aboutsummaryrefslogtreecommitdiffhomepage
path: root/test/core/security
diff options
context:
space:
mode:
Diffstat (limited to 'test/core/security')
-rw-r--r--test/core/security/credentials_test.c335
-rw-r--r--test/core/security/fetch_oauth2.c6
-rw-r--r--test/core/security/oauth2_utils.c7
-rw-r--r--test/core/security/oauth2_utils.h3
-rw-r--r--test/core/security/print_google_default_creds_token.c10
5 files changed, 184 insertions, 177 deletions
diff --git a/test/core/security/credentials_test.c b/test/core/security/credentials_test.c
index 5c1e0f4b94..dcb35e5309 100644
--- a/test/core/security/credentials_test.c
+++ b/test/core/security/credentials_test.c
@@ -50,11 +50,24 @@
#include <openssl/rsa.h>
+/* -- Mock channel credentials. -- */
+
+static grpc_channel_credentials *grpc_mock_channel_credentials_create(
+ const grpc_channel_credentials_vtable *vtable) {
+ grpc_channel_credentials *c = gpr_malloc(sizeof(*c));
+ memset(c, 0, sizeof(*c));
+ c->type = "mock";
+ c->vtable = vtable;
+ gpr_ref_init(&c->refcount, 1);
+ return c;
+}
+
+/* -- Constants. -- */
+
static const char test_google_iam_authorization_token[] = "blahblahblhahb";
static const char test_google_iam_authority_selector[] = "respectmyauthoritah";
static const char test_oauth2_bearer_token[] =
"Bearer blaaslkdjfaslkdfasdsfasf";
-static const char test_root_cert[] = "I am the root!";
/* This JSON key was generated with the GCE console and revoked immediately.
The identifiers have been changed as well.
@@ -113,6 +126,8 @@ static const char test_signed_jwt[] =
static const char test_service_url[] = "https://foo.com/foo.v1";
static const char other_test_service_url[] = "https://bar.com/bar.v1";
+/* -- Utils. -- */
+
static char *test_json_key_str(void) {
size_t result_len = strlen(test_json_key_str_part1) +
strlen(test_json_key_str_part2) +
@@ -141,6 +156,8 @@ static grpc_httpcli_response http_response(int status, const char *body) {
return response;
}
+/* -- Tests. -- */
+
static void test_empty_md_store(void) {
grpc_credentials_md_store *store = grpc_credentials_md_store_create(0);
GPR_ASSERT(store->num_entries == 0);
@@ -219,7 +236,7 @@ static void test_oauth2_token_fetcher_creds_parsing_ok(void) {
GPR_ASSERT(token_lifetime.tv_sec == 3599);
GPR_ASSERT(token_lifetime.tv_nsec == 0);
GPR_ASSERT(token_md->num_entries == 1);
- GPR_ASSERT(gpr_slice_str_cmp(token_md->entries[0].key, "Authorization") == 0);
+ GPR_ASSERT(gpr_slice_str_cmp(token_md->entries[0].key, "authorization") == 0);
GPR_ASSERT(gpr_slice_str_cmp(token_md->entries[0].value,
"Bearer ya29.AHES6ZRN3-HlhAPya30GnW_bHSb_") ==
0);
@@ -319,7 +336,7 @@ static void check_google_iam_metadata(grpc_exec_ctx *exec_ctx, void *user_data,
grpc_credentials_md *md_elems,
size_t num_md,
grpc_credentials_status status) {
- grpc_credentials *c = (grpc_credentials *)user_data;
+ grpc_call_credentials *c = (grpc_call_credentials *)user_data;
expected_md emd[] = {{GRPC_IAM_AUTHORIZATION_TOKEN_METADATA_KEY,
test_google_iam_authorization_token},
{GRPC_IAM_AUTHORITY_SELECTOR_METADATA_KEY,
@@ -327,17 +344,15 @@ static void check_google_iam_metadata(grpc_exec_ctx *exec_ctx, void *user_data,
GPR_ASSERT(status == GRPC_CREDENTIALS_OK);
GPR_ASSERT(num_md == 2);
check_metadata(emd, md_elems, num_md);
- grpc_credentials_unref(c);
+ grpc_call_credentials_unref(c);
}
static void test_google_iam_creds(void) {
grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT;
- grpc_credentials *creds = grpc_google_iam_credentials_create(
+ grpc_call_credentials *creds = grpc_google_iam_credentials_create(
test_google_iam_authorization_token, test_google_iam_authority_selector,
NULL);
- GPR_ASSERT(grpc_credentials_has_request_metadata(creds));
- GPR_ASSERT(grpc_credentials_has_request_metadata_only(creds));
- grpc_credentials_get_request_metadata(&exec_ctx, creds, NULL,
+ grpc_call_credentials_get_request_metadata(&exec_ctx, creds, NULL,
test_service_url,
check_google_iam_metadata, creds);
grpc_exec_ctx_finish(&exec_ctx);
@@ -348,81 +363,58 @@ static void check_access_token_metadata(grpc_exec_ctx *exec_ctx,
grpc_credentials_md *md_elems,
size_t num_md,
grpc_credentials_status status) {
- grpc_credentials *c = (grpc_credentials *)user_data;
+ grpc_call_credentials *c = (grpc_call_credentials *)user_data;
expected_md emd[] = {{GRPC_AUTHORIZATION_METADATA_KEY, "Bearer blah"}};
GPR_ASSERT(status == GRPC_CREDENTIALS_OK);
GPR_ASSERT(num_md == 1);
check_metadata(emd, md_elems, num_md);
- grpc_credentials_unref(c);
+ grpc_call_credentials_unref(c);
}
static void test_access_token_creds(void) {
grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT;
- grpc_credentials *creds = grpc_access_token_credentials_create("blah", NULL);
- GPR_ASSERT(grpc_credentials_has_request_metadata(creds));
- GPR_ASSERT(grpc_credentials_has_request_metadata_only(creds));
- GPR_ASSERT(strcmp(creds->type, GRPC_CREDENTIALS_TYPE_OAUTH2) == 0);
- grpc_credentials_get_request_metadata(&exec_ctx, creds, NULL,
- test_service_url,
- check_access_token_metadata, creds);
+ grpc_call_credentials *creds =
+ grpc_access_token_credentials_create("blah", NULL);
+ GPR_ASSERT(strcmp(creds->type, GRPC_CALL_CREDENTIALS_TYPE_OAUTH2) == 0);
+ grpc_call_credentials_get_request_metadata(
+ &exec_ctx, creds, NULL, test_service_url, check_access_token_metadata,
+ creds);
grpc_exec_ctx_finish(&exec_ctx);
}
-static void check_ssl_oauth2_composite_metadata(
+static grpc_security_status check_channel_oauth2_create_security_connector(
+ grpc_channel_credentials *c, grpc_call_credentials *call_creds,
+ const char *target, const grpc_channel_args *args,
+ grpc_channel_security_connector **sc, grpc_channel_args **new_args) {
+ GPR_ASSERT(strcmp(c->type, "mock") == 0);
+ GPR_ASSERT(call_creds != NULL);
+ GPR_ASSERT(strcmp(call_creds->type, GRPC_CALL_CREDENTIALS_TYPE_OAUTH2) == 0);
+ return GRPC_SECURITY_OK;
+}
+
+static void test_channel_oauth2_composite_creds(void) {
+ grpc_channel_args *new_args;
+ grpc_channel_credentials_vtable vtable = {
+ NULL, check_channel_oauth2_create_security_connector};
+ grpc_channel_credentials *channel_creds =
+ grpc_mock_channel_credentials_create(&vtable);
+ grpc_call_credentials *oauth2_creds =
+ grpc_access_token_credentials_create("blah", NULL);
+ grpc_channel_credentials *channel_oauth2_creds =
+ grpc_composite_channel_credentials_create(channel_creds, oauth2_creds,
+ NULL);
+ grpc_channel_credentials_release(channel_creds);
+ grpc_call_credentials_release(oauth2_creds);
+ GPR_ASSERT(grpc_channel_credentials_create_security_connector(
+ channel_oauth2_creds, NULL, NULL, NULL, &new_args) ==
+ GRPC_SECURITY_OK);
+ grpc_channel_credentials_release(channel_oauth2_creds);
+}
+
+static void check_oauth2_google_iam_composite_metadata(
grpc_exec_ctx *exec_ctx, void *user_data, grpc_credentials_md *md_elems,
size_t num_md, grpc_credentials_status status) {
- grpc_credentials *c = (grpc_credentials *)user_data;
- expected_md emd[] = {
- {GRPC_AUTHORIZATION_METADATA_KEY, test_oauth2_bearer_token}};
- GPR_ASSERT(status == GRPC_CREDENTIALS_OK);
- GPR_ASSERT(num_md == 1);
- check_metadata(emd, md_elems, num_md);
- grpc_credentials_unref(c);
-}
-
-static void test_ssl_oauth2_composite_creds(void) {
- grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT;
- grpc_credentials *ssl_creds =
- grpc_ssl_credentials_create(test_root_cert, NULL, NULL);
- const grpc_credentials_array *creds_array;
- grpc_credentials *oauth2_creds = grpc_md_only_test_credentials_create(
- "Authorization", test_oauth2_bearer_token, 0);
- grpc_credentials *composite_creds =
- grpc_composite_credentials_create(ssl_creds, oauth2_creds, NULL);
- grpc_credentials_unref(ssl_creds);
- grpc_credentials_unref(oauth2_creds);
- GPR_ASSERT(strcmp(composite_creds->type, GRPC_CREDENTIALS_TYPE_COMPOSITE) ==
- 0);
- GPR_ASSERT(grpc_credentials_has_request_metadata(composite_creds));
- GPR_ASSERT(!grpc_credentials_has_request_metadata_only(composite_creds));
- creds_array = grpc_composite_credentials_get_credentials(composite_creds);
- GPR_ASSERT(creds_array->num_creds == 2);
- GPR_ASSERT(strcmp(creds_array->creds_array[0]->type,
- GRPC_CREDENTIALS_TYPE_SSL) == 0);
- GPR_ASSERT(strcmp(creds_array->creds_array[1]->type,
- GRPC_CREDENTIALS_TYPE_OAUTH2) == 0);
- grpc_credentials_get_request_metadata(
- &exec_ctx, composite_creds, NULL, test_service_url,
- check_ssl_oauth2_composite_metadata, composite_creds);
- grpc_exec_ctx_finish(&exec_ctx);
-}
-
-void test_ssl_fake_transport_security_composite_creds_failure(void) {
- grpc_credentials *ssl_creds = grpc_ssl_credentials_create(NULL, NULL, NULL);
- grpc_credentials *fake_transport_security_creds =
- grpc_fake_transport_security_credentials_create();
-
- /* 2 connector credentials: should not work. */
- GPR_ASSERT(grpc_composite_credentials_create(
- ssl_creds, fake_transport_security_creds, NULL) == NULL);
- grpc_credentials_unref(ssl_creds);
- grpc_credentials_unref(fake_transport_security_creds);
-}
-
-static void check_ssl_oauth2_google_iam_composite_metadata(
- grpc_exec_ctx *exec_ctx, void *user_data, grpc_credentials_md *md_elems,
- size_t num_md, grpc_credentials_status status) {
- grpc_credentials *c = (grpc_credentials *)user_data;
+ grpc_call_credentials *c = (grpc_call_credentials *)user_data;
expected_md emd[] = {
{GRPC_AUTHORIZATION_METADATA_KEY, test_oauth2_bearer_token},
{GRPC_IAM_AUTHORIZATION_TOKEN_METADATA_KEY,
@@ -432,51 +424,88 @@ static void check_ssl_oauth2_google_iam_composite_metadata(
GPR_ASSERT(status == GRPC_CREDENTIALS_OK);
GPR_ASSERT(num_md == 3);
check_metadata(emd, md_elems, num_md);
- grpc_credentials_unref(c);
+ grpc_call_credentials_unref(c);
}
-static void test_ssl_oauth2_google_iam_composite_creds(void) {
+static void test_oauth2_google_iam_composite_creds(void) {
grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT;
- grpc_credentials *ssl_creds =
- grpc_ssl_credentials_create(test_root_cert, NULL, NULL);
- const grpc_credentials_array *creds_array;
- grpc_credentials *oauth2_creds = grpc_md_only_test_credentials_create(
- "Authorization", test_oauth2_bearer_token, 0);
- grpc_credentials *aux_creds =
- grpc_composite_credentials_create(ssl_creds, oauth2_creds, NULL);
- grpc_credentials *google_iam_creds = grpc_google_iam_credentials_create(
+ const grpc_call_credentials_array *creds_array;
+ grpc_call_credentials *oauth2_creds = grpc_md_only_test_credentials_create(
+ "authorization", test_oauth2_bearer_token, 0);
+ grpc_call_credentials *google_iam_creds = grpc_google_iam_credentials_create(
test_google_iam_authorization_token, test_google_iam_authority_selector,
NULL);
- grpc_credentials *composite_creds =
- grpc_composite_credentials_create(aux_creds, google_iam_creds, NULL);
- grpc_credentials_unref(ssl_creds);
- grpc_credentials_unref(oauth2_creds);
- grpc_credentials_unref(aux_creds);
- grpc_credentials_unref(google_iam_creds);
- GPR_ASSERT(strcmp(composite_creds->type, GRPC_CREDENTIALS_TYPE_COMPOSITE) ==
- 0);
- GPR_ASSERT(grpc_credentials_has_request_metadata(composite_creds));
- GPR_ASSERT(!grpc_credentials_has_request_metadata_only(composite_creds));
- creds_array = grpc_composite_credentials_get_credentials(composite_creds);
- GPR_ASSERT(creds_array->num_creds == 3);
+ grpc_call_credentials *composite_creds =
+ grpc_composite_call_credentials_create(oauth2_creds, google_iam_creds, NULL);
+ grpc_call_credentials_unref(oauth2_creds);
+ grpc_call_credentials_unref(google_iam_creds);
+ GPR_ASSERT(
+ strcmp(composite_creds->type, GRPC_CALL_CREDENTIALS_TYPE_COMPOSITE) == 0);
+ creds_array =
+ grpc_composite_call_credentials_get_credentials(composite_creds);
+ GPR_ASSERT(creds_array->num_creds == 2);
GPR_ASSERT(strcmp(creds_array->creds_array[0]->type,
- GRPC_CREDENTIALS_TYPE_SSL) == 0);
+ GRPC_CALL_CREDENTIALS_TYPE_OAUTH2) == 0);
GPR_ASSERT(strcmp(creds_array->creds_array[1]->type,
- GRPC_CREDENTIALS_TYPE_OAUTH2) == 0);
- GPR_ASSERT(strcmp(creds_array->creds_array[2]->type,
- GRPC_CREDENTIALS_TYPE_IAM) == 0);
- grpc_credentials_get_request_metadata(
+ GRPC_CALL_CREDENTIALS_TYPE_IAM) == 0);
+ grpc_call_credentials_get_request_metadata(
&exec_ctx, composite_creds, NULL, test_service_url,
- check_ssl_oauth2_google_iam_composite_metadata, composite_creds);
+ check_oauth2_google_iam_composite_metadata, composite_creds);
grpc_exec_ctx_finish(&exec_ctx);
}
+static grpc_security_status
+check_channel_oauth2_google_iam_create_security_connector(
+ grpc_channel_credentials *c, grpc_call_credentials *call_creds,
+ const char *target, const grpc_channel_args *args,
+ grpc_channel_security_connector **sc, grpc_channel_args **new_args) {
+ const grpc_call_credentials_array *creds_array;
+ GPR_ASSERT(strcmp(c->type, "mock") == 0);
+ GPR_ASSERT(call_creds != NULL);
+ GPR_ASSERT(strcmp(call_creds->type, GRPC_CALL_CREDENTIALS_TYPE_COMPOSITE) ==
+ 0);
+ creds_array = grpc_composite_call_credentials_get_credentials(call_creds);
+ GPR_ASSERT(strcmp(creds_array->creds_array[0]->type,
+ GRPC_CALL_CREDENTIALS_TYPE_OAUTH2) == 0);
+ GPR_ASSERT(strcmp(creds_array->creds_array[1]->type,
+ GRPC_CALL_CREDENTIALS_TYPE_IAM) == 0);
+ return GRPC_SECURITY_OK;
+}
+
+static void test_channel_oauth2_google_iam_composite_creds(void) {
+ grpc_channel_args *new_args;
+ grpc_channel_credentials_vtable vtable = {
+ NULL, check_channel_oauth2_google_iam_create_security_connector};
+ grpc_channel_credentials *channel_creds =
+ grpc_mock_channel_credentials_create(&vtable);
+ grpc_call_credentials *oauth2_creds =
+ grpc_access_token_credentials_create("blah", NULL);
+ grpc_channel_credentials *channel_oauth2_creds =
+ grpc_composite_channel_credentials_create(channel_creds, oauth2_creds, NULL);
+ grpc_call_credentials *google_iam_creds = grpc_google_iam_credentials_create(
+ test_google_iam_authorization_token, test_google_iam_authority_selector,
+ NULL);
+ grpc_channel_credentials *channel_oauth2_iam_creds =
+ grpc_composite_channel_credentials_create(channel_oauth2_creds,
+ google_iam_creds, NULL);
+ grpc_channel_credentials_release(channel_creds);
+ grpc_call_credentials_release(oauth2_creds);
+ grpc_channel_credentials_release(channel_oauth2_creds);
+ grpc_call_credentials_release(google_iam_creds);
+
+ GPR_ASSERT(grpc_channel_credentials_create_security_connector(
+ channel_oauth2_iam_creds, NULL, NULL, NULL, &new_args) ==
+ GRPC_SECURITY_OK);
+
+ grpc_channel_credentials_release(channel_oauth2_iam_creds);
+}
+
static void on_oauth2_creds_get_metadata_success(
grpc_exec_ctx *exec_ctx, void *user_data, grpc_credentials_md *md_elems,
size_t num_md, grpc_credentials_status status) {
GPR_ASSERT(status == GRPC_CREDENTIALS_OK);
GPR_ASSERT(num_md == 1);
- GPR_ASSERT(gpr_slice_str_cmp(md_elems[0].key, "Authorization") == 0);
+ GPR_ASSERT(gpr_slice_str_cmp(md_elems[0].key, "authorization") == 0);
GPR_ASSERT(gpr_slice_str_cmp(md_elems[0].value,
"Bearer ya29.AHES6ZRN3-HlhAPya30GnW_bHSb_") ==
0);
@@ -545,15 +574,13 @@ static int httpcli_get_should_not_be_called(
static void test_compute_engine_creds_success(void) {
grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT;
- grpc_credentials *compute_engine_creds =
+ grpc_call_credentials *compute_engine_creds =
grpc_google_compute_engine_credentials_create(NULL);
- GPR_ASSERT(grpc_credentials_has_request_metadata(compute_engine_creds));
- GPR_ASSERT(grpc_credentials_has_request_metadata_only(compute_engine_creds));
/* First request: http get should be called. */
grpc_httpcli_set_override(compute_engine_httpcli_get_success_override,
httpcli_post_should_not_be_called);
- grpc_credentials_get_request_metadata(
+ grpc_call_credentials_get_request_metadata(
&exec_ctx, compute_engine_creds, NULL, test_service_url,
on_oauth2_creds_get_metadata_success, (void *)test_user_data);
grpc_exec_ctx_flush(&exec_ctx);
@@ -561,27 +588,25 @@ static void test_compute_engine_creds_success(void) {
/* Second request: the cached token should be served directly. */
grpc_httpcli_set_override(httpcli_get_should_not_be_called,
httpcli_post_should_not_be_called);
- grpc_credentials_get_request_metadata(
+ grpc_call_credentials_get_request_metadata(
&exec_ctx, compute_engine_creds, NULL, test_service_url,
on_oauth2_creds_get_metadata_success, (void *)test_user_data);
grpc_exec_ctx_finish(&exec_ctx);
- grpc_credentials_unref(compute_engine_creds);
+ grpc_call_credentials_unref(compute_engine_creds);
grpc_httpcli_set_override(NULL, NULL);
}
static void test_compute_engine_creds_failure(void) {
grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT;
- grpc_credentials *compute_engine_creds =
+ grpc_call_credentials *compute_engine_creds =
grpc_google_compute_engine_credentials_create(NULL);
grpc_httpcli_set_override(compute_engine_httpcli_get_failure_override,
httpcli_post_should_not_be_called);
- GPR_ASSERT(grpc_credentials_has_request_metadata(compute_engine_creds));
- GPR_ASSERT(grpc_credentials_has_request_metadata_only(compute_engine_creds));
- grpc_credentials_get_request_metadata(
+ grpc_call_credentials_get_request_metadata(
&exec_ctx, compute_engine_creds, NULL, test_service_url,
on_oauth2_creds_get_metadata_failure, (void *)test_user_data);
- grpc_credentials_unref(compute_engine_creds);
+ grpc_call_credentials_unref(compute_engine_creds);
grpc_httpcli_set_override(NULL, NULL);
grpc_exec_ctx_finish(&exec_ctx);
}
@@ -631,16 +656,14 @@ static int refresh_token_httpcli_post_failure(
static void test_refresh_token_creds_success(void) {
grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT;
- grpc_credentials *refresh_token_creds =
+ grpc_call_credentials *refresh_token_creds =
grpc_google_refresh_token_credentials_create(test_refresh_token_str,
NULL);
- GPR_ASSERT(grpc_credentials_has_request_metadata(refresh_token_creds));
- GPR_ASSERT(grpc_credentials_has_request_metadata_only(refresh_token_creds));
/* First request: http get should be called. */
grpc_httpcli_set_override(httpcli_get_should_not_be_called,
refresh_token_httpcli_post_success);
- grpc_credentials_get_request_metadata(
+ grpc_call_credentials_get_request_metadata(
&exec_ctx, refresh_token_creds, NULL, test_service_url,
on_oauth2_creds_get_metadata_success, (void *)test_user_data);
grpc_exec_ctx_flush(&exec_ctx);
@@ -648,29 +671,27 @@ static void test_refresh_token_creds_success(void) {
/* Second request: the cached token should be served directly. */
grpc_httpcli_set_override(httpcli_get_should_not_be_called,
httpcli_post_should_not_be_called);
- grpc_credentials_get_request_metadata(
+ grpc_call_credentials_get_request_metadata(
&exec_ctx, refresh_token_creds, NULL, test_service_url,
on_oauth2_creds_get_metadata_success, (void *)test_user_data);
grpc_exec_ctx_flush(&exec_ctx);
- grpc_credentials_unref(refresh_token_creds);
+ grpc_call_credentials_unref(refresh_token_creds);
grpc_httpcli_set_override(NULL, NULL);
grpc_exec_ctx_finish(&exec_ctx);
}
static void test_refresh_token_creds_failure(void) {
grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT;
- grpc_credentials *refresh_token_creds =
+ grpc_call_credentials *refresh_token_creds =
grpc_google_refresh_token_credentials_create(test_refresh_token_str,
NULL);
grpc_httpcli_set_override(httpcli_get_should_not_be_called,
refresh_token_httpcli_post_failure);
- GPR_ASSERT(grpc_credentials_has_request_metadata(refresh_token_creds));
- GPR_ASSERT(grpc_credentials_has_request_metadata_only(refresh_token_creds));
- grpc_credentials_get_request_metadata(
+ grpc_call_credentials_get_request_metadata(
&exec_ctx, refresh_token_creds, NULL, test_service_url,
on_oauth2_creds_get_metadata_failure, (void *)test_user_data);
- grpc_credentials_unref(refresh_token_creds);
+ grpc_call_credentials_unref(refresh_token_creds);
grpc_httpcli_set_override(NULL, NULL);
grpc_exec_ctx_finish(&exec_ctx);
}
@@ -730,7 +751,7 @@ static void on_jwt_creds_get_metadata_success(grpc_exec_ctx *exec_ctx,
gpr_asprintf(&expected_md_value, "Bearer %s", test_signed_jwt);
GPR_ASSERT(status == GRPC_CREDENTIALS_OK);
GPR_ASSERT(num_md == 1);
- GPR_ASSERT(gpr_slice_str_cmp(md_elems[0].key, "Authorization") == 0);
+ GPR_ASSERT(gpr_slice_str_cmp(md_elems[0].key, "authorization") == 0);
GPR_ASSERT(gpr_slice_str_cmp(md_elems[0].value, expected_md_value) == 0);
GPR_ASSERT(user_data != NULL);
GPR_ASSERT(strcmp((const char *)user_data, test_user_data) == 0);
@@ -751,15 +772,13 @@ static void on_jwt_creds_get_metadata_failure(grpc_exec_ctx *exec_ctx,
static void test_jwt_creds_success(void) {
char *json_key_string = test_json_key_str();
grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT;
- grpc_credentials *jwt_creds =
+ grpc_call_credentials *jwt_creds =
grpc_service_account_jwt_access_credentials_create(
json_key_string, grpc_max_auth_token_lifetime, NULL);
- GPR_ASSERT(grpc_credentials_has_request_metadata(jwt_creds));
- GPR_ASSERT(grpc_credentials_has_request_metadata_only(jwt_creds));
/* First request: jwt_encode_and_sign should be called. */
grpc_jwt_encode_and_sign_set_override(encode_and_sign_jwt_success);
- grpc_credentials_get_request_metadata(
+ grpc_call_credentials_get_request_metadata(
&exec_ctx, jwt_creds, NULL, test_service_url,
on_jwt_creds_get_metadata_success, (void *)test_user_data);
grpc_exec_ctx_flush(&exec_ctx);
@@ -767,7 +786,7 @@ static void test_jwt_creds_success(void) {
/* Second request: the cached token should be served directly. */
grpc_jwt_encode_and_sign_set_override(
encode_and_sign_jwt_should_not_be_called);
- grpc_credentials_get_request_metadata(
+ grpc_call_credentials_get_request_metadata(
&exec_ctx, jwt_creds, NULL, test_service_url,
on_jwt_creds_get_metadata_success, (void *)test_user_data);
grpc_exec_ctx_flush(&exec_ctx);
@@ -775,32 +794,30 @@ static void test_jwt_creds_success(void) {
/* Third request: Different service url so jwt_encode_and_sign should be
called again (no caching). */
grpc_jwt_encode_and_sign_set_override(encode_and_sign_jwt_success);
- grpc_credentials_get_request_metadata(
+ grpc_call_credentials_get_request_metadata(
&exec_ctx, jwt_creds, NULL, other_test_service_url,
on_jwt_creds_get_metadata_success, (void *)test_user_data);
grpc_exec_ctx_flush(&exec_ctx);
gpr_free(json_key_string);
- grpc_credentials_unref(jwt_creds);
+ grpc_call_credentials_unref(jwt_creds);
grpc_jwt_encode_and_sign_set_override(NULL);
}
static void test_jwt_creds_signing_failure(void) {
char *json_key_string = test_json_key_str();
grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT;
- grpc_credentials *jwt_creds =
+ grpc_call_credentials *jwt_creds =
grpc_service_account_jwt_access_credentials_create(
json_key_string, grpc_max_auth_token_lifetime, NULL);
- GPR_ASSERT(grpc_credentials_has_request_metadata(jwt_creds));
- GPR_ASSERT(grpc_credentials_has_request_metadata_only(jwt_creds));
grpc_jwt_encode_and_sign_set_override(encode_and_sign_jwt_failure);
- grpc_credentials_get_request_metadata(
+ grpc_call_credentials_get_request_metadata(
&exec_ctx, jwt_creds, NULL, test_service_url,
on_jwt_creds_get_metadata_failure, (void *)test_user_data);
gpr_free(json_key_string);
- grpc_credentials_unref(jwt_creds);
+ grpc_call_credentials_unref(jwt_creds);
grpc_jwt_encode_and_sign_set_override(NULL);
grpc_exec_ctx_finish(&exec_ctx);
}
@@ -818,52 +835,39 @@ static void set_google_default_creds_env_var_with_file_contents(
gpr_free(creds_file_name);
}
-static grpc_credentials *composite_inner_creds(grpc_credentials *creds,
- const char *inner_creds_type) {
- size_t i;
- grpc_composite_credentials *composite;
- GPR_ASSERT(strcmp(creds->type, GRPC_CREDENTIALS_TYPE_COMPOSITE) == 0);
- composite = (grpc_composite_credentials *)creds;
- for (i = 0; i < composite->inner.num_creds; i++) {
- grpc_credentials *c = composite->inner.creds_array[i];
- if (strcmp(c->type, inner_creds_type) == 0) return c;
- }
- GPR_ASSERT(0); /* Not found. */
-}
-
static void test_google_default_creds_auth_key(void) {
grpc_service_account_jwt_access_credentials *jwt;
- grpc_credentials *creds;
+ grpc_composite_channel_credentials *creds;
char *json_key = test_json_key_str();
grpc_flush_cached_google_default_credentials();
set_google_default_creds_env_var_with_file_contents(
"json_key_google_default_creds", json_key);
gpr_free(json_key);
- creds = grpc_google_default_credentials_create();
+ creds = (grpc_composite_channel_credentials *)
+ grpc_google_default_credentials_create();
GPR_ASSERT(creds != NULL);
- jwt = (grpc_service_account_jwt_access_credentials *)composite_inner_creds(
- creds, GRPC_CREDENTIALS_TYPE_JWT);
+ jwt = (grpc_service_account_jwt_access_credentials *)creds->call_creds;
GPR_ASSERT(
strcmp(jwt->key.client_id,
"777-abaslkan11hlb6nmim3bpspl31ud.apps.googleusercontent.com") ==
0);
- grpc_credentials_unref(creds);
+ grpc_channel_credentials_unref(&creds->base);
gpr_setenv(GRPC_GOOGLE_CREDENTIALS_ENV_VAR, ""); /* Reset. */
}
static void test_google_default_creds_access_token(void) {
grpc_google_refresh_token_credentials *refresh;
- grpc_credentials *creds;
+ grpc_composite_channel_credentials *creds;
grpc_flush_cached_google_default_credentials();
set_google_default_creds_env_var_with_file_contents(
"refresh_token_google_default_creds", test_refresh_token_str);
- creds = grpc_google_default_credentials_create();
+ creds = (grpc_composite_channel_credentials *)
+ grpc_google_default_credentials_create();
GPR_ASSERT(creds != NULL);
- refresh = (grpc_google_refresh_token_credentials *)composite_inner_creds(
- creds, GRPC_CREDENTIALS_TYPE_OAUTH2);
+ refresh = (grpc_google_refresh_token_credentials *)creds->call_creds;
GPR_ASSERT(strcmp(refresh->refresh_token.client_id,
"32555999999.apps.googleusercontent.com") == 0);
- grpc_credentials_unref(creds);
+ grpc_channel_credentials_unref(&creds->base);
gpr_setenv(GRPC_GOOGLE_CREDENTIALS_ENV_VAR, ""); /* Reset. */
}
@@ -935,7 +939,7 @@ static void plugin_destroy(void *state) {
}
static void test_metadata_plugin_success(void) {
- grpc_credentials *creds;
+ grpc_call_credentials *creds;
plugin_state state = PLUGIN_INITIAL_STATE;
grpc_metadata_credentials_plugin plugin;
grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT;
@@ -946,17 +950,17 @@ static void test_metadata_plugin_success(void) {
creds = grpc_metadata_credentials_create_from_plugin(plugin, NULL);
GPR_ASSERT(state == PLUGIN_INITIAL_STATE);
- grpc_credentials_get_request_metadata(
+ grpc_call_credentials_get_request_metadata(
&exec_ctx, creds, NULL, test_service_url,
on_plugin_metadata_received_success, NULL);
GPR_ASSERT(state == PLUGIN_GET_METADATA_CALLED_STATE);
- grpc_credentials_release(creds);
+ grpc_call_credentials_release(creds);
GPR_ASSERT(state == PLUGIN_DESTROY_CALLED_STATE);
grpc_exec_ctx_finish(&exec_ctx);
}
static void test_metadata_plugin_failure(void) {
- grpc_credentials *creds;
+ grpc_call_credentials *creds;
plugin_state state = PLUGIN_INITIAL_STATE;
grpc_metadata_credentials_plugin plugin;
grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT;
@@ -967,11 +971,11 @@ static void test_metadata_plugin_failure(void) {
creds = grpc_metadata_credentials_create_from_plugin(plugin, NULL);
GPR_ASSERT(state == PLUGIN_INITIAL_STATE);
- grpc_credentials_get_request_metadata(
+ grpc_call_credentials_get_request_metadata(
&exec_ctx, creds, NULL, test_service_url,
on_plugin_metadata_received_failure, NULL);
GPR_ASSERT(state == PLUGIN_GET_METADATA_CALLED_STATE);
- grpc_credentials_release(creds);
+ grpc_call_credentials_release(creds);
GPR_ASSERT(state == PLUGIN_DESTROY_CALLED_STATE);
grpc_exec_ctx_finish(&exec_ctx);
}
@@ -993,8 +997,9 @@ int main(int argc, char **argv) {
test_oauth2_token_fetcher_creds_parsing_missing_token_lifetime();
test_google_iam_creds();
test_access_token_creds();
- test_ssl_oauth2_composite_creds();
- test_ssl_oauth2_google_iam_composite_creds();
+ test_channel_oauth2_composite_creds();
+ test_oauth2_google_iam_composite_creds();
+ test_channel_oauth2_google_iam_composite_creds();
test_compute_engine_creds_success();
test_compute_engine_creds_failure();
test_refresh_token_creds_success();
diff --git a/test/core/security/fetch_oauth2.c b/test/core/security/fetch_oauth2.c
index 764d8da9b6..ee1178cbdd 100644
--- a/test/core/security/fetch_oauth2.c
+++ b/test/core/security/fetch_oauth2.c
@@ -46,7 +46,7 @@
#include "src/core/support/file.h"
#include "test/core/security/oauth2_utils.h"
-static grpc_credentials *create_refresh_token_creds(
+static grpc_call_credentials *create_refresh_token_creds(
const char *json_refresh_token_file_path) {
int success;
gpr_slice refresh_token =
@@ -60,7 +60,7 @@ static grpc_credentials *create_refresh_token_creds(
}
int main(int argc, char **argv) {
- grpc_credentials *creds = NULL;
+ grpc_call_credentials *creds = NULL;
char *json_key_file_path = NULL;
char *json_refresh_token_file_path = NULL;
char *token = NULL;
@@ -115,7 +115,7 @@ int main(int argc, char **argv) {
printf("Got token: %s.\n", token);
gpr_free(token);
}
- grpc_credentials_release(creds);
+ grpc_call_credentials_release(creds);
gpr_cmdline_destroy(cl);
grpc_shutdown();
return 0;
diff --git a/test/core/security/oauth2_utils.c b/test/core/security/oauth2_utils.c
index f99d170592..fcfe8a6377 100644
--- a/test/core/security/oauth2_utils.c
+++ b/test/core/security/oauth2_utils.c
@@ -75,7 +75,8 @@ static void on_oauth2_response(grpc_exec_ctx *exec_ctx, void *user_data,
static void do_nothing(grpc_exec_ctx *exec_ctx, void *unused, int success) {}
-char *grpc_test_fetch_oauth2_token_with_credentials(grpc_credentials *creds) {
+char *grpc_test_fetch_oauth2_token_with_credentials(
+ grpc_call_credentials *creds) {
oauth2_request request;
grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT;
grpc_closure do_nothing_closure;
@@ -84,8 +85,8 @@ char *grpc_test_fetch_oauth2_token_with_credentials(grpc_credentials *creds) {
grpc_closure_init(&do_nothing_closure, do_nothing, NULL);
- grpc_credentials_get_request_metadata(&exec_ctx, creds, &request.pollset, "",
- on_oauth2_response, &request);
+ grpc_call_credentials_get_request_metadata(&exec_ctx, creds, &request.pollset,
+ "", on_oauth2_response, &request);
grpc_exec_ctx_finish(&exec_ctx);
diff --git a/test/core/security/oauth2_utils.h b/test/core/security/oauth2_utils.h
index 8082351b8a..b35fe7987f 100644
--- a/test/core/security/oauth2_utils.h
+++ b/test/core/security/oauth2_utils.h
@@ -42,7 +42,8 @@ extern "C" {
/* Fetch oauth2 access token with a credentials object. Does not take ownership.
Returns NULL on a failure. The caller should call gpr_free on the token. */
-char *grpc_test_fetch_oauth2_token_with_credentials(grpc_credentials *creds);
+char *grpc_test_fetch_oauth2_token_with_credentials(
+ grpc_call_credentials *creds);
#ifdef __cplusplus
}
diff --git a/test/core/security/print_google_default_creds_token.c b/test/core/security/print_google_default_creds_token.c
index f207e05794..eb63724715 100644
--- a/test/core/security/print_google_default_creds_token.c
+++ b/test/core/security/print_google_default_creds_token.c
@@ -72,7 +72,7 @@ int main(int argc, char **argv) {
int result = 0;
grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT;
synchronizer sync;
- grpc_credentials *creds = NULL;
+ grpc_channel_credentials *creds = NULL;
char *service_url = "https://test.foo.google.com/Foo";
gpr_cmdline *cl = gpr_cmdline_create("print_google_default_creds_token");
gpr_cmdline_add_string(cl, "service_url",
@@ -91,9 +91,9 @@ int main(int argc, char **argv) {
grpc_pollset_init(&sync.pollset);
sync.is_done = 0;
- grpc_credentials_get_request_metadata(&exec_ctx, creds, &sync.pollset,
- service_url, on_metadata_response,
- &sync);
+ grpc_call_credentials_get_request_metadata(
+ &exec_ctx, ((grpc_composite_channel_credentials *)creds)->call_creds,
+ &sync.pollset, service_url, on_metadata_response, &sync);
gpr_mu_lock(GRPC_POLLSET_MU(&sync.pollset));
while (!sync.is_done) {
@@ -107,7 +107,7 @@ int main(int argc, char **argv) {
}
gpr_mu_unlock(GRPC_POLLSET_MU(&sync.pollset));
- grpc_credentials_release(creds);
+ grpc_channel_credentials_release(creds);
end:
gpr_cmdline_destroy(cl);
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-18 16:36:26 +0000