diff options
author | Julien Boeuf <jboeuf@google.com> | 2015-07-10 08:35:04 -0700 |
---|---|---|
committer | Julien Boeuf <jboeuf@google.com> | 2015-07-10 08:35:04 -0700 |
commit | 0b1b1a5999fd52fb85face2be75e5037355a689e (patch) | |
tree | 82ac8317433cffd95afe437270482878812a951b /include | |
parent | b037bb648884c01a12d272d9b4e528d304a4213d (diff) | |
parent | b652fc0d172e0eb1023282fa6ee24eb41cbbea85 (diff) |
Merge branch 'master' of github.com:grpc/grpc into flexible_default_creds
Diffstat (limited to 'include')
-rw-r--r-- | include/grpc++/auth_context.h | 62 | ||||
-rw-r--r-- | include/grpc++/client_context.h | 10 | ||||
-rw-r--r-- | include/grpc++/credentials.h | 6 | ||||
-rw-r--r-- | include/grpc++/server.h | 4 | ||||
-rw-r--r-- | include/grpc++/server_builder.h | 33 | ||||
-rw-r--r-- | include/grpc++/server_context.h | 9 | ||||
-rw-r--r-- | include/grpc/census.h | 4 | ||||
-rw-r--r-- | include/grpc/grpc_security.h | 17 |
8 files changed, 136 insertions, 9 deletions
diff --git a/include/grpc++/auth_context.h b/include/grpc++/auth_context.h new file mode 100644 index 0000000000..158f8e3f07 --- /dev/null +++ b/include/grpc++/auth_context.h @@ -0,0 +1,62 @@ +/* + * + * Copyright 2015, Google Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are + * met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following disclaimer + * in the documentation and/or other materials provided with the + * distribution. + * * Neither the name of Google Inc. nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#ifndef GRPCXX_AUTH_CONTEXT_H +#define GRPCXX_AUTH_CONTEXT_H + +#include <vector> + +#include <grpc++/config.h> + +namespace grpc { + +class AuthContext { + public: + typedef std::pair<grpc::string, grpc::string> Property; + + virtual ~AuthContext() {} + + // A peer identity, in general is one or more properties (in which case they + // have the same name). + virtual std::vector<grpc::string> GetPeerIdentity() const = 0; + virtual grpc::string GetPeerIdentityPropertyName() const = 0; + + // Returns all the property values with the given name. + virtual std::vector<grpc::string> FindPropertyValues( + const grpc::string& name) const = 0; +}; + +} // namespace grpc + +#endif // GRPCXX_AUTH_CONTEXT_H + diff --git a/include/grpc++/client_context.h b/include/grpc++/client_context.h index 5e10875260..7adaaa6e6f 100644 --- a/include/grpc++/client_context.h +++ b/include/grpc++/client_context.h @@ -40,12 +40,14 @@ #include <grpc/support/log.h> #include <grpc/support/time.h> +#include <grpc++/auth_context.h> #include <grpc++/config.h> #include <grpc++/status.h> #include <grpc++/time.h> struct grpc_call; struct grpc_completion_queue; +struct census_context; namespace grpc { @@ -107,6 +109,12 @@ class ClientContext { creds_ = creds; } + std::shared_ptr<const AuthContext> auth_context() const; + + // Get and set census context + void set_census_context(census_context* ccp) { census_context_ = ccp; } + census_context* get_census_context() const { return census_context_; } + void TryCancel(); private: @@ -154,6 +162,8 @@ class ClientContext { gpr_timespec deadline_; grpc::string authority_; std::shared_ptr<Credentials> creds_; + mutable std::shared_ptr<const AuthContext> auth_context_; + census_context* census_context_; std::multimap<grpc::string, grpc::string> send_initial_metadata_; std::multimap<grpc::string, grpc::string> recv_initial_metadata_; std::multimap<grpc::string, grpc::string> trailing_metadata_; diff --git a/include/grpc++/credentials.h b/include/grpc++/credentials.h index 7a40cd199d..0eaaefcbca 100644 --- a/include/grpc++/credentials.h +++ b/include/grpc++/credentials.h @@ -120,6 +120,12 @@ std::shared_ptr<Credentials> JWTCredentials(const grpc::string& json_key, std::shared_ptr<Credentials> RefreshTokenCredentials( const grpc::string& json_refresh_token); +// Builds access token credentials. +// access_token is an oauth2 access token that was fetched using an out of band +// mechanism. +std::shared_ptr<Credentials> AccessTokenCredentials( + const grpc::string& access_token); + // Builds IAM credentials. std::shared_ptr<Credentials> IAMCredentials( const grpc::string& authorization_token, diff --git a/include/grpc++/server.h b/include/grpc++/server.h index 6a9e757e77..94ee0b6a4a 100644 --- a/include/grpc++/server.h +++ b/include/grpc++/server.h @@ -84,8 +84,8 @@ class Server GRPC_FINAL : public GrpcLibrary, private CallHook { int max_message_size); // Register a service. This call does not take ownership of the service. // The service must exist for the lifetime of the Server instance. - bool RegisterService(RpcService* service); - bool RegisterAsyncService(AsynchronousService* service); + bool RegisterService(const grpc::string *host, RpcService* service); + bool RegisterAsyncService(const grpc::string *host, AsynchronousService* service); void RegisterAsyncGenericService(AsyncGenericService* service); // Add a listening port. Can be called multiple times. int AddListeningPort(const grpc::string& addr, ServerCredentials* creds); diff --git a/include/grpc++/server_builder.h b/include/grpc++/server_builder.h index ecee475e3e..44ee00eec9 100644 --- a/include/grpc++/server_builder.h +++ b/include/grpc++/server_builder.h @@ -58,17 +58,35 @@ class ServerBuilder { // Register a service. This call does not take ownership of the service. // The service must exist for the lifetime of the Server instance returned by // BuildAndStart(). + // Matches requests with any :authority void RegisterService(SynchronousService* service); - // Register an asynchronous service. New calls will be delevered to cq. + // Register an asynchronous service. // This call does not take ownership of the service or completion queue. // The service and completion queuemust exist for the lifetime of the Server // instance returned by BuildAndStart(). + // Matches requests with any :authority void RegisterAsyncService(AsynchronousService* service); // Register a generic service. + // Matches requests with any :authority void RegisterAsyncGenericService(AsyncGenericService* service); + // Register a service. This call does not take ownership of the service. + // The service must exist for the lifetime of the Server instance returned by + // BuildAndStart(). + // Only matches requests with :authority \a host + void RegisterService(const grpc::string& host, + SynchronousService* service); + + // Register an asynchronous service. + // This call does not take ownership of the service or completion queue. + // The service and completion queuemust exist for the lifetime of the Server + // instance returned by BuildAndStart(). + // Only matches requests with :authority \a host + void RegisterAsyncService(const grpc::string& host, + AsynchronousService* service); + // Set max message size in bytes. void SetMaxMessageSize(int max_message_size) { max_message_size_ = max_message_size; @@ -98,9 +116,18 @@ class ServerBuilder { int* selected_port; }; + typedef std::unique_ptr<grpc::string> HostString; + template <class T> struct NamedService { + explicit NamedService(T* s) : service(s) {} + NamedService(const grpc::string& h, T *s) + : host(new grpc::string(h)), service(s) {} + HostString host; + T* service; + }; + int max_message_size_; - std::vector<RpcService*> services_; - std::vector<AsynchronousService*> async_services_; + std::vector<std::unique_ptr<NamedService<RpcService>>> services_; + std::vector<std::unique_ptr<NamedService<AsynchronousService>>> async_services_; std::vector<Port> ports_; std::vector<ServerCompletionQueue*> cqs_; std::shared_ptr<ServerCredentials> creds_; diff --git a/include/grpc++/server_context.h b/include/grpc++/server_context.h index 326b6a125c..a4ee986df1 100644 --- a/include/grpc++/server_context.h +++ b/include/grpc++/server_context.h @@ -35,8 +35,10 @@ #define GRPCXX_SERVER_CONTEXT_H #include <map> +#include <memory> #include <grpc/support/time.h> +#include <grpc++/auth_context.h> #include <grpc++/config.h> #include <grpc++/time.h> @@ -97,6 +99,10 @@ class ServerContext { return client_metadata_; } + std::shared_ptr<const AuthContext> auth_context() const { + return auth_context_; + } + private: friend class ::grpc::Server; template <class W, class R> @@ -133,12 +139,15 @@ class ServerContext { ServerContext(gpr_timespec deadline, grpc_metadata* metadata, size_t metadata_count); + void set_call(grpc_call* call); + CompletionOp* completion_op_; gpr_timespec deadline_; grpc_call* call_; CompletionQueue* cq_; bool sent_initial_metadata_; + std::shared_ptr<const AuthContext> auth_context_; std::multimap<grpc::string, grpc::string> client_metadata_; std::multimap<grpc::string, grpc::string> initial_metadata_; std::multimap<grpc::string, grpc::string> trailing_metadata_; diff --git a/include/grpc/census.h b/include/grpc/census.h index b2049b3289..3fc07affc8 100644 --- a/include/grpc/census.h +++ b/include/grpc/census.h @@ -61,6 +61,10 @@ enum census_functions { int census_initialize(int functions); void census_shutdown(); +/* If any census feature has been initialized, this funtion will return a + * non-zero value. */ +int census_available(); + /* Internally, Census relies on a context, which should be propagated across * RPC's. From the RPC subsystems viewpoint, this is an opaque data structure. * A context must be used as the first argument to all other census diff --git a/include/grpc/grpc_security.h b/include/grpc/grpc_security.h index 1ea229ecaf..37d66c04ae 100644 --- a/include/grpc/grpc_security.h +++ b/include/grpc/grpc_security.h @@ -131,13 +131,18 @@ grpc_credentials *grpc_jwt_credentials_create(const char *json_key, grpc_credentials *grpc_refresh_token_credentials_create( const char *json_refresh_token); -/* Creates a fake transport security credentials object for testing. */ -grpc_credentials *grpc_fake_transport_security_credentials_create(void); +/* Creates an Oauth2 Access Token credentials with an access token that was + aquired by an out of band mechanism. */ +grpc_credentials *grpc_access_token_credentials_create( + const char *access_token); /* Creates an IAM credentials object. */ grpc_credentials *grpc_iam_credentials_create(const char *authorization_token, const char *authority_selector); +/* Creates a fake transport security credentials object for testing. */ +grpc_credentials *grpc_fake_transport_security_credentials_create(void); + /* --- Secure channel creation. --- */ /* The caller of the secure_channel_create functions may override the target @@ -248,8 +253,12 @@ const char *grpc_auth_context_peer_identity_property_name( /* Returns 1 if the peer is authenticated, 0 otherwise. */ int grpc_auth_context_peer_is_authenticated(const grpc_auth_context *ctx); -/* Gets the auth context from the call. */ -const grpc_auth_context *grpc_call_auth_context(grpc_call *call); +/* Gets the auth context from the call. Caller needs to call + grpc_auth_context_release on the returned context. */ +grpc_auth_context *grpc_call_auth_context(grpc_call *call); + +/* Releases the auth context returned from grpc_call_auth_context. */ +void grpc_auth_context_release(grpc_auth_context *context); #ifdef __cplusplus } |