aboutsummaryrefslogtreecommitdiffhomepage
path: root/test
diff options
context:
space:
mode:
authorGravatar Soheil Hassas Yeganeh <soheil@google.com>2018-12-06 01:17:51 -0500
committerGravatar Soheil Hassas Yeganeh <soheil@google.com>2018-12-13 10:38:12 -0500
commit9decf48632e2106a56515e67c4147e1a6506b47d (patch)
tree0c4c4704e1a713f5a3bf3b57da4bd93bdb69df9d /test
parent9e9cae7839a362936228cf333045e5da877ace40 (diff)
Move security credentials, connectors, and auth context to C++
This is to use `grpc_core::RefCount` to improve performnace. This commit also replaces explicit C vtables, with C++ vtable with its own compile time assertions and performance benefits. It also makes use of `RefCountedPtr` wherever possible.
Diffstat (limited to 'test')
-rw-r--r--test/core/security/alts_security_connector_test.cc41
-rw-r--r--test/core/security/auth_context_test.cc116
-rw-r--r--test/core/security/credentials_test.cc232
-rw-r--r--test/core/security/oauth2_utils.cc5
-rw-r--r--test/core/security/print_google_default_creds_token.cc9
-rw-r--r--test/core/security/security_connector_test.cc95
-rw-r--r--test/core/security/ssl_server_fuzzer.cc11
-rw-r--r--test/core/surface/secure_channel_create_test.cc2
-rw-r--r--test/cpp/common/auth_property_iterator_test.cc17
-rw-r--r--test/cpp/common/secure_auth_context_test.cc14
-rw-r--r--test/cpp/end2end/grpclb_end2end_test.cc4
11 files changed, 274 insertions, 272 deletions
diff --git a/test/core/security/alts_security_connector_test.cc b/test/core/security/alts_security_connector_test.cc
index 9378236338..bcba340821 100644
--- a/test/core/security/alts_security_connector_test.cc
+++ b/test/core/security/alts_security_connector_test.cc
@@ -33,40 +33,34 @@ using grpc_core::internal::grpc_alts_auth_context_from_tsi_peer;
/* This file contains unit tests of grpc_alts_auth_context_from_tsi_peer(). */
static void test_invalid_input_failure() {
- tsi_peer peer;
- grpc_auth_context* ctx;
- GPR_ASSERT(grpc_alts_auth_context_from_tsi_peer(nullptr, &ctx) ==
- GRPC_SECURITY_ERROR);
- GPR_ASSERT(grpc_alts_auth_context_from_tsi_peer(&peer, nullptr) ==
- GRPC_SECURITY_ERROR);
+ grpc_core::RefCountedPtr<grpc_auth_context> ctx =
+ grpc_alts_auth_context_from_tsi_peer(nullptr);
+ GPR_ASSERT(ctx == nullptr);
}
static void test_empty_certificate_type_failure() {
tsi_peer peer;
- grpc_auth_context* ctx = nullptr;
GPR_ASSERT(tsi_construct_peer(0, &peer) == TSI_OK);
- GPR_ASSERT(grpc_alts_auth_context_from_tsi_peer(&peer, &ctx) ==
- GRPC_SECURITY_ERROR);
+ grpc_core::RefCountedPtr<grpc_auth_context> ctx =
+ grpc_alts_auth_context_from_tsi_peer(&peer);
GPR_ASSERT(ctx == nullptr);
tsi_peer_destruct(&peer);
}
static void test_empty_peer_property_failure() {
tsi_peer peer;
- grpc_auth_context* ctx;
GPR_ASSERT(tsi_construct_peer(1, &peer) == TSI_OK);
GPR_ASSERT(tsi_construct_string_peer_property_from_cstring(
TSI_CERTIFICATE_TYPE_PEER_PROPERTY, TSI_ALTS_CERTIFICATE_TYPE,
&peer.properties[0]) == TSI_OK);
- GPR_ASSERT(grpc_alts_auth_context_from_tsi_peer(&peer, &ctx) ==
- GRPC_SECURITY_ERROR);
+ grpc_core::RefCountedPtr<grpc_auth_context> ctx =
+ grpc_alts_auth_context_from_tsi_peer(&peer);
GPR_ASSERT(ctx == nullptr);
tsi_peer_destruct(&peer);
}
static void test_missing_rpc_protocol_versions_property_failure() {
tsi_peer peer;
- grpc_auth_context* ctx;
GPR_ASSERT(tsi_construct_peer(kTsiAltsNumOfPeerProperties, &peer) == TSI_OK);
GPR_ASSERT(tsi_construct_string_peer_property_from_cstring(
TSI_CERTIFICATE_TYPE_PEER_PROPERTY, TSI_ALTS_CERTIFICATE_TYPE,
@@ -74,23 +68,22 @@ static void test_missing_rpc_protocol_versions_property_failure() {
GPR_ASSERT(tsi_construct_string_peer_property_from_cstring(
TSI_ALTS_SERVICE_ACCOUNT_PEER_PROPERTY, "alice",
&peer.properties[1]) == TSI_OK);
- GPR_ASSERT(grpc_alts_auth_context_from_tsi_peer(&peer, &ctx) ==
- GRPC_SECURITY_ERROR);
+ grpc_core::RefCountedPtr<grpc_auth_context> ctx =
+ grpc_alts_auth_context_from_tsi_peer(&peer);
GPR_ASSERT(ctx == nullptr);
tsi_peer_destruct(&peer);
}
static void test_unknown_peer_property_failure() {
tsi_peer peer;
- grpc_auth_context* ctx;
GPR_ASSERT(tsi_construct_peer(kTsiAltsNumOfPeerProperties, &peer) == TSI_OK);
GPR_ASSERT(tsi_construct_string_peer_property_from_cstring(
TSI_CERTIFICATE_TYPE_PEER_PROPERTY, TSI_ALTS_CERTIFICATE_TYPE,
&peer.properties[0]) == TSI_OK);
GPR_ASSERT(tsi_construct_string_peer_property_from_cstring(
"unknown", "alice", &peer.properties[1]) == TSI_OK);
- GPR_ASSERT(grpc_alts_auth_context_from_tsi_peer(&peer, &ctx) ==
- GRPC_SECURITY_ERROR);
+ grpc_core::RefCountedPtr<grpc_auth_context> ctx =
+ grpc_alts_auth_context_from_tsi_peer(&peer);
GPR_ASSERT(ctx == nullptr);
tsi_peer_destruct(&peer);
}
@@ -119,7 +112,6 @@ static bool test_identity(const grpc_auth_context* ctx,
static void test_alts_peer_to_auth_context_success() {
tsi_peer peer;
- grpc_auth_context* ctx;
GPR_ASSERT(tsi_construct_peer(kTsiAltsNumOfPeerProperties, &peer) == TSI_OK);
GPR_ASSERT(tsi_construct_string_peer_property_from_cstring(
TSI_CERTIFICATE_TYPE_PEER_PROPERTY, TSI_ALTS_CERTIFICATE_TYPE,
@@ -144,11 +136,12 @@ static void test_alts_peer_to_auth_context_success() {
GRPC_SLICE_START_PTR(serialized_peer_versions)),
GRPC_SLICE_LENGTH(serialized_peer_versions),
&peer.properties[2]) == TSI_OK);
- GPR_ASSERT(grpc_alts_auth_context_from_tsi_peer(&peer, &ctx) ==
- GRPC_SECURITY_OK);
- GPR_ASSERT(
- test_identity(ctx, TSI_ALTS_SERVICE_ACCOUNT_PEER_PROPERTY, "alice"));
- GRPC_AUTH_CONTEXT_UNREF(ctx, "test");
+ grpc_core::RefCountedPtr<grpc_auth_context> ctx =
+ grpc_alts_auth_context_from_tsi_peer(&peer);
+ GPR_ASSERT(ctx != nullptr);
+ GPR_ASSERT(test_identity(ctx.get(), TSI_ALTS_SERVICE_ACCOUNT_PEER_PROPERTY,
+ "alice"));
+ ctx.reset(DEBUG_LOCATION, "test");
grpc_slice_unref(serialized_peer_versions);
tsi_peer_destruct(&peer);
}
diff --git a/test/core/security/auth_context_test.cc b/test/core/security/auth_context_test.cc
index 9a39afb800..e7e0cb2ed9 100644
--- a/test/core/security/auth_context_test.cc
+++ b/test/core/security/auth_context_test.cc
@@ -19,114 +19,122 @@
#include <string.h>
#include "src/core/lib/gpr/string.h"
+#include "src/core/lib/gprpp/ref_counted_ptr.h"
#include "src/core/lib/security/context/security_context.h"
#include "test/core/util/test_config.h"
#include <grpc/support/log.h>
static void test_empty_context(void) {
- grpc_auth_context* ctx = grpc_auth_context_create(nullptr);
+ grpc_core::RefCountedPtr<grpc_auth_context> ctx =
+ grpc_core::MakeRefCounted<grpc_auth_context>(nullptr);
grpc_auth_property_iterator it;
gpr_log(GPR_INFO, "test_empty_context");
GPR_ASSERT(ctx != nullptr);
- GPR_ASSERT(grpc_auth_context_peer_identity_property_name(ctx) == nullptr);
- it = grpc_auth_context_peer_identity(ctx);
+ GPR_ASSERT(grpc_auth_context_peer_identity_property_name(ctx.get()) ==
+ nullptr);
+ it = grpc_auth_context_peer_identity(ctx.get());
GPR_ASSERT(grpc_auth_property_iterator_next(&it) == nullptr);
- it = grpc_auth_context_property_iterator(ctx);
+ it = grpc_auth_context_property_iterator(ctx.get());
GPR_ASSERT(grpc_auth_property_iterator_next(&it) == nullptr);
- it = grpc_auth_context_find_properties_by_name(ctx, "foo");
+ it = grpc_auth_context_find_properties_by_name(ctx.get(), "foo");
GPR_ASSERT(grpc_auth_property_iterator_next(&it) == nullptr);
- GPR_ASSERT(grpc_auth_context_set_peer_identity_property_name(ctx, "bar") ==
- 0);
- GPR_ASSERT(grpc_auth_context_peer_identity_property_name(ctx) == nullptr);
- GRPC_AUTH_CONTEXT_UNREF(ctx, "test");
+ GPR_ASSERT(
+ grpc_auth_context_set_peer_identity_property_name(ctx.get(), "bar") == 0);
+ GPR_ASSERT(grpc_auth_context_peer_identity_property_name(ctx.get()) ==
+ nullptr);
+ ctx.reset(DEBUG_LOCATION, "test");
}
static void test_simple_context(void) {
- grpc_auth_context* ctx = grpc_auth_context_create(nullptr);
+ grpc_core::RefCountedPtr<grpc_auth_context> ctx =
+ grpc_core::MakeRefCounted<grpc_auth_context>(nullptr);
grpc_auth_property_iterator it;
size_t i;
gpr_log(GPR_INFO, "test_simple_context");
GPR_ASSERT(ctx != nullptr);
- grpc_auth_context_add_cstring_property(ctx, "name", "chapi");
- grpc_auth_context_add_cstring_property(ctx, "name", "chapo");
- grpc_auth_context_add_cstring_property(ctx, "foo", "bar");
- GPR_ASSERT(ctx->properties.count == 3);
- GPR_ASSERT(grpc_auth_context_set_peer_identity_property_name(ctx, "name") ==
- 1);
-
- GPR_ASSERT(
- strcmp(grpc_auth_context_peer_identity_property_name(ctx), "name") == 0);
- it = grpc_auth_context_property_iterator(ctx);
- for (i = 0; i < ctx->properties.count; i++) {
+ grpc_auth_context_add_cstring_property(ctx.get(), "name", "chapi");
+ grpc_auth_context_add_cstring_property(ctx.get(), "name", "chapo");
+ grpc_auth_context_add_cstring_property(ctx.get(), "foo", "bar");
+ GPR_ASSERT(ctx->properties().count == 3);
+ GPR_ASSERT(grpc_auth_context_set_peer_identity_property_name(ctx.get(),
+ "name") == 1);
+
+ GPR_ASSERT(strcmp(grpc_auth_context_peer_identity_property_name(ctx.get()),
+ "name") == 0);
+ it = grpc_auth_context_property_iterator(ctx.get());
+ for (i = 0; i < ctx->properties().count; i++) {
const grpc_auth_property* p = grpc_auth_property_iterator_next(&it);
- GPR_ASSERT(p == &ctx->properties.array[i]);
+ GPR_ASSERT(p == &ctx->properties().array[i]);
}
GPR_ASSERT(grpc_auth_property_iterator_next(&it) == nullptr);
- it = grpc_auth_context_find_properties_by_name(ctx, "foo");
+ it = grpc_auth_context_find_properties_by_name(ctx.get(), "foo");
GPR_ASSERT(grpc_auth_property_iterator_next(&it) ==
- &ctx->properties.array[2]);
+ &ctx->properties().array[2]);
GPR_ASSERT(grpc_auth_property_iterator_next(&it) == nullptr);
- it = grpc_auth_context_peer_identity(ctx);
+ it = grpc_auth_context_peer_identity(ctx.get());
GPR_ASSERT(grpc_auth_property_iterator_next(&it) ==
- &ctx->properties.array[0]);
+ &ctx->properties().array[0]);
GPR_ASSERT(grpc_auth_property_iterator_next(&it) ==
- &ctx->properties.array[1]);
+ &ctx->properties().array[1]);
GPR_ASSERT(grpc_auth_property_iterator_next(&it) == nullptr);
- GRPC_AUTH_CONTEXT_UNREF(ctx, "test");
+ ctx.reset(DEBUG_LOCATION, "test");
}
static void test_chained_context(void) {
- grpc_auth_context* chained = grpc_auth_context_create(nullptr);
- grpc_auth_context* ctx = grpc_auth_context_create(chained);
+ grpc_core::RefCountedPtr<grpc_auth_context> chained =
+ grpc_core::MakeRefCounted<grpc_auth_context>(nullptr);
+ grpc_auth_context* chained_ptr = chained.get();
+ grpc_core::RefCountedPtr<grpc_auth_context> ctx =
+ grpc_core::MakeRefCounted<grpc_auth_context>(std::move(chained));
+
grpc_auth_property_iterator it;
size_t i;
gpr_log(GPR_INFO, "test_chained_context");
- GRPC_AUTH_CONTEXT_UNREF(chained, "chained");
- grpc_auth_context_add_cstring_property(chained, "name", "padapo");
- grpc_auth_context_add_cstring_property(chained, "foo", "baz");
- grpc_auth_context_add_cstring_property(ctx, "name", "chapi");
- grpc_auth_context_add_cstring_property(ctx, "name", "chap0");
- grpc_auth_context_add_cstring_property(ctx, "foo", "bar");
- GPR_ASSERT(grpc_auth_context_set_peer_identity_property_name(ctx, "name") ==
- 1);
-
- GPR_ASSERT(
- strcmp(grpc_auth_context_peer_identity_property_name(ctx), "name") == 0);
- it = grpc_auth_context_property_iterator(ctx);
- for (i = 0; i < ctx->properties.count; i++) {
+ grpc_auth_context_add_cstring_property(chained_ptr, "name", "padapo");
+ grpc_auth_context_add_cstring_property(chained_ptr, "foo", "baz");
+ grpc_auth_context_add_cstring_property(ctx.get(), "name", "chapi");
+ grpc_auth_context_add_cstring_property(ctx.get(), "name", "chap0");
+ grpc_auth_context_add_cstring_property(ctx.get(), "foo", "bar");
+ GPR_ASSERT(grpc_auth_context_set_peer_identity_property_name(ctx.get(),
+ "name") == 1);
+
+ GPR_ASSERT(strcmp(grpc_auth_context_peer_identity_property_name(ctx.get()),
+ "name") == 0);
+ it = grpc_auth_context_property_iterator(ctx.get());
+ for (i = 0; i < ctx->properties().count; i++) {
const grpc_auth_property* p = grpc_auth_property_iterator_next(&it);
- GPR_ASSERT(p == &ctx->properties.array[i]);
+ GPR_ASSERT(p == &ctx->properties().array[i]);
}
- for (i = 0; i < chained->properties.count; i++) {
+ for (i = 0; i < chained_ptr->properties().count; i++) {
const grpc_auth_property* p = grpc_auth_property_iterator_next(&it);
- GPR_ASSERT(p == &chained->properties.array[i]);
+ GPR_ASSERT(p == &chained_ptr->properties().array[i]);
}
GPR_ASSERT(grpc_auth_property_iterator_next(&it) == nullptr);
- it = grpc_auth_context_find_properties_by_name(ctx, "foo");
+ it = grpc_auth_context_find_properties_by_name(ctx.get(), "foo");
GPR_ASSERT(grpc_auth_property_iterator_next(&it) ==
- &ctx->properties.array[2]);
+ &ctx->properties().array[2]);
GPR_ASSERT(grpc_auth_property_iterator_next(&it) ==
- &chained->properties.array[1]);
+ &chained_ptr->properties().array[1]);
GPR_ASSERT(grpc_auth_property_iterator_next(&it) == nullptr);
- it = grpc_auth_context_peer_identity(ctx);
+ it = grpc_auth_context_peer_identity(ctx.get());
GPR_ASSERT(grpc_auth_property_iterator_next(&it) ==
- &ctx->properties.array[0]);
+ &ctx->properties().array[0]);
GPR_ASSERT(grpc_auth_property_iterator_next(&it) ==
- &ctx->properties.array[1]);
+ &ctx->properties().array[1]);
GPR_ASSERT(grpc_auth_property_iterator_next(&it) ==
- &chained->properties.array[0]);
+ &chained_ptr->properties().array[0]);
GPR_ASSERT(grpc_auth_property_iterator_next(&it) == nullptr);
- GRPC_AUTH_CONTEXT_UNREF(ctx, "test");
+ ctx.reset(DEBUG_LOCATION, "test");
}
int main(int argc, char** argv) {
diff --git a/test/core/security/credentials_test.cc b/test/core/security/credentials_test.cc
index a7a6050ec0..b3a8161786 100644
--- a/test/core/security/credentials_test.cc
+++ b/test/core/security/credentials_test.cc
@@ -46,19 +46,6 @@
using grpc_core::internal::grpc_flush_cached_google_default_credentials;
using grpc_core::internal::set_gce_tenancy_checker_for_testing;
-/* -- Mock channel credentials. -- */
-
-static grpc_channel_credentials* grpc_mock_channel_credentials_create(
- const grpc_channel_credentials_vtable* vtable) {
- grpc_channel_credentials* c =
- static_cast<grpc_channel_credentials*>(gpr_malloc(sizeof(*c)));
- memset(c, 0, sizeof(*c));
- c->type = "mock";
- c->vtable = vtable;
- gpr_ref_init(&c->refcount, 1);
- return c;
-}
-
/* -- Constants. -- */
static const char test_google_iam_authorization_token[] = "blahblahblhahb";
@@ -377,9 +364,9 @@ static void run_request_metadata_test(grpc_call_credentials* creds,
grpc_auth_metadata_context auth_md_ctx,
request_metadata_state* state) {
grpc_error* error = GRPC_ERROR_NONE;
- if (grpc_call_credentials_get_request_metadata(
- creds, &state->pollent, auth_md_ctx, &state->md_array,
- &state->on_request_metadata, &error)) {
+ if (creds->get_request_metadata(&state->pollent, auth_md_ctx,
+ &state->md_array, &state->on_request_metadata,
+ &error)) {
// Synchronous result. Invoke the callback directly.
check_request_metadata(state, error);
GRPC_ERROR_UNREF(error);
@@ -400,7 +387,7 @@ static void test_google_iam_creds(void) {
grpc_auth_metadata_context auth_md_ctx = {test_service_url, test_method,
nullptr, nullptr};
run_request_metadata_test(creds, auth_md_ctx, state);
- grpc_call_credentials_unref(creds);
+ creds->Unref();
}
static void test_access_token_creds(void) {
@@ -412,28 +399,36 @@ static void test_access_token_creds(void) {
grpc_access_token_credentials_create("blah", nullptr);
grpc_auth_metadata_context auth_md_ctx = {test_service_url, test_method,
nullptr, nullptr};
- GPR_ASSERT(strcmp(creds->type, GRPC_CALL_CREDENTIALS_TYPE_OAUTH2) == 0);
+ GPR_ASSERT(strcmp(creds->type(), GRPC_CALL_CREDENTIALS_TYPE_OAUTH2) == 0);
run_request_metadata_test(creds, auth_md_ctx, state);
- grpc_call_credentials_unref(creds);
+ creds->Unref();
}
-static grpc_security_status check_channel_oauth2_create_security_connector(
- grpc_channel_credentials* c, grpc_call_credentials* call_creds,
- const char* target, const grpc_channel_args* args,
- grpc_channel_security_connector** sc, grpc_channel_args** new_args) {
- GPR_ASSERT(strcmp(c->type, "mock") == 0);
- GPR_ASSERT(call_creds != nullptr);
- GPR_ASSERT(strcmp(call_creds->type, GRPC_CALL_CREDENTIALS_TYPE_OAUTH2) == 0);
- return GRPC_SECURITY_OK;
-}
+namespace {
+class check_channel_oauth2 final : public grpc_channel_credentials {
+ public:
+ check_channel_oauth2() : grpc_channel_credentials("mock") {}
+ ~check_channel_oauth2() override = default;
+
+ grpc_core::RefCountedPtr<grpc_channel_security_connector>
+ create_security_connector(
+ grpc_core::RefCountedPtr<grpc_call_credentials> call_creds,
+ const char* target, const grpc_channel_args* args,
+ grpc_channel_args** new_args) override {
+ GPR_ASSERT(strcmp(type(), "mock") == 0);
+ GPR_ASSERT(call_creds != nullptr);
+ GPR_ASSERT(strcmp(call_creds->type(), GRPC_CALL_CREDENTIALS_TYPE_OAUTH2) ==
+ 0);
+ return nullptr;
+ }
+};
+} // namespace
static void test_channel_oauth2_composite_creds(void) {
grpc_core::ExecCtx exec_ctx;
grpc_channel_args* new_args;
- grpc_channel_credentials_vtable vtable = {
- nullptr, check_channel_oauth2_create_security_connector, nullptr};
grpc_channel_credentials* channel_creds =
- grpc_mock_channel_credentials_create(&vtable);
+ grpc_core::New<check_channel_oauth2>();
grpc_call_credentials* oauth2_creds =
grpc_access_token_credentials_create("blah", nullptr);
grpc_channel_credentials* channel_oauth2_creds =
@@ -441,9 +436,8 @@ static void test_channel_oauth2_composite_creds(void) {
nullptr);
grpc_channel_credentials_release(channel_creds);
grpc_call_credentials_release(oauth2_creds);
- GPR_ASSERT(grpc_channel_credentials_create_security_connector(
- channel_oauth2_creds, nullptr, nullptr, nullptr, &new_args) ==
- GRPC_SECURITY_OK);
+ channel_oauth2_creds->create_security_connector(nullptr, nullptr, nullptr,
+ &new_args);
grpc_channel_credentials_release(channel_oauth2_creds);
}
@@ -467,47 +461,54 @@ static void test_oauth2_google_iam_composite_creds(void) {
grpc_call_credentials* composite_creds =
grpc_composite_call_credentials_create(oauth2_creds, google_iam_creds,
nullptr);
- grpc_call_credentials_unref(oauth2_creds);
- grpc_call_credentials_unref(google_iam_creds);
- GPR_ASSERT(
- strcmp(composite_creds->type, GRPC_CALL_CREDENTIALS_TYPE_COMPOSITE) == 0);
- const grpc_call_credentials_array* creds_array =
- grpc_composite_call_credentials_get_credentials(composite_creds);
- GPR_ASSERT(creds_array->num_creds == 2);
- GPR_ASSERT(strcmp(creds_array->creds_array[0]->type,
+ oauth2_creds->Unref();
+ google_iam_creds->Unref();
+ GPR_ASSERT(strcmp(composite_creds->type(),
+ GRPC_CALL_CREDENTIALS_TYPE_COMPOSITE) == 0);
+ const grpc_call_credentials_array& creds_array =
+ static_cast<const grpc_composite_call_credentials*>(composite_creds)
+ ->inner();
+ GPR_ASSERT(creds_array.size() == 2);
+ GPR_ASSERT(strcmp(creds_array.get(0)->type(),
GRPC_CALL_CREDENTIALS_TYPE_OAUTH2) == 0);
- GPR_ASSERT(strcmp(creds_array->creds_array[1]->type,
- GRPC_CALL_CREDENTIALS_TYPE_IAM) == 0);
+ GPR_ASSERT(
+ strcmp(creds_array.get(1)->type(), GRPC_CALL_CREDENTIALS_TYPE_IAM) == 0);
run_request_metadata_test(composite_creds, auth_md_ctx, state);
- grpc_call_credentials_unref(composite_creds);
+ composite_creds->Unref();
}
-static grpc_security_status
-check_channel_oauth2_google_iam_create_security_connector(
- grpc_channel_credentials* c, grpc_call_credentials* call_creds,
- const char* target, const grpc_channel_args* args,
- grpc_channel_security_connector** sc, grpc_channel_args** new_args) {
- const grpc_call_credentials_array* creds_array;
- GPR_ASSERT(strcmp(c->type, "mock") == 0);
- GPR_ASSERT(call_creds != nullptr);
- GPR_ASSERT(strcmp(call_creds->type, GRPC_CALL_CREDENTIALS_TYPE_COMPOSITE) ==
- 0);
- creds_array = grpc_composite_call_credentials_get_credentials(call_creds);
- GPR_ASSERT(strcmp(creds_array->creds_array[0]->type,
- GRPC_CALL_CREDENTIALS_TYPE_OAUTH2) == 0);
- GPR_ASSERT(strcmp(creds_array->creds_array[1]->type,
- GRPC_CALL_CREDENTIALS_TYPE_IAM) == 0);
- return GRPC_SECURITY_OK;
-}
+namespace {
+class check_channel_oauth2_google_iam final : public grpc_channel_credentials {
+ public:
+ check_channel_oauth2_google_iam() : grpc_channel_credentials("mock") {}
+ ~check_channel_oauth2_google_iam() override = default;
+
+ grpc_core::RefCountedPtr<grpc_channel_security_connector>
+ create_security_connector(
+ grpc_core::RefCountedPtr<grpc_call_credentials> call_creds,
+ const char* target, const grpc_channel_args* args,
+ grpc_channel_args** new_args) override {
+ GPR_ASSERT(strcmp(type(), "mock") == 0);
+ GPR_ASSERT(call_creds != nullptr);
+ GPR_ASSERT(
+ strcmp(call_creds->type(), GRPC_CALL_CREDENTIALS_TYPE_COMPOSITE) == 0);
+ const grpc_call_credentials_array& creds_array =
+ static_cast<const grpc_composite_call_credentials*>(call_creds.get())
+ ->inner();
+ GPR_ASSERT(strcmp(creds_array.get(0)->type(),
+ GRPC_CALL_CREDENTIALS_TYPE_OAUTH2) == 0);
+ GPR_ASSERT(strcmp(creds_array.get(1)->type(),
+ GRPC_CALL_CREDENTIALS_TYPE_IAM) == 0);
+ return nullptr;
+ }
+};
+} // namespace
static void test_channel_oauth2_google_iam_composite_creds(void) {
grpc_core::ExecCtx exec_ctx;
grpc_channel_args* new_args;
- grpc_channel_credentials_vtable vtable = {
- nullptr, check_channel_oauth2_google_iam_create_security_connector,
- nullptr};
grpc_channel_credentials* channel_creds =
- grpc_mock_channel_credentials_create(&vtable);
+ grpc_core::New<check_channel_oauth2_google_iam>();
grpc_call_credentials* oauth2_creds =
grpc_access_token_credentials_create("blah", nullptr);
grpc_channel_credentials* channel_oauth2_creds =
@@ -524,9 +525,8 @@ static void test_channel_oauth2_google_iam_composite_creds(void) {
grpc_channel_credentials_release(channel_oauth2_creds);
grpc_call_credentials_release(google_iam_creds);
- GPR_ASSERT(grpc_channel_credentials_create_security_connector(
- channel_oauth2_iam_creds, nullptr, nullptr, nullptr,
- &new_args) == GRPC_SECURITY_OK);
+ channel_oauth2_iam_creds->create_security_connector(nullptr, nullptr, nullptr,
+ &new_args);
grpc_channel_credentials_release(channel_oauth2_iam_creds);
}
@@ -578,7 +578,7 @@ static int httpcli_get_should_not_be_called(const grpc_httpcli_request* request,
return 1;
}
-static void test_compute_engine_creds_success(void) {
+static void test_compute_engine_creds_success() {
grpc_core::ExecCtx exec_ctx;
expected_md emd[] = {
{"authorization", "Bearer ya29.AHES6ZRN3-HlhAPya30GnW_bHSb_"}};
@@ -603,7 +603,7 @@ static void test_compute_engine_creds_success(void) {
run_request_metadata_test(creds, auth_md_ctx, state);
grpc_core::ExecCtx::Get()->Flush();
- grpc_call_credentials_unref(creds);
+ creds->Unref();
grpc_httpcli_set_override(nullptr, nullptr);
}
@@ -620,7 +620,7 @@ static void test_compute_engine_creds_failure(void) {
grpc_httpcli_set_override(compute_engine_httpcli_get_failure_override,
httpcli_post_should_not_be_called);
run_request_metadata_test(creds, auth_md_ctx, state);
- grpc_call_credentials_unref(creds);
+ creds->Unref();
grpc_httpcli_set_override(nullptr, nullptr);
}
@@ -692,7 +692,7 @@ static void test_refresh_token_creds_success(void) {
run_request_metadata_test(creds, auth_md_ctx, state);
grpc_core::ExecCtx::Get()->Flush();
- grpc_call_credentials_unref(creds);
+ creds->Unref();
grpc_httpcli_set_override(nullptr, nullptr);
}
@@ -709,7 +709,7 @@ static void test_refresh_token_creds_failure(void) {
grpc_httpcli_set_override(httpcli_get_should_not_be_called,
refresh_token_httpcli_post_failure);
run_request_metadata_test(creds, auth_md_ctx, state);
- grpc_call_credentials_unref(creds);
+ creds->Unref();
grpc_httpcli_set_override(nullptr, nullptr);
}
@@ -762,7 +762,7 @@ static char* encode_and_sign_jwt_should_not_be_called(
static grpc_service_account_jwt_access_credentials* creds_as_jwt(
grpc_call_credentials* creds) {
GPR_ASSERT(creds != nullptr);
- GPR_ASSERT(strcmp(creds->type, GRPC_CALL_CREDENTIALS_TYPE_JWT) == 0);
+ GPR_ASSERT(strcmp(creds->type(), GRPC_CALL_CREDENTIALS_TYPE_JWT) == 0);
return reinterpret_cast<grpc_service_account_jwt_access_credentials*>(creds);
}
@@ -773,7 +773,7 @@ static void test_jwt_creds_lifetime(void) {
grpc_call_credentials* jwt_creds =
grpc_service_account_jwt_access_credentials_create(
json_key_string, grpc_max_auth_token_lifetime(), nullptr);
- GPR_ASSERT(gpr_time_cmp(creds_as_jwt(jwt_creds)->jwt_lifetime,
+ GPR_ASSERT(gpr_time_cmp(creds_as_jwt(jwt_creds)->jwt_lifetime(),
grpc_max_auth_token_lifetime()) == 0);
grpc_call_credentials_release(jwt_creds);
@@ -782,8 +782,8 @@ static void test_jwt_creds_lifetime(void) {
GPR_ASSERT(gpr_time_cmp(grpc_max_auth_token_lifetime(), token_lifetime) > 0);
jwt_creds = grpc_service_account_jwt_access_credentials_create(
json_key_string, token_lifetime, nullptr);
- GPR_ASSERT(
- gpr_time_cmp(creds_as_jwt(jwt_creds)->jwt_lifetime, token_lifetime) == 0);
+ GPR_ASSERT(gpr_time_cmp(creds_as_jwt(jwt_creds)->jwt_lifetime(),
+ token_lifetime) == 0);
grpc_call_credentials_release(jwt_creds);
// Cropped lifetime.
@@ -791,7 +791,7 @@ static void test_jwt_creds_lifetime(void) {
token_lifetime = gpr_time_add(grpc_max_auth_token_lifetime(), add_to_max);
jwt_creds = grpc_service_account_jwt_access_credentials_create(
json_key_string, token_lifetime, nullptr);
- GPR_ASSERT(gpr_time_cmp(creds_as_jwt(jwt_creds)->jwt_lifetime,
+ GPR_ASSERT(gpr_time_cmp(creds_as_jwt(jwt_creds)->jwt_lifetime(),
grpc_max_auth_token_lifetime()) == 0);
grpc_call_credentials_release(jwt_creds);
@@ -834,7 +834,7 @@ static void test_jwt_creds_success(void) {
run_request_metadata_test(creds, auth_md_ctx, state);
grpc_core::ExecCtx::Get()->Flush();
- grpc_call_credentials_unref(creds);
+ creds->Unref();
gpr_free(json_key_string);
gpr_free(expected_md_value);
grpc_jwt_encode_and_sign_set_override(nullptr);
@@ -856,7 +856,7 @@ static void test_jwt_creds_signing_failure(void) {
run_request_metadata_test(creds, auth_md_ctx, state);
gpr_free(json_key_string);
- grpc_call_credentials_unref(creds);
+ creds->Unref();
grpc_jwt_encode_and_sign_set_override(nullptr);
}
@@ -875,8 +875,6 @@ static void set_google_default_creds_env_var_with_file_contents(
static void test_google_default_creds_auth_key(void) {
grpc_core::ExecCtx exec_ctx;
- grpc_service_account_jwt_access_credentials* jwt;
- grpc_google_default_channel_credentials* default_creds;
grpc_composite_channel_credentials* creds;
char* json_key = test_json_key_str();
grpc_flush_cached_google_default_credentials();
@@ -885,37 +883,39 @@ static void test_google_default_creds_auth_key(void) {
gpr_free(json_key);
creds = reinterpret_cast<grpc_composite_channel_credentials*>(
grpc_google_default_credentials_create());
- default_creds = reinterpret_cast<grpc_google_default_channel_credentials*>(
- creds->inner_creds);
- GPR_ASSERT(default_creds->ssl_creds != nullptr);
- jwt = reinterpret_cast<grpc_service_account_jwt_access_credentials*>(
- creds->call_creds);
+ auto* default_creds =
+ reinterpret_cast<const grpc_google_default_channel_credentials*>(
+ creds->inner_creds());
+ GPR_ASSERT(default_creds->ssl_creds() != nullptr);
+ auto* jwt =
+ reinterpret_cast<const grpc_service_account_jwt_access_credentials*>(
+ creds->call_creds());
GPR_ASSERT(
- strcmp(jwt->key.client_id,
+ strcmp(jwt->key().client_id,
"777-abaslkan11hlb6nmim3bpspl31ud.apps.googleusercontent.com") ==
0);
- grpc_channel_credentials_unref(&creds->base);
+ creds->Unref();
gpr_setenv(GRPC_GOOGLE_CREDENTIALS_ENV_VAR, ""); /* Reset. */
}
static void test_google_default_creds_refresh_token(void) {
grpc_core::ExecCtx exec_ctx;
- grpc_google_refresh_token_credentials* refresh;
- grpc_google_default_channel_credentials* default_creds;
grpc_composite_channel_credentials* creds;
grpc_flush_cached_google_default_credentials();
set_google_default_creds_env_var_with_file_contents(
"refresh_token_google_default_creds", test_refresh_token_str);
creds = reinterpret_cast<grpc_composite_channel_credentials*>(
grpc_google_default_credentials_create());
- default_creds = reinterpret_cast<grpc_google_default_channel_credentials*>(
- creds->inner_creds);
- GPR_ASSERT(default_creds->ssl_creds != nullptr);
- refresh = reinterpret_cast<grpc_google_refresh_token_credentials*>(
- creds->call_creds);
- GPR_ASSERT(strcmp(refresh->refresh_token.client_id,
+ auto* default_creds =
+ reinterpret_cast<const grpc_google_default_channel_credentials*>(
+ creds->inner_creds());
+ GPR_ASSERT(default_creds->ssl_creds() != nullptr);
+ auto* refresh =
+ reinterpret_cast<const grpc_google_refresh_token_credentials*>(
+ creds->call_creds());
+ GPR_ASSERT(strcmp(refresh->refresh_token().client_id,
"32555999999.apps.googleusercontent.com") == 0);
- grpc_channel_credentials_unref(&creds->base);
+ creds->Unref();
gpr_setenv(GRPC_GOOGLE_CREDENTIALS_ENV_VAR, ""); /* Reset. */
}
@@ -965,16 +965,16 @@ static void test_google_default_creds_gce(void) {
/* Verify that the default creds actually embeds a GCE creds. */
GPR_ASSERT(creds != nullptr);
- GPR_ASSERT(creds->call_creds != nullptr);
+ GPR_ASSERT(creds->call_creds() != nullptr);
grpc_httpcli_set_override(compute_engine_httpcli_get_success_override,
httpcli_post_should_not_be_called);
- run_request_metadata_test(creds->call_creds, auth_md_ctx, state);
+ run_request_metadata_test(creds->mutable_call_creds(), auth_md_ctx, state);
grpc_core::ExecCtx::Get()->Flush();
GPR_ASSERT(g_test_gce_tenancy_checker_called == true);
/* Cleanup. */
- grpc_channel_credentials_unref(&creds->base);
+ creds->Unref();
grpc_httpcli_set_override(nullptr, nullptr);
grpc_override_well_known_credentials_path_getter(nullptr);
}
@@ -1003,14 +1003,14 @@ static void test_google_default_creds_non_gce(void) {
grpc_google_default_credentials_create());
/* Verify that the default creds actually embeds a GCE creds. */
GPR_ASSERT(creds != nullptr);
- GPR_ASSERT(creds->call_creds != nullptr);
+ GPR_ASSERT(creds->call_creds() != nullptr);
grpc_httpcli_set_override(compute_engine_httpcli_get_success_override,
httpcli_post_should_not_be_called);
- run_request_metadata_test(creds->call_creds, auth_md_ctx, state);
+ run_request_metadata_test(creds->mutable_call_creds(), auth_md_ctx, state);
grpc_core::ExecCtx::Get()->Flush();
GPR_ASSERT(g_test_gce_tenancy_checker_called == true);
/* Cleanup. */
- grpc_channel_credentials_unref(&creds->base);
+ creds->Unref();
grpc_httpcli_set_override(nullptr, nullptr);
grpc_override_well_known_credentials_path_getter(nullptr);
}
@@ -1121,7 +1121,7 @@ static void test_metadata_plugin_success(void) {
GPR_ASSERT(state == PLUGIN_INITIAL_STATE);
run_request_metadata_test(creds, auth_md_ctx, md_state);
GPR_ASSERT(state == PLUGIN_GET_METADATA_CALLED_STATE);
- grpc_call_credentials_unref(creds);
+ creds->Unref();
GPR_ASSERT(state == PLUGIN_DESTROY_CALLED_STATE);
}
@@ -1149,7 +1149,7 @@ static void test_metadata_plugin_failure(void) {
GPR_ASSERT(state == PLUGIN_INITIAL_STATE);
run_request_metadata_test(creds, auth_md_ctx, md_state);
GPR_ASSERT(state == PLUGIN_GET_METADATA_CALLED_STATE);
- grpc_call_credentials_unref(creds);
+ creds->Unref();
GPR_ASSERT(state == PLUGIN_DESTROY_CALLED_STATE);
}
@@ -1176,25 +1176,23 @@ static void test_channel_creds_duplicate_without_call_creds(void) {
grpc_channel_credentials* channel_creds =
grpc_fake_transport_security_credentials_create();
- grpc_channel_credentials* dup =
- grpc_channel_credentials_duplicate_without_call_credentials(
- channel_creds);
+ grpc_core::RefCountedPtr<grpc_channel_credentials> dup =
+ channel_creds->duplicate_without_call_credentials();
GPR_ASSERT(dup == channel_creds);
- grpc_channel_credentials_unref(dup);
+ dup.reset();
grpc_call_credentials* call_creds =
grpc_access_token_credentials_create("blah", nullptr);
grpc_channel_credentials* composite_creds =
grpc_composite_channel_credentials_create(channel_creds, call_creds,
nullptr);
- grpc_call_credentials_unref(call_creds);
- dup = grpc_channel_credentials_duplicate_without_call_credentials(
- composite_creds);
+ call_creds->Unref();
+ dup = composite_creds->duplicate_without_call_credentials();
GPR_ASSERT(dup == channel_creds);
- grpc_channel_credentials_unref(dup);
+ dup.reset();
- grpc_channel_credentials_unref(channel_creds);
- grpc_channel_credentials_unref(composite_creds);
+ channel_creds->Unref();
+ composite_creds->Unref();
}
typedef struct {
diff --git a/test/core/security/oauth2_utils.cc b/test/core/security/oauth2_utils.cc
index 469129a6d0..c9e205ab74 100644
--- a/test/core/security/oauth2_utils.cc
+++ b/test/core/security/oauth2_utils.cc
@@ -86,9 +86,8 @@ char* grpc_test_fetch_oauth2_token_with_credentials(
grpc_schedule_on_exec_ctx);
grpc_error* error = GRPC_ERROR_NONE;
- if (grpc_call_credentials_get_request_metadata(creds, &request.pops, null_ctx,
- &request.md_array,
- &request.closure, &error)) {
+ if (creds->get_request_metadata(&request.pops, null_ctx, &request.md_array,
+ &request.closure, &error)) {
// Synchronous result; invoke callback directly.
on_oauth2_response(&request, error);
GRPC_ERROR_UNREF(error);
diff --git a/test/core/security/print_google_default_creds_token.cc b/test/core/security/print_google_default_creds_token.cc
index 4d251391ff..398c58c6e1 100644
--- a/test/core/security/print_google_default_creds_token.cc
+++ b/test/core/security/print_google_default_creds_token.cc
@@ -96,11 +96,10 @@ int main(int argc, char** argv) {
grpc_schedule_on_exec_ctx);
error = GRPC_ERROR_NONE;
- if (grpc_call_credentials_get_request_metadata(
- (reinterpret_cast<grpc_composite_channel_credentials*>(creds))
- ->call_creds,
- &sync.pops, context, &sync.md_array, &sync.on_request_metadata,
- &error)) {
+ if (reinterpret_cast<grpc_composite_channel_credentials*>(creds)
+ ->mutable_call_creds()
+ ->get_request_metadata(&sync.pops, context, &sync.md_array,
+ &sync.on_request_metadata, &error)) {
// Synchronous response. Invoke callback directly.
on_metadata_response(&sync, error);
GRPC_ERROR_UNREF(error);
diff --git a/test/core/security/security_connector_test.cc b/test/core/security/security_connector_test.cc
index e82a8627d4..2a31763c73 100644
--- a/test/core/security/security_connector_test.cc
+++ b/test/core/security/security_connector_test.cc
@@ -27,6 +27,7 @@
#include "src/core/lib/gpr/env.h"
#include "src/core/lib/gpr/string.h"
#include "src/core/lib/gpr/tmpfile.h"
+#include "src/core/lib/gprpp/ref_counted_ptr.h"
#include "src/core/lib/security/context/security_context.h"
#include "src/core/lib/security/security_connector/security_connector.h"
#include "src/core/lib/security/security_connector/ssl_utils.h"
@@ -83,22 +84,22 @@ static int check_ssl_peer_equivalence(const tsi_peer* original,
static void test_unauthenticated_ssl_peer(void) {
tsi_peer peer;
tsi_peer rpeer;
- grpc_auth_context* ctx;
GPR_ASSERT(tsi_construct_peer(1, &peer) == TSI_OK);
GPR_ASSERT(tsi_construct_string_peer_property_from_cstring(
TSI_CERTIFICATE_TYPE_PEER_PROPERTY, TSI_X509_CERTIFICATE_TYPE,
&peer.properties[0]) == TSI_OK);
- ctx = grpc_ssl_peer_to_auth_context(&peer);
+ grpc_core::RefCountedPtr<grpc_auth_context> ctx =
+ grpc_ssl_peer_to_auth_context(&peer);
GPR_ASSERT(ctx != nullptr);
- GPR_ASSERT(!grpc_auth_context_peer_is_authenticated(ctx));
- GPR_ASSERT(check_transport_security_type(ctx));
+ GPR_ASSERT(!grpc_auth_context_peer_is_authenticated(ctx.get()));
+ GPR_ASSERT(check_transport_security_type(ctx.get()));
- rpeer = grpc_shallow_peer_from_ssl_auth_context(ctx);
+ rpeer = grpc_shallow_peer_from_ssl_auth_context(ctx.get());
GPR_ASSERT(check_ssl_peer_equivalence(&peer, &rpeer));
grpc_shallow_peer_destruct(&rpeer);
tsi_peer_destruct(&peer);
- GRPC_AUTH_CONTEXT_UNREF(ctx, "test");
+ ctx.reset(DEBUG_LOCATION, "test");
}
static int check_identity(const grpc_auth_context* ctx,
@@ -175,7 +176,6 @@ static int check_x509_pem_cert(const grpc_auth_context* ctx,
static void test_cn_only_ssl_peer_to_auth_context(void) {
tsi_peer peer;
tsi_peer rpeer;
- grpc_auth_context* ctx;
const char* expected_cn = "cn1";
const char* expected_pem_cert = "pem_cert1";
GPR_ASSERT(tsi_construct_peer(3, &peer) == TSI_OK);
@@ -188,26 +188,27 @@ static void test_cn_only_ssl_peer_to_auth_context(void) {
GPR_ASSERT(tsi_construct_string_peer_property_from_cstring(
TSI_X509_PEM_CERT_PROPERTY, expected_pem_cert,
&peer.properties[2]) == TSI_OK);
- ctx = grpc_ssl_peer_to_auth_context(&peer);
+ grpc_core::RefCountedPtr<grpc_auth_context> ctx =
+ grpc_ssl_peer_to_auth_context(&peer);
GPR_ASSERT(ctx != nullptr);
- GPR_ASSERT(grpc_auth_context_peer_is_authenticated(ctx));
- GPR_ASSERT(check_identity(ctx, GRPC_X509_CN_PROPERTY_NAME, &expected_cn, 1));
- GPR_ASSERT(check_transport_security_type(ctx));
- GPR_ASSERT(check_x509_cn(ctx, expected_cn));
- GPR_ASSERT(check_x509_pem_cert(ctx, expected_pem_cert));
+ GPR_ASSERT(grpc_auth_context_peer_is_authenticated(ctx.get()));
+ GPR_ASSERT(
+ check_identity(ctx.get(), GRPC_X509_CN_PROPERTY_NAME, &expected_cn, 1));
+ GPR_ASSERT(check_transport_security_type(ctx.get()));
+ GPR_ASSERT(check_x509_cn(ctx.get(), expected_cn));
+ GPR_ASSERT(check_x509_pem_cert(ctx.get(), expected_pem_cert));
- rpeer = grpc_shallow_peer_from_ssl_auth_context(ctx);
+ rpeer = grpc_shallow_peer_from_ssl_auth_context(ctx.get());
GPR_ASSERT(check_ssl_peer_equivalence(&peer, &rpeer));
grpc_shallow_peer_destruct(&rpeer);
tsi_peer_destruct(&peer);
- GRPC_AUTH_CONTEXT_UNREF(ctx, "test");
+ ctx.reset(DEBUG_LOCATION, "test");
}
static void test_cn_and_one_san_ssl_peer_to_auth_context(void) {
tsi_peer peer;
tsi_peer rpeer;
- grpc_auth_context* ctx;
const char* expected_cn = "cn1";
const char* expected_san = "san1";
const char* expected_pem_cert = "pem_cert1";
@@ -224,27 +225,28 @@ static void test_cn_and_one_san_ssl_peer_to_auth_context(void) {
GPR_ASSERT(tsi_construct_string_peer_property_from_cstring(
TSI_X509_PEM_CERT_PROPERTY, expected_pem_cert,
&peer.properties[3]) == TSI_OK);
- ctx = grpc_ssl_peer_to_auth_context(&peer);
+
+ grpc_core::RefCountedPtr<grpc_auth_context> ctx =
+ grpc_ssl_peer_to_auth_context(&peer);
GPR_ASSERT(ctx != nullptr);
- GPR_ASSERT(grpc_auth_context_peer_is_authenticated(ctx));
+ GPR_ASSERT(grpc_auth_context_peer_is_authenticated(ctx.get()));
GPR_ASSERT(
- check_identity(ctx, GRPC_X509_SAN_PROPERTY_NAME, &expected_san, 1));
- GPR_ASSERT(check_transport_security_type(ctx));
- GPR_ASSERT(check_x509_cn(ctx, expected_cn));
- GPR_ASSERT(check_x509_pem_cert(ctx, expected_pem_cert));
+ check_identity(ctx.get(), GRPC_X509_SAN_PROPERTY_NAME, &expected_san, 1));
+ GPR_ASSERT(check_transport_security_type(ctx.get()));
+ GPR_ASSERT(check_x509_cn(ctx.get(), expected_cn));
+ GPR_ASSERT(check_x509_pem_cert(ctx.get(), expected_pem_cert));
- rpeer = grpc_shallow_peer_from_ssl_auth_context(ctx);
+ rpeer = grpc_shallow_peer_from_ssl_auth_context(ctx.get());
GPR_ASSERT(check_ssl_peer_equivalence(&peer, &rpeer));
grpc_shallow_peer_destruct(&rpeer);
tsi_peer_destruct(&peer);
- GRPC_AUTH_CONTEXT_UNREF(ctx, "test");
+ ctx.reset(DEBUG_LOCATION, "test");
}
static void test_cn_and_multiple_sans_ssl_peer_to_auth_context(void) {
tsi_peer peer;
tsi_peer rpeer;
- grpc_auth_context* ctx;
const char* expected_cn = "cn1";
const char* expected_sans[] = {"san1", "san2", "san3"};
const char* expected_pem_cert = "pem_cert1";
@@ -265,28 +267,28 @@ static void test_cn_and_multiple_sans_ssl_peer_to_auth_context(void) {
TSI_X509_SUBJECT_ALTERNATIVE_NAME_PEER_PROPERTY,
expected_sans[i], &peer.properties[3 + i]) == TSI_OK);
}
- ctx = grpc_ssl_peer_to_auth_context(&peer);
+ grpc_core::RefCountedPtr<grpc_auth_context> ctx =
+ grpc_ssl_peer_to_auth_context(&peer);
GPR_ASSERT(ctx != nullptr);
- GPR_ASSERT(grpc_auth_context_peer_is_authenticated(ctx));
- GPR_ASSERT(check_identity(ctx, GRPC_X509_SAN_PROPERTY_NAME, expected_sans,
- GPR_ARRAY_SIZE(expected_sans)));
- GPR_ASSERT(check_transport_security_type(ctx));
- GPR_ASSERT(check_x509_cn(ctx, expected_cn));
- GPR_ASSERT(check_x509_pem_cert(ctx, expected_pem_cert));
-
- rpeer = grpc_shallow_peer_from_ssl_auth_context(ctx);
+ GPR_ASSERT(grpc_auth_context_peer_is_authenticated(ctx.get()));
+ GPR_ASSERT(check_identity(ctx.get(), GRPC_X509_SAN_PROPERTY_NAME,
+ expected_sans, GPR_ARRAY_SIZE(expected_sans)));
+ GPR_ASSERT(check_transport_security_type(ctx.get()));
+ GPR_ASSERT(check_x509_cn(ctx.get(), expected_cn));
+ GPR_ASSERT(check_x509_pem_cert(ctx.get(), expected_pem_cert));
+
+ rpeer = grpc_shallow_peer_from_ssl_auth_context(ctx.get());
GPR_ASSERT(check_ssl_peer_equivalence(&peer, &rpeer));
grpc_shallow_peer_destruct(&rpeer);
tsi_peer_destruct(&peer);
- GRPC_AUTH_CONTEXT_UNREF(ctx, "test");
+ ctx.reset(DEBUG_LOCATION, "test");
}
static void test_cn_and_multiple_sans_and_others_ssl_peer_to_auth_context(
void) {
tsi_peer peer;
tsi_peer rpeer;
- grpc_auth_context* ctx;
const char* expected_cn = "cn1";
const char* expected_pem_cert = "pem_cert1";
const char* expected_sans[] = {"san1", "san2", "san3"};
@@ -311,21 +313,22 @@ static void test_cn_and_multiple_sans_and_others_ssl_peer_to_auth_context(
TSI_X509_SUBJECT_ALTERNATIVE_NAME_PEER_PROPERTY,
expected_sans[i], &peer.properties[5 + i]) == TSI_OK);
}
- ctx = grpc_ssl_peer_to_auth_context(&peer);
+ grpc_core::RefCountedPtr<grpc_auth_context> ctx =
+ grpc_ssl_peer_to_auth_context(&peer);
GPR_ASSERT(ctx != nullptr);
- GPR_ASSERT(grpc_auth_context_peer_is_authenticated(ctx));
- GPR_ASSERT(check_identity(ctx, GRPC_X509_SAN_PROPERTY_NAME, expected_sans,
- GPR_ARRAY_SIZE(expected_sans)));
- GPR_ASSERT(check_transport_security_type(ctx));
- GPR_ASSERT(check_x509_cn(ctx, expected_cn));
- GPR_ASSERT(check_x509_pem_cert(ctx, expected_pem_cert));
-
- rpeer = grpc_shallow_peer_from_ssl_auth_context(ctx);
+ GPR_ASSERT(grpc_auth_context_peer_is_authenticated(ctx.get()));
+ GPR_ASSERT(check_identity(ctx.get(), GRPC_X509_SAN_PROPERTY_NAME,
+ expected_sans, GPR_ARRAY_SIZE(expected_sans)));
+ GPR_ASSERT(check_transport_security_type(ctx.get()));
+ GPR_ASSERT(check_x509_cn(ctx.get(), expected_cn));
+ GPR_ASSERT(check_x509_pem_cert(ctx.get(), expected_pem_cert));
+
+ rpeer = grpc_shallow_peer_from_ssl_auth_context(ctx.get());
GPR_ASSERT(check_ssl_peer_equivalence(&peer, &rpeer));
grpc_shallow_peer_destruct(&rpeer);
tsi_peer_destruct(&peer);
- GRPC_AUTH_CONTEXT_UNREF(ctx, "test");
+ ctx.reset(DEBUG_LOCATION, "test");
}
static const char* roots_for_override_api = "roots for override api";
diff --git a/test/core/security/ssl_server_fuzzer.cc b/test/core/security/ssl_server_fuzzer.cc
index d2bbb7c1c2..c9380126dd 100644
--- a/test/core/security/ssl_server_fuzzer.cc
+++ b/test/core/security/ssl_server_fuzzer.cc
@@ -82,16 +82,15 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
ca_cert, &pem_key_cert_pair, 1, 0, nullptr);
// Create security connector
- grpc_server_security_connector* sc = nullptr;
- grpc_security_status status =
- grpc_server_credentials_create_security_connector(creds, &sc);
- GPR_ASSERT(status == GRPC_SECURITY_OK);
+ grpc_core::RefCountedPtr<grpc_server_security_connector> sc =
+ creds->create_security_connector();
+ GPR_ASSERT(sc != nullptr);
grpc_millis deadline = GPR_MS_PER_SEC + grpc_core::ExecCtx::Get()->Now();
struct handshake_state state;
state.done_callback_called = false;
grpc_handshake_manager* handshake_mgr = grpc_handshake_manager_create();
- grpc_server_security_connector_add_handshakers(sc, nullptr, handshake_mgr);
+ sc->add_handshakers(nullptr, handshake_mgr);
grpc_handshake_manager_do_handshake(
handshake_mgr, mock_endpoint, nullptr /* channel_args */, deadline,
nullptr /* acceptor */, on_handshake_done, &state);
@@ -110,7 +109,7 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
GPR_ASSERT(state.done_callback_called);
grpc_handshake_manager_destroy(handshake_mgr);
- GRPC_SECURITY_CONNECTOR_UNREF(&sc->base, "test");
+ sc.reset(DEBUG_LOCATION, "test");
grpc_server_credentials_release(creds);
grpc_slice_unref(cert_slice);
grpc_slice_unref(key_slice);
diff --git a/test/core/surface/secure_channel_create_test.cc b/test/core/surface/secure_channel_create_test.cc
index 5610d1ec4a..e9bb815f6e 100644
--- a/test/core/surface/secure_channel_create_test.cc
+++ b/test/core/surface/secure_channel_create_test.cc
@@ -39,7 +39,7 @@ void test_unknown_scheme_target(void) {
GPR_ASSERT(0 == strcmp(elem->filter->name, "lame-client"));
grpc_core::ExecCtx exec_ctx;
GRPC_CHANNEL_INTERNAL_UNREF(chan, "test");
- grpc_channel_credentials_unref(creds);
+ creds->Unref();
}
void test_security_connector_already_in_arg(void) {
diff --git a/test/cpp/common/auth_property_iterator_test.cc b/test/cpp/common/auth_property_iterator_test.cc
index 9634555e4b..5a2844d518 100644
--- a/test/cpp/common/auth_property_iterator_test.cc
+++ b/test/cpp/common/auth_property_iterator_test.cc
@@ -40,15 +40,14 @@ class TestAuthPropertyIterator : public AuthPropertyIterator {
class AuthPropertyIteratorTest : public ::testing::Test {
protected:
void SetUp() override {
- ctx_ = grpc_auth_context_create(nullptr);
- grpc_auth_context_add_cstring_property(ctx_, "name", "chapi");
- grpc_auth_context_add_cstring_property(ctx_, "name", "chapo");
- grpc_auth_context_add_cstring_property(ctx_, "foo", "bar");
- EXPECT_EQ(1,
- grpc_auth_context_set_peer_identity_property_name(ctx_, "name"));
+ ctx_ = grpc_core::MakeRefCounted<grpc_auth_context>(nullptr);
+ grpc_auth_context_add_cstring_property(ctx_.get(), "name", "chapi");
+ grpc_auth_context_add_cstring_property(ctx_.get(), "name", "chapo");
+ grpc_auth_context_add_cstring_property(ctx_.get(), "foo", "bar");
+ EXPECT_EQ(1, grpc_auth_context_set_peer_identity_property_name(ctx_.get(),
+ "name"));
}
- void TearDown() override { grpc_auth_context_release(ctx_); }
- grpc_auth_context* ctx_;
+ grpc_core::RefCountedPtr<grpc_auth_context> ctx_;
};
TEST_F(AuthPropertyIteratorTest, DefaultCtor) {
@@ -59,7 +58,7 @@ TEST_F(AuthPropertyIteratorTest, DefaultCtor) {
TEST_F(AuthPropertyIteratorTest, GeneralTest) {
grpc_auth_property_iterator c_iter =
- grpc_auth_context_property_iterator(ctx_);
+ grpc_auth_context_property_iterator(ctx_.get());
const grpc_auth_property* property =
grpc_auth_property_iterator_next(&c_iter);
TestAuthPropertyIterator iter(property, &c_iter);
diff --git a/test/cpp/common/secure_auth_context_test.cc b/test/cpp/common/secure_auth_context_test.cc
index 6461f49743..03b3a9fdd8 100644
--- a/test/cpp/common/secure_auth_context_test.cc
+++ b/test/cpp/common/secure_auth_context_test.cc
@@ -33,7 +33,7 @@ class SecureAuthContextTest : public ::testing::Test {};
// Created with nullptr
TEST_F(SecureAuthContextTest, EmptyContext) {
- SecureAuthContext context(nullptr, true);
+ SecureAuthContext context(nullptr);
EXPECT_TRUE(context.GetPeerIdentity().empty());
EXPECT_TRUE(context.GetPeerIdentityPropertyName().empty());
EXPECT_TRUE(context.FindPropertyValues("").empty());
@@ -42,8 +42,10 @@ TEST_F(SecureAuthContextTest, EmptyContext) {
}
TEST_F(SecureAuthContextTest, Properties) {
- grpc_auth_context* ctx = grpc_auth_context_create(nullptr);
- SecureAuthContext context(ctx, true);
+ grpc_core::RefCountedPtr<grpc_auth_context> ctx =
+ grpc_core::MakeRefCounted<grpc_auth_context>(nullptr);
+ SecureAuthContext context(ctx.get());
+ ctx.reset();
context.AddProperty("name", "chapi");
context.AddProperty("name", "chapo");
context.AddProperty("foo", "bar");
@@ -60,8 +62,10 @@ TEST_F(SecureAuthContextTest, Properties) {
}
TEST_F(SecureAuthContextTest, Iterators) {
- grpc_auth_context* ctx = grpc_auth_context_create(nullptr);
- SecureAuthContext context(ctx, true);
+ grpc_core::RefCountedPtr<grpc_auth_context> ctx =
+ grpc_core::MakeRefCounted<grpc_auth_context>(nullptr);
+ SecureAuthContext context(ctx.get());
+ ctx.reset();
context.AddProperty("name", "chapi");
context.AddProperty("name", "chapo");
context.AddProperty("foo", "bar");
diff --git a/test/cpp/end2end/grpclb_end2end_test.cc b/test/cpp/end2end/grpclb_end2end_test.cc
index bf990a07b5..2eaacd429d 100644
--- a/test/cpp/end2end/grpclb_end2end_test.cc
+++ b/test/cpp/end2end/grpclb_end2end_test.cc
@@ -414,8 +414,8 @@ class GrpclbEnd2endTest : public ::testing::Test {
std::shared_ptr<ChannelCredentials> creds(
new SecureChannelCredentials(grpc_composite_channel_credentials_create(
channel_creds, call_creds, nullptr)));
- grpc_call_credentials_unref(call_creds);
- grpc_channel_credentials_unref(channel_creds);
+ call_creds->Unref();
+ channel_creds->Unref();
channel_ = CreateCustomChannel(uri.str(), creds, args);
stub_ = grpc::testing::EchoTestService::NewStub(channel_);
}