlog::level::level_enum value. This is an object-like macro alias that resolves to a callable C++ wrapper. |
- |
Classes
MLKEM
| Public Member Signature |
Description |
Referenced Types |
static constexpr std::size_t kDefaultKemAlgorithmLength = sizeof(kDefaultKemAlgorithm) - 1U; |
Length of kDefaultKemAlgorithm excluding the trailing null terminator. |
- |
MLKEM(); |
Creates a new in-memory key pair using kDefaultKemAlgorithm. Throws: MLKEMError when key generation fails. |
- |
explicit MLKEM(std::string_view kem_algorithm); |
Creates a new in-memory key pair with a specific KEM name. Example algorithm name: "ML-KEM-768". kem_algorithm: provider algorithm name. Throws: std::invalid_argument when kem_algorithm is empty. Throws: MLKEMError when key generation fails. |
- |
~MLKEM(); |
- |
- |
[[nodiscard]] std::string_view KemAlgorithm() const noexcept; |
Returns the KEM algorithm name used by this instance. |
- |
[[nodiscard]] ByteArray PublicKey() const; |
Returns this instance public key in raw byte form. |
- |
[[nodiscard]] ByteArray PublicKeyDer() const; |
Returns this instance public key as DER-encoded SubjectPublicKeyInfo bytes. This is suitable for transmission over APIs expecting a standard DER public-key representation. Throws: MLKEMError when DER encoding fails. |
- |
[[nodiscard]] ByteArray Decipher(const ByteArray &envelope) const; |
Deciphers an encoded envelope with this instance private key. Thread-safe for concurrent callers. envelope: Encoded bytes from Encipher. Returns: Decrypted payload bytes. Throws: MLKEMError on parse, authentication, or crypto errors. |
- |
[[nodiscard]] std::string DecipherToString(const ByteArray &envelope) const; |
Convenience wrapper returning deciphered payload as string. envelope: Encoded bytes from Encipher. Returns: Decrypted payload interpreted as raw byte string. Throws: MLKEMError on parse, authentication, or crypto errors. |
- |
Classes
OidcSubjectResolver
| Public Member Signature |
Description |
Referenced Types |
[[nodiscard]] static Subject ResolveSubject( pqxx::read_transaction &tx, Scope scope, std::string_view tenant_uuid, std::string_view issuer, std::string_view subject, const std::vector<std::string> &group_references ); |
Resolves a validated OIDC token's group references into a Subject. tx: Read transaction used for t_tenants and t_roles lookups. scope: Active request scope (kAdmin or kTenant). tenant_uuid: Active tenant uuid (tnt-...); required iff scope == kTenant, must be empty iff kAdmin. issuer: JWT iss claim (used to namespace the subject id). subject: JWT sub claim. group_references: Group references read from the OIDC token's group-reference claim (uuid, template_key, or name). Returns: Subject with id = "<iss>\|<sub>", tenant_id set to tenant_uuid when scope is kTenant, and roles populated with resolved t_roles.uuid values. Throws: std::invalid_argument when scope/tenant_uuid are inconsistent, when issuer or subject is empty, or when a kTenant call supplies a tenant_uuid that does not exist in t_tenants. Throws: OidcSubjectResolutionError when an in-scope template_key or name reference matches more than one row. Throws: DbOperationError when t_roles rows violate required invariants (empty uuid or name). |
- |
Classes
OidcTokenValidator
| Public Member Signature |
Description |
Referenced Types |
explicit OidcTokenValidator(Config config); |
Constructs a validator and primes the liboauth2 verify configuration. Throws: std::invalid_argument when issuer or audience is empty, or when the chosen token_mode requires an override URL that is not set. Throws: OidcTokenValidatorError when liboauth2 fails to build the verify configuration (for example a malformed JWKS URI or a oauth2_log_init failure). |
- |
~OidcTokenValidator(); |
- |
- |
[[nodiscard]] std::optional<Claims> ValidateBearerToken(std::string_view token) const; |
Validates a bearer token against the configured provider. Performs the liboauth2 verify call (signature, JWKS lookup, time checks) and additionally enforces: - extracted iss equals Config::issuer - extracted aud contains Config::audience - extracted sub is non-empty All failure modes return std::nullopt. This method does not throw — caller-fixable token state is reported via the optional return, never via exceptions. Thread-safe for concurrent callers; a fresh oauth2_http_request_t is allocated per call so liboauth2 internal request state is not shared. Returns: parsed Claims on success, std::nullopt on any validation failure. |
- |
[[nodiscard]] const Config &GetConfig() const noexcept; |
Returns the configuration this validator was constructed with. Useful for callers that need to log or compare provider settings. |
- |
Classes
OpenSslUtility
| Public Member Signature |
Description |
Referenced Types |
[[nodiscard]] static std::vector<X509CertificatePtr> ParseDerCertificateList( const std::vector<std::string> &der_certificates ); |
Parses DER-encoded certificates into OpenSSL X509 objects. der_certificates: DER-encoded X.509 certificate bytes wrapped in std::string containers. Returns: Parsed X509 certificate list. Throws: std::invalid_argument if any certificate value is empty. Throws: OpenSslError when DER parsing fails. |
- |
[[nodiscard]] static bool VerifyJwtDigitalSignature( std::string_view algorithm, std::string_view signature_data, std::string_view signature_value, const X509 &certificate ); |
Verifies JWT digital signature bytes against one X509 certificate. Signature inputs are detached: - signature_data is base64url(header) + "." + base64url(payload). - signature_value is raw signature bytes (base64url-decoded). Supported algorithm values: - RSA PKCS#1 v1.5: RS256, RS384, RS512 - RSA-PSS: PS256, PS384, PS512 - ECDSA (JOSE raw signature): ES256, ES384, ES512, ES256K - EdDSA: EdDSA Certificate validity period is not checked here; only cryptographic signature verification with the public key is performed. |
- |
[[nodiscard]] static bool VerifyJwtDigitalSignatureAnyCertificate( std::string_view algorithm, std::string_view signature_data, std::string_view signature_value, const std::vector<X509CertificatePtr> &certificates ); |
Verifies JWT digital signature against any certificate in a list. Iterates all certificates and returns true on the first successful verification. |
- |
[[nodiscard]] static SelfSignedEcProfileCertificate GenerateSelfSignedEcP256ProfileCertificate( std::string_view common_name, std::string_view private_key_pin, std::int32_t validity_days = 365 * 3 ); |
Generates a self-signed EC P-256 admin certificate and encrypted private key. Certificate properties: - Key algorithm: EC secp256r1 (prime256v1). - Signature digest: SHA-256. - Subject/issuer CN: common_name. - Validity: current time through validity_days days (default: 3 years). Key output: - Private key is returned in encrypted PKCS#8 PEM form using PBES2. - Preferred protection is scrypt + AES-256-CBC; reduced OpenSSL builds fall back to PBKDF2-HMAC-SHA256 + AES-256-CBC. common_name: Subject CN used for both subject and issuer. private_key_pin: Non-empty PIN/passphrase used to encrypt the private key output. validity_days: Certificate lifetime in days (must be > 0). Returns: Generated certificate/key bundle. Throws: std::invalid_argument on invalid input values. Throws: OpenSslError when OpenSSL generation/export fails. |
- |
[[nodiscard]] static ParsedX509Certificate ParseX509CertificatePemOrDer( std::string_view certificate_bytes ); |
Parses one X.509 certificate from PEM or DER bytes and returns canonical PEM/DER outputs. Input contract: - certificate_bytes must contain exactly one certificate. - PEM bundles or trailing non-whitespace bytes are rejected. certificate_bytes: Raw certificate payload in PEM or DER encoding. Returns: Canonicalized X.509 certificate material. Throws: std::invalid_argument on empty input. Throws: OpenSslError when parsing or normalization fails. |
- |
[[nodiscard]] static bool CertificatesSharePublicKey( std::string_view first_certificate_bytes, std::string_view second_certificate_bytes ); |
Returns whether two PEM/DER X.509 certificates contain the same public key. Both certificate inputs are parsed independently and normalized before public-key comparison. first_certificate_bytes: Raw X.509 certificate bytes in PEM or DER encoding. second_certificate_bytes: Raw X.509 certificate bytes in PEM or DER encoding. Returns: true when both certificates encode the same public key. Throws: std::invalid_argument on empty input. Throws: OpenSslError when parsing or public-key extraction fails. |
- |
[[nodiscard]] static std::string GeneratePkcs10PemCertificateSigningRequest( std::string_view common_name, std::string_view encrypted_private_key_pem, std::string_view private_key_pin, const std::optional<std::string_view> &user_name = std::nullopt, const std::optional<std::string_view> &first_name = std::nullopt, const std::optional<std::string_view> &last_name = std::nullopt, const std::optional<std::string_view> &mail = std::nullopt ); |
Generates one PEM-encoded PKCS#10 certificate signing request from an encrypted local admin key. Subject mapping: - common_name -> CN - user_name -> UID when provided - first_name -> GN when provided - last_name -> SN when provided - mail -> emailAddress when provided The request public key is taken from the decrypted private key and the CSR is signed with SHA-256. common_name: Subject common name for the CSR. encrypted_private_key_pem: PKCS#8 PEM private key encrypted with private_key_pin. private_key_pin: Passphrase used to decrypt encrypted_private_key_pem. user_name: Optional subject UID. first_name: Optional subject given name. last_name: Optional subject surname. mail: Optional subject email address. Returns: PEM-encoded PKCS#10 CSR text. Throws: std::invalid_argument on invalid input values. Throws: OpenSslError when private-key loading or CSR generation fails. |
- |
Classes
PgUtility
| Public Member Signature |
Description |
Referenced Types |
explicit PgUtility(std::string connection_string); |
Number of persistent PostgreSQL client connections. One worker thread is created per connection. Maximum number of queued tasks waiting for an available worker. Submissions beyond this capacity fail immediately. Creates pool connections and launches worker threads using default options. connection_string: libpq connection string used for each pooled connection. Throws: std::invalid_argument on empty connection string or invalid options. Throws: PgConnectionError if any pooled connection cannot be opened. |
- |
explicit PgUtility(std::string connection_string, Options options); |
Creates pool connections and launches worker threads. connection_string: libpq connection string used for each pooled connection. options: Pool sizing options. Throws: std::invalid_argument on empty connection string or invalid options. Throws: PgConnectionError if any pooled connection cannot be opened. |
- |
~PgUtility(); |
Drains queued work and stops worker threads. |
- |
void Shutdown(); |
Stops workers after all queued tasks finish. Safe to call multiple times. |
- |
[[nodiscard]] std::size_t PoolSize() const noexcept; |
Number of persistent connections/workers in this pool. |
- |
[[nodiscard]] std::size_t MaxQueueSize() const noexcept; |
Maximum configured submission queue size. |
- |
auto SubmitWrite(Callback &&callback) -> std::future<std::invoke_result_t<std::decay_t<Callback>, pqxx::work &> >; |
- |
- |
auto SubmitRead(Callback &&callback) -> std::future<std::invoke_result_t<std::decay_t<Callback>, pqxx::read_transaction &> >; |
- |
- |
auto ExecuteWrite(Callback &&callback) -> std::invoke_result_t<std::decay_t<Callback>, pqxx::work &>; |
- |
- |
auto ExecuteRead(Callback &&callback) -> std::invoke_result_t<std::decay_t<Callback>, pqxx::read_transaction &>; |
- |
- |
Classes
PinUtility
| Public Member Signature |
Description |
Referenced Types |
[[nodiscard]] static std::string GenerateUserPin(std::size_t length = kDefaultPinLength); |
Generates a random PIN that satisfies ReefLogic complexity policy. length: Requested PIN length. Must be >= kMinimumPinLength. Returns: Random PIN string. Throws: std::invalid_argument if length is too small. Throws: PinGenerationError if secure random generation fails. |
- |
Classes
ProcessContext
| Public Member Signature |
Description |
Referenced Types |
static void InitializeOpenSslOrThrow(); |
Initializes OpenSSL crypto runtime for the current process. This method is safe to call multiple times and performs initialization only once. Throws: ProcessContextError when OpenSSL initialization fails. |
- |
static MLKEM &GlobalMLKEM(); |
Returns the process-wide ML-KEM singleton. The key pair is generated lazily on first access and remains in memory until process shutdown. |
- |
static SecretKey &GlobalSecretKey( std::string_view secret, std::string_view salt ); |
Returns the process-wide AES-256-GCM SecretKey singleton. The key material inputs are expected to be loaded from server config and passed on first call. The key is derived lazily on first access and stays in memory for the lifetime of the process. secret: PBKDF2 secret (must not be empty). salt: PBKDF2 salt (must not be empty). Throws: ProcessContextError when key derivation fails. |
- |
static SecretKey &GlobalSecretKey(); |
Returns the already initialized process-wide SecretKey. This accessor does not perform initialization. Call GlobalSecretKey(secret, salt) during process startup first. Throws: ProcessContextError when the singleton has not been initialized. |
- |
static PgUtility &GlobalPgUtility(const DatabaseConfig &database_config); |
Returns the process-wide PostgreSQL utility singleton. The pool is initialized lazily on first call using the provided database configuration and remains available until process shutdown. |
- |
static PgUtility &GlobalPgUtility(); |
Returns the already initialized process-wide PostgreSQL utility singleton. This accessor does not perform initialization. Call GlobalPgUtility(database_config) during process startup first. Throws: ProcessContextError when the singleton has not been initialized. |
- |
static void ShutdownGlobalPgUtilityNoThrow() noexcept; |
Best-effort shutdown for the process-wide PostgreSQL utility. This is safe to call multiple times and never throws. It should be invoked during process shutdown to close pooled PostgreSQL connections before process exit. |
- |
Classes
centralizes
| Public Member Signature |
Description |
Referenced Types |
static void SetTimestampFromEpochSeconds( double epoch_seconds, google::protobuf::Timestamp *timestamp ); |
Converts PostgreSQL epoch seconds into protobuf Timestamp. The conversion preserves sub-second precision up to nanoseconds and normalizes negative fractional values into protobuf's (seconds, nanos) representation. epoch_seconds: Seconds since Unix epoch. timestamp: Output timestamp proto to populate. Throws: std::invalid_argument when timestamp is null. |
- |
[[nodiscard]] static double TimestampToEpochSeconds( const google::protobuf::Timestamp ×tamp ); |
Converts protobuf Timestamp into Unix epoch seconds. The returned value preserves nanosecond precision within the limits of double and is suitable for PostgreSQL helpers such as to_timestamp(...). timestamp: Input protobuf timestamp. Returns: Seconds since Unix epoch. |
- |
Classes
QuerySqlRegistry
No public method declarations found.
mirrors
No public method declarations found.
Classes
RpcSubjectContext
| Public Member Signature |
Description |
Referenced Types |
static void Set( const grpc::ServerContextBase *server_context, std::shared_ptr<const Subject> subject ); |
Stores resolved subject for one RPC context. Throws: std::invalid_argument when server_context or subject is null. |
- |
[[nodiscard]] static std::shared_ptr<const Subject> Get(const grpc::ServerContextBase *server_context); |
Returns resolved subject for one RPC context. Returns: Stored subject pointer, or nullptr when not set. |
- |
static void Clear(const grpc::ServerContextBase *server_context); |
Clears stored subject for one RPC context. |
- |
Classes
derives
| Public Member Signature |
Description |
Referenced Types |
SecretKey( std::string_view secret, std::string_view salt, std::uint32_t pbkdf2_iterations = kDefaultPbkdf2Iterations ); |
Derives an AES-256 key from secret and salt. Derivation algorithm: - PBKDF2-HMAC-SHA512 - Output length: 32 bytes (AES-256) secret: High-entropy secret (must not be empty). salt: Stable deployment-specific salt (must not be empty). pbkdf2_iterations: PBKDF2 rounds (must be >= kMinimumPbkdf2Iterations). Throws: std::invalid_argument when inputs are empty or rounds are too low. Throws: SecretKeyError on OpenSSL derivation errors. |
- |
~SecretKey(); |
- |
- |
[[nodiscard]] std::uint32_t Pbkdf2Iterations() const noexcept; |
Returns PBKDF2 iteration count used for this key. |
- |
Classes
GrpcTlsMode
No public method declarations found.
ServerConfigParseError
| Public Member Signature |
Description |
Referenced Types |
explicit ServerConfigParseError(std::string_view message); |
Default code: <002-002-0001>. |
- |
GrpcServerConfigParser
| Public Member Signature |
Description |
Referenced Types |
static GrpcServerConfig ParseFromFile( const std::string &config_file_path, const std::string &grpc_root_path = "grpc" ); |
Parses shared gRPC config from file path and root key. config_file_path: Path to libconfig .conf file. grpc_root_path: Config path to gRPC group (default: "grpc"). |
- |
static GrpcServerConfig ParseFromConfig( const libconfig::Config &config, const std::string &grpc_root_path = "grpc" ); |
Parses shared gRPC config from an already loaded libconfig object. config: Parsed libconfig object. grpc_root_path: Config path to gRPC group (default: "grpc"). |
- |
ReefServerConfigParser
| Public Member Signature |
Description |
Referenced Types |
static ReefServerConfig ParseFromFile(const std::string &config_file_path); |
Parses 03_server config from file. Expected gRPC key priority: server.grpc, then grpc. |
- |
static ReefServerConfig ParseFromConfig(const libconfig::Config &config); |
Parses 03_server config from loaded libconfig object. Expected gRPC key priority: server.grpc, then grpc. |
- |
ReefServerAdminConfigParser
| Public Member Signature |
Description |
Referenced Types |
static ReefServerAdminConfig ParseFromFile(const std::string &config_file_path); |
Parses 05_server_admin config from file. Expected gRPC key priority: server_admin.grpc, admin.grpc, then grpc. |
- |
static ReefServerAdminConfig ParseFromConfig(const libconfig::Config &config); |
Parses 05_server_admin config from loaded libconfig object. Expected gRPC key priority: server_admin.grpc, admin.grpc, then grpc. |
- |
Classes
TtlCache
| Public Member Signature |
Description |
Referenced Types |
static constexpr std::size_t kAutoPruneDisabled = std::numeric_limits<std::size_t>::max(); |
Sentinel used by the auto-prune defaults to disable the size-bounded pruning behaviour. |
- |
explicit TtlCache(const Duration default_ttl); |
Constructs a cache with a default entry TTL. Auto-prune is disabled in this overload: Put/PutShared only insert and never call PruneExpired(). Callers that need a size-bounded cache must use the four-argument constructor. default_ttl: Default TTL used by Put/PutShared overloads without explicit TTL. Throws: std::invalid_argument when default_ttl <= 0. |
- |
TtlCache(const Duration default_ttl, const std::size_t prune_high_water_mark); |
Constructs a size-bounded cache with auto-prune-on-insert. Whenever a Put/PutShared brings the entry count above prune_high_water_mark, the cache runs PruneExpired() under the same lock to drop expired entries. The threshold is a soft ceiling: if the live working set itself exceeds the high water mark the cache keeps growing, but in that case the operator has misconfigured the bound and should raise it. Setting prune_high_water_mark to kAutoPruneDisabled produces the same behaviour as the single-argument constructor. default_ttl: Default TTL used by Put/PutShared overloads without explicit TTL. prune_high_water_mark: Entry count above which Put/ PutShared auto-prunes expired entries. Use kAutoPruneDisabled to turn the behaviour off. Throws: std::invalid_argument when default_ttl <= 0 or prune_high_water_mark == 0. |
- |
~TtlCache(); |
- |
- |
[[nodiscard]] Duration DefaultTtl() const; |
Returns the configured default TTL. |
- |
[[nodiscard]] ValuePtr Get(const Key &key); |
Reads a cache entry by key. Expired entries are deleted before returning. key: Cache key. Returns: Cached value pointer when found and not expired; nullptr otherwise. |
- |
void PutShared( Key key, ValuePtr value ); |
Inserts or replaces an entry using the default TTL. key: Cache key. value: Shared immutable value pointer. Throws: std::invalid_argument when value is null. |
- |
void PutShared( Key key, ValuePtr value, const Duration ttl ); |
Inserts or replaces an entry using an explicit TTL. key: Cache key. value: Shared immutable value pointer. ttl: Entry TTL. Throws: std::invalid_argument when value is null or ttl <= 0. |
- |
Classes
SensitiveClearGuard
No public method declarations found.
exposes
| Public Member Signature |
Description |
Referenced Types |
[[nodiscard]] static BuildVersion Version() noexcept; |
Returns structured ReefLogic semantic version and Git metadata. Callers that need machine-readable version fields should use this API instead of parsing the human-readable BuildInfo() string. Returns: Structured semantic version and Git commit hash metadata. |
- |
static std::string BuildInfo(); |
Builds the ReefLogic build identifier string. Current format: ReefLogic version <major.minor.patch> (commit <hash>) The semantic version and commit hash come from the same structured build metadata returned by Version(). Returns: Build identifier string for startup/system diagnostics. |
- |
static std::string TruncateWithEllipsis(const char *text, std::size_t max_length = 50); |
- |
- |
static std::string TruncateWithEllipsis(const std::string &text, std::size_t max_length = 50); |
- |
- |
static reeflogic::common::v1::GeoPoint MakeGeoPoint(double latitude, double longitude); |
Creates a protobuf GeoPoint from latitude and longitude values. latitude: Geographic latitude value. longitude: Geographic longitude value. Returns: Protobuf reeflogic::common::v1::GeoPoint with both fields set. |
reeflogic::common::v1::GeoPoint |
Functions
| Signature |
Description |
Referenced Types |
inline void ReportSuppressedUtilityException( const std::string_view context, const std::exception &error ) noexcept { std::cerr << context << ": " << error.what() << '\n'; |
- |
- |
inline void ReportSuppressedUtilityException(const std::string_view context) noexcept { std::cerr << context << ": unknown exception" << '\n'; |
- |
- |
buffer.data(); |
- |
- |
buffer.clear(); |
- |
- |
buffer.shrink_to_fit(); |
- |
- |
void ClearSensitive(Buffer &buffer) noexcept { static_cast<void>(std::ranges::fill(buffer, typename Buffer::value_type{})); |
- |
- |
buffer.clear(); |
- |
- |
try { buffer.shrink_to_fit(); |
- |
- |
} catch (const std::exception &error) { detail::ReportSuppressedUtilityException( "Failed to release sensitive buffer capacity during ClearSensitive", error ); |
- |
- |
} catch (...) { detail::ReportSuppressedUtilityException( "Failed to release sensitive buffer capacity during ClearSensitive" ); |
- |
- |
Functions
| Signature |
Description |
Referenced Types |
[[nodiscard]] constexpr bool IsCanonicalUuid(const std::string_view candidate) noexcept { constexpr std::size_t kCanonicalUuidLength = 36U; |
Strict canonical-form UUID check (xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx). Returns true only when @p candidate has the exact 36-character 8-4-4-4-12 hex layout. Hex digits are accepted in both upper and lower case. The check is intentionally version- / variant-agnostic (it does not look at the version nibble or the variant bits) so it stays compatible with any UUID version produced by the schema or by external systems. Use this at the application boundary to reject unbounded client- supplied UUID strings before they reach SQL builders, primary-key lookups, or any other path that would otherwise scale work with input size. candidate: Caller-supplied string. Returns: true when @p candidate is exactly 36 chars in canonical 8-4-4-4-12 hex form; false otherwise. |
- |