1 // Copyright (c) 2023 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef QUICHE_BLIND_SIGN_AUTH_BLIND_SIGN_AUTH_INTERFACE_H_ 6 #define QUICHE_BLIND_SIGN_AUTH_BLIND_SIGN_AUTH_INTERFACE_H_ 7 8 #include <optional> 9 #include <string> 10 11 #include "absl/status/statusor.h" 12 #include "absl/time/time.h" 13 #include "absl/types/span.h" 14 #include "quiche/common/platform/api/quiche_export.h" 15 #include "quiche/common/quiche_callbacks.h" 16 17 namespace quiche { 18 19 // ProxyLayer indicates which proxy layer that tokens will be used with. 20 enum class ProxyLayer : int { 21 kProxyA, 22 kProxyB, 23 }; 24 25 // A BlindSignToken is used to authenticate a request to a privacy proxy. 26 // The token string contains a serialized SpendTokenData proto. 27 // The token cannot be successfully redeemed after the expiration time. 28 struct QUICHE_EXPORT BlindSignToken { 29 std::string token; 30 absl::Time expiration; 31 }; 32 33 using SignedTokenCallback = 34 SingleUseCallback<void(absl::StatusOr<absl::Span<BlindSignToken>>)>; 35 36 // BlindSignAuth provides signed, unblinded tokens to callers. 37 class QUICHE_EXPORT BlindSignAuthInterface { 38 public: 39 virtual ~BlindSignAuthInterface() = default; 40 41 // Returns signed unblinded tokens in a callback. Tokens are single-use. 42 virtual void GetTokens(std::optional<std::string> oauth_token, int num_tokens, 43 ProxyLayer proxy_layer, 44 SignedTokenCallback callback) = 0; 45 }; 46 47 } // namespace quiche 48 49 #endif // QUICHE_BLIND_SIGN_AUTH_BLIND_SIGN_AUTH_INTERFACE_H_ 50