aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorGravatar Jan Tattermusch <jtattermusch@google.com>2015-10-08 18:40:00 -0700
committerGravatar Jan Tattermusch <jtattermusch@google.com>2015-10-12 17:55:02 -0700
commit18729a05e59c93eb258eb0a72cf2af4c22b28041 (patch)
tree114b294c6cfe7898d072998b005768000deef261
parent9f06aba55c7c07d21055f3620e48885566f9e47b (diff)
Polishing of C# auth API
Diffstat
-rw-r--r--src/csharp/Grpc.Auth/GoogleAuthInterceptors.cs (renamed from src/csharp/Grpc.Auth/AuthInterceptors.cs)6
-rw-r--r--src/csharp/Grpc.Auth/GoogleGrpcCredentials.cs (renamed from src/csharp/Grpc.Auth/GrpcCredentials.cs)57
-rw-r--r--src/csharp/Grpc.Auth/Grpc.Auth.csproj4
-rw-r--r--src/csharp/Grpc.Core.Tests/CallCredentialsTest.cs4
-rw-r--r--src/csharp/Grpc.Core.Tests/ChannelCredentialsTest.cs6
-rw-r--r--src/csharp/Grpc.Core/CallCredentials.cs30
-rw-r--r--src/csharp/Grpc.Core/ChannelCredentials.cs33
-rw-r--r--src/csharp/Grpc.IntegrationTesting/InteropClient.cs8
-rw-r--r--src/csharp/Grpc.IntegrationTesting/MetadataCredentialsTest.cs2
9 files changed, 62 insertions, 88 deletions
diff --git a/src/csharp/Grpc.Auth/AuthInterceptors.cs b/src/csharp/Grpc.Auth/GoogleAuthInterceptors.cs
index fa92566775..1c14c5bb5b 100644
--- a/src/csharp/Grpc.Auth/AuthInterceptors.cs
+++ b/src/csharp/Grpc.Auth/GoogleAuthInterceptors.cs
@@ -41,10 +41,10 @@ using Grpc.Core.Utils;
namespace Grpc.Auth
{
/// <summary>
- /// Factory methods to create authorization interceptors.
- /// <seealso cref="GrpcCredentials"/>
+ /// Factory methods to create authorization interceptors for Google credentials.
+ /// <seealso cref="GoogleGrpcCredentials"/>
/// </summary>
- public static class AuthInterceptors
+ public static class GoogleAuthInterceptors
{
private const string AuthorizationHeader = "Authorization";
private const string Schema = "Bearer";
diff --git a/src/csharp/Grpc.Auth/GrpcCredentials.cs b/src/csharp/Grpc.Auth/GoogleGrpcCredentials.cs
index d8b10804c6..a1e7db13bd 100644
--- a/src/csharp/Grpc.Auth/GrpcCredentials.cs
+++ b/src/csharp/Grpc.Auth/GoogleGrpcCredentials.cs
@@ -33,6 +33,7 @@
using System;
using System.Threading;
+using System.Threading.Tasks;
using Google.Apis.Auth.OAuth2;
using Grpc.Core;
@@ -41,53 +42,55 @@ using Grpc.Core.Utils;
namespace Grpc.Auth
{
/// <summary>
- /// Factory methods to create instances of <see cref="ChannelCredentials"/> and <see cref="CallCredentials"/> classes.
+ /// Factory/extension methods to create instances of <see cref="ChannelCredentials"/> and <see cref="CallCredentials"/> classes
+ /// based on credential objects originating from Google auth library.
/// </summary>
- public static class GrpcCredentials
+ public static class GoogleGrpcCredentials
{
/// <summary>
- /// Creates a <see cref="MetadataCredentials"/> instance that will obtain access tokens
- /// from any credential that implements <c>ITokenAccess</c>. (e.g. <c>GoogleCredential</c>).
+ /// Retrieves an instance of Google's Application Default Credentials using
+ /// <c>GoogleCredential.GetApplicationDefaultAsync()</c> and converts them
+ /// into a gRPC <see cref="ChannelCredentials"/> that use the default SSL credentials.
/// </summary>
- /// <param name="credential">The credential to use to obtain access tokens.</param>
- /// <returns>The <c>MetadataCredentials</c> instance.</returns>
- public static MetadataCredentials Create(ITokenAccess credential)
+ /// <returns>The <c>ChannelCredentials</c> instance.</returns>
+ public static async Task<ChannelCredentials> GetApplicationDefaultAsync()
{
- return new MetadataCredentials(AuthInterceptors.FromCredential(credential));
+ var googleCredential = await GoogleCredential.GetApplicationDefaultAsync().ConfigureAwait(false);
+ return googleCredential.ToChannelCredentials();
}
/// <summary>
- /// Convenience method to create a <see cref="ChannelCredentials"/> instance from
- /// <c>ITokenAccess</c> credential and <c>SslCredentials</c> instance.
+ /// Creates an instance of <see cref="CallCredentials"/> that will use given access token to authenticate
+ /// with a gRPC service.
/// </summary>
- /// <param name="credential">The credential to use to obtain access tokens.</param>
- /// <param name="sslCredentials">The <c>SslCredentials</c> instance.</param>
- /// <returns>The channel credentials for access token based auth over a secure channel.</returns>
- public static ChannelCredentials Create(ITokenAccess credential, SslCredentials sslCredentials)
+ /// <param name="accessToken">OAuth2 access token.</param>
+ /// /// <returns>The <c>MetadataCredentials</c> instance.</returns>
+ public static CallCredentials FromAccessToken(string accessToken)
{
- return ChannelCredentials.Create(sslCredentials, Create(credential));
+ return CallCredentials.FromInterceptor(GoogleAuthInterceptors.FromAccessToken(accessToken));
}
/// <summary>
- /// Creates an instance of <see cref="MetadataCredentials"/> that will use given access token to authenticate
- /// with a gRPC service.
+ /// Converts a <c>ITokenAccess</c> (e.g. <c>GoogleCredential</c>) object
+ /// into a gRPC <see cref="CallCredentials"/> object.
/// </summary>
- /// <param name="accessToken">OAuth2 access token.</param>
- /// /// <returns>The <c>MetadataCredentials</c> instance.</returns>
- public static MetadataCredentials FromAccessToken(string accessToken)
+ /// <param name="credential">The credential to use to obtain access tokens.</param>
+ /// <returns>The <c>CallCredentials</c> instance.</returns>
+ public static CallCredentials ToCallCredentials(this ITokenAccess credential)
{
- return new MetadataCredentials(AuthInterceptors.FromAccessToken(accessToken));
+ return CallCredentials.FromInterceptor(GoogleAuthInterceptors.FromCredential(credential));
}
/// <summary>
- /// Converts a <c>ITokenAccess</c> object into a <see cref="MetadataCredentials"/> object supported
- /// by gRPC.
+ /// Converts a <c>ITokenAccess</c> (e.g. <c>GoogleCredential</c>) object
+ /// into a gRPC <see cref="ChannelCredentials"/> object.
+ /// Default SSL credentials are used.
/// </summary>
- /// <param name="credential"></param>
- /// <returns></returns>
- public static MetadataCredentials ToGrpcCredentials(this ITokenAccess credential)
+ /// <param name="googleCredential">The credential to use to obtain access tokens.</param>
+ /// <returns>>The <c>ChannelCredentials</c> instance.</returns>
+ public static ChannelCredentials ToChannelCredentials(this ITokenAccess googleCredential)
{
- return GrpcCredentials.Create(credential);
+ return ChannelCredentials.Create(new SslCredentials(), googleCredential.ToCallCredentials());
}
}
}
diff --git a/src/csharp/Grpc.Auth/Grpc.Auth.csproj b/src/csharp/Grpc.Auth/Grpc.Auth.csproj
index 80ab07d2ae..55bde6e194 100644
--- a/src/csharp/Grpc.Auth/Grpc.Auth.csproj
+++ b/src/csharp/Grpc.Auth/Grpc.Auth.csproj
@@ -78,9 +78,9 @@
<Compile Include="..\Grpc.Core\Version.cs">
<Link>Version.cs</Link>
</Compile>
- <Compile Include="GrpcCredentials.cs" />
+ <Compile Include="GoogleGrpcCredentials.cs" />
<Compile Include="Properties\AssemblyInfo.cs" />
- <Compile Include="AuthInterceptors.cs" />
+ <Compile Include="GoogleAuthInterceptors.cs" />
</ItemGroup>
<Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" />
<ItemGroup>
diff --git a/src/csharp/Grpc.Core.Tests/CallCredentialsTest.cs b/src/csharp/Grpc.Core.Tests/CallCredentialsTest.cs
index 451963229a..82f881969e 100644
--- a/src/csharp/Grpc.Core.Tests/CallCredentialsTest.cs
+++ b/src/csharp/Grpc.Core.Tests/CallCredentialsTest.cs
@@ -55,8 +55,8 @@ namespace Grpc.Core.Tests
public void CallCredentials_ToNativeCredentials()
{
var composite = CallCredentials.Compose(
- new MetadataCredentials(async (uri, m) => { await Task.Delay(1); }),
- new MetadataCredentials(async (uri, m) => { await Task.Delay(2); }));
+ CallCredentials.FromInterceptor(async (uri, m) => { await Task.Delay(1); }),
+ CallCredentials.FromInterceptor(async (uri, m) => { await Task.Delay(2); }));
using (var nativeComposite = composite.ToNativeCredentials())
{
}
diff --git a/src/csharp/Grpc.Core.Tests/ChannelCredentialsTest.cs b/src/csharp/Grpc.Core.Tests/ChannelCredentialsTest.cs
index 489bf38575..d5315ed39b 100644
--- a/src/csharp/Grpc.Core.Tests/ChannelCredentialsTest.cs
+++ b/src/csharp/Grpc.Core.Tests/ChannelCredentialsTest.cs
@@ -63,11 +63,5 @@ namespace Grpc.Core.Tests
// forbid composing non-composable
Assert.Throws(typeof(ArgumentException), () => ChannelCredentials.Create(new FakeChannelCredentials(false), new FakeCallCredentials()));
}
-
- [Test]
- public void ChannelCredentials_CreateWrapped()
- {
- ChannelCredentials.Create(new FakeCallCredentials());
- }
}
}
diff --git a/src/csharp/Grpc.Core/CallCredentials.cs b/src/csharp/Grpc.Core/CallCredentials.cs
index 809c9f412d..400a9825de 100644
--- a/src/csharp/Grpc.Core/CallCredentials.cs
+++ b/src/csharp/Grpc.Core/CallCredentials.cs
@@ -41,6 +41,14 @@ using Grpc.Core.Utils;
namespace Grpc.Core
{
/// <summary>
+ /// Asynchronous authentication interceptor for <see cref="CallCredentials"/>.
+ /// </summary>
+ /// <param name="authUri">URL of a service to which current remote call needs to authenticate</param>
+ /// <param name="metadata">Metadata to populate with entries that will be added to outgoing call's headers.</param>
+ /// <returns></returns>
+ public delegate Task AsyncAuthInterceptor(string authUri, Metadata metadata);
+
+ /// <summary>
/// Client-side call credentials. Provide authorization with per-call granularity.
/// </summary>
public abstract class CallCredentials
@@ -57,6 +65,16 @@ namespace Grpc.Core
}
/// <summary>
+ /// Creates a new instance of <c>CallCredentials</c> class from an
+ /// interceptor that can attach metadata to outgoing calls.
+ /// </summary>
+ /// <param name="interceptor">authentication interceptor</param>
+ public static CallCredentials FromInterceptor(AsyncAuthInterceptor interceptor)
+ {
+ return new MetadataCredentials(interceptor);
+ }
+
+ /// <summary>
/// Creates native object for the credentials.
/// </summary>
/// <returns>The native credentials.</returns>
@@ -64,18 +82,10 @@ namespace Grpc.Core
}
/// <summary>
- /// Asynchronous authentication interceptor for <see cref="MetadataCredentials"/>.
- /// </summary>
- /// <param name="authUri">URL of a service to which current remote call needs to authenticate</param>
- /// <param name="metadata">Metadata to populate with entries that will be added to outgoing call's headers.</param>
- /// <returns></returns>
- public delegate Task AsyncAuthInterceptor(string authUri, Metadata metadata);
-
- /// <summary>
/// Client-side credentials that delegate metadata based auth to an interceptor.
/// The interceptor is automatically invoked for each remote call that uses <c>MetadataCredentials.</c>
/// </summary>
- public class MetadataCredentials : CallCredentials
+ internal sealed class MetadataCredentials : CallCredentials
{
readonly AsyncAuthInterceptor interceptor;
@@ -85,7 +95,7 @@ namespace Grpc.Core
/// <param name="interceptor">authentication interceptor</param>
public MetadataCredentials(AsyncAuthInterceptor interceptor)
{
- this.interceptor = interceptor;
+ this.interceptor = Preconditions.CheckNotNull(interceptor);
}
internal override CredentialsSafeHandle ToNativeCredentials()
diff --git a/src/csharp/Grpc.Core/ChannelCredentials.cs b/src/csharp/Grpc.Core/ChannelCredentials.cs
index 599674e02b..9d2bcdabe8 100644
--- a/src/csharp/Grpc.Core/ChannelCredentials.cs
+++ b/src/csharp/Grpc.Core/ChannelCredentials.cs
@@ -72,17 +72,6 @@ namespace Grpc.Core
}
/// <summary>
- /// Creates a new instance of <c>ChannelCredentials</c> by wrapping
- /// an instance of <c>CallCredentials</c>.
- /// </summary>
- /// <param name="callCredentials">Call credentials.</param>
- /// <returns>The <c>ChannelCredentials</c> wrapping given call credentials.</returns>
- public static ChannelCredentials Create(CallCredentials callCredentials)
- {
- return new WrappedCallCredentials(callCredentials);
- }
-
- /// <summary>
/// Creates native object for the credentials. May return null if insecure channel
/// should be created.
/// </summary>
@@ -213,26 +202,4 @@ namespace Grpc.Core
}
}
}
-
- /// <summary>
- /// Credentials wrapping <see cref="CallCredentials"/> as <see cref="ChannelCredentials"/>.
- /// </summary>
- internal sealed class WrappedCallCredentials : ChannelCredentials
- {
- readonly CallCredentials callCredentials;
-
- /// <summary>
- /// Wraps instance of <c>CallCredentials</c> as <c>ChannelCredentials</c>.
- /// </summary>
- /// <param name="callCredentials">credentials to wrap</param>
- public WrappedCallCredentials(CallCredentials callCredentials)
- {
- this.callCredentials = Preconditions.CheckNotNull(callCredentials);
- }
-
- internal override CredentialsSafeHandle ToNativeCredentials()
- {
- return callCredentials.ToNativeCredentials();
- }
- }
}
diff --git a/src/csharp/Grpc.IntegrationTesting/InteropClient.cs b/src/csharp/Grpc.IntegrationTesting/InteropClient.cs
index cb50b44841..030a098cad 100644
--- a/src/csharp/Grpc.IntegrationTesting/InteropClient.cs
+++ b/src/csharp/Grpc.IntegrationTesting/InteropClient.cs
@@ -143,14 +143,14 @@ namespace Grpc.IntegrationTesting
{
var googleCredential = await GoogleCredential.GetApplicationDefaultAsync();
Assert.IsTrue(googleCredential.IsCreateScopedRequired);
- credentials = ChannelCredentials.Create(credentials, googleCredential.ToGrpcCredentials());
+ credentials = ChannelCredentials.Create(credentials, googleCredential.ToCallCredentials());
}
if (options.TestCase == "compute_engine_creds")
{
var googleCredential = await GoogleCredential.GetApplicationDefaultAsync();
Assert.IsFalse(googleCredential.IsCreateScopedRequired);
- credentials = ChannelCredentials.Create(credentials, googleCredential.ToGrpcCredentials());
+ credentials = ChannelCredentials.Create(credentials, googleCredential.ToCallCredentials());
}
return credentials;
}
@@ -392,7 +392,7 @@ namespace Grpc.IntegrationTesting
ITokenAccess credential = (await GoogleCredential.GetApplicationDefaultAsync()).CreateScoped(new[] { oauthScope });
string oauth2Token = await credential.GetAccessTokenForRequestAsync();
- var credentials = GrpcCredentials.FromAccessToken(oauth2Token);
+ var credentials = GoogleGrpcCredentials.FromAccessToken(oauth2Token);
var request = new SimpleRequest
{
FillUsername = true,
@@ -412,7 +412,7 @@ namespace Grpc.IntegrationTesting
Console.WriteLine("running per_rpc_creds");
ITokenAccess googleCredential = await GoogleCredential.GetApplicationDefaultAsync();
- var credentials = GrpcCredentials.Create(googleCredential);
+ var credentials = googleCredential.ToCallCredentials();
var request = new SimpleRequest
{
FillUsername = true,
diff --git a/src/csharp/Grpc.IntegrationTesting/MetadataCredentialsTest.cs b/src/csharp/Grpc.IntegrationTesting/MetadataCredentialsTest.cs
index 5325b2fa14..3d56678b99 100644
--- a/src/csharp/Grpc.IntegrationTesting/MetadataCredentialsTest.cs
+++ b/src/csharp/Grpc.IntegrationTesting/MetadataCredentialsTest.cs
@@ -75,7 +75,7 @@ namespace Grpc.IntegrationTesting
var clientCredentials = ChannelCredentials.Create(
new SslCredentials(File.ReadAllText(TestCredentials.ClientCertAuthorityPath)),
- new MetadataCredentials(asyncAuthInterceptor));
+ CallCredentials.FromInterceptor(asyncAuthInterceptor));
channel = new Channel(Host, server.Ports.Single().BoundPort, clientCredentials, options);
client = TestService.NewClient(channel);
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-24 12:19:56 +0000