diff options
Diffstat (limited to 'src/core/security/google_default_credentials.c')
-rw-r--r-- | src/core/security/google_default_credentials.c | 54 |
1 files changed, 30 insertions, 24 deletions
diff --git a/src/core/security/google_default_credentials.c b/src/core/security/google_default_credentials.c index 45135305b2..6a54fe4e47 100644 --- a/src/core/security/google_default_credentials.c +++ b/src/core/security/google_default_credentials.c @@ -50,7 +50,7 @@ /* -- Default credentials. -- */ -static grpc_credentials *default_credentials = NULL; +static grpc_channel_credentials *default_credentials = NULL; static int compute_engine_detection_done = 0; static gpr_mu g_mu; static gpr_once g_once = GPR_ONCE_INIT; @@ -138,11 +138,11 @@ static int is_stack_running_on_compute_engine(void) { } /* Takes ownership of creds_path if not NULL. */ -static grpc_credentials *create_default_creds_from_path(char *creds_path) { +static grpc_call_credentials *create_default_creds_from_path(char *creds_path) { grpc_json *json = NULL; grpc_auth_json_key key; grpc_auth_refresh_token token; - grpc_credentials *result = NULL; + grpc_call_credentials *result = NULL; gpr_slice creds_data = gpr_empty_slice(); int file_ok = 0; if (creds_path == NULL) goto end; @@ -176,9 +176,9 @@ end: return result; } -grpc_credentials *grpc_google_default_credentials_create(void) { - grpc_credentials *result = NULL; - int serving_cached_credentials = 0; +grpc_channel_credentials *grpc_google_default_credentials_create(void) { + grpc_channel_credentials *result = NULL; + grpc_call_credentials *call_creds = NULL; GRPC_API_TRACE("grpc_google_default_credentials_create(void)", 0, ()); @@ -187,20 +187,19 @@ grpc_credentials *grpc_google_default_credentials_create(void) { gpr_mu_lock(&g_mu); if (default_credentials != NULL) { - result = grpc_credentials_ref(default_credentials); - serving_cached_credentials = 1; + result = grpc_channel_credentials_ref(default_credentials); goto end; } /* First, try the environment variable. */ - result = create_default_creds_from_path( + call_creds = create_default_creds_from_path( gpr_getenv(GRPC_GOOGLE_CREDENTIALS_ENV_VAR)); - if (result != NULL) goto end; + if (call_creds != NULL) goto end; /* Then the well-known file. */ - result = create_default_creds_from_path( + call_creds = create_default_creds_from_path( grpc_get_well_known_google_credentials_file_path()); - if (result != NULL) goto end; + if (call_creds != NULL) goto end; /* At last try to see if we're on compute engine (do the detection only once since it requires a network test). */ @@ -208,21 +207,28 @@ grpc_credentials *grpc_google_default_credentials_create(void) { int need_compute_engine_creds = is_stack_running_on_compute_engine(); compute_engine_detection_done = 1; if (need_compute_engine_creds) { - result = grpc_google_compute_engine_credentials_create(NULL); + call_creds = grpc_google_compute_engine_credentials_create(NULL); } } end: - if (!serving_cached_credentials && result != NULL) { - /* Blend with default ssl credentials and add a global reference so that it - can be cached and re-served. */ - grpc_credentials *ssl_creds = grpc_ssl_credentials_create(NULL, NULL, NULL); - default_credentials = grpc_credentials_ref( - grpc_composite_credentials_create(ssl_creds, result, NULL)); - GPR_ASSERT(default_credentials != NULL); - grpc_credentials_unref(ssl_creds); - grpc_credentials_unref(result); - result = default_credentials; + if (result == NULL) { + if (call_creds != NULL) { + /* Blend with default ssl credentials and add a global reference so that + it + can be cached and re-served. */ + grpc_channel_credentials *ssl_creds = + grpc_ssl_credentials_create(NULL, NULL, NULL); + default_credentials = grpc_channel_credentials_ref( + grpc_composite_channel_credentials_create(ssl_creds, call_creds, + NULL)); + GPR_ASSERT(default_credentials != NULL); + grpc_channel_credentials_unref(ssl_creds); + grpc_call_credentials_unref(call_creds); + result = default_credentials; + } else { + gpr_log(GPR_ERROR, "Could not create google default credentials."); + } } gpr_mu_unlock(&g_mu); return result; @@ -232,7 +238,7 @@ void grpc_flush_cached_google_default_credentials(void) { gpr_once_init(&g_once, init_default_credentials); gpr_mu_lock(&g_mu); if (default_credentials != NULL) { - grpc_credentials_unref(default_credentials); + grpc_channel_credentials_unref(default_credentials); default_credentials = NULL; } gpr_mu_unlock(&g_mu); |