Skip to main content

typedb_driver/connection/
credential.rs

1/*
2 * Licensed to the Apache Software Foundation (ASF) under one
3 * or more contributor license agreements.  See the NOTICE file
4 * distributed with this work for additional information
5 * regarding copyright ownership.  The ASF licenses this file
6 * to you under the Apache License, Version 2.0 (the
7 * "License"); you may not use this file except in compliance
8 * with the License.  You may obtain a copy of the License at
9 *
10 *   http://www.apache.org/licenses/LICENSE-2.0
11 *
12 * Unless required by applicable law or agreed to in writing,
13 * software distributed under the License is distributed on an
14 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15 * KIND, either express or implied.  See the License for the
16 * specific language governing permissions and limitations
17 * under the License.
18 */
19
20use std::{fmt, fs, path::Path};
21
22use tonic::transport::{Certificate, ClientTlsConfig};
23
24use crate::Result;
25
26/// User credentials and TLS encryption settings for connecting to TypeDB Cloud.
27#[derive(Clone)]
28pub struct Credential {
29    username: String,
30    password: String,
31    is_tls_enabled: bool,
32    tls_config: Option<ClientTlsConfig>,
33}
34
35/// User credentials and TLS encryption settings for connecting to TypeDB Cloud.
36impl Credential {
37    /// Creates a credential with username and password. Specifies the connection must use TLS
38    ///
39    /// # Arguments
40    ///
41    /// * `username` --  The name of the user to connect as
42    /// * `password` -- The password for the user
43    /// * `tls_root_ca` -- Path to the CA certificate to use for authenticating server certificates.
44    ///
45    /// # Examples
46    ///
47    /// ```rust
48    /// Credential::with_tls(username, password, Some(&path_to_ca));
49    ///```
50    pub fn with_tls(username: &str, password: &str, tls_root_ca: Option<&Path>) -> Result<Self> {
51        let tls_config = Some(if let Some(tls_root_ca) = tls_root_ca {
52            ClientTlsConfig::new().ca_certificate(Certificate::from_pem(fs::read_to_string(tls_root_ca)?))
53        } else {
54            ClientTlsConfig::new()
55        });
56
57        Ok(Self { username: username.to_owned(), password: password.to_owned(), is_tls_enabled: true, tls_config })
58    }
59
60    /// Creates a credential with username and password. The connection will not use TLS
61    ///
62    /// # Arguments
63    ///
64    /// * `username` --  The name of the user to connect as
65    /// * `password` -- The password for the user
66    ///
67    /// # Examples
68    ///
69    /// ```rust
70    /// Credential::without_tls(username, password);
71    ///```
72    pub fn without_tls(username: &str, password: &str) -> Self {
73        Self { username: username.to_owned(), password: password.to_owned(), is_tls_enabled: false, tls_config: None }
74    }
75
76    /// Retrieves the username used.
77    pub fn username(&self) -> &str {
78        &self.username
79    }
80
81    /// Retrieves the password used.
82    pub fn password(&self) -> &str {
83        &self.password
84    }
85
86    /// Retrieves whether TLS is enabled for the connection.
87    pub fn is_tls_enabled(&self) -> bool {
88        self.is_tls_enabled
89    }
90
91    pub fn tls_config(&self) -> &Option<ClientTlsConfig> {
92        &self.tls_config
93    }
94}
95
96impl fmt::Debug for Credential {
97    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
98        f.debug_struct("Credential")
99            .field("username", &self.username)
100            .field("is_tls_enabled", &self.is_tls_enabled)
101            .field("tls_config", &self.tls_config)
102            .finish()
103    }
104}