diff options
Diffstat (limited to 'src/core/lib/security/credentials/oauth2/oauth2_credentials.cc')
| -rw-r--r-- | src/core/lib/security/credentials/oauth2/oauth2_credentials.cc | 185 |
1 files changed, 92 insertions, 93 deletions
diff --git a/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc b/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc index 7867105f56..2a44211228 100644 --- a/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc +++ b/src/core/lib/security/credentials/oauth2/oauth2_credentials.cc @@ -32,15 +32,15 @@ // int grpc_auth_refresh_token_is_valid( - const grpc_auth_refresh_token *refresh_token) { + const grpc_auth_refresh_token* refresh_token) { return (refresh_token != NULL) && strcmp(refresh_token->type, GRPC_AUTH_JSON_TYPE_INVALID); } grpc_auth_refresh_token grpc_auth_refresh_token_create_from_json( - const grpc_json *json) { + const grpc_json* json) { grpc_auth_refresh_token result; - const char *prop_value; + const char* prop_value; int success = 0; memset(&result, 0, sizeof(grpc_auth_refresh_token)); @@ -72,9 +72,9 @@ end: } grpc_auth_refresh_token grpc_auth_refresh_token_create_from_string( - const char *json_string) { - char *scratchpad = gpr_strdup(json_string); - grpc_json *json = grpc_json_parse_string(scratchpad); + const char* json_string) { + char* scratchpad = gpr_strdup(json_string); + grpc_json* json = grpc_json_parse_string(scratchpad); grpc_auth_refresh_token result = grpc_auth_refresh_token_create_from_json(json); if (json != NULL) grpc_json_destroy(json); @@ -82,7 +82,7 @@ grpc_auth_refresh_token grpc_auth_refresh_token_create_from_string( return result; } -void grpc_auth_refresh_token_destruct(grpc_auth_refresh_token *refresh_token) { +void grpc_auth_refresh_token_destruct(grpc_auth_refresh_token* refresh_token) { if (refresh_token == NULL) return; refresh_token->type = GRPC_AUTH_JSON_TYPE_INVALID; if (refresh_token->client_id != NULL) { @@ -103,10 +103,10 @@ void grpc_auth_refresh_token_destruct(grpc_auth_refresh_token *refresh_token) { // Oauth2 Token Fetcher credentials. // -static void oauth2_token_fetcher_destruct(grpc_exec_ctx *exec_ctx, - grpc_call_credentials *creds) { - grpc_oauth2_token_fetcher_credentials *c = - (grpc_oauth2_token_fetcher_credentials *)creds; +static void oauth2_token_fetcher_destruct(grpc_exec_ctx* exec_ctx, + grpc_call_credentials* creds) { + grpc_oauth2_token_fetcher_credentials* c = + (grpc_oauth2_token_fetcher_credentials*)creds; GRPC_MDELEM_UNREF(exec_ctx, c->access_token_md); gpr_mu_destroy(&c->mu); grpc_pollset_set_destroy(exec_ctx, @@ -116,12 +116,12 @@ static void oauth2_token_fetcher_destruct(grpc_exec_ctx *exec_ctx, grpc_credentials_status grpc_oauth2_token_fetcher_credentials_parse_server_response( - grpc_exec_ctx *exec_ctx, const grpc_http_response *response, - grpc_mdelem *token_md, grpc_millis *token_lifetime) { - char *null_terminated_body = NULL; - char *new_access_token = NULL; + grpc_exec_ctx* exec_ctx, const grpc_http_response* response, + grpc_mdelem* token_md, grpc_millis* token_lifetime) { + char* null_terminated_body = NULL; + char* new_access_token = NULL; grpc_credentials_status status = GRPC_CREDENTIALS_OK; - grpc_json *json = NULL; + grpc_json* json = NULL; if (response == NULL) { gpr_log(GPR_ERROR, "Received NULL response."); @@ -130,7 +130,7 @@ grpc_oauth2_token_fetcher_credentials_parse_server_response( } if (response->body_length > 0) { - null_terminated_body = (char *)gpr_malloc(response->body_length + 1); + null_terminated_body = (char*)gpr_malloc(response->body_length + 1); null_terminated_body[response->body_length] = '\0'; memcpy(null_terminated_body, response->body, response->body_length); } @@ -142,10 +142,10 @@ grpc_oauth2_token_fetcher_credentials_parse_server_response( status = GRPC_CREDENTIALS_ERROR; goto end; } else { - grpc_json *access_token = NULL; - grpc_json *token_type = NULL; - grpc_json *expires_in = NULL; - grpc_json *ptr; + grpc_json* access_token = NULL; + grpc_json* token_type = NULL; + grpc_json* expires_in = NULL; + grpc_json* ptr; json = grpc_json_parse_string(null_terminated_body); if (json == NULL) { gpr_log(GPR_ERROR, "Could not parse JSON from %s", null_terminated_body); @@ -203,14 +203,14 @@ end: return status; } -static void on_oauth2_token_fetcher_http_response(grpc_exec_ctx *exec_ctx, - void *user_data, - grpc_error *error) { +static void on_oauth2_token_fetcher_http_response(grpc_exec_ctx* exec_ctx, + void* user_data, + grpc_error* error) { GRPC_LOG_IF_ERROR("oauth_fetch", GRPC_ERROR_REF(error)); - grpc_credentials_metadata_request *r = - (grpc_credentials_metadata_request *)user_data; - grpc_oauth2_token_fetcher_credentials *c = - (grpc_oauth2_token_fetcher_credentials *)r->creds; + grpc_credentials_metadata_request* r = + (grpc_credentials_metadata_request*)user_data; + grpc_oauth2_token_fetcher_credentials* c = + (grpc_oauth2_token_fetcher_credentials*)r->creds; grpc_mdelem access_token_md = GRPC_MDNULL; grpc_millis token_lifetime; grpc_credentials_status status = @@ -223,7 +223,7 @@ static void on_oauth2_token_fetcher_http_response(grpc_exec_ctx *exec_ctx, c->token_expiration = status == GRPC_CREDENTIALS_OK ? grpc_exec_ctx_now(exec_ctx) + token_lifetime : 0; - grpc_oauth2_pending_get_request_metadata *pending_request = + grpc_oauth2_pending_get_request_metadata* pending_request = c->pending_requests; c->pending_requests = NULL; gpr_mu_unlock(&c->mu); @@ -240,7 +240,7 @@ static void on_oauth2_token_fetcher_http_response(grpc_exec_ctx *exec_ctx, grpc_polling_entity_del_from_pollset_set( exec_ctx, pending_request->pollent, grpc_polling_entity_pollset_set(&c->pollent)); - grpc_oauth2_pending_get_request_metadata *prev = pending_request; + grpc_oauth2_pending_get_request_metadata* prev = pending_request; pending_request = pending_request->next; gpr_free(prev); } @@ -250,12 +250,12 @@ static void on_oauth2_token_fetcher_http_response(grpc_exec_ctx *exec_ctx, } static bool oauth2_token_fetcher_get_request_metadata( - grpc_exec_ctx *exec_ctx, grpc_call_credentials *creds, - grpc_polling_entity *pollent, grpc_auth_metadata_context context, - grpc_credentials_mdelem_array *md_array, grpc_closure *on_request_metadata, - grpc_error **error) { - grpc_oauth2_token_fetcher_credentials *c = - (grpc_oauth2_token_fetcher_credentials *)creds; + grpc_exec_ctx* exec_ctx, grpc_call_credentials* creds, + grpc_polling_entity* pollent, grpc_auth_metadata_context context, + grpc_credentials_mdelem_array* md_array, grpc_closure* on_request_metadata, + grpc_error** error) { + grpc_oauth2_token_fetcher_credentials* c = + (grpc_oauth2_token_fetcher_credentials*)creds; // Check if we can use the cached token. grpc_millis refresh_threshold = GRPC_SECURE_TOKEN_REFRESH_THRESHOLD_SECS * GPR_MS_PER_SEC; @@ -273,8 +273,8 @@ static bool oauth2_token_fetcher_get_request_metadata( } // Couldn't get the token from the cache. // Add request to c->pending_requests and start a new fetch if needed. - grpc_oauth2_pending_get_request_metadata *pending_request = - (grpc_oauth2_pending_get_request_metadata *)gpr_malloc( + grpc_oauth2_pending_get_request_metadata* pending_request = + (grpc_oauth2_pending_get_request_metadata*)gpr_malloc( sizeof(*pending_request)); pending_request->md_array = md_array; pending_request->on_request_metadata = on_request_metadata; @@ -300,13 +300,13 @@ static bool oauth2_token_fetcher_get_request_metadata( } static void oauth2_token_fetcher_cancel_get_request_metadata( - grpc_exec_ctx *exec_ctx, grpc_call_credentials *creds, - grpc_credentials_mdelem_array *md_array, grpc_error *error) { - grpc_oauth2_token_fetcher_credentials *c = - (grpc_oauth2_token_fetcher_credentials *)creds; + grpc_exec_ctx* exec_ctx, grpc_call_credentials* creds, + grpc_credentials_mdelem_array* md_array, grpc_error* error) { + grpc_oauth2_token_fetcher_credentials* c = + (grpc_oauth2_token_fetcher_credentials*)creds; gpr_mu_lock(&c->mu); - grpc_oauth2_pending_get_request_metadata *prev = NULL; - grpc_oauth2_pending_get_request_metadata *pending_request = + grpc_oauth2_pending_get_request_metadata* prev = NULL; + grpc_oauth2_pending_get_request_metadata* pending_request = c->pending_requests; while (pending_request != NULL) { if (pending_request->md_array == md_array) { @@ -329,7 +329,7 @@ static void oauth2_token_fetcher_cancel_get_request_metadata( GRPC_ERROR_UNREF(error); } -static void init_oauth2_token_fetcher(grpc_oauth2_token_fetcher_credentials *c, +static void init_oauth2_token_fetcher(grpc_oauth2_token_fetcher_credentials* c, grpc_fetch_oauth2_func fetch_func) { memset(c, 0, sizeof(grpc_oauth2_token_fetcher_credentials)); c->base.type = GRPC_CALL_CREDENTIALS_TYPE_OAUTH2; @@ -351,20 +351,20 @@ static grpc_call_credentials_vtable compute_engine_vtable = { oauth2_token_fetcher_cancel_get_request_metadata}; static void compute_engine_fetch_oauth2( - grpc_exec_ctx *exec_ctx, grpc_credentials_metadata_request *metadata_req, - grpc_httpcli_context *httpcli_context, grpc_polling_entity *pollent, + grpc_exec_ctx* exec_ctx, grpc_credentials_metadata_request* metadata_req, + grpc_httpcli_context* httpcli_context, grpc_polling_entity* pollent, grpc_iomgr_cb_func response_cb, grpc_millis deadline) { - grpc_http_header header = {(char *)"Metadata-Flavor", (char *)"Google"}; + grpc_http_header header = {(char*)"Metadata-Flavor", (char*)"Google"}; grpc_httpcli_request request; memset(&request, 0, sizeof(grpc_httpcli_request)); - request.host = (char *)GRPC_COMPUTE_ENGINE_METADATA_HOST; - request.http.path = (char *)GRPC_COMPUTE_ENGINE_METADATA_TOKEN_PATH; + request.host = (char*)GRPC_COMPUTE_ENGINE_METADATA_HOST; + request.http.path = (char*)GRPC_COMPUTE_ENGINE_METADATA_TOKEN_PATH; request.http.hdr_count = 1; request.http.hdrs = &header; /* TODO(ctiller): Carry the resource_quota in ctx and share it with the host channel. This would allow us to cancel an authentication query when under extreme memory pressure. */ - grpc_resource_quota *resource_quota = + grpc_resource_quota* resource_quota = grpc_resource_quota_create("oauth2_credentials"); grpc_httpcli_get( exec_ctx, httpcli_context, pollent, resource_quota, &request, deadline, @@ -373,10 +373,10 @@ static void compute_engine_fetch_oauth2( grpc_resource_quota_unref_internal(exec_ctx, resource_quota); } -grpc_call_credentials *grpc_google_compute_engine_credentials_create( - void *reserved) { - grpc_oauth2_token_fetcher_credentials *c = - (grpc_oauth2_token_fetcher_credentials *)gpr_malloc( +grpc_call_credentials* grpc_google_compute_engine_credentials_create( + void* reserved) { + grpc_oauth2_token_fetcher_credentials* c = + (grpc_oauth2_token_fetcher_credentials*)gpr_malloc( sizeof(grpc_oauth2_token_fetcher_credentials)); GRPC_API_TRACE("grpc_compute_engine_credentials_create(reserved=%p)", 1, (reserved)); @@ -390,10 +390,10 @@ grpc_call_credentials *grpc_google_compute_engine_credentials_create( // Google Refresh Token credentials. // -static void refresh_token_destruct(grpc_exec_ctx *exec_ctx, - grpc_call_credentials *creds) { - grpc_google_refresh_token_credentials *c = - (grpc_google_refresh_token_credentials *)creds; +static void refresh_token_destruct(grpc_exec_ctx* exec_ctx, + grpc_call_credentials* creds) { + grpc_google_refresh_token_credentials* c = + (grpc_google_refresh_token_credentials*)creds; grpc_auth_refresh_token_destruct(&c->refresh_token); oauth2_token_fetcher_destruct(exec_ctx, &c->base.base); } @@ -403,28 +403,28 @@ static grpc_call_credentials_vtable refresh_token_vtable = { oauth2_token_fetcher_cancel_get_request_metadata}; static void refresh_token_fetch_oauth2( - grpc_exec_ctx *exec_ctx, grpc_credentials_metadata_request *metadata_req, - grpc_httpcli_context *httpcli_context, grpc_polling_entity *pollent, + grpc_exec_ctx* exec_ctx, grpc_credentials_metadata_request* metadata_req, + grpc_httpcli_context* httpcli_context, grpc_polling_entity* pollent, grpc_iomgr_cb_func response_cb, grpc_millis deadline) { - grpc_google_refresh_token_credentials *c = - (grpc_google_refresh_token_credentials *)metadata_req->creds; - grpc_http_header header = {(char *)"Content-Type", - (char *)"application/x-www-form-urlencoded"}; + grpc_google_refresh_token_credentials* c = + (grpc_google_refresh_token_credentials*)metadata_req->creds; + grpc_http_header header = {(char*)"Content-Type", + (char*)"application/x-www-form-urlencoded"}; grpc_httpcli_request request; - char *body = NULL; + char* body = NULL; gpr_asprintf(&body, GRPC_REFRESH_TOKEN_POST_BODY_FORMAT_STRING, c->refresh_token.client_id, c->refresh_token.client_secret, c->refresh_token.refresh_token); memset(&request, 0, sizeof(grpc_httpcli_request)); - request.host = (char *)GRPC_GOOGLE_OAUTH2_SERVICE_HOST; - request.http.path = (char *)GRPC_GOOGLE_OAUTH2_SERVICE_TOKEN_PATH; + request.host = (char*)GRPC_GOOGLE_OAUTH2_SERVICE_HOST; + request.http.path = (char*)GRPC_GOOGLE_OAUTH2_SERVICE_TOKEN_PATH; request.http.hdr_count = 1; request.http.hdrs = &header; request.handshaker = &grpc_httpcli_ssl; /* TODO(ctiller): Carry the resource_quota in ctx and share it with the host channel. This would allow us to cancel an authentication query when under extreme memory pressure. */ - grpc_resource_quota *resource_quota = + grpc_resource_quota* resource_quota = grpc_resource_quota_create("oauth2_credentials_refresh"); grpc_httpcli_post( exec_ctx, httpcli_context, pollent, resource_quota, &request, body, @@ -435,15 +435,15 @@ static void refresh_token_fetch_oauth2( gpr_free(body); } -grpc_call_credentials * +grpc_call_credentials* grpc_refresh_token_credentials_create_from_auth_refresh_token( grpc_auth_refresh_token refresh_token) { - grpc_google_refresh_token_credentials *c; + grpc_google_refresh_token_credentials* c; if (!grpc_auth_refresh_token_is_valid(&refresh_token)) { gpr_log(GPR_ERROR, "Invalid input for refresh token credentials creation"); return NULL; } - c = (grpc_google_refresh_token_credentials *)gpr_zalloc( + c = (grpc_google_refresh_token_credentials*)gpr_zalloc( sizeof(grpc_google_refresh_token_credentials)); init_oauth2_token_fetcher(&c->base, refresh_token_fetch_oauth2); c->base.base.vtable = &refresh_token_vtable; @@ -451,11 +451,11 @@ grpc_refresh_token_credentials_create_from_auth_refresh_token( return &c->base.base; } -static char *create_loggable_refresh_token(grpc_auth_refresh_token *token) { +static char* create_loggable_refresh_token(grpc_auth_refresh_token* token) { if (strcmp(token->type, GRPC_AUTH_JSON_TYPE_INVALID) == 0) { return gpr_strdup("<Invalid json token>"); } - char *loggable_token = NULL; + char* loggable_token = NULL; gpr_asprintf(&loggable_token, "{\n type: %s\n client_id: %s\n client_secret: " "<redacted>\n refresh_token: <redacted>\n}", @@ -463,12 +463,12 @@ static char *create_loggable_refresh_token(grpc_auth_refresh_token *token) { return loggable_token; } -grpc_call_credentials *grpc_google_refresh_token_credentials_create( - const char *json_refresh_token, void *reserved) { +grpc_call_credentials* grpc_google_refresh_token_credentials_create( + const char* json_refresh_token, void* reserved) { grpc_auth_refresh_token token = grpc_auth_refresh_token_create_from_string(json_refresh_token); if (GRPC_TRACER_ON(grpc_api_trace)) { - char *loggable_token = create_loggable_refresh_token(&token); + char* loggable_token = create_loggable_refresh_token(&token); gpr_log(GPR_INFO, "grpc_refresh_token_credentials_create(json_refresh_token=%s, " "reserved=%p)", @@ -483,25 +483,25 @@ grpc_call_credentials *grpc_google_refresh_token_credentials_create( // Oauth2 Access Token credentials. // -static void access_token_destruct(grpc_exec_ctx *exec_ctx, - grpc_call_credentials *creds) { - grpc_access_token_credentials *c = (grpc_access_token_credentials *)creds; +static void access_token_destruct(grpc_exec_ctx* exec_ctx, + grpc_call_credentials* creds) { + grpc_access_token_credentials* c = (grpc_access_token_credentials*)creds; GRPC_MDELEM_UNREF(exec_ctx, c->access_token_md); } static bool access_token_get_request_metadata( - grpc_exec_ctx *exec_ctx, grpc_call_credentials *creds, - grpc_polling_entity *pollent, grpc_auth_metadata_context context, - grpc_credentials_mdelem_array *md_array, grpc_closure *on_request_metadata, - grpc_error **error) { - grpc_access_token_credentials *c = (grpc_access_token_credentials *)creds; + grpc_exec_ctx* exec_ctx, grpc_call_credentials* creds, + grpc_polling_entity* pollent, grpc_auth_metadata_context context, + grpc_credentials_mdelem_array* md_array, grpc_closure* on_request_metadata, + grpc_error** error) { + grpc_access_token_credentials* c = (grpc_access_token_credentials*)creds; grpc_credentials_mdelem_array_add(md_array, c->access_token_md); return true; } static void access_token_cancel_get_request_metadata( - grpc_exec_ctx *exec_ctx, grpc_call_credentials *c, - grpc_credentials_mdelem_array *md_array, grpc_error *error) { + grpc_exec_ctx* exec_ctx, grpc_call_credentials* c, + grpc_credentials_mdelem_array* md_array, grpc_error* error) { GRPC_ERROR_UNREF(error); } @@ -509,11 +509,10 @@ static grpc_call_credentials_vtable access_token_vtable = { access_token_destruct, access_token_get_request_metadata, access_token_cancel_get_request_metadata}; -grpc_call_credentials *grpc_access_token_credentials_create( - const char *access_token, void *reserved) { - grpc_access_token_credentials *c = - (grpc_access_token_credentials *)gpr_zalloc( - sizeof(grpc_access_token_credentials)); +grpc_call_credentials* grpc_access_token_credentials_create( + const char* access_token, void* reserved) { + grpc_access_token_credentials* c = (grpc_access_token_credentials*)gpr_zalloc( + sizeof(grpc_access_token_credentials)); GRPC_API_TRACE( "grpc_access_token_credentials_create(access_token=<redacted>, " "reserved=%p)", @@ -522,7 +521,7 @@ grpc_call_credentials *grpc_access_token_credentials_create( c->base.type = GRPC_CALL_CREDENTIALS_TYPE_OAUTH2; c->base.vtable = &access_token_vtable; gpr_ref_init(&c->base.refcount, 1); - char *token_md_value; + char* token_md_value; gpr_asprintf(&token_md_value, "Bearer %s", access_token); grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT; c->access_token_md = grpc_mdelem_from_slices( |