From 510a920c753213df46587decb2ec87d2d1101e5d Mon Sep 17 00:00:00 2001 From: Julien Boeuf Date: Tue, 25 Aug 2015 21:51:07 -0700 Subject: Credentials cleanup: - Removing service_accounts credentials. These credentials just have drawbacks compared to service_account_jwt_access credentials, notably in terms for security. - Renaming Google specific credentials with a Google prefix for C and C++. This should be done as well for wrapped languages. --- src/cpp/client/secure_credentials.cc | 30 +++++++----------------------- 1 file changed, 7 insertions(+), 23 deletions(-) (limited to 'src/cpp/client') diff --git a/src/cpp/client/secure_credentials.cc b/src/cpp/client/secure_credentials.cc index e0642469b4..2260f6d33e 100644 --- a/src/cpp/client/secure_credentials.cc +++ b/src/cpp/client/secure_credentials.cc @@ -81,26 +81,10 @@ std::shared_ptr SslCredentials( } // Builds credentials for use when running in GCE -std::shared_ptr ComputeEngineCredentials() { +std::shared_ptr GoogleComputeEngineCredentials() { GrpcLibrary init; // To call grpc_init(). - return WrapCredentials(grpc_compute_engine_credentials_create(nullptr)); -} - -// Builds service account credentials. -std::shared_ptr ServiceAccountCredentials( - const grpc::string& json_key, const grpc::string& scope, - long token_lifetime_seconds) { - GrpcLibrary init; // To call grpc_init(). - if (token_lifetime_seconds <= 0) { - gpr_log(GPR_ERROR, - "Trying to create ServiceAccountCredentials " - "with non-positive lifetime"); - return WrapCredentials(nullptr); - } - gpr_timespec lifetime = - gpr_time_from_seconds(token_lifetime_seconds, GPR_TIMESPAN); - return WrapCredentials(grpc_service_account_credentials_create( - json_key.c_str(), scope.c_str(), lifetime, nullptr)); + return WrapCredentials( + grpc_google_compute_engine_credentials_create(nullptr)); } // Builds JWT credentials. @@ -119,10 +103,10 @@ std::shared_ptr ServiceAccountJWTAccessCredentials( } // Builds refresh token credentials. -std::shared_ptr RefreshTokenCredentials( +std::shared_ptr GoogleRefreshTokenCredentials( const grpc::string& json_refresh_token) { GrpcLibrary init; // To call grpc_init(). - return WrapCredentials(grpc_refresh_token_credentials_create( + return WrapCredentials(grpc_google_refresh_token_credentials_create( json_refresh_token.c_str(), nullptr)); } @@ -135,11 +119,11 @@ std::shared_ptr AccessTokenCredentials( } // Builds IAM credentials. -std::shared_ptr IAMCredentials( +std::shared_ptr GoogleIAMCredentials( const grpc::string& authorization_token, const grpc::string& authority_selector) { GrpcLibrary init; // To call grpc_init(). - return WrapCredentials(grpc_iam_credentials_create( + return WrapCredentials(grpc_google_iam_credentials_create( authorization_token.c_str(), authority_selector.c_str(), nullptr)); } -- cgit v1.2.3