From 12a64355574716598a7a2c1074e7b2e7c30dced1 Mon Sep 17 00:00:00 2001 From: jiangtaoli2016 Date: Mon, 11 May 2020 22:46:11 -0700 Subject: [PATCH] TlsCredentialsOption API optimization --- .../grpcpp/security/tls_credentials_options.h | 21 ++++++++++++++++--- src/cpp/common/tls_credentials_options.cc | 20 +++++++++++++++++- test/cpp/client/credentials_test.cc | 14 ++++++------- 3 files changed, 44 insertions(+), 11 deletions(-) diff --git a/include/grpcpp/security/tls_credentials_options.h b/include/grpcpp/security/tls_credentials_options.h index d83226865d8..d29e56eee40 100644 --- a/include/grpcpp/security/tls_credentials_options.h +++ b/include/grpcpp/security/tls_credentials_options.h @@ -19,14 +19,14 @@ #ifndef GRPCPP_SECURITY_TLS_CREDENTIALS_OPTIONS_H #define GRPCPP_SECURITY_TLS_CREDENTIALS_OPTIONS_H -#include -#include - #include #include #include #include +#include +#include + typedef struct grpc_tls_credential_reload_arg grpc_tls_credential_reload_arg; typedef struct grpc_tls_credential_reload_config grpc_tls_credential_reload_config; @@ -278,6 +278,21 @@ class TlsServerAuthorizationCheckConfig { * more details. **/ class TlsCredentialsOptions { public: + // Constructor for client. + explicit TlsCredentialsOptions( + grpc_tls_server_verification_option server_verification_option, + std::shared_ptr key_materials_config, + std::shared_ptr credential_reload_config, + std::shared_ptr + server_authorization_check_config); + + // Constructor for server. + explicit TlsCredentialsOptions( + grpc_ssl_client_certificate_request_type cert_request_type, + std::shared_ptr key_materials_config, + std::shared_ptr credential_reload_config); + + // This constructor will be deprecated. TlsCredentialsOptions( grpc_ssl_client_certificate_request_type cert_request_type, grpc_tls_server_verification_option server_verification_option, diff --git a/src/cpp/common/tls_credentials_options.cc b/src/cpp/common/tls_credentials_options.cc index 23d6495dd20..8c6fd51c0cf 100644 --- a/src/cpp/common/tls_credentials_options.cc +++ b/src/cpp/common/tls_credentials_options.cc @@ -20,7 +20,6 @@ #include #include "absl/container/inlined_vector.h" - #include "src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h" #include "src/cpp/common/tls_credentials_options_util.h" @@ -281,6 +280,25 @@ TlsServerAuthorizationCheckConfig::TlsServerAuthorizationCheckConfig( TlsServerAuthorizationCheckConfig::~TlsServerAuthorizationCheckConfig() {} /** gRPC TLS credential options API implementation **/ +TlsCredentialsOptions::TlsCredentialsOptions( + grpc_tls_server_verification_option server_verification_option, + std::shared_ptr key_materials_config, + std::shared_ptr credential_reload_config, + std::shared_ptr + server_authorization_check_config) + : TlsCredentialsOptions( + GRPC_SSL_DONT_REQUEST_CLIENT_CERTIFICATE, server_verification_option, + std::move(key_materials_config), std::move(credential_reload_config), + std::move(server_authorization_check_config)) {} + +TlsCredentialsOptions::TlsCredentialsOptions( + grpc_ssl_client_certificate_request_type cert_request_type, + std::shared_ptr key_materials_config, + std::shared_ptr credential_reload_config) + : TlsCredentialsOptions(cert_request_type, GRPC_TLS_SERVER_VERIFICATION, + std::move(key_materials_config), + std::move(credential_reload_config), nullptr) {} + TlsCredentialsOptions::TlsCredentialsOptions( grpc_ssl_client_certificate_request_type cert_request_type, grpc_tls_server_verification_option server_verification_option, diff --git a/test/cpp/client/credentials_test.cc b/test/cpp/client/credentials_test.cc index c1293aebf30..c8d2713140a 100644 --- a/test/cpp/client/credentials_test.cc +++ b/test/cpp/client/credentials_test.cc @@ -16,16 +16,16 @@ * */ +#include +#include #include #include #include #include -#include - -#include -#include #include +#include + #include "src/core/lib/gpr/env.h" #include "src/core/lib/gpr/tmpfile.h" #include "src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h" @@ -573,12 +573,13 @@ TEST_F(CredentialsTest, TlsCredentialsOptionsCppToC) { test_server_authorization_check)); TlsCredentialsOptions options = TlsCredentialsOptions( - GRPC_SSL_REQUEST_CLIENT_CERTIFICATE_AND_VERIFY, GRPC_TLS_SERVER_VERIFICATION, key_materials_config, credential_reload_config, server_authorization_check_config); grpc_tls_credentials_options* c_options = options.c_credentials_options(); EXPECT_EQ(c_options->cert_request_type(), - GRPC_SSL_REQUEST_CLIENT_CERTIFICATE_AND_VERIFY); + GRPC_SSL_DONT_REQUEST_CLIENT_CERTIFICATE); + EXPECT_EQ(c_options->server_verification_option(), + GRPC_TLS_SERVER_VERIFICATION); grpc_tls_key_materials_config* c_key_materials_config = c_options->key_materials_config(); grpc_tls_credential_reload_config* c_credential_reload_config = @@ -678,7 +679,6 @@ TEST_F(CredentialsTest, LoadTlsChannelCredentials) { test_server_authorization_check)); TlsCredentialsOptions options = TlsCredentialsOptions( - GRPC_SSL_REQUEST_CLIENT_CERTIFICATE_AND_VERIFY, GRPC_TLS_SERVER_VERIFICATION, nullptr, credential_reload_config, server_authorization_check_config); std::shared_ptr channel_credentials =