diff options
author | 2015-08-28 14:10:58 -0700 | |
---|---|---|
committer | 2015-08-28 14:10:58 -0700 | |
commit | 0c711ad88b632bea173bdea9ea24372052aa231d (patch) | |
tree | 4faa57ef8bb4109f5303b3b175eb92cc9aa884d3 /include | |
parent | 084b2f3d7f8d74268657ece8fac8d1055e00b7fc (diff) |
Adding C++ metadata processor.
- Had to chnage the core API to add a destroy function pointer in
grpc_auth_metadata_processor.
- Tested end to end.
- Fixed some issues in the server_auth_filter (we were not checking the
length which put us at risk of an overflow).
Diffstat (limited to 'include')
-rw-r--r-- | include/grpc++/auth_metadata_processor.h | 5 | ||||
-rw-r--r-- | include/grpc++/server_credentials.h | 10 | ||||
-rw-r--r-- | include/grpc++/support/auth_context.h | 5 | ||||
-rw-r--r-- | include/grpc/grpc_security.h | 1 |
4 files changed, 14 insertions, 7 deletions
diff --git a/include/grpc++/auth_metadata_processor.h b/include/grpc++/auth_metadata_processor.h index c0631bc11f..a42abef416 100644 --- a/include/grpc++/auth_metadata_processor.h +++ b/include/grpc++/auth_metadata_processor.h @@ -58,7 +58,10 @@ class AuthMetadataProcessor { // from the passed-in auth_metadata. // consumed_auth_metadata needs to be filled with metadata that has been // consumed by the processor and will be removed from the call. - // TODO(jboeuf). + // response_metadata is the metadata that will be sent as part of the + // response. + // If the return value is not Status::OK, the rpc call will be aborted with + // the error code and error message sent back to the client. virtual Status Process(const InputMetadata& auth_metadata, AuthContext* context, OutputMetadata* consumed_auth_metadata, diff --git a/include/grpc++/server_credentials.h b/include/grpc++/server_credentials.h index 486c35c56b..e006f3a180 100644 --- a/include/grpc++/server_credentials.h +++ b/include/grpc++/server_credentials.h @@ -50,16 +50,16 @@ class ServerCredentials { public: virtual ~ServerCredentials(); + // This method is not thread-safe and has to be called before the server is + // started. The last call to this function wins. + virtual void SetAuthMetadataProcessor( + const std::shared_ptr<AuthMetadataProcessor>& processor) = 0; + private: friend class ::grpc::Server; virtual int AddPortToServer(const grpc::string& addr, grpc_server* server) = 0; - - // This method is not thread-safe and has to be called before the server is - // started. The last call to this function wins. - virtual void SetAuthMetadataProcessor( - const std::shared_ptr<AuthMetadataProcessor>& processor) = 0; }; // Options to create ServerCredentials with SSL diff --git a/include/grpc++/support/auth_context.h b/include/grpc++/support/auth_context.h index 5d5f8e837d..fc2701e806 100644 --- a/include/grpc++/support/auth_context.h +++ b/include/grpc++/support/auth_context.h @@ -77,6 +77,9 @@ class AuthContext { public: virtual ~AuthContext() {} + // Returns true if the peer is authenticated. + virtual bool IsPeerAuthenticated() const = 0; + // A peer identity, in general is one or more properties (in which case they // have the same name). virtual std::vector<grpc::string_ref> GetPeerIdentity() const = 0; @@ -92,7 +95,7 @@ class AuthContext { // Mutation functions: should only be used by an AuthMetadataProcessor. virtual void AddProperty(const grpc::string& key, - const grpc::string& value) = 0; + const grpc::string_ref& value) = 0; virtual bool SetPeerIdentityPropertyName(const grpc::string& name) = 0; }; diff --git a/include/grpc/grpc_security.h b/include/grpc/grpc_security.h index e2205eea30..0b540c0e66 100644 --- a/include/grpc/grpc_security.h +++ b/include/grpc/grpc_security.h @@ -293,6 +293,7 @@ typedef struct { void (*process)(void *state, grpc_auth_context *context, const grpc_metadata *md, size_t num_md, grpc_process_auth_metadata_done_cb cb, void *user_data); + void (*destroy)(void *state); void *state; } grpc_auth_metadata_processor; |