Adding C++ metadata processor.

- Had to chnage the core API to add a destroy function pointer in
  grpc_auth_metadata_processor.
- Tested end to end.
- Fixed some issues in the server_auth_filter (we were not checking the
  length which put us at risk of an overflow).

4 files changed, 14 insertions, 7 deletions

diff --git a/include/grpc++/auth_metadata_processor.h b/include/grpc++/auth_metadata_processor.h
index c0631bc11f..a42abef416 100644
--- a/include/grpc++/auth_metadata_processor.h
+++ b/include/grpc++/auth_metadata_processor.h
@@ -58,7 +58,10 @@ class AuthMetadataProcessor {
   // from the passed-in auth_metadata.
   // consumed_auth_metadata needs to be filled with metadata that has been
   // consumed by the processor and will be removed from the call.
-  // TODO(jboeuf).
+  // response_metadata is the metadata that will be sent as part of the
+  // response.
+  // If the return value is not Status::OK, the rpc call will be aborted with
+  // the error code and error message sent back to the client.
   virtual Status Process(const InputMetadata& auth_metadata,
                          AuthContext* context,
                          OutputMetadata* consumed_auth_metadata,
diff --git a/include/grpc++/server_credentials.h b/include/grpc++/server_credentials.h
index 486c35c56b..e006f3a180 100644
--- a/include/grpc++/server_credentials.h
+++ b/include/grpc++/server_credentials.h
@@ -50,16 +50,16 @@ class ServerCredentials {
  public:
   virtual ~ServerCredentials();
 
+  // This method is not thread-safe and has to be called before the server is
+  // started. The last call to this function wins.
+  virtual void SetAuthMetadataProcessor(
+      const std::shared_ptr<AuthMetadataProcessor>& processor) = 0;
+
  private:
   friend class ::grpc::Server;
 
   virtual int AddPortToServer(const grpc::string& addr,
                               grpc_server* server) = 0;
-
-  // This method is not thread-safe and has to be called before the server is
-  // started. The last call to this function wins.
-  virtual void SetAuthMetadataProcessor(
-      const std::shared_ptr<AuthMetadataProcessor>& processor) = 0;
 };
 
 // Options to create ServerCredentials with SSL
diff --git a/include/grpc++/support/auth_context.h b/include/grpc++/support/auth_context.h
index 5d5f8e837d..fc2701e806 100644
--- a/include/grpc++/support/auth_context.h
+++ b/include/grpc++/support/auth_context.h
@@ -77,6 +77,9 @@ class AuthContext {
  public:
   virtual ~AuthContext() {}
 
+  // Returns true if the peer is authenticated.
+  virtual bool IsPeerAuthenticated() const = 0;
+
   // A peer identity, in general is one or more properties (in which case they
   // have the same name).
   virtual std::vector<grpc::string_ref> GetPeerIdentity() const = 0;
@@ -92,7 +95,7 @@ class AuthContext {
 
   // Mutation functions: should only be used by an AuthMetadataProcessor.
   virtual void AddProperty(const grpc::string& key,
-                           const grpc::string& value) = 0;
+                           const grpc::string_ref& value) = 0;
   virtual bool SetPeerIdentityPropertyName(const grpc::string& name) = 0;
 };
 
diff --git a/include/grpc/grpc_security.h b/include/grpc/grpc_security.h
index e2205eea30..0b540c0e66 100644
--- a/include/grpc/grpc_security.h
+++ b/include/grpc/grpc_security.h
@@ -293,6 +293,7 @@ typedef struct {
   void (*process)(void *state, grpc_auth_context *context,
                   const grpc_metadata *md, size_t num_md,
                   grpc_process_auth_metadata_done_cb cb, void *user_data);
+  void (*destroy)(void *state);
   void *state;
 } grpc_auth_metadata_processor;