From 47c83fdaf71ca5072d0ab37322b37586d23f5ceb Mon Sep 17 00:00:00 2001 From: Craig Tiller Date: Sat, 21 Feb 2015 22:45:35 -0800 Subject: Credentials prototyping - Remove CredentialsFactory as it's unnecessary - Effectively make Credentials a channel factory, allowing different credential types to create different channel types - this gives us a hook so that InsecureCredentials can at runtime instantiate a different kind of channel as required - giving us a way of generating an openssl free version of grpc++. - Server credentials not touched yet, but they'll need to be updated. --- include/grpc++/channel_arguments.h | 6 +-- include/grpc++/create_channel.h | 3 -- include/grpc++/credentials.h | 95 ++++++++++++++++++-------------------- 3 files changed, 47 insertions(+), 57 deletions(-) (limited to 'include/grpc++') diff --git a/include/grpc++/channel_arguments.h b/include/grpc++/channel_arguments.h index 75c3cf45b4..91f89f313e 100644 --- a/include/grpc++/channel_arguments.h +++ b/include/grpc++/channel_arguments.h @@ -62,6 +62,9 @@ class ChannelArguments { void SetInt(const grpc::string& key, int value); void SetString(const grpc::string& key, const grpc::string& value); + // Populates given channel_args with args_, does not take ownership. + void SetChannelArgs(grpc_channel_args* channel_args) const; + private: friend class Channel; friend class testing::ChannelArgumentsTest; @@ -73,9 +76,6 @@ class ChannelArguments { // Returns empty string when it is not set. grpc::string GetSslTargetNameOverride() const; - // Populates given channel_args with args_, does not take ownership. - void SetChannelArgs(grpc_channel_args* channel_args) const; - std::vector args_; std::list strings_; }; diff --git a/include/grpc++/create_channel.h b/include/grpc++/create_channel.h index eadabda359..2c40047e9a 100644 --- a/include/grpc++/create_channel.h +++ b/include/grpc++/create_channel.h @@ -43,9 +43,6 @@ namespace grpc { class ChannelArguments; class ChannelInterface; -std::shared_ptr CreateChannel(const grpc::string& target, - const ChannelArguments& args); - // If creds does not hold an object or is invalid, a lame channel is returned. std::shared_ptr CreateChannel( const grpc::string& target, const std::unique_ptr& creds, diff --git a/include/grpc++/credentials.h b/include/grpc++/credentials.h index ac6f394847..b462b450da 100644 --- a/include/grpc++/credentials.h +++ b/include/grpc++/credentials.h @@ -39,29 +39,21 @@ #include -struct grpc_credentials; - namespace grpc { +class ChannelArguments; +class ChannelInterface; -// grpc_credentials wrapper class. Typical use in C++ applications is limited -// to creating an instance using CredentialsFactory, and passing it down -// during channel construction. - -class Credentials final { +class Credentials { public: - ~Credentials(); - - // TODO(abhikumar): Specify a plugin API here to be implemented by - // credentials that do not have a corresponding implementation in C. + virtual ~Credentials(); private: - explicit Credentials(grpc_credentials*); - grpc_credentials* GetRawCreds(); - - friend class Channel; - friend class CredentialsFactory; + friend std::shared_ptr CreateChannel( + const grpc::string& target, const std::unique_ptr& creds, + const ChannelArguments& args); - grpc_credentials* creds_; + virtual std::shared_ptr CreateChannel( + const grpc::string& target, const ChannelArguments& args) = 0; }; // Options used to build SslCredentials @@ -79,43 +71,44 @@ struct SslCredentialsOptions { grpc::string pem_cert_chain; }; -// Factory for building different types of Credentials -// The methods may return empty unique_ptr when credentials cannot be created. +// Factories for building different types of Credentials +// The functions may return empty unique_ptr when credentials cannot be created. // If a Credentials pointer is returned, it can still be invalid when used to // create a channel. A lame channel will be created then and all rpcs will // fail on it. -class CredentialsFactory { - public: - // Builds credentials with reasonable defaults. - static std::unique_ptr DefaultCredentials(); - - // Builds SSL Credentials given SSL specific options - static std::unique_ptr SslCredentials( - const SslCredentialsOptions& options); - - // Builds credentials for use when running in GCE - static std::unique_ptr ComputeEngineCredentials(); - - // Builds service account credentials. - // json_key is the JSON key string containing the client's private key. - // scope is a space-delimited list of the requested permissions. - // token_lifetime is the lifetime of each token acquired through this service - // account credentials. It should be positive and should not exceed - // grpc_max_auth_token_lifetime or will be cropped to this value. - static std::unique_ptr ServiceAccountCredentials( - const grpc::string& json_key, const grpc::string& scope, - std::chrono::seconds token_lifetime); - - // Builds IAM credentials. - static std::unique_ptr IAMCredentials( - const grpc::string& authorization_token, - const grpc::string& authority_selector); - - // Combines two credentials objects into a composite credentials - static std::unique_ptr ComposeCredentials( - const std::unique_ptr& creds1, - const std::unique_ptr& creds2); -}; + +// Builds credentials with reasonable defaults. +std::unique_ptr DefaultCredentials(); + +// Builds SSL Credentials given SSL specific options +std::unique_ptr SslCredentials( + const SslCredentialsOptions& options); + +// Builds credentials for use when running in GCE +std::unique_ptr ComputeEngineCredentials(); + +// Builds service account credentials. +// json_key is the JSON key string containing the client's private key. +// scope is a space-delimited list of the requested permissions. +// token_lifetime is the lifetime of each token acquired through this service +// account credentials. It should be positive and should not exceed +// grpc_max_auth_token_lifetime or will be cropped to this value. +std::unique_ptr ServiceAccountCredentials( + const grpc::string& json_key, const grpc::string& scope, + std::chrono::seconds token_lifetime); + +// Builds IAM credentials. +std::unique_ptr IAMCredentials( + const grpc::string& authorization_token, + const grpc::string& authority_selector); + +// Combines two credentials objects into a composite credentials +std::unique_ptr ComposeCredentials( + const std::unique_ptr& creds1, + const std::unique_ptr& creds2); + +// Credentials for an unencrypted, unauthenticated channel +std::unique_ptr InsecureCredentials(); } // namespace grpc -- cgit v1.2.3