grpc/test/cpp/util/cli_credentials.cc

/*
 *
 * Copyright 2016 gRPC authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 *
 */

#include "test/cpp/util/cli_credentials.h"

#include <gflags/gflags.h>

DEFINE_bool(
    enable_ssl, false,
    "Whether to use ssl/tls. Deprecated. Use --channel_creds_type=ssl.");
DEFINE_bool(use_auth, false,
            "Whether to create default google credentials. Deprecated. Use "
            "--channel_creds_type=google_default_credentials.");
DEFINE_string(
    access_token, "",
    "The access token that will be sent to the server to authenticate RPCs.");
DEFINE_string(
    ssl_target, "",
    "If not empty, treat the server host name as this for ssl/tls certificate "
    "validation.");
DEFINE_string(
    channel_creds_type, "",
    "The channel creds type: insecure, ssl, google_default_credentials or "
    "alts.");

namespace grpc {
namespace testing {

grpc::string CliCredentials::GetDefaultChannelCredsType() const {
  // Compatibility logic for --enable_ssl.
  if (FLAGS_enable_ssl) {
    fprintf(stderr,
            "warning: --enable_ssl is deprecated. Use "
            "--channel_creds_type=ssl.\n");
    return "ssl";
  }
  // Compatibility logic for --use_auth.
  if (FLAGS_access_token.empty() && FLAGS_use_auth) {
    fprintf(stderr,
            "warning: --use_auth is deprecated. Use "
            "--channel_creds_type=google_default_credentials.\n");
    return "google_default_credentials";
  }
  return "insecure";
}

std::shared_ptr<grpc::ChannelCredentials>
CliCredentials::GetChannelCredentials() const {
  if (FLAGS_channel_creds_type.compare("insecure") == 0) {
    return grpc::InsecureChannelCredentials();
  } else if (FLAGS_channel_creds_type.compare("ssl") == 0) {
    return grpc::SslCredentials(grpc::SslCredentialsOptions());
  } else if (FLAGS_channel_creds_type.compare("google_default_credentials") ==
             0) {
    return grpc::GoogleDefaultCredentials();
  } else if (FLAGS_channel_creds_type.compare("alts") == 0) {
    return grpc::experimental::AltsCredentials(
        grpc::experimental::AltsCredentialsOptions());
  }
  fprintf(stderr,
          "--channel_creds_type=%s invalid; must be insecure, ssl, "
          "google_default_credentials or alts.\n",
          FLAGS_channel_creds_type.c_str());
  return std::shared_ptr<grpc::ChannelCredentials>();
}

std::shared_ptr<grpc::CallCredentials> CliCredentials::GetCallCredentials()
    const {
  if (!FLAGS_access_token.empty()) {
    if (FLAGS_use_auth) {
      fprintf(stderr,
              "warning: use_auth is ignored when access_token is provided.");
    }
    return grpc::AccessTokenCredentials(FLAGS_access_token);
  }
  return std::shared_ptr<grpc::CallCredentials>();
}

std::shared_ptr<grpc::ChannelCredentials> CliCredentials::GetCredentials()
    const {
  if (FLAGS_channel_creds_type.empty()) {
    FLAGS_channel_creds_type = GetDefaultChannelCredsType();
  } else if (FLAGS_enable_ssl && FLAGS_channel_creds_type.compare("ssl") != 0) {
    fprintf(stderr,
            "warning: ignoring --enable_ssl because "
            "--channel_creds_type already set to %s.\n",
            FLAGS_channel_creds_type.c_str());
  } else if (FLAGS_use_auth && FLAGS_channel_creds_type.compare(
                                   "google_default_credentials") != 0) {
    fprintf(stderr,
            "warning: ignoring --use_auth because "
            "--channel_creds_type already set to %s.\n",
            FLAGS_channel_creds_type.c_str());
  }
  // Legacy transport upgrade logic for insecure requests.
  if (!FLAGS_access_token.empty() &&
      FLAGS_channel_creds_type.compare("insecure") == 0) {
    fprintf(stderr,
            "warning: --channel_creds_type=insecure upgraded to ssl because "
            "an access token was provided.\n");
    FLAGS_channel_creds_type = "ssl";
  }
  std::shared_ptr<grpc::ChannelCredentials> channel_creds =
      GetChannelCredentials();
  // Composite any call-type credentials on top of the base channel.
  std::shared_ptr<grpc::CallCredentials> call_creds = GetCallCredentials();
  return (channel_creds == nullptr || call_creds == nullptr)
             ? channel_creds
             : grpc::CompositeChannelCredentials(channel_creds, call_creds);
}

const grpc::string CliCredentials::GetCredentialUsage() const {
  return "    --enable_ssl             ; Set whether to use ssl (deprecated)\n"
         "    --use_auth               ; Set whether to create default google"
         " credentials\n"
         "    --access_token           ; Set the access token in metadata,"
         " overrides --use_auth\n"
         "    --ssl_target             ; Set server host for ssl validation\n"
         "    --channel_creds_type     ; Set to insecure, ssl, alts or\n"
         "                             ; google_default_credentials\n";
}

const grpc::string CliCredentials::GetSslTargetNameOverride() const {
  bool use_ssl =
      FLAGS_channel_creds_type.compare("ssl") == 0 ||
      FLAGS_channel_creds_type.compare("google_default_credentials") == 0;
  return use_ssl ? FLAGS_ssl_target : "";
}

}  // namespace testing
}  // namespace grpc
Add CliCredentials, config_grpc_cli.h 8 years ago			`/*`
			`*`
auto-fix most of licenses 8 years ago			`* Copyright 2016 gRPC authors.`
Add CliCredentials, config_grpc_cli.h 8 years ago			`*`
auto-fix most of licenses 8 years ago			`* Licensed under the Apache License, Version 2.0 (the "License");`
			`* you may not use this file except in compliance with the License.`
			`* You may obtain a copy of the License at`
Add CliCredentials, config_grpc_cli.h 8 years ago			`*`
auto-fix most of licenses 8 years ago			`* http://www.apache.org/licenses/LICENSE-2.0`
Add CliCredentials, config_grpc_cli.h 8 years ago			`*`
auto-fix most of licenses 8 years ago			`* Unless required by applicable law or agreed to in writing, software`
			`* distributed under the License is distributed on an "AS IS" BASIS,`
			`* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`* See the License for the specific language governing permissions and`
			`* limitations under the License.`
Add CliCredentials, config_grpc_cli.h 8 years ago			`*`
			`*/`

			`#include "test/cpp/util/cli_credentials.h"`

			`#include <gflags/gflags.h>`

Create a --channel_creds_type flag for grpc_cli. This replaces several mutually-exclusive flags for a single selector flag which defines the base channel type. It also allows child classes to selectively override the defaults and provide additional channel types (e.g., LOAS in the mono repo). Fixes issue #16060. 6 years ago			`DEFINE_bool(`
			`enable_ssl, false,`
			`"Whether to use ssl/tls. Deprecated. Use --channel_creds_type=ssl.");`
Make `google_default_credentials` be an additional channel type. 6 years ago			`DEFINE_bool(use_auth, false,`
			`"Whether to create default google credentials. Deprecated. Use "`
			`"--channel_creds_type=google_default_credentials.");`
Address review comments 7 years ago			`DEFINE_string(`
			`access_token, "",`
			`"The access token that will be sent to the server to authenticate RPCs.");`
Introduce --ssl_target flag to grpc_cli. This allows the client to specify the host name of the remote server for the purposes of TLS certificate validation, useful for test certificates and machines with ephemeral IP addresses with no associated DNS entries that have been assigned TLS certificates. 6 years ago			`DEFINE_string(`
			`ssl_target, "",`
			`"If not empty, treat the server host name as this for ssl/tls certificate "`
			`"validation.");`
Make `google_default_credentials` be an additional channel type. 6 years ago			`DEFINE_string(`
			`channel_creds_type, "",`
			`"The channel creds type: insecure, ssl, google_default_credentials or "`
			`"alts.");`
Add CliCredentials, config_grpc_cli.h 8 years ago
			`namespace grpc {`
			`namespace testing {`

Create a --channel_creds_type flag for grpc_cli. This replaces several mutually-exclusive flags for a single selector flag which defines the base channel type. It also allows child classes to selectively override the defaults and provide additional channel types (e.g., LOAS in the mono repo). Fixes issue #16060. 6 years ago			`grpc::string CliCredentials::GetDefaultChannelCredsType() const {`
			`// Compatibility logic for --enable_ssl.`
			`if (FLAGS_enable_ssl) {`
Clang format. 6 years ago			`fprintf(stderr,`
			`"warning: --enable_ssl is deprecated. Use "`
Create a --channel_creds_type flag for grpc_cli. This replaces several mutually-exclusive flags for a single selector flag which defines the base channel type. It also allows child classes to selectively override the defaults and provide additional channel types (e.g., LOAS in the mono repo). Fixes issue #16060. 6 years ago			`"--channel_creds_type=ssl.\n");`
			`return "ssl";`
			`}`
Make `google_default_credentials` be an additional channel type. 6 years ago			`// Compatibility logic for --use_auth.`
Create a --channel_creds_type flag for grpc_cli. This replaces several mutually-exclusive flags for a single selector flag which defines the base channel type. It also allows child classes to selectively override the defaults and provide additional channel types (e.g., LOAS in the mono repo). Fixes issue #16060. 6 years ago			`if (FLAGS_access_token.empty() && FLAGS_use_auth) {`
Make `google_default_credentials` be an additional channel type. 6 years ago			`fprintf(stderr,`
			`"warning: --use_auth is deprecated. Use "`
			`"--channel_creds_type=google_default_credentials.\n");`
			`return "google_default_credentials";`
Create a --channel_creds_type flag for grpc_cli. This replaces several mutually-exclusive flags for a single selector flag which defines the base channel type. It also allows child classes to selectively override the defaults and provide additional channel types (e.g., LOAS in the mono repo). Fixes issue #16060. 6 years ago			`}`
			`return "insecure";`
			`}`

			`std::shared_ptr<grpc::ChannelCredentials>`
Clang format. 6 years ago			`CliCredentials::GetChannelCredentials() const {`
Create a --channel_creds_type flag for grpc_cli. This replaces several mutually-exclusive flags for a single selector flag which defines the base channel type. It also allows child classes to selectively override the defaults and provide additional channel types (e.g., LOAS in the mono repo). Fixes issue #16060. 6 years ago			`if (FLAGS_channel_creds_type.compare("insecure") == 0) {`
			`return grpc::InsecureChannelCredentials();`
			`} else if (FLAGS_channel_creds_type.compare("ssl") == 0) {`
			`return grpc::SslCredentials(grpc::SslCredentialsOptions());`
Make `google_default_credentials` be an additional channel type. 6 years ago			`} else if (FLAGS_channel_creds_type.compare("google_default_credentials") ==`
			`0) {`
			`return grpc::GoogleDefaultCredentials();`
Create a --channel_creds_type flag for grpc_cli. This replaces several mutually-exclusive flags for a single selector flag which defines the base channel type. It also allows child classes to selectively override the defaults and provide additional channel types (e.g., LOAS in the mono repo). Fixes issue #16060. 6 years ago			`} else if (FLAGS_channel_creds_type.compare("alts") == 0) {`
			`return grpc::experimental::AltsCredentials(`
			`grpc::experimental::AltsCredentialsOptions());`
			`}`
			`fprintf(stderr,`
Make `google_default_credentials` be an additional channel type. 6 years ago			`"--channel_creds_type=%s invalid; must be insecure, ssl, "`
			`"google_default_credentials or alts.\n",`
Create a --channel_creds_type flag for grpc_cli. This replaces several mutually-exclusive flags for a single selector flag which defines the base channel type. It also allows child classes to selectively override the defaults and provide additional channel types (e.g., LOAS in the mono repo). Fixes issue #16060. 6 years ago			`FLAGS_channel_creds_type.c_str());`
			`return std::shared_ptr<grpc::ChannelCredentials>();`
			`}`

			`std::shared_ptr<grpc::CallCredentials> CliCredentials::GetCallCredentials()`
Add CliCredentials, config_grpc_cli.h 8 years ago			`const {`
Support access token credential in grpc_cli 7 years ago			`if (!FLAGS_access_token.empty()) {`
Add CliCredentials, config_grpc_cli.h 8 years ago			`if (FLAGS_use_auth) {`
Address review comments 7 years ago			`fprintf(stderr,`
			`"warning: use_auth is ignored when access_token is provided.");`
Add CliCredentials, config_grpc_cli.h 8 years ago			`}`
Create a --channel_creds_type flag for grpc_cli. This replaces several mutually-exclusive flags for a single selector flag which defines the base channel type. It also allows child classes to selectively override the defaults and provide additional channel types (e.g., LOAS in the mono repo). Fixes issue #16060. 6 years ago			`return grpc::AccessTokenCredentials(FLAGS_access_token);`
Support access token credential in grpc_cli 7 years ago			`}`
Create a --channel_creds_type flag for grpc_cli. This replaces several mutually-exclusive flags for a single selector flag which defines the base channel type. It also allows child classes to selectively override the defaults and provide additional channel types (e.g., LOAS in the mono repo). Fixes issue #16060. 6 years ago			`return std::shared_ptr<grpc::CallCredentials>();`
			`}`
Support access token credential in grpc_cli 7 years ago
Create a --channel_creds_type flag for grpc_cli. This replaces several mutually-exclusive flags for a single selector flag which defines the base channel type. It also allows child classes to selectively override the defaults and provide additional channel types (e.g., LOAS in the mono repo). Fixes issue #16060. 6 years ago			`std::shared_ptr<grpc::ChannelCredentials> CliCredentials::GetCredentials()`
			`const {`
			`if (FLAGS_channel_creds_type.empty()) {`
			`FLAGS_channel_creds_type = GetDefaultChannelCredsType();`
			`} else if (FLAGS_enable_ssl && FLAGS_channel_creds_type.compare("ssl") != 0) {`
Clang format. 6 years ago			`fprintf(stderr,`
			`"warning: ignoring --enable_ssl because "`
Create a --channel_creds_type flag for grpc_cli. This replaces several mutually-exclusive flags for a single selector flag which defines the base channel type. It also allows child classes to selectively override the defaults and provide additional channel types (e.g., LOAS in the mono repo). Fixes issue #16060. 6 years ago			`"--channel_creds_type already set to %s.\n",`
			`FLAGS_channel_creds_type.c_str());`
Make `google_default_credentials` be an additional channel type. 6 years ago			`} else if (FLAGS_use_auth && FLAGS_channel_creds_type.compare(`
			`"google_default_credentials") != 0) {`
			`fprintf(stderr,`
			`"warning: ignoring --use_auth because "`
			`"--channel_creds_type already set to %s.\n",`
			`FLAGS_channel_creds_type.c_str());`
Add CliCredentials, config_grpc_cli.h 8 years ago			`}`
Make `google_default_credentials` be an additional channel type. 6 years ago			`// Legacy transport upgrade logic for insecure requests.`
			`if (!FLAGS_access_token.empty() &&`
			`FLAGS_channel_creds_type.compare("insecure") == 0) {`
			`fprintf(stderr,`
			`"warning: --channel_creds_type=insecure upgraded to ssl because "`
			`"an access token was provided.\n");`
			`FLAGS_channel_creds_type = "ssl";`
Support access token credential in grpc_cli 7 years ago			`}`
Make `google_default_credentials` be an additional channel type. 6 years ago			`std::shared_ptr<grpc::ChannelCredentials> channel_creds =`
			`GetChannelCredentials();`
Create a --channel_creds_type flag for grpc_cli. This replaces several mutually-exclusive flags for a single selector flag which defines the base channel type. It also allows child classes to selectively override the defaults and provide additional channel types (e.g., LOAS in the mono repo). Fixes issue #16060. 6 years ago			`// Composite any call-type credentials on top of the base channel.`
			`std::shared_ptr<grpc::CallCredentials> call_creds = GetCallCredentials();`
Clang format. 6 years ago			`return (channel_creds == nullptr \|\| call_creds == nullptr)`
			`? channel_creds`
			`: grpc::CompositeChannelCredentials(channel_creds, call_creds);`
Add CliCredentials, config_grpc_cli.h 8 years ago			`}`

			`const grpc::string CliCredentials::GetCredentialUsage() const {`
Create a --channel_creds_type flag for grpc_cli. This replaces several mutually-exclusive flags for a single selector flag which defines the base channel type. It also allows child classes to selectively override the defaults and provide additional channel types (e.g., LOAS in the mono repo). Fixes issue #16060. 6 years ago			`return " --enable_ssl ; Set whether to use ssl (deprecated)\n"`
Add CliCredentials, config_grpc_cli.h 8 years ago			`" --use_auth ; Set whether to create default google"`
Support access token credential in grpc_cli 7 years ago			`" credentials\n"`
			`" --access_token ; Set the access token in metadata,"`
Introduce --ssl_target flag to grpc_cli. This allows the client to specify the host name of the remote server for the purposes of TLS certificate validation, useful for test certificates and machines with ephemeral IP addresses with no associated DNS entries that have been assigned TLS certificates. 6 years ago			`" overrides --use_auth\n"`
Create a --channel_creds_type flag for grpc_cli. This replaces several mutually-exclusive flags for a single selector flag which defines the base channel type. It also allows child classes to selectively override the defaults and provide additional channel types (e.g., LOAS in the mono repo). Fixes issue #16060. 6 years ago			`" --ssl_target ; Set server host for ssl validation\n"`
Make `google_default_credentials` be an additional channel type. 6 years ago			`" --channel_creds_type ; Set to insecure, ssl, alts or\n"`
			`" ; google_default_credentials\n";`
Introduce --ssl_target flag to grpc_cli. This allows the client to specify the host name of the remote server for the purposes of TLS certificate validation, useful for test certificates and machines with ephemeral IP addresses with no associated DNS entries that have been assigned TLS certificates. 6 years ago			`}`

			`const grpc::string CliCredentials::GetSslTargetNameOverride() const {`
Make `google_default_credentials` be an additional channel type. 6 years ago			`bool use_ssl =`
			`FLAGS_channel_creds_type.compare("ssl") == 0 \|\|`
			`FLAGS_channel_creds_type.compare("google_default_credentials") == 0;`
Create a --channel_creds_type flag for grpc_cli. This replaces several mutually-exclusive flags for a single selector flag which defines the base channel type. It also allows child classes to selectively override the defaults and provide additional channel types (e.g., LOAS in the mono repo). Fixes issue #16060. 6 years ago			`return use_ssl ? FLAGS_ssl_target : "";`
Add CliCredentials, config_grpc_cli.h 8 years ago			`}`
Introduce --ssl_target flag to grpc_cli. This allows the client to specify the host name of the remote server for the purposes of TLS certificate validation, useful for test certificates and machines with ephemeral IP addresses with no associated DNS entries that have been assigned TLS certificates. 6 years ago
Add CliCredentials, config_grpc_cli.h 8 years ago			`} // namespace testing`
			`} // namespace grpc`