Design and implementation of the core credentials plugin API.

- We use C++ as an example to show how this API can be used while still
  providing an idiomatic interface in the wrapped language of choice.
- No testing yet.

2 files changed, 79 insertions, 0 deletions

diff --git a/src/cpp/client/secure_credentials.cc b/src/cpp/client/secure_credentials.cc
index 2260f6d33e..8333b01f29 100644
--- a/src/cpp/client/secure_credentials.cc
+++ b/src/cpp/client/secure_credentials.cc
@@ -144,4 +144,64 @@ std::shared_ptr<Credentials> CompositeCredentials(
   return nullptr;
 }
 
+void MetadataCredentialsPluginWrapper::Destroy(void* wrapper) {
+  if (wrapper == nullptr) return;
+  MetadataCredentialsPluginWrapper* w =
+      reinterpret_cast<MetadataCredentialsPluginWrapper*>(wrapper);
+  delete w;
+}
+
+void MetadataCredentialsPluginWrapper::GetMetadata(
+    void* wrapper, const char* service_url,
+    grpc_credentials_plugin_metadata_cb cb, void* user_data) {
+  GPR_ASSERT(wrapper != nullptr);
+  MetadataCredentialsPluginWrapper* w =
+      reinterpret_cast<MetadataCredentialsPluginWrapper*>(wrapper);
+  if (w->plugin_ == nullptr) {
+    cb(user_data, NULL, 0, GRPC_STATUS_OK, NULL);
+    return;
+  }
+  if (w->plugin_->IsBlocking()) {
+    w->thread_pool_->Add(
+        std::bind(&MetadataCredentialsPluginWrapper::InvokePlugin, w,
+                  service_url, cb, user_data));
+  } else {
+    w->InvokePlugin(service_url, cb, user_data);
+  }
+}
+
+void MetadataCredentialsPluginWrapper::InvokePlugin(
+    const char* service_url, grpc_credentials_plugin_metadata_cb cb,
+    void* user_data) {
+  std::multimap<grpc::string, grpc::string_ref> metadata;
+  Status status = plugin_->GetMetadata(service_url, &metadata);
+  std::vector<grpc_metadata> md;
+  for (auto it = metadata.begin(); it != metadata.end(); ++it) {
+    md.push_back({it->first.c_str(),
+                  it->second.data(),
+                  it->second.size(),
+                  0,
+                  {{nullptr, nullptr, nullptr, nullptr}}});
+  }
+  cb(user_data, &md[0], md.size(),
+     static_cast<grpc_status_code>(status.error_code()),
+     status.error_message().c_str());
+}
+
+MetadataCredentialsPluginWrapper::MetadataCredentialsPluginWrapper(
+    std::unique_ptr<MetadataCredentialsPlugin> plugin)
+    : thread_pool_(CreateDefaultThreadPool()), plugin_(std::move(plugin)) {}
+
+std::shared_ptr<Credentials> MetadataCredentialsFromPlugin(
+    std::unique_ptr<MetadataCredentialsPlugin> plugin) {
+  GrpcLibrary init;  // To call grpc_init().
+  MetadataCredentialsPluginWrapper* wrapper =
+      new MetadataCredentialsPluginWrapper(std::move(plugin));
+  grpc_metadata_credentials_plugin c_plugin = {
+      MetadataCredentialsPluginWrapper::GetMetadata,
+      MetadataCredentialsPluginWrapper::Destroy, wrapper};
+  return WrapCredentials(
+      grpc_metadata_credentials_create_from_plugin(c_plugin, nullptr));
+}
+
 }  // namespace grpc
diff --git a/src/cpp/client/secure_credentials.h b/src/cpp/client/secure_credentials.h
index 8deff856c4..d354827725 100644
--- a/src/cpp/client/secure_credentials.h
+++ b/src/cpp/client/secure_credentials.h
@@ -39,6 +39,8 @@
 #include <grpc++/support/config.h>
 #include <grpc++/security/credentials.h>
 
+#include "src/cpp/server/thread_pool_interface.h"
+
 namespace grpc {
 
 class SecureCredentials GRPC_FINAL : public Credentials {
@@ -56,6 +58,23 @@ class SecureCredentials GRPC_FINAL : public Credentials {
   grpc_credentials* const c_creds_;
 };
 
+class MetadataCredentialsPluginWrapper GRPC_FINAL {
+ public:
+  static void Destroy(void* wrapper);
+  static void GetMetadata(void* wrapper, const char* service_url,
+                          grpc_credentials_plugin_metadata_cb cb,
+                          void* user_data);
+
+  explicit MetadataCredentialsPluginWrapper(
+      std::unique_ptr<MetadataCredentialsPlugin> plugin);
+
+ private:
+  void InvokePlugin(const char* service_url,
+                    grpc_credentials_plugin_metadata_cb cb, void* user_data);
+  std::unique_ptr<ThreadPoolInterface> thread_pool_;
+  std::unique_ptr<MetadataCredentialsPlugin> plugin_;
+};
+
 }  // namespace grpc
 
 #endif  // GRPC_INTERNAL_CPP_CLIENT_SECURE_CREDENTIALS_H