diff options
author | 2015-08-28 15:51:02 -0700 | |
---|---|---|
committer | 2015-08-28 15:51:02 -0700 | |
commit | 97cd4ae606a39a62c07b0d2ce2687af3ce812645 (patch) | |
tree | 563c81ba4d81c8dc0764ef3557b24dce9a7be5da /include | |
parent | 68ff03a952d1b5395ef1f4ee326f810cd0b55912 (diff) | |
parent | 036bf58b281e4ff65ccc62ea68002a50ddb626cc (diff) |
Merge branch 'master' of github.com:grpc/grpc into cpp_auth_md_processor
Diffstat (limited to 'include')
-rw-r--r-- | include/grpc++/credentials.h | 16 | ||||
-rw-r--r-- | include/grpc/grpc_security.h | 31 |
2 files changed, 12 insertions, 35 deletions
diff --git a/include/grpc++/credentials.h b/include/grpc++/credentials.h index d623bcef60..ce5a9e0606 100644 --- a/include/grpc++/credentials.h +++ b/include/grpc++/credentials.h @@ -94,17 +94,7 @@ std::shared_ptr<Credentials> SslCredentials( const SslCredentialsOptions& options); // Builds credentials for use when running in GCE -std::shared_ptr<Credentials> ComputeEngineCredentials(); - -// Builds service account credentials. -// json_key is the JSON key string containing the client's private key. -// scope is a space-delimited list of the requested permissions. -// token_lifetime_seconds is the lifetime in seconds of each token acquired -// through this service account credentials. It should be positive and should -// not exceed grpc_max_auth_token_lifetime or will be cropped to this value. -std::shared_ptr<Credentials> ServiceAccountCredentials( - const grpc::string& json_key, const grpc::string& scope, - long token_lifetime_seconds); +std::shared_ptr<Credentials> GoogleComputeEngineCredentials(); // Builds Service Account JWT Access credentials. // json_key is the JSON key string containing the client's private key. @@ -117,7 +107,7 @@ std::shared_ptr<Credentials> ServiceAccountJWTAccessCredentials( // Builds refresh token credentials. // json_refresh_token is the JSON string containing the refresh token along // with a client_id and client_secret. -std::shared_ptr<Credentials> RefreshTokenCredentials( +std::shared_ptr<Credentials> GoogleRefreshTokenCredentials( const grpc::string& json_refresh_token); // Builds access token credentials. @@ -127,7 +117,7 @@ std::shared_ptr<Credentials> AccessTokenCredentials( const grpc::string& access_token); // Builds IAM credentials. -std::shared_ptr<Credentials> IAMCredentials( +std::shared_ptr<Credentials> GoogleIAMCredentials( const grpc::string& authorization_token, const grpc::string& authority_selector); diff --git a/include/grpc/grpc_security.h b/include/grpc/grpc_security.h index 0b540c0e66..87bc250429 100644 --- a/include/grpc/grpc_security.h +++ b/include/grpc/grpc_security.h @@ -97,26 +97,13 @@ grpc_credentials *grpc_composite_credentials_create(grpc_credentials *creds1, grpc_credentials *creds2, void *reserved); -/* Creates a compute engine credentials object. +/* Creates a compute engine credentials object for connecting to Google. WARNING: Do NOT use this credentials to connect to a non-google service as this could result in an oauth2 token leak. */ -grpc_credentials *grpc_compute_engine_credentials_create(void *reserved); +grpc_credentials *grpc_google_compute_engine_credentials_create(void *reserved); extern const gpr_timespec grpc_max_auth_token_lifetime; -/* Creates a service account credentials object. May return NULL if the input is - invalid. - WARNING: Do NOT use this credentials to connect to a non-google service as - this could result in an oauth2 token leak. - - json_key is the JSON key string containing the client's private key. - - scope is a space-delimited list of the requested permissions. - - token_lifetime is the lifetime of each token acquired through this service - account credentials. It should not exceed grpc_max_auth_token_lifetime - or will be cropped to this value. */ -grpc_credentials *grpc_service_account_credentials_create( - const char *json_key, const char *scope, gpr_timespec token_lifetime, - void *reserved); - /* Creates a JWT credentials object. May return NULL if the input is invalid. - json_key is the JSON key string containing the client's private key. - token_lifetime is the lifetime of each Json Web Token (JWT) created with @@ -125,13 +112,13 @@ grpc_credentials *grpc_service_account_credentials_create( grpc_credentials *grpc_service_account_jwt_access_credentials_create( const char *json_key, gpr_timespec token_lifetime, void *reserved); -/* Creates an Oauth2 Refresh Token credentials object. May return NULL if the - input is invalid. +/* Creates an Oauth2 Refresh Token credentials object for connecting to Google. + May return NULL if the input is invalid. WARNING: Do NOT use this credentials to connect to a non-google service as this could result in an oauth2 token leak. - json_refresh_token is the JSON string containing the refresh token itself along with a client_id and client_secret. */ -grpc_credentials *grpc_refresh_token_credentials_create( +grpc_credentials *grpc_google_refresh_token_credentials_create( const char *json_refresh_token, void *reserved); /* Creates an Oauth2 Access Token credentials with an access token that was @@ -139,10 +126,10 @@ grpc_credentials *grpc_refresh_token_credentials_create( grpc_credentials *grpc_access_token_credentials_create( const char *access_token, void *reserved); -/* Creates an IAM credentials object. */ -grpc_credentials *grpc_iam_credentials_create(const char *authorization_token, - const char *authority_selector, - void *reserved); +/* Creates an IAM credentials object for connecting to Google. */ +grpc_credentials *grpc_google_iam_credentials_create( + const char *authorization_token, const char *authority_selector, + void *reserved); /* --- Secure channel creation. --- */ |