aboutsummaryrefslogtreecommitdiffhomepage
path: root/src
diff options
context:
space:
mode:
authorGravatar Julien Boeuf <jboeuf@google.com>2015-08-28 15:51:02 -0700
committerGravatar Julien Boeuf <jboeuf@google.com>2015-08-28 15:51:02 -0700
commit97cd4ae606a39a62c07b0d2ce2687af3ce812645 (patch)
tree563c81ba4d81c8dc0764ef3557b24dce9a7be5da /src
parent68ff03a952d1b5395ef1f4ee326f810cd0b55912 (diff)
parent036bf58b281e4ff65ccc62ea68002a50ddb626cc (diff)
Merge branch 'master' of github.com:grpc/grpc into cpp_auth_md_processor
Diffstat (limited to 'src')
-rw-r--r--src/core/security/credentials.c111
-rw-r--r--src/core/security/credentials.h17
-rw-r--r--src/core/security/google_default_credentials.c2
-rw-r--r--src/cpp/client/secure_credentials.cc30
-rw-r--r--src/node/ext/call.cc23
-rw-r--r--src/node/ext/call.h1
-rw-r--r--src/node/ext/credentials.cc4
-rw-r--r--src/node/src/client.js75
-rw-r--r--src/php/ext/grpc/credentials.c2
-rw-r--r--src/python/grpcio/grpc/_adapter/_c/types.h2
-rw-r--r--src/python/grpcio/grpc/_adapter/_c/types/client_credentials.c33
-rw-r--r--src/python/grpcio/grpc/_cython/_cygrpc/credentials.pyx20
-rw-r--r--src/python/grpcio/grpc/_cython/_cygrpc/grpc.pxd2
-rw-r--r--src/python/grpcio/grpc/_cython/adapter_low.py4
-rw-r--r--src/python/grpcio/grpc/_links/service.py33
-rw-r--r--src/python/grpcio_test/grpc_interop/methods.py17
-rw-r--r--src/python/grpcio_test/grpc_test/_core_over_links_base_interface_test.py3
-rw-r--r--src/python/grpcio_test/grpc_test/_crust_over_core_over_links_face_interface_test.py3
-rw-r--r--src/python/grpcio_test/grpc_test/_links/_transmission_test.py9
-rw-r--r--src/ruby/ext/grpc/rb_credentials.c2
20 files changed, 147 insertions, 246 deletions
diff --git a/src/core/security/credentials.c b/src/core/security/credentials.c
index cae80f0216..721e871ade 100644
--- a/src/core/security/credentials.c
+++ b/src/core/security/credentials.c
@@ -629,7 +629,7 @@ static void init_oauth2_token_fetcher(grpc_oauth2_token_fetcher_credentials *c,
grpc_httpcli_context_init(&c->httpcli_context);
}
-/* -- ComputeEngine credentials. -- */
+/* -- GoogleComputeEngine credentials. -- */
static grpc_credentials_vtable compute_engine_vtable = {
oauth2_token_fetcher_destroy, oauth2_token_fetcher_has_request_metadata,
@@ -651,7 +651,8 @@ static void compute_engine_fetch_oauth2(
metadata_req);
}
-grpc_credentials *grpc_compute_engine_credentials_create(void *reserved) {
+grpc_credentials *grpc_google_compute_engine_credentials_create(
+ void *reserved) {
grpc_oauth2_token_fetcher_credentials *c =
gpr_malloc(sizeof(grpc_oauth2_token_fetcher_credentials));
GPR_ASSERT(reserved == NULL);
@@ -660,81 +661,11 @@ grpc_credentials *grpc_compute_engine_credentials_create(void *reserved) {
return &c->base;
}
-/* -- ServiceAccount credentials. -- */
-
-static void service_account_destroy(grpc_credentials *creds) {
- grpc_service_account_credentials *c =
- (grpc_service_account_credentials *)creds;
- if (c->scope != NULL) gpr_free(c->scope);
- grpc_auth_json_key_destruct(&c->key);
- oauth2_token_fetcher_destroy(&c->base.base);
-}
-
-static grpc_credentials_vtable service_account_vtable = {
- service_account_destroy, oauth2_token_fetcher_has_request_metadata,
- oauth2_token_fetcher_has_request_metadata_only,
- oauth2_token_fetcher_get_request_metadata, NULL};
-
-static void service_account_fetch_oauth2(
- grpc_credentials_metadata_request *metadata_req,
- grpc_httpcli_context *httpcli_context, grpc_pollset *pollset,
- grpc_httpcli_response_cb response_cb, gpr_timespec deadline) {
- grpc_service_account_credentials *c =
- (grpc_service_account_credentials *)metadata_req->creds;
- grpc_httpcli_header header = {"Content-Type",
- "application/x-www-form-urlencoded"};
- grpc_httpcli_request request;
- char *body = NULL;
- char *jwt = grpc_jwt_encode_and_sign(&c->key, GRPC_JWT_OAUTH2_AUDIENCE,
- c->token_lifetime, c->scope);
- if (jwt == NULL) {
- grpc_httpcli_response response;
- memset(&response, 0, sizeof(grpc_httpcli_response));
- response.status = 400; /* Invalid request. */
- gpr_log(GPR_ERROR, "Could not create signed jwt.");
- /* Do not even send the request, just call the response callback. */
- response_cb(metadata_req, &response);
- return;
- }
- gpr_asprintf(&body, "%s%s", GRPC_SERVICE_ACCOUNT_POST_BODY_PREFIX, jwt);
- memset(&request, 0, sizeof(grpc_httpcli_request));
- request.host = GRPC_GOOGLE_OAUTH2_SERVICE_HOST;
- request.path = GRPC_GOOGLE_OAUTH2_SERVICE_TOKEN_PATH;
- request.hdr_count = 1;
- request.hdrs = &header;
- request.handshaker = &grpc_httpcli_ssl;
- grpc_httpcli_post(httpcli_context, pollset, &request, body, strlen(body),
- deadline, response_cb, metadata_req);
- gpr_free(body);
- gpr_free(jwt);
-}
-
-grpc_credentials *grpc_service_account_credentials_create(
- const char *json_key, const char *scope, gpr_timespec token_lifetime,
- void *reserved) {
- grpc_service_account_credentials *c;
- grpc_auth_json_key key = grpc_auth_json_key_create_from_string(json_key);
- GPR_ASSERT(reserved == NULL);
- if (scope == NULL || (strlen(scope) == 0) ||
- !grpc_auth_json_key_is_valid(&key)) {
- gpr_log(GPR_ERROR,
- "Invalid input for service account credentials creation");
- return NULL;
- }
- c = gpr_malloc(sizeof(grpc_service_account_credentials));
- memset(c, 0, sizeof(grpc_service_account_credentials));
- init_oauth2_token_fetcher(&c->base, service_account_fetch_oauth2);
- c->base.base.vtable = &service_account_vtable;
- c->scope = gpr_strdup(scope);
- c->key = key;
- c->token_lifetime = token_lifetime;
- return &c->base.base;
-}
-
-/* -- RefreshToken credentials. -- */
+/* -- GoogleRefreshToken credentials. -- */
static void refresh_token_destroy(grpc_credentials *creds) {
- grpc_refresh_token_credentials *c = (grpc_refresh_token_credentials *)creds;
+ grpc_google_refresh_token_credentials *c =
+ (grpc_google_refresh_token_credentials *)creds;
grpc_auth_refresh_token_destruct(&c->refresh_token);
oauth2_token_fetcher_destroy(&c->base.base);
}
@@ -748,8 +679,8 @@ static void refresh_token_fetch_oauth2(
grpc_credentials_metadata_request *metadata_req,
grpc_httpcli_context *httpcli_context, grpc_pollset *pollset,
grpc_httpcli_response_cb response_cb, gpr_timespec deadline) {
- grpc_refresh_token_credentials *c =
- (grpc_refresh_token_credentials *)metadata_req->creds;
+ grpc_google_refresh_token_credentials *c =
+ (grpc_google_refresh_token_credentials *)metadata_req->creds;
grpc_httpcli_header header = {"Content-Type",
"application/x-www-form-urlencoded"};
grpc_httpcli_request request;
@@ -768,22 +699,23 @@ static void refresh_token_fetch_oauth2(
gpr_free(body);
}
-grpc_credentials *grpc_refresh_token_credentials_create_from_auth_refresh_token(
+grpc_credentials *
+grpc_refresh_token_credentials_create_from_auth_refresh_token(
grpc_auth_refresh_token refresh_token) {
- grpc_refresh_token_credentials *c;
+ grpc_google_refresh_token_credentials *c;
if (!grpc_auth_refresh_token_is_valid(&refresh_token)) {
gpr_log(GPR_ERROR, "Invalid input for refresh token credentials creation");
return NULL;
}
- c = gpr_malloc(sizeof(grpc_refresh_token_credentials));
- memset(c, 0, sizeof(grpc_refresh_token_credentials));
+ c = gpr_malloc(sizeof(grpc_google_refresh_token_credentials));
+ memset(c, 0, sizeof(grpc_google_refresh_token_credentials));
init_oauth2_token_fetcher(&c->base, refresh_token_fetch_oauth2);
c->base.base.vtable = &refresh_token_vtable;
c->refresh_token = refresh_token;
return &c->base.base;
}
-grpc_credentials *grpc_refresh_token_credentials_create(
+grpc_credentials *grpc_google_refresh_token_credentials_create(
const char *json_refresh_token, void *reserved) {
GPR_ASSERT(reserved == NULL);
return grpc_refresh_token_credentials_create_from_auth_refresh_token(
@@ -1205,7 +1137,7 @@ grpc_credentials *grpc_credentials_contains_type(
/* -- IAM credentials. -- */
static void iam_destroy(grpc_credentials *creds) {
- grpc_iam_credentials *c = (grpc_iam_credentials *)creds;
+ grpc_google_iam_credentials *c = (grpc_google_iam_credentials *)creds;
grpc_credentials_md_store_unref(c->iam_md);
gpr_free(c);
}
@@ -1221,7 +1153,7 @@ static void iam_get_request_metadata(grpc_credentials *creds,
const char *service_url,
grpc_credentials_metadata_cb cb,
void *user_data) {
- grpc_iam_credentials *c = (grpc_iam_credentials *)creds;
+ grpc_google_iam_credentials *c = (grpc_google_iam_credentials *)creds;
cb(user_data, c->iam_md->entries, c->iam_md->num_entries,
GRPC_CREDENTIALS_OK);
}
@@ -1230,15 +1162,14 @@ static grpc_credentials_vtable iam_vtable = {
iam_destroy, iam_has_request_metadata, iam_has_request_metadata_only,
iam_get_request_metadata, NULL};
-grpc_credentials *grpc_iam_credentials_create(const char *token,
- const char *authority_selector,
- void *reserved) {
- grpc_iam_credentials *c;
+grpc_credentials *grpc_google_iam_credentials_create(
+ const char *token, const char *authority_selector, void *reserved) {
+ grpc_google_iam_credentials *c;
GPR_ASSERT(reserved == NULL);
GPR_ASSERT(token != NULL);
GPR_ASSERT(authority_selector != NULL);
- c = gpr_malloc(sizeof(grpc_iam_credentials));
- memset(c, 0, sizeof(grpc_iam_credentials));
+ c = gpr_malloc(sizeof(grpc_google_iam_credentials));
+ memset(c, 0, sizeof(grpc_google_iam_credentials));
c->base.type = GRPC_CREDENTIALS_TYPE_IAM;
c->base.vtable = &iam_vtable;
gpr_ref_init(&c->base.refcount, 1);
diff --git a/src/core/security/credentials.h b/src/core/security/credentials.h
index 29cd1ac87f..d9bd53adc2 100644
--- a/src/core/security/credentials.h
+++ b/src/core/security/credentials.h
@@ -277,21 +277,12 @@ typedef struct {
grpc_fetch_oauth2_func fetch_func;
} grpc_oauth2_token_fetcher_credentials;
-/* -- ServiceAccount credentials. -- */
-
-typedef struct {
- grpc_oauth2_token_fetcher_credentials base;
- grpc_auth_json_key key;
- char *scope;
- gpr_timespec token_lifetime;
-} grpc_service_account_credentials;
-
-/* -- RefreshToken credentials. -- */
+/* -- GoogleRefreshToken credentials. -- */
typedef struct {
grpc_oauth2_token_fetcher_credentials base;
grpc_auth_refresh_token refresh_token;
-} grpc_refresh_token_credentials;
+} grpc_google_refresh_token_credentials;
/* -- Oauth2 Access Token credentials. -- */
@@ -308,12 +299,12 @@ typedef struct {
int is_async;
} grpc_md_only_test_credentials;
-/* -- IAM credentials. -- */
+/* -- GoogleIAM credentials. -- */
typedef struct {
grpc_credentials base;
grpc_credentials_md_store *iam_md;
-} grpc_iam_credentials;
+} grpc_google_iam_credentials;
/* -- Composite credentials. -- */
diff --git a/src/core/security/google_default_credentials.c b/src/core/security/google_default_credentials.c
index f9aa5187ce..874dd59e84 100644
--- a/src/core/security/google_default_credentials.c
+++ b/src/core/security/google_default_credentials.c
@@ -194,7 +194,7 @@ grpc_credentials *grpc_google_default_credentials_create(void) {
int need_compute_engine_creds = is_stack_running_on_compute_engine();
compute_engine_detection_done = 1;
if (need_compute_engine_creds) {
- result = grpc_compute_engine_credentials_create(NULL);
+ result = grpc_google_compute_engine_credentials_create(NULL);
}
}
diff --git a/src/cpp/client/secure_credentials.cc b/src/cpp/client/secure_credentials.cc
index e0642469b4..2260f6d33e 100644
--- a/src/cpp/client/secure_credentials.cc
+++ b/src/cpp/client/secure_credentials.cc
@@ -81,26 +81,10 @@ std::shared_ptr<Credentials> SslCredentials(
}
// Builds credentials for use when running in GCE
-std::shared_ptr<Credentials> ComputeEngineCredentials() {
+std::shared_ptr<Credentials> GoogleComputeEngineCredentials() {
GrpcLibrary init; // To call grpc_init().
- return WrapCredentials(grpc_compute_engine_credentials_create(nullptr));
-}
-
-// Builds service account credentials.
-std::shared_ptr<Credentials> ServiceAccountCredentials(
- const grpc::string& json_key, const grpc::string& scope,
- long token_lifetime_seconds) {
- GrpcLibrary init; // To call grpc_init().
- if (token_lifetime_seconds <= 0) {
- gpr_log(GPR_ERROR,
- "Trying to create ServiceAccountCredentials "
- "with non-positive lifetime");
- return WrapCredentials(nullptr);
- }
- gpr_timespec lifetime =
- gpr_time_from_seconds(token_lifetime_seconds, GPR_TIMESPAN);
- return WrapCredentials(grpc_service_account_credentials_create(
- json_key.c_str(), scope.c_str(), lifetime, nullptr));
+ return WrapCredentials(
+ grpc_google_compute_engine_credentials_create(nullptr));
}
// Builds JWT credentials.
@@ -119,10 +103,10 @@ std::shared_ptr<Credentials> ServiceAccountJWTAccessCredentials(
}
// Builds refresh token credentials.
-std::shared_ptr<Credentials> RefreshTokenCredentials(
+std::shared_ptr<Credentials> GoogleRefreshTokenCredentials(
const grpc::string& json_refresh_token) {
GrpcLibrary init; // To call grpc_init().
- return WrapCredentials(grpc_refresh_token_credentials_create(
+ return WrapCredentials(grpc_google_refresh_token_credentials_create(
json_refresh_token.c_str(), nullptr));
}
@@ -135,11 +119,11 @@ std::shared_ptr<Credentials> AccessTokenCredentials(
}
// Builds IAM credentials.
-std::shared_ptr<Credentials> IAMCredentials(
+std::shared_ptr<Credentials> GoogleIAMCredentials(
const grpc::string& authorization_token,
const grpc::string& authority_selector) {
GrpcLibrary init; // To call grpc_init().
- return WrapCredentials(grpc_iam_credentials_create(
+ return WrapCredentials(grpc_google_iam_credentials_create(
authorization_token.c_str(), authority_selector.c_str(), nullptr));
}
diff --git a/src/node/ext/call.cc b/src/node/ext/call.cc
index fddc1e214f..560869e6fa 100644
--- a/src/node/ext/call.cc
+++ b/src/node/ext/call.cc
@@ -461,6 +461,9 @@ void Call::Init(Handle<Object> exports) {
NanNew<FunctionTemplate>(StartBatch)->GetFunction());
NanSetPrototypeTemplate(tpl, "cancel",
NanNew<FunctionTemplate>(Cancel)->GetFunction());
+ NanSetPrototypeTemplate(
+ tpl, "cancelWithStatus",
+ NanNew<FunctionTemplate>(CancelWithStatus)->GetFunction());
NanSetPrototypeTemplate(tpl, "getPeer",
NanNew<FunctionTemplate>(GetPeer)->GetFunction());
NanAssignPersistent(fun_tpl, tpl);
@@ -643,6 +646,26 @@ NAN_METHOD(Call::Cancel) {
NanReturnUndefined();
}
+NAN_METHOD(Call::CancelWithStatus) {
+ NanScope();
+ if (!HasInstance(args.This())) {
+ return NanThrowTypeError("cancel can only be called on Call objects");
+ }
+ if (!args[0]->IsUint32()) {
+ return NanThrowTypeError(
+ "cancelWithStatus's first argument must be a status code");
+ }
+ if (!args[1]->IsString()) {
+ return NanThrowTypeError(
+ "cancelWithStatus's second argument must be a string");
+ }
+ Call *call = ObjectWrap::Unwrap<Call>(args.This());
+ grpc_status_code code = static_cast<grpc_status_code>(args[0]->Uint32Value());
+ NanUtf8String details(args[0]);
+ grpc_call_cancel_with_status(call->wrapped_call, code, *details, NULL);
+ NanReturnUndefined();
+}
+
NAN_METHOD(Call::GetPeer) {
NanScope();
if (!HasInstance(args.This())) {
diff --git a/src/node/ext/call.h b/src/node/ext/call.h
index ef6e5fcd21..89f81dcf4d 100644
--- a/src/node/ext/call.h
+++ b/src/node/ext/call.h
@@ -133,6 +133,7 @@ class Call : public ::node::ObjectWrap {
static NAN_METHOD(New);
static NAN_METHOD(StartBatch);
static NAN_METHOD(Cancel);
+ static NAN_METHOD(CancelWithStatus);
static NAN_METHOD(GetPeer);
static NanCallback *constructor;
// Used for typechecking instances of this javascript class
diff --git a/src/node/ext/credentials.cc b/src/node/ext/credentials.cc
index 85a823a108..c3b04dcea7 100644
--- a/src/node/ext/credentials.cc
+++ b/src/node/ext/credentials.cc
@@ -186,7 +186,7 @@ NAN_METHOD(Credentials::CreateComposite) {
NAN_METHOD(Credentials::CreateGce) {
NanScope();
- grpc_credentials *creds = grpc_compute_engine_credentials_create(NULL);
+ grpc_credentials *creds = grpc_google_compute_engine_credentials_create(NULL);
if (creds == NULL) {
NanReturnNull();
}
@@ -204,7 +204,7 @@ NAN_METHOD(Credentials::CreateIam) {
NanUtf8String auth_token(args[0]);
NanUtf8String auth_selector(args[1]);
grpc_credentials *creds =
- grpc_iam_credentials_create(*auth_token, *auth_selector, NULL);
+ grpc_google_iam_credentials_create(*auth_token, *auth_selector, NULL);
if (creds == NULL) {
NanReturnNull();
}
diff --git a/src/node/src/client.js b/src/node/src/client.js
index e1bed3512e..6a49490910 100644
--- a/src/node/src/client.js
+++ b/src/node/src/client.js
@@ -142,7 +142,14 @@ function _read(size) {
return;
}
var data = event.read;
- if (self.push(self.deserialize(data)) && data !== null) {
+ var deserialized;
+ try {
+ deserialized = self.deserialize(data);
+ } catch (e) {
+ self.call.cancelWithStatus(grpc.status.INTERNAL,
+ 'Failed to parse server response');
+ }
+ if (self.push(deserialized) && data !== null) {
var read_batch = {};
read_batch[grpc.opType.RECV_MESSAGE] = true;
self.call.startBatch(read_batch, readCallback);
@@ -296,23 +303,38 @@ function makeUnaryRequestFunction(method, serialize, deserialize) {
call.startBatch(client_batch, function(err, response) {
response.status.metadata = Metadata._fromCoreRepresentation(
response.status.metadata);
- emitter.emit('status', response.status);
- if (response.status.code !== grpc.status.OK) {
- var error = new Error(response.status.details);
- error.code = response.status.code;
- error.metadata = response.status.metadata;
- callback(error);
- return;
- } else {
+ var status = response.status;
+ var error;
+ var deserialized;
+ if (status.code === grpc.status.OK) {
if (err) {
// Got a batch error, but OK status. Something went wrong
callback(err);
return;
+ } else {
+ try {
+ deserialized = deserialize(response.read);
+ } catch (e) {
+ /* Change status to indicate bad server response. This will result
+ * in passing an error to the callback */
+ status = {
+ code: grpc.status.INTERNAL,
+ details: 'Failed to parse server response'
+ };
+ }
}
}
+ if (status.code !== grpc.status.OK) {
+ error = new Error(response.status.details);
+ error.code = status.code;
+ error.metadata = status.metadata;
+ callback(error);
+ } else {
+ callback(null, deserialized);
+ }
+ emitter.emit('status', status);
emitter.emit('metadata', Metadata._fromCoreRepresentation(
response.metadata));
- callback(null, deserialize(response.read));
});
});
return emitter;
@@ -374,21 +396,36 @@ function makeClientStreamRequestFunction(method, serialize, deserialize) {
call.startBatch(client_batch, function(err, response) {
response.status.metadata = Metadata._fromCoreRepresentation(
response.status.metadata);
- stream.emit('status', response.status);
- if (response.status.code !== grpc.status.OK) {
- var error = new Error(response.status.details);
- error.code = response.status.code;
- error.metadata = response.status.metadata;
- callback(error);
- return;
- } else {
+ var status = response.status;
+ var error;
+ var deserialized;
+ if (status.code === grpc.status.OK) {
if (err) {
// Got a batch error, but OK status. Something went wrong
callback(err);
return;
+ } else {
+ try {
+ deserialized = deserialize(response.read);
+ } catch (e) {
+ /* Change status to indicate bad server response. This will result
+ * in passing an error to the callback */
+ status = {
+ code: grpc.status.INTERNAL,
+ details: 'Failed to parse server response'
+ };
+ }
}
}
- callback(null, deserialize(response.read));
+ if (status.code !== grpc.status.OK) {
+ error = new Error(response.status.details);
+ error.code = status.code;
+ error.metadata = status.metadata;
+ callback(error);
+ } else {
+ callback(null, deserialized);
+ }
+ stream.emit('status', status);
});
});
return stream;
diff --git a/src/php/ext/grpc/credentials.c b/src/php/ext/grpc/credentials.c
index 0eba6608bb..8e3b7ff212 100644
--- a/src/php/ext/grpc/credentials.c
+++ b/src/php/ext/grpc/credentials.c
@@ -170,7 +170,7 @@ PHP_METHOD(Credentials, createComposite) {
* @return Credentials The new GCE credentials object
*/
PHP_METHOD(Credentials, createGce) {
- grpc_credentials *creds = grpc_compute_engine_credentials_create(NULL);
+ grpc_credentials *creds = grpc_google_compute_engine_credentials_create(NULL);
zval *creds_object = grpc_php_wrap_credentials(creds);
RETURN_DESTROY_ZVAL(creds_object);
}
diff --git a/src/python/grpcio/grpc/_adapter/_c/types.h b/src/python/grpcio/grpc/_adapter/_c/types.h
index f6ff957baa..ec0687a9fd 100644
--- a/src/python/grpcio/grpc/_adapter/_c/types.h
+++ b/src/python/grpcio/grpc/_adapter/_c/types.h
@@ -57,8 +57,6 @@ ClientCredentials *pygrpc_ClientCredentials_composite(
PyTypeObject *type, PyObject *args, PyObject *kwargs);
ClientCredentials *pygrpc_ClientCredentials_compute_engine(
PyTypeObject *type, PyObject *ignored);
-ClientCredentials *pygrpc_ClientCredentials_service_account(
- PyTypeObject *type, PyObject *args, PyObject *kwargs);
ClientCredentials *pygrpc_ClientCredentials_jwt(
PyTypeObject *type, PyObject *args, PyObject *kwargs);
ClientCredentials *pygrpc_ClientCredentials_refresh_token(
diff --git a/src/python/grpcio/grpc/_adapter/_c/types/client_credentials.c b/src/python/grpcio/grpc/_adapter/_c/types/client_credentials.c
index 36fd207464..90652b7b47 100644
--- a/src/python/grpcio/grpc/_adapter/_c/types/client_credentials.c
+++ b/src/python/grpcio/grpc/_adapter/_c/types/client_credentials.c
@@ -48,8 +48,6 @@ PyMethodDef pygrpc_ClientCredentials_methods[] = {
METH_CLASS|METH_KEYWORDS, ""},
{"compute_engine", (PyCFunction)pygrpc_ClientCredentials_compute_engine,
METH_CLASS|METH_NOARGS, ""},
- {"service_account", (PyCFunction)pygrpc_ClientCredentials_service_account,
- METH_CLASS|METH_KEYWORDS, ""},
{"jwt", (PyCFunction)pygrpc_ClientCredentials_jwt,
METH_CLASS|METH_KEYWORDS, ""},
{"refresh_token", (PyCFunction)pygrpc_ClientCredentials_refresh_token,
@@ -173,7 +171,7 @@ ClientCredentials *pygrpc_ClientCredentials_composite(
ClientCredentials *pygrpc_ClientCredentials_compute_engine(
PyTypeObject *type, PyObject *ignored) {
ClientCredentials *self = (ClientCredentials *)type->tp_alloc(type, 0);
- self->c_creds = grpc_compute_engine_credentials_create(NULL);
+ self->c_creds = grpc_google_compute_engine_credentials_create(NULL);
if (!self->c_creds) {
Py_DECREF(self);
PyErr_SetString(PyExc_RuntimeError,
@@ -183,29 +181,6 @@ ClientCredentials *pygrpc_ClientCredentials_compute_engine(
return self;
}
-ClientCredentials *pygrpc_ClientCredentials_service_account(
- PyTypeObject *type, PyObject *args, PyObject *kwargs) {
- ClientCredentials *self;
- const char *json_key;
- const char *scope;
- double lifetime;
- static char *keywords[] = {"json_key", "scope", "token_lifetime", NULL};
- if (!PyArg_ParseTupleAndKeywords(args, kwargs, "ssd:service_account", keywords,
- &json_key, &scope, &lifetime)) {
- return NULL;
- }
- self = (ClientCredentials *)type->tp_alloc(type, 0);
- self->c_creds = grpc_service_account_credentials_create(
- json_key, scope, pygrpc_cast_double_to_gpr_timespec(lifetime), NULL);
- if (!self->c_creds) {
- Py_DECREF(self);
- PyErr_SetString(PyExc_RuntimeError,
- "couldn't create service account credentials");
- return NULL;
- }
- return self;
-}
-
/* TODO: Rename this credentials to something like service_account_jwt_access */
ClientCredentials *pygrpc_ClientCredentials_jwt(
PyTypeObject *type, PyObject *args, PyObject *kwargs) {
@@ -239,7 +214,7 @@ ClientCredentials *pygrpc_ClientCredentials_refresh_token(
}
self = (ClientCredentials *)type->tp_alloc(type, 0);
self->c_creds =
- grpc_refresh_token_credentials_create(json_refresh_token, NULL);
+ grpc_google_refresh_token_credentials_create(json_refresh_token, NULL);
if (!self->c_creds) {
Py_DECREF(self);
PyErr_SetString(PyExc_RuntimeError,
@@ -260,8 +235,8 @@ ClientCredentials *pygrpc_ClientCredentials_iam(
return NULL;
}
self = (ClientCredentials *)type->tp_alloc(type, 0);
- self->c_creds = grpc_iam_credentials_create(authorization_token,
- authority_selector, NULL);
+ self->c_creds = grpc_google_iam_credentials_create(authorization_token,
+ authority_selector, NULL);
if (!self->c_creds) {
Py_DECREF(self);
PyErr_SetString(PyExc_RuntimeError, "couldn't create IAM credentials");
diff --git a/src/python/grpcio/grpc/_cython/_cygrpc/credentials.pyx b/src/python/grpcio/grpc/_cython/_cygrpc/credentials.pyx
index 2d74702fbd..dc40a7a611 100644
--- a/src/python/grpcio/grpc/_cython/_cygrpc/credentials.pyx
+++ b/src/python/grpcio/grpc/_cython/_cygrpc/credentials.pyx
@@ -106,26 +106,6 @@ def client_credentials_compute_engine():
credentials.c_credentials = grpc.grpc_compute_engine_credentials_create()
return credentials
-def client_credentials_service_account(
- json_key, scope, records.Timespec token_lifetime not None):
- if isinstance(json_key, bytes):
- pass
- elif isinstance(json_key, basestring):
- json_key = json_key.encode()
- else:
- raise TypeError("expected json_key to be str or bytes")
- if isinstance(scope, bytes):
- pass
- elif isinstance(scope, basestring):
- scope = scope.encode()
- else:
- raise TypeError("expected scope to be str or bytes")
- cdef ClientCredentials credentials = ClientCredentials()
- credentials.c_credentials = grpc.grpc_service_account_credentials_create(
- json_key, scope, token_lifetime.c_time)
- credentials.references.extend([json_key, scope])
- return credentials
-
#TODO rename to something like client_credentials_service_account_jwt_access.
def client_credentials_jwt(json_key, records.Timespec token_lifetime not None):
if isinstance(json_key, bytes):
diff --git a/src/python/grpcio/grpc/_cython/_cygrpc/grpc.pxd b/src/python/grpcio/grpc/_cython/_cygrpc/grpc.pxd
index c793774c8d..8b46972490 100644
--- a/src/python/grpcio/grpc/_cython/_cygrpc/grpc.pxd
+++ b/src/python/grpcio/grpc/_cython/_cygrpc/grpc.pxd
@@ -311,8 +311,6 @@ cdef extern from "grpc/grpc_security.h":
grpc_credentials *grpc_composite_credentials_create(grpc_credentials *creds1,
grpc_credentials *creds2)
grpc_credentials *grpc_compute_engine_credentials_create()
- grpc_credentials *grpc_service_account_credentials_create(
- const char *json_key, const char *scope, gpr_timespec token_lifetime)
grpc_credentials *grpc_service_account_jwt_access_credentials_create(const char *json_key,
gpr_timespec token_lifetime)
grpc_credentials *grpc_refresh_token_credentials_create(
diff --git a/src/python/grpcio/grpc/_cython/adapter_low.py b/src/python/grpcio/grpc/_cython/adapter_low.py
index 2bb468eece..4f24da330f 100644
--- a/src/python/grpcio/grpc/_cython/adapter_low.py
+++ b/src/python/grpcio/grpc/_cython/adapter_low.py
@@ -60,10 +60,6 @@ class ClientCredentials(object):
raise NotImplementedError()
@staticmethod
- def service_account():
- raise NotImplementedError()
-
- @staticmethod
def jwt():
raise NotImplementedError()
diff --git a/src/python/grpcio/grpc/_links/service.py b/src/python/grpcio/grpc/_links/service.py
index 393f80c1cc..c5ecc47cd9 100644
--- a/src/python/grpcio/grpc/_links/service.py
+++ b/src/python/grpcio/grpc/_links/service.py
@@ -336,10 +336,13 @@ class _Kernel(object):
self._server.start()
self._server.service(None)
- def graceful_stop(self):
+ def begin_stop(self):
with self._lock:
self._server.stop()
self._server = None
+
+ def end_stop(self):
+ with self._lock:
self._completion_queue.stop()
self._completion_queue = None
pool = self._pool
@@ -347,11 +350,6 @@ class _Kernel(object):
self._rpc_states = None
pool.shutdown(wait=True)
- def immediate_stop(self):
- # TODO(nathaniel): Implementation.
- raise NotImplementedError(
- 'TODO(nathaniel): after merge of rewritten lower layers')
-
class ServiceLink(links.Link):
"""A links.Link for use on the service-side of a gRPC connection.
@@ -388,18 +386,20 @@ class ServiceLink(links.Link):
raise NotImplementedError()
@abc.abstractmethod
- def stop_gracefully(self):
- """Stops this link.
+ def begin_stop(self):
+ """Indicate imminent link stop and immediate rejection of new RPCs.
New RPCs will be rejected as soon as this method is called, but ongoing RPCs
- will be allowed to continue until they terminate. This method blocks until
- all RPCs have terminated.
+ will be allowed to continue until they terminate. This method does not
+ block.
"""
raise NotImplementedError()
@abc.abstractmethod
- def stop_immediately(self):
- """Stops this link.
+ def end_stop(self):
+ """Finishes stopping this link.
+
+ begin_stop must have been called exactly once before calling this method.
All in-progress RPCs will be terminated immediately.
"""
@@ -426,12 +426,11 @@ class _ServiceLink(ServiceLink):
self._relay.start()
return self._kernel.start()
- def stop_gracefully(self):
- self._kernel.graceful_stop()
- self._relay.stop()
+ def begin_stop(self):
+ self._kernel.begin_stop()
- def stop_immediately(self):
- self._kernel.immediate_stop()
+ def end_stop(self):
+ self._kernel.end_stop()
self._relay.stop()
diff --git a/src/python/grpcio_test/grpc_interop/methods.py b/src/python/grpcio_test/grpc_interop/methods.py
index 642458e892..52b800af7a 100644
--- a/src/python/grpcio_test/grpc_interop/methods.py
+++ b/src/python/grpcio_test/grpc_interop/methods.py
@@ -346,20 +346,6 @@ def _compute_engine_creds(stub, args):
response.username))
-def _service_account_creds(stub, args):
- json_key_filename = os.environ[
- oauth2client_client.GOOGLE_APPLICATION_CREDENTIALS]
- wanted_email = json.load(open(json_key_filename, 'rb'))['client_email']
- response = _large_unary_common_behavior(stub, True, True)
- if wanted_email != response.username:
- raise ValueError(
- 'expected username %s, got %s' % (wanted_email, response.username))
- if args.oauth_scope.find(response.oauth_scope) == -1:
- raise ValueError(
- 'expected to find oauth scope "%s" in received "%s"' %
- (response.oauth_scope, args.oauth_scope))
-
-
def _oauth2_auth_token(stub, args):
json_key_filename = os.environ[
oauth2client_client.GOOGLE_APPLICATION_CREDENTIALS]
@@ -383,7 +369,6 @@ class TestCase(enum.Enum):
CANCEL_AFTER_BEGIN = 'cancel_after_begin'
CANCEL_AFTER_FIRST_RESPONSE = 'cancel_after_first_response'
COMPUTE_ENGINE_CREDS = 'compute_engine_creds'
- SERVICE_ACCOUNT_CREDS = 'service_account_creds'
OAUTH2_AUTH_TOKEN = 'oauth2_auth_token'
TIMEOUT_ON_SLEEPING_SERVER = 'timeout_on_sleeping_server'
@@ -406,8 +391,6 @@ class TestCase(enum.Enum):
_timeout_on_sleeping_server(stub)
elif self is TestCase.COMPUTE_ENGINE_CREDS:
_compute_engine_creds(stub, args)
- elif self is TestCase.SERVICE_ACCOUNT_CREDS:
- _service_account_creds(stub, args)
elif self is TestCase.OAUTH2_AUTH_TOKEN:
_oauth2_auth_token(stub, args)
else:
diff --git a/src/python/grpcio_test/grpc_test/_core_over_links_base_interface_test.py b/src/python/grpcio_test/grpc_test/_core_over_links_base_interface_test.py
index 5ed5ec0b9a..9112c34190 100644
--- a/src/python/grpcio_test/grpc_test/_core_over_links_base_interface_test.py
+++ b/src/python/grpcio_test/grpc_test/_core_over_links_base_interface_test.py
@@ -110,7 +110,8 @@ class _Implementation(test_interfaces.Implementation):
def destantiate(self, memo):
invocation_grpc_link, service_grpc_link = memo
invocation_grpc_link.stop()
- service_grpc_link.stop_gracefully()
+ service_grpc_link.begin_stop()
+ service_grpc_link.end_stop()
def invocation_initial_metadata(self):
return grpc_test_common.INVOCATION_INITIAL_METADATA
diff --git a/src/python/grpcio_test/grpc_test/_crust_over_core_over_links_face_interface_test.py b/src/python/grpcio_test/grpc_test/_crust_over_core_over_links_face_interface_test.py
index ce7c6f9e7a..1401536503 100644
--- a/src/python/grpcio_test/grpc_test/_crust_over_core_over_links_face_interface_test.py
+++ b/src/python/grpcio_test/grpc_test/_crust_over_core_over_links_face_interface_test.py
@@ -120,8 +120,9 @@ class _Implementation(test_interfaces.Implementation):
service_end_link, pool) = memo
invocation_end_link.stop(0).wait()
invocation_grpc_link.stop()
- service_grpc_link.stop_gracefully()
+ service_grpc_link.begin_stop()
service_end_link.stop(0).wait()
+ service_grpc_link.end_stop()
invocation_end_link.join_link(utilities.NULL_LINK)
invocation_grpc_link.join_link(utilities.NULL_LINK)
service_grpc_link.join_link(utilities.NULL_LINK)
diff --git a/src/python/grpcio_test/grpc_test/_links/_transmission_test.py b/src/python/grpcio_test/grpc_test/_links/_transmission_test.py
index 0fef9b0c5a..c114cef6a6 100644
--- a/src/python/grpcio_test/grpc_test/_links/_transmission_test.py
+++ b/src/python/grpcio_test/grpc_test/_links/_transmission_test.py
@@ -62,7 +62,8 @@ class TransmissionTest(test_cases.TransmissionTest, unittest.TestCase):
def destroy_transmitting_links(self, invocation_side_link, service_side_link):
invocation_side_link.stop()
- service_side_link.stop_gracefully()
+ service_side_link.begin_stop()
+ service_side_link.end_stop()
def create_invocation_initial_metadata(self):
return (
@@ -140,7 +141,8 @@ class RoundTripTest(unittest.TestCase):
invocation_mate.block_until_tickets_satisfy(test_cases.terminated)
invocation_link.stop()
- service_link.stop_gracefully()
+ service_link.begin_stop()
+ service_link.end_stop()
self.assertIs(
service_mate.tickets()[-1].termination,
@@ -206,7 +208,8 @@ class RoundTripTest(unittest.TestCase):
invocation_mate.block_until_tickets_satisfy(test_cases.terminated)
invocation_link.stop()
- service_link.stop_gracefully()
+ service_link.begin_stop()
+ service_link.end_stop()
observed_requests = tuple(
ticket.payload for ticket in service_mate.tickets()
diff --git a/src/ruby/ext/grpc/rb_credentials.c b/src/ruby/ext/grpc/rb_credentials.c
index ac3804df6f..ae757f6986 100644
--- a/src/ruby/ext/grpc/rb_credentials.c
+++ b/src/ruby/ext/grpc/rb_credentials.c
@@ -154,7 +154,7 @@ static VALUE grpc_rb_default_credentials_create(VALUE cls) {
Creates the default credential instances. */
static VALUE grpc_rb_compute_engine_credentials_create(VALUE cls) {
grpc_rb_credentials *wrapper = ALLOC(grpc_rb_credentials);
- wrapper->wrapped = grpc_compute_engine_credentials_create(NULL);
+ wrapper->wrapped = grpc_google_compute_engine_credentials_create(NULL);
if (wrapper->wrapped == NULL) {
rb_raise(rb_eRuntimeError,
"could not create composite engine credentials, not sure why");
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-15 23:03:55 +0000