diff options
Diffstat (limited to 'include/grpc/grpc_security.h')
-rw-r--r-- | include/grpc/grpc_security.h | 31 |
1 files changed, 9 insertions, 22 deletions
diff --git a/include/grpc/grpc_security.h b/include/grpc/grpc_security.h index 6ee6933207..049ab3c4be 100644 --- a/include/grpc/grpc_security.h +++ b/include/grpc/grpc_security.h @@ -97,26 +97,13 @@ grpc_credentials *grpc_composite_credentials_create(grpc_credentials *creds1, grpc_credentials *creds2, void *reserved); -/* Creates a compute engine credentials object. +/* Creates a compute engine credentials object for connecting to Google. WARNING: Do NOT use this credentials to connect to a non-google service as this could result in an oauth2 token leak. */ -grpc_credentials *grpc_compute_engine_credentials_create(void *reserved); +grpc_credentials *grpc_google_compute_engine_credentials_create(void *reserved); extern const gpr_timespec grpc_max_auth_token_lifetime; -/* Creates a service account credentials object. May return NULL if the input is - invalid. - WARNING: Do NOT use this credentials to connect to a non-google service as - this could result in an oauth2 token leak. - - json_key is the JSON key string containing the client's private key. - - scope is a space-delimited list of the requested permissions. - - token_lifetime is the lifetime of each token acquired through this service - account credentials. It should not exceed grpc_max_auth_token_lifetime - or will be cropped to this value. */ -grpc_credentials *grpc_service_account_credentials_create( - const char *json_key, const char *scope, gpr_timespec token_lifetime, - void *reserved); - /* Creates a JWT credentials object. May return NULL if the input is invalid. - json_key is the JSON key string containing the client's private key. - token_lifetime is the lifetime of each Json Web Token (JWT) created with @@ -125,13 +112,13 @@ grpc_credentials *grpc_service_account_credentials_create( grpc_credentials *grpc_service_account_jwt_access_credentials_create( const char *json_key, gpr_timespec token_lifetime, void *reserved); -/* Creates an Oauth2 Refresh Token credentials object. May return NULL if the - input is invalid. +/* Creates an Oauth2 Refresh Token credentials object for connecting to Google. + May return NULL if the input is invalid. WARNING: Do NOT use this credentials to connect to a non-google service as this could result in an oauth2 token leak. - json_refresh_token is the JSON string containing the refresh token itself along with a client_id and client_secret. */ -grpc_credentials *grpc_refresh_token_credentials_create( +grpc_credentials *grpc_google_refresh_token_credentials_create( const char *json_refresh_token, void *reserved); /* Creates an Oauth2 Access Token credentials with an access token that was @@ -139,10 +126,10 @@ grpc_credentials *grpc_refresh_token_credentials_create( grpc_credentials *grpc_access_token_credentials_create( const char *access_token, void *reserved); -/* Creates an IAM credentials object. */ -grpc_credentials *grpc_iam_credentials_create(const char *authorization_token, - const char *authority_selector, - void *reserved); +/* Creates an IAM credentials object for connecting to Google. */ +grpc_credentials *grpc_google_iam_credentials_create( + const char *authorization_token, const char *authority_selector, + void *reserved); /* --- Secure channel creation. --- */ |