diff --git a/BUILD b/BUILD
index 076c2d6ba0a..0c78d6fa720 100644
--- a/BUILD
+++ b/BUILD
@@ -414,6 +414,9 @@ GRPC_XDS_TARGETS = [
"grpc_resolver_xds",
"grpc_resolver_c2p",
"grpc_xds_server_config_fetcher",
+
+ # Not xDS-specific but currently only used by xDS.
+ "channel_creds_registry_init",
]
grpc_cc_library(
@@ -979,6 +982,7 @@ grpc_cc_library(
],
deps = [
"channel_args_preconditioning",
+ "channel_creds_registry",
"channel_init",
"gpr_base",
"handshaker_registry",
@@ -1464,6 +1468,18 @@ grpc_cc_library(
],
)
+grpc_cc_library(
+ name = "channel_creds_registry",
+ hdrs = [
+ "src/core/lib/security/credentials/channel_creds_registry.h",
+ ],
+ language = "c++",
+ deps = [
+ "gpr_base",
+ "json",
+ ],
+)
+
grpc_cc_library(
name = "event_engine_memory_allocator",
srcs = [
@@ -2778,7 +2794,6 @@ grpc_cc_library(
"src/core/ext/xds/xds_api.cc",
"src/core/ext/xds/xds_bootstrap.cc",
"src/core/ext/xds/xds_certificate_provider.cc",
- "src/core/ext/xds/xds_channel_creds.cc",
"src/core/ext/xds/xds_client.cc",
"src/core/ext/xds/xds_client_stats.cc",
"src/core/ext/xds/xds_cluster.cc",
@@ -2803,7 +2818,6 @@ grpc_cc_library(
"src/core/ext/xds/xds_bootstrap.h",
"src/core/ext/xds/xds_certificate_provider.h",
"src/core/ext/xds/xds_channel_args.h",
- "src/core/ext/xds/xds_channel_creds.h",
"src/core/ext/xds/xds_client.h",
"src/core/ext/xds/xds_client_stats.h",
"src/core/ext/xds/xds_cluster.h",
@@ -2834,6 +2848,8 @@ grpc_cc_library(
],
language = "c++",
deps = [
+ "channel_creds_registry",
+ "config",
"envoy_admin_upb",
"envoy_config_cluster_upb",
"envoy_config_cluster_upbdefs",
@@ -2942,6 +2958,21 @@ grpc_cc_library(
],
)
+grpc_cc_library(
+ name = "channel_creds_registry_init",
+ srcs = [
+ "src/core/lib/security/credentials/channel_creds_registry_init.cc",
+ ],
+ language = "c++",
+ deps = [
+ "config",
+ "gpr_base",
+ "grpc_secure",
+ "grpc_security_base",
+ "json",
+ ],
+)
+
grpc_cc_library(
name = "grpc_google_mesh_ca_certificate_provider_factory",
srcs = [
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 2e2f8edc969..0321f775878 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -809,6 +809,7 @@ if(gRPC_BUILD_TESTS)
add_dependencies(buildtests_cxx certificate_provider_store_test)
add_dependencies(buildtests_cxx cfstream_test)
add_dependencies(buildtests_cxx channel_arguments_test)
+ add_dependencies(buildtests_cxx channel_creds_registry_test)
add_dependencies(buildtests_cxx channel_filter_test)
add_dependencies(buildtests_cxx channel_stack_builder_test)
add_dependencies(buildtests_cxx channel_trace_test)
@@ -1037,7 +1038,6 @@ if(gRPC_BUILD_TESTS)
endif()
add_dependencies(buildtests_cxx xds_bootstrap_test)
add_dependencies(buildtests_cxx xds_certificate_provider_test)
- add_dependencies(buildtests_cxx xds_channel_creds_registry_test)
add_dependencies(buildtests_cxx xds_credentials_end2end_test)
add_dependencies(buildtests_cxx xds_credentials_test)
if(_gRPC_PLATFORM_LINUX OR _gRPC_PLATFORM_MAC OR _gRPC_PLATFORM_POSIX)
@@ -1935,7 +1935,6 @@ add_library(grpc
src/core/ext/xds/xds_api.cc
src/core/ext/xds/xds_bootstrap.cc
src/core/ext/xds/xds_certificate_provider.cc
- src/core/ext/xds/xds_channel_creds.cc
src/core/ext/xds/xds_channel_stack_modifier.cc
src/core/ext/xds/xds_client.cc
src/core/ext/xds/xds_client_stats.cc
@@ -2104,6 +2103,7 @@ add_library(grpc
src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc
src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc
src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc
+ src/core/lib/security/credentials/channel_creds_registry_init.cc
src/core/lib/security/credentials/composite/composite_credentials.cc
src/core/lib/security/credentials/credentials.cc
src/core/lib/security/credentials/external/aws_external_account_credentials.cc
@@ -8725,6 +8725,41 @@ target_link_libraries(channel_arguments_test
)
+endif()
+if(gRPC_BUILD_TESTS)
+
+add_executable(channel_creds_registry_test
+ test/core/security/channel_creds_registry_test.cc
+ third_party/googletest/googletest/src/gtest-all.cc
+ third_party/googletest/googlemock/src/gmock-all.cc
+)
+
+target_include_directories(channel_creds_registry_test
+ PRIVATE
+ ${CMAKE_CURRENT_SOURCE_DIR}
+ ${CMAKE_CURRENT_SOURCE_DIR}/include
+ ${_gRPC_ADDRESS_SORTING_INCLUDE_DIR}
+ ${_gRPC_RE2_INCLUDE_DIR}
+ ${_gRPC_SSL_INCLUDE_DIR}
+ ${_gRPC_UPB_GENERATED_DIR}
+ ${_gRPC_UPB_GRPC_GENERATED_DIR}
+ ${_gRPC_UPB_INCLUDE_DIR}
+ ${_gRPC_XXHASH_INCLUDE_DIR}
+ ${_gRPC_ZLIB_INCLUDE_DIR}
+ third_party/googletest/googletest/include
+ third_party/googletest/googletest
+ third_party/googletest/googlemock/include
+ third_party/googletest/googlemock
+ ${_gRPC_PROTO_GENS_DIR}
+)
+
+target_link_libraries(channel_creds_registry_test
+ ${_gRPC_PROTOBUF_LIBRARIES}
+ ${_gRPC_ALLTARGETS_LIBRARIES}
+ grpc_test_util
+)
+
+
endif()
if(gRPC_BUILD_TESTS)
@@ -9625,56 +9660,21 @@ endif()
if(gRPC_BUILD_TESTS)
add_executable(core_configuration_test
- src/core/ext/upb-generated/google/protobuf/any.upb.c
- src/core/ext/upb-generated/google/rpc/status.upb.c
src/core/lib/channel/channel_args.cc
src/core/lib/channel/channel_args_preconditioning.cc
src/core/lib/channel/handshaker_registry.cc
src/core/lib/config/core_configuration.cc
- src/core/lib/gpr/alloc.cc
- src/core/lib/gpr/atm.cc
- src/core/lib/gpr/cpu_iphone.cc
- src/core/lib/gpr/cpu_linux.cc
- src/core/lib/gpr/cpu_posix.cc
- src/core/lib/gpr/cpu_windows.cc
- src/core/lib/gpr/env_linux.cc
- src/core/lib/gpr/env_posix.cc
- src/core/lib/gpr/env_windows.cc
- src/core/lib/gpr/log.cc
- src/core/lib/gpr/log_android.cc
- src/core/lib/gpr/log_linux.cc
- src/core/lib/gpr/log_posix.cc
- src/core/lib/gpr/log_windows.cc
- src/core/lib/gpr/murmur_hash.cc
- src/core/lib/gpr/string.cc
- src/core/lib/gpr/string_posix.cc
- src/core/lib/gpr/string_util_windows.cc
- src/core/lib/gpr/string_windows.cc
- src/core/lib/gpr/sync.cc
- src/core/lib/gpr/sync_abseil.cc
- src/core/lib/gpr/sync_posix.cc
- src/core/lib/gpr/sync_windows.cc
- src/core/lib/gpr/time.cc
- src/core/lib/gpr/time_posix.cc
- src/core/lib/gpr/time_precise.cc
- src/core/lib/gpr/time_windows.cc
- src/core/lib/gpr/tmpfile_msys.cc
- src/core/lib/gpr/tmpfile_posix.cc
- src/core/lib/gpr/tmpfile_windows.cc
- src/core/lib/gpr/wrap_memcpy.cc
- src/core/lib/gprpp/examine_stack.cc
- src/core/lib/gprpp/fork.cc
- src/core/lib/gprpp/global_config_env.cc
- src/core/lib/gprpp/host_port.cc
- src/core/lib/gprpp/mpscq.cc
- src/core/lib/gprpp/stat_posix.cc
- src/core/lib/gprpp/stat_windows.cc
- src/core/lib/gprpp/status_helper.cc
- src/core/lib/gprpp/thd_posix.cc
- src/core/lib/gprpp/thd_windows.cc
- src/core/lib/gprpp/time_util.cc
- src/core/lib/profiling/basic_timers.cc
- src/core/lib/profiling/stap_timers.cc
+ src/core/lib/debug/trace.cc
+ src/core/lib/iomgr/combiner.cc
+ src/core/lib/iomgr/error.cc
+ src/core/lib/iomgr/exec_ctx.cc
+ src/core/lib/iomgr/executor.cc
+ src/core/lib/iomgr/iomgr_internal.cc
+ src/core/lib/json/json_reader.cc
+ src/core/lib/json/json_writer.cc
+ src/core/lib/slice/slice.cc
+ src/core/lib/slice/slice_refcount.cc
+ src/core/lib/slice/slice_string_helpers.cc
src/core/lib/surface/channel_init.cc
src/core/lib/surface/channel_stack_type.cc
test/core/config/core_configuration_test.cc
@@ -9704,18 +9704,7 @@ target_include_directories(core_configuration_test
target_link_libraries(core_configuration_test
${_gRPC_PROTOBUF_LIBRARIES}
${_gRPC_ALLTARGETS_LIBRARIES}
- absl::base
- absl::core_headers
- absl::memory
- absl::random_random
- absl::status
- absl::cord
- absl::str_format
- absl::strings
- absl::synchronization
- absl::time
- absl::optional
- upb
+ gpr
)
@@ -17011,41 +17000,6 @@ target_link_libraries(xds_certificate_provider_test
)
-endif()
-if(gRPC_BUILD_TESTS)
-
-add_executable(xds_channel_creds_registry_test
- test/core/xds/xds_channel_creds_registry_test.cc
- third_party/googletest/googletest/src/gtest-all.cc
- third_party/googletest/googlemock/src/gmock-all.cc
-)
-
-target_include_directories(xds_channel_creds_registry_test
- PRIVATE
- ${CMAKE_CURRENT_SOURCE_DIR}
- ${CMAKE_CURRENT_SOURCE_DIR}/include
- ${_gRPC_ADDRESS_SORTING_INCLUDE_DIR}
- ${_gRPC_RE2_INCLUDE_DIR}
- ${_gRPC_SSL_INCLUDE_DIR}
- ${_gRPC_UPB_GENERATED_DIR}
- ${_gRPC_UPB_GRPC_GENERATED_DIR}
- ${_gRPC_UPB_INCLUDE_DIR}
- ${_gRPC_XXHASH_INCLUDE_DIR}
- ${_gRPC_ZLIB_INCLUDE_DIR}
- third_party/googletest/googletest/include
- third_party/googletest/googletest
- third_party/googletest/googlemock/include
- third_party/googletest/googlemock
- ${_gRPC_PROTO_GENS_DIR}
-)
-
-target_link_libraries(xds_channel_creds_registry_test
- ${_gRPC_PROTOBUF_LIBRARIES}
- ${_gRPC_ALLTARGETS_LIBRARIES}
- grpc_test_util
-)
-
-
endif()
if(gRPC_BUILD_TESTS)
diff --git a/Makefile b/Makefile
index 91072b23b5c..3496118ce16 100644
--- a/Makefile
+++ b/Makefile
@@ -1410,7 +1410,6 @@ LIBGRPC_SRC = \
src/core/ext/xds/xds_api.cc \
src/core/ext/xds/xds_bootstrap.cc \
src/core/ext/xds/xds_certificate_provider.cc \
- src/core/ext/xds/xds_channel_creds.cc \
src/core/ext/xds/xds_channel_stack_modifier.cc \
src/core/ext/xds/xds_client.cc \
src/core/ext/xds/xds_client_stats.cc \
@@ -1579,6 +1578,7 @@ LIBGRPC_SRC = \
src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc \
src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc \
src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc \
+ src/core/lib/security/credentials/channel_creds_registry_init.cc \
src/core/lib/security/credentials/composite/composite_credentials.cc \
src/core/lib/security/credentials/credentials.cc \
src/core/lib/security/credentials/external/aws_external_account_credentials.cc \
@@ -3108,7 +3108,6 @@ src/core/ext/xds/file_watcher_certificate_provider_factory.cc: $(OPENSSL_DEP)
src/core/ext/xds/xds_api.cc: $(OPENSSL_DEP)
src/core/ext/xds/xds_bootstrap.cc: $(OPENSSL_DEP)
src/core/ext/xds/xds_certificate_provider.cc: $(OPENSSL_DEP)
-src/core/ext/xds/xds_channel_creds.cc: $(OPENSSL_DEP)
src/core/ext/xds/xds_channel_stack_modifier.cc: $(OPENSSL_DEP)
src/core/ext/xds/xds_client.cc: $(OPENSSL_DEP)
src/core/ext/xds/xds_client_stats.cc: $(OPENSSL_DEP)
@@ -3139,6 +3138,7 @@ src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc: $(OPENS
src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc: $(OPENSSL_DEP)
src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc: $(OPENSSL_DEP)
src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc: $(OPENSSL_DEP)
+src/core/lib/security/credentials/channel_creds_registry_init.cc: $(OPENSSL_DEP)
src/core/lib/security/credentials/external/aws_external_account_credentials.cc: $(OPENSSL_DEP)
src/core/lib/security/credentials/external/aws_request_signer.cc: $(OPENSSL_DEP)
src/core/lib/security/credentials/external/external_account_credentials.cc: $(OPENSSL_DEP)
diff --git a/build_autogenerated.yaml b/build_autogenerated.yaml
index 769e02721bf..de06d15860e 100644
--- a/build_autogenerated.yaml
+++ b/build_autogenerated.yaml
@@ -774,7 +774,6 @@ libs:
- src/core/ext/xds/xds_bootstrap.h
- src/core/ext/xds/xds_certificate_provider.h
- src/core/ext/xds/xds_channel_args.h
- - src/core/ext/xds/xds_channel_creds.h
- src/core/ext/xds/xds_channel_stack_modifier.h
- src/core/ext/xds/xds_client.h
- src/core/ext/xds/xds_client_stats.h
@@ -949,6 +948,7 @@ libs:
- src/core/lib/security/credentials/alts/alts_credentials.h
- src/core/lib/security/credentials/alts/check_gcp_environment.h
- src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h
+ - src/core/lib/security/credentials/channel_creds_registry.h
- src/core/lib/security/credentials/composite/composite_credentials.h
- src/core/lib/security/credentials/credentials.h
- src/core/lib/security/credentials/external/aws_external_account_credentials.h
@@ -1445,7 +1445,6 @@ libs:
- src/core/ext/xds/xds_api.cc
- src/core/ext/xds/xds_bootstrap.cc
- src/core/ext/xds/xds_certificate_provider.cc
- - src/core/ext/xds/xds_channel_creds.cc
- src/core/ext/xds/xds_channel_stack_modifier.cc
- src/core/ext/xds/xds_client.cc
- src/core/ext/xds/xds_client_stats.cc
@@ -1614,6 +1613,7 @@ libs:
- src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc
- src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc
- src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc
+ - src/core/lib/security/credentials/channel_creds_registry_init.cc
- src/core/lib/security/credentials/composite/composite_credentials.cc
- src/core/lib/security/credentials/credentials.cc
- src/core/lib/security/credentials/external/aws_external_account_credentials.cc
@@ -2121,6 +2121,7 @@ libs:
- src/core/lib/resource_quota/thread_quota.h
- src/core/lib/resource_quota/trace.h
- src/core/lib/security/context/security_context.h
+ - src/core/lib/security/credentials/channel_creds_registry.h
- src/core/lib/security/credentials/composite/composite_credentials.h
- src/core/lib/security/credentials/credentials.h
- src/core/lib/security/credentials/plugin/plugin_credentials.h
@@ -5032,6 +5033,15 @@ targets:
- grpc++
- grpc_test_util
uses_polling: false
+- name: channel_creds_registry_test
+ gtest: true
+ build: test
+ language: c++
+ headers: []
+ src:
+ - test/core/security/channel_creds_registry_test.cc
+ deps:
+ - grpc_test_util
- name: channel_filter_test
gtest: true
build: test
@@ -5377,110 +5387,52 @@ targets:
build: test
language: c++
headers:
- - src/core/ext/upb-generated/google/protobuf/any.upb.h
- - src/core/ext/upb-generated/google/rpc/status.upb.h
- src/core/lib/channel/channel_args.h
- src/core/lib/channel/channel_args_preconditioning.h
- src/core/lib/channel/handshaker_factory.h
- src/core/lib/channel/handshaker_registry.h
- src/core/lib/config/core_configuration.h
- - src/core/lib/gpr/alloc.h
- - src/core/lib/gpr/env.h
- - src/core/lib/gpr/murmur_hash.h
- - src/core/lib/gpr/spinlock.h
- - src/core/lib/gpr/string.h
- - src/core/lib/gpr/string_windows.h
- - src/core/lib/gpr/time_precise.h
- - src/core/lib/gpr/tls.h
- - src/core/lib/gpr/tmpfile.h
- - src/core/lib/gpr/useful.h
- - src/core/lib/gprpp/construct_destruct.h
- - src/core/lib/gprpp/debug_location.h
- - src/core/lib/gprpp/examine_stack.h
- - src/core/lib/gprpp/fork.h
- - src/core/lib/gprpp/global_config.h
- - src/core/lib/gprpp/global_config_custom.h
- - src/core/lib/gprpp/global_config_env.h
- - src/core/lib/gprpp/global_config_generic.h
- - src/core/lib/gprpp/host_port.h
- - src/core/lib/gprpp/manual_constructor.h
- - src/core/lib/gprpp/memory.h
- - src/core/lib/gprpp/mpscq.h
- - src/core/lib/gprpp/stat.h
- - src/core/lib/gprpp/status_helper.h
- - src/core/lib/gprpp/sync.h
- - src/core/lib/gprpp/thd.h
- - src/core/lib/gprpp/time_util.h
- - src/core/lib/profiling/timers.h
+ - src/core/lib/debug/trace.h
+ - src/core/lib/gprpp/atomic_utils.h
+ - src/core/lib/gprpp/ref_counted.h
+ - src/core/lib/gprpp/ref_counted_ptr.h
+ - src/core/lib/iomgr/closure.h
+ - src/core/lib/iomgr/combiner.h
+ - src/core/lib/iomgr/error.h
+ - src/core/lib/iomgr/error_internal.h
+ - src/core/lib/iomgr/exec_ctx.h
+ - src/core/lib/iomgr/executor.h
+ - src/core/lib/iomgr/iomgr_internal.h
+ - src/core/lib/json/json.h
+ - src/core/lib/security/credentials/channel_creds_registry.h
+ - src/core/lib/slice/slice.h
+ - src/core/lib/slice/slice_internal.h
+ - src/core/lib/slice/slice_refcount.h
+ - src/core/lib/slice/slice_refcount_base.h
+ - src/core/lib/slice/slice_string_helpers.h
- src/core/lib/surface/channel_init.h
- src/core/lib/surface/channel_stack_type.h
src:
- - src/core/ext/upb-generated/google/protobuf/any.upb.c
- - src/core/ext/upb-generated/google/rpc/status.upb.c
- src/core/lib/channel/channel_args.cc
- src/core/lib/channel/channel_args_preconditioning.cc
- src/core/lib/channel/handshaker_registry.cc
- src/core/lib/config/core_configuration.cc
- - src/core/lib/gpr/alloc.cc
- - src/core/lib/gpr/atm.cc
- - src/core/lib/gpr/cpu_iphone.cc
- - src/core/lib/gpr/cpu_linux.cc
- - src/core/lib/gpr/cpu_posix.cc
- - src/core/lib/gpr/cpu_windows.cc
- - src/core/lib/gpr/env_linux.cc
- - src/core/lib/gpr/env_posix.cc
- - src/core/lib/gpr/env_windows.cc
- - src/core/lib/gpr/log.cc
- - src/core/lib/gpr/log_android.cc
- - src/core/lib/gpr/log_linux.cc
- - src/core/lib/gpr/log_posix.cc
- - src/core/lib/gpr/log_windows.cc
- - src/core/lib/gpr/murmur_hash.cc
- - src/core/lib/gpr/string.cc
- - src/core/lib/gpr/string_posix.cc
- - src/core/lib/gpr/string_util_windows.cc
- - src/core/lib/gpr/string_windows.cc
- - src/core/lib/gpr/sync.cc
- - src/core/lib/gpr/sync_abseil.cc
- - src/core/lib/gpr/sync_posix.cc
- - src/core/lib/gpr/sync_windows.cc
- - src/core/lib/gpr/time.cc
- - src/core/lib/gpr/time_posix.cc
- - src/core/lib/gpr/time_precise.cc
- - src/core/lib/gpr/time_windows.cc
- - src/core/lib/gpr/tmpfile_msys.cc
- - src/core/lib/gpr/tmpfile_posix.cc
- - src/core/lib/gpr/tmpfile_windows.cc
- - src/core/lib/gpr/wrap_memcpy.cc
- - src/core/lib/gprpp/examine_stack.cc
- - src/core/lib/gprpp/fork.cc
- - src/core/lib/gprpp/global_config_env.cc
- - src/core/lib/gprpp/host_port.cc
- - src/core/lib/gprpp/mpscq.cc
- - src/core/lib/gprpp/stat_posix.cc
- - src/core/lib/gprpp/stat_windows.cc
- - src/core/lib/gprpp/status_helper.cc
- - src/core/lib/gprpp/thd_posix.cc
- - src/core/lib/gprpp/thd_windows.cc
- - src/core/lib/gprpp/time_util.cc
- - src/core/lib/profiling/basic_timers.cc
- - src/core/lib/profiling/stap_timers.cc
+ - src/core/lib/debug/trace.cc
+ - src/core/lib/iomgr/combiner.cc
+ - src/core/lib/iomgr/error.cc
+ - src/core/lib/iomgr/exec_ctx.cc
+ - src/core/lib/iomgr/executor.cc
+ - src/core/lib/iomgr/iomgr_internal.cc
+ - src/core/lib/json/json_reader.cc
+ - src/core/lib/json/json_writer.cc
+ - src/core/lib/slice/slice.cc
+ - src/core/lib/slice/slice_refcount.cc
+ - src/core/lib/slice/slice_string_helpers.cc
- src/core/lib/surface/channel_init.cc
- src/core/lib/surface/channel_stack_type.cc
- test/core/config/core_configuration_test.cc
deps:
- - absl/base:base
- - absl/base:core_headers
- - absl/memory:memory
- - absl/random:random
- - absl/status:status
- - absl/strings:cord
- - absl/strings:str_format
- - absl/strings:strings
- - absl/synchronization:synchronization
- - absl/time:time
- - absl/types:optional
- - upb
+ - gpr
uses_polling: false
- name: cpp_impl_of_test
gtest: true
@@ -8587,15 +8539,6 @@ targets:
- test/core/xds/xds_certificate_provider_test.cc
deps:
- grpc_test_util
-- name: xds_channel_creds_registry_test
- gtest: true
- build: test
- language: c++
- headers: []
- src:
- - test/core/xds/xds_channel_creds_registry_test.cc
- deps:
- - grpc_test_util
- name: xds_credentials_end2end_test
gtest: true
build: test
diff --git a/config.m4 b/config.m4
index b6aeb423042..11734093553 100644
--- a/config.m4
+++ b/config.m4
@@ -428,7 +428,6 @@ if test "$PHP_GRPC" != "no"; then
src/core/ext/xds/xds_api.cc \
src/core/ext/xds/xds_bootstrap.cc \
src/core/ext/xds/xds_certificate_provider.cc \
- src/core/ext/xds/xds_channel_creds.cc \
src/core/ext/xds/xds_channel_stack_modifier.cc \
src/core/ext/xds/xds_client.cc \
src/core/ext/xds/xds_client_stats.cc \
@@ -641,6 +640,7 @@ if test "$PHP_GRPC" != "no"; then
src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc \
src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc \
src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc \
+ src/core/lib/security/credentials/channel_creds_registry_init.cc \
src/core/lib/security/credentials/composite/composite_credentials.cc \
src/core/lib/security/credentials/credentials.cc \
src/core/lib/security/credentials/external/aws_external_account_credentials.cc \
diff --git a/config.w32 b/config.w32
index 34e21625212..7790424e42b 100644
--- a/config.w32
+++ b/config.w32
@@ -394,7 +394,6 @@ if (PHP_GRPC != "no") {
"src\\core\\ext\\xds\\xds_api.cc " +
"src\\core\\ext\\xds\\xds_bootstrap.cc " +
"src\\core\\ext\\xds\\xds_certificate_provider.cc " +
- "src\\core\\ext\\xds\\xds_channel_creds.cc " +
"src\\core\\ext\\xds\\xds_channel_stack_modifier.cc " +
"src\\core\\ext\\xds\\xds_client.cc " +
"src\\core\\ext\\xds\\xds_client_stats.cc " +
@@ -607,6 +606,7 @@ if (PHP_GRPC != "no") {
"src\\core\\lib\\security\\credentials\\alts\\grpc_alts_credentials_client_options.cc " +
"src\\core\\lib\\security\\credentials\\alts\\grpc_alts_credentials_options.cc " +
"src\\core\\lib\\security\\credentials\\alts\\grpc_alts_credentials_server_options.cc " +
+ "src\\core\\lib\\security\\credentials\\channel_creds_registry_init.cc " +
"src\\core\\lib\\security\\credentials\\composite\\composite_credentials.cc " +
"src\\core\\lib\\security\\credentials\\credentials.cc " +
"src\\core\\lib\\security\\credentials\\external\\aws_external_account_credentials.cc " +
diff --git a/gRPC-C++.podspec b/gRPC-C++.podspec
index 0b0cc265eec..610d3d97d1c 100644
--- a/gRPC-C++.podspec
+++ b/gRPC-C++.podspec
@@ -617,7 +617,6 @@ Pod::Spec.new do |s|
'src/core/ext/xds/xds_bootstrap.h',
'src/core/ext/xds/xds_certificate_provider.h',
'src/core/ext/xds/xds_channel_args.h',
- 'src/core/ext/xds/xds_channel_creds.h',
'src/core/ext/xds/xds_channel_stack_modifier.h',
'src/core/ext/xds/xds_client.h',
'src/core/ext/xds/xds_client_stats.h',
@@ -820,6 +819,7 @@ Pod::Spec.new do |s|
'src/core/lib/security/credentials/alts/alts_credentials.h',
'src/core/lib/security/credentials/alts/check_gcp_environment.h',
'src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h',
+ 'src/core/lib/security/credentials/channel_creds_registry.h',
'src/core/lib/security/credentials/composite/composite_credentials.h',
'src/core/lib/security/credentials/credentials.h',
'src/core/lib/security/credentials/external/aws_external_account_credentials.h',
@@ -1416,7 +1416,6 @@ Pod::Spec.new do |s|
'src/core/ext/xds/xds_bootstrap.h',
'src/core/ext/xds/xds_certificate_provider.h',
'src/core/ext/xds/xds_channel_args.h',
- 'src/core/ext/xds/xds_channel_creds.h',
'src/core/ext/xds/xds_channel_stack_modifier.h',
'src/core/ext/xds/xds_client.h',
'src/core/ext/xds/xds_client_stats.h',
@@ -1619,6 +1618,7 @@ Pod::Spec.new do |s|
'src/core/lib/security/credentials/alts/alts_credentials.h',
'src/core/lib/security/credentials/alts/check_gcp_environment.h',
'src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h',
+ 'src/core/lib/security/credentials/channel_creds_registry.h',
'src/core/lib/security/credentials/composite/composite_credentials.h',
'src/core/lib/security/credentials/credentials.h',
'src/core/lib/security/credentials/external/aws_external_account_credentials.h',
diff --git a/gRPC-Core.podspec b/gRPC-Core.podspec
index f596f683fe2..910b0e38ffc 100644
--- a/gRPC-Core.podspec
+++ b/gRPC-Core.podspec
@@ -944,8 +944,6 @@ Pod::Spec.new do |s|
'src/core/ext/xds/xds_certificate_provider.cc',
'src/core/ext/xds/xds_certificate_provider.h',
'src/core/ext/xds/xds_channel_args.h',
- 'src/core/ext/xds/xds_channel_creds.cc',
- 'src/core/ext/xds/xds_channel_creds.h',
'src/core/ext/xds/xds_channel_stack_modifier.cc',
'src/core/ext/xds/xds_channel_stack_modifier.h',
'src/core/ext/xds/xds_client.cc',
@@ -1360,6 +1358,8 @@ Pod::Spec.new do |s|
'src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc',
'src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h',
'src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc',
+ 'src/core/lib/security/credentials/channel_creds_registry.h',
+ 'src/core/lib/security/credentials/channel_creds_registry_init.cc',
'src/core/lib/security/credentials/composite/composite_credentials.cc',
'src/core/lib/security/credentials/composite/composite_credentials.h',
'src/core/lib/security/credentials/credentials.cc',
@@ -2021,7 +2021,6 @@ Pod::Spec.new do |s|
'src/core/ext/xds/xds_bootstrap.h',
'src/core/ext/xds/xds_certificate_provider.h',
'src/core/ext/xds/xds_channel_args.h',
- 'src/core/ext/xds/xds_channel_creds.h',
'src/core/ext/xds/xds_channel_stack_modifier.h',
'src/core/ext/xds/xds_client.h',
'src/core/ext/xds/xds_client_stats.h',
@@ -2224,6 +2223,7 @@ Pod::Spec.new do |s|
'src/core/lib/security/credentials/alts/alts_credentials.h',
'src/core/lib/security/credentials/alts/check_gcp_environment.h',
'src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h',
+ 'src/core/lib/security/credentials/channel_creds_registry.h',
'src/core/lib/security/credentials/composite/composite_credentials.h',
'src/core/lib/security/credentials/credentials.h',
'src/core/lib/security/credentials/external/aws_external_account_credentials.h',
diff --git a/grpc.gemspec b/grpc.gemspec
index 004bf19fd75..8e915b64f24 100644
--- a/grpc.gemspec
+++ b/grpc.gemspec
@@ -863,8 +863,6 @@ Gem::Specification.new do |s|
s.files += %w( src/core/ext/xds/xds_certificate_provider.cc )
s.files += %w( src/core/ext/xds/xds_certificate_provider.h )
s.files += %w( src/core/ext/xds/xds_channel_args.h )
- s.files += %w( src/core/ext/xds/xds_channel_creds.cc )
- s.files += %w( src/core/ext/xds/xds_channel_creds.h )
s.files += %w( src/core/ext/xds/xds_channel_stack_modifier.cc )
s.files += %w( src/core/ext/xds/xds_channel_stack_modifier.h )
s.files += %w( src/core/ext/xds/xds_client.cc )
@@ -1279,6 +1277,8 @@ Gem::Specification.new do |s|
s.files += %w( src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc )
s.files += %w( src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h )
s.files += %w( src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc )
+ s.files += %w( src/core/lib/security/credentials/channel_creds_registry.h )
+ s.files += %w( src/core/lib/security/credentials/channel_creds_registry_init.cc )
s.files += %w( src/core/lib/security/credentials/composite/composite_credentials.cc )
s.files += %w( src/core/lib/security/credentials/composite/composite_credentials.h )
s.files += %w( src/core/lib/security/credentials/credentials.cc )
diff --git a/grpc.gyp b/grpc.gyp
index de5439878ae..4f92b023101 100644
--- a/grpc.gyp
+++ b/grpc.gyp
@@ -860,7 +860,6 @@
'src/core/ext/xds/xds_api.cc',
'src/core/ext/xds/xds_bootstrap.cc',
'src/core/ext/xds/xds_certificate_provider.cc',
- 'src/core/ext/xds/xds_channel_creds.cc',
'src/core/ext/xds/xds_channel_stack_modifier.cc',
'src/core/ext/xds/xds_client.cc',
'src/core/ext/xds/xds_client_stats.cc',
@@ -1029,6 +1028,7 @@
'src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc',
'src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc',
'src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc',
+ 'src/core/lib/security/credentials/channel_creds_registry_init.cc',
'src/core/lib/security/credentials/composite/composite_credentials.cc',
'src/core/lib/security/credentials/credentials.cc',
'src/core/lib/security/credentials/external/aws_external_account_credentials.cc',
diff --git a/package.xml b/package.xml
index 001d97b4ea3..0583f76621c 100644
--- a/package.xml
+++ b/package.xml
@@ -843,8 +843,6 @@
-
-
@@ -1259,6 +1257,8 @@
+
+
diff --git a/src/core/ext/xds/xds_bootstrap.cc b/src/core/ext/xds/xds_bootstrap.cc
index e62ce7fb8d4..a2d8e36cec2 100644
--- a/src/core/ext/xds/xds_bootstrap.cc
+++ b/src/core/ext/xds/xds_bootstrap.cc
@@ -32,11 +32,12 @@
#include "src/core/ext/xds/certificate_provider_registry.h"
#include "src/core/ext/xds/xds_api.h"
-#include "src/core/ext/xds/xds_channel_creds.h"
+#include "src/core/lib/config/core_configuration.h"
#include "src/core/lib/gpr/env.h"
#include "src/core/lib/gpr/string.h"
#include "src/core/lib/iomgr/load_file.h"
#include "src/core/lib/json/json_util.h"
+#include "src/core/lib/security/credentials/channel_creds_registry.h"
#include "src/core/lib/security/credentials/credentials.h"
#include "src/core/lib/security/credentials/fake/fake_credentials.h"
#include "src/core/lib/slice/slice_internal.h"
@@ -65,10 +66,11 @@ grpc_error_handle ParseChannelCreds(const Json::Object& json, size_t idx,
/*required=*/false);
// Select the first channel creds type that we support.
if (server->channel_creds_type.empty() &&
- XdsChannelCredsRegistry::IsSupported(type)) {
+ CoreConfiguration::Get().channel_creds_registry().IsSupported(type)) {
Json config;
if (config_ptr != nullptr) config = *config_ptr;
- if (!XdsChannelCredsRegistry::IsValidConfig(type, config)) {
+ if (!CoreConfiguration::Get().channel_creds_registry().IsValidConfig(
+ type, config)) {
error_list.push_back(GRPC_ERROR_CREATE_FROM_CPP_STRING(absl::StrCat(
"invalid config for channel creds type \"", type, "\"")));
}
diff --git a/src/core/ext/xds/xds_channel_creds.cc b/src/core/ext/xds/xds_channel_creds.cc
deleted file mode 100644
index 761351c0cd1..00000000000
--- a/src/core/ext/xds/xds_channel_creds.cc
+++ /dev/null
@@ -1,108 +0,0 @@
-//
-// Copyright 2019 gRPC authors.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-//
-
-#include
-
-#include "src/core/ext/xds/xds_channel_creds.h"
-
-#include "src/core/lib/security/credentials/fake/fake_credentials.h"
-
-namespace grpc_core {
-
-namespace {
-
-using ChannelCredsMap =
- std::map>;
-ChannelCredsMap* g_creds = nullptr;
-
-} // namespace
-
-//
-// XdsChannelCredsImpl implementations for default-supported cred types.
-//
-
-class GoogleDefaultXdsChannelCredsImpl : public XdsChannelCredsImpl {
- public:
- absl::string_view creds_type() const override { return "google_default"; }
- RefCountedPtr CreateXdsChannelCreds(
- const Json& /*config*/) const override {
- return RefCountedPtr(
- grpc_google_default_credentials_create(nullptr));
- }
- bool IsValidConfig(const Json& /*config*/) const override { return true; }
-};
-
-class InsecureXdsChannelCredsImpl : public XdsChannelCredsImpl {
- public:
- absl::string_view creds_type() const override { return "insecure"; }
- RefCountedPtr CreateXdsChannelCreds(
- const Json& /*config*/) const override {
- return RefCountedPtr(
- grpc_insecure_credentials_create());
- }
- bool IsValidConfig(const Json& /*config*/) const override { return true; }
-};
-
-class FakeXdsChannelCredsImpl : public XdsChannelCredsImpl {
- public:
- absl::string_view creds_type() const override { return "fake"; }
- RefCountedPtr CreateXdsChannelCreds(
- const Json& /*config*/) const override {
- return RefCountedPtr(
- grpc_fake_transport_security_credentials_create());
- }
- bool IsValidConfig(const Json& /*config*/) const override { return true; }
-};
-
-//
-// XdsChannelCredsRegistry
-//
-
-bool XdsChannelCredsRegistry::IsSupported(const std::string& creds_type) {
- return g_creds->find(creds_type) != g_creds->end();
-}
-
-bool XdsChannelCredsRegistry::IsValidConfig(const std::string& creds_type,
- const Json& config) {
- const auto iter = g_creds->find(creds_type);
- if (iter == g_creds->cend()) return false;
- return iter->second->IsValidConfig(config);
-}
-
-RefCountedPtr
-XdsChannelCredsRegistry::CreateXdsChannelCreds(const std::string& creds_type,
- const Json& config) {
- const auto iter = g_creds->find(creds_type);
- if (iter == g_creds->cend()) return nullptr;
- return iter->second->CreateXdsChannelCreds(config);
-}
-
-void XdsChannelCredsRegistry::Init() {
- g_creds = new ChannelCredsMap();
- RegisterXdsChannelCreds(
- absl::make_unique());
- RegisterXdsChannelCreds(absl::make_unique());
- RegisterXdsChannelCreds(absl::make_unique());
-}
-
-void XdsChannelCredsRegistry::Shutdown() { delete g_creds; }
-
-void XdsChannelCredsRegistry::RegisterXdsChannelCreds(
- std::unique_ptr creds) {
- (*g_creds)[creds->creds_type()] = std::move(creds);
-}
-
-} // namespace grpc_core
diff --git a/src/core/ext/xds/xds_channel_creds.h b/src/core/ext/xds/xds_channel_creds.h
deleted file mode 100644
index 4d5668eebe4..00000000000
--- a/src/core/ext/xds/xds_channel_creds.h
+++ /dev/null
@@ -1,50 +0,0 @@
-//
-// Copyright 2022 gRPC authors.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-//
-
-#ifndef GRPC_CORE_EXT_XDS_XDS_CHANNEL_CREDS_H
-#define GRPC_CORE_EXT_XDS_XDS_CHANNEL_CREDS_H
-
-#include
-
-#include "src/core/lib/json/json.h"
-#include "src/core/lib/security/credentials/credentials.h"
-
-namespace grpc_core {
-
-class XdsChannelCredsImpl {
- public:
- virtual ~XdsChannelCredsImpl() {}
- virtual absl::string_view creds_type() const = 0;
- virtual bool IsValidConfig(const Json& config) const = 0;
- virtual RefCountedPtr CreateXdsChannelCreds(
- const Json& config) const = 0;
-};
-
-class XdsChannelCredsRegistry {
- public:
- static bool IsSupported(const std::string& creds_type);
- static bool IsValidConfig(const std::string& creds_type, const Json& config);
- static RefCountedPtr CreateXdsChannelCreds(
- const std::string& creds_type, const Json& config);
- static void Init();
- static void Shutdown();
- static void RegisterXdsChannelCreds(
- std::unique_ptr creds);
-};
-
-} // namespace grpc_core
-
-#endif // GRPC_CORE_EXT_XDS_XDS_CHANNEL_CREDS_H
diff --git a/src/core/ext/xds/xds_client.cc b/src/core/ext/xds/xds_client.cc
index 68190fe5666..836b2dcf0ec 100644
--- a/src/core/ext/xds/xds_client.cc
+++ b/src/core/ext/xds/xds_client.cc
@@ -36,7 +36,6 @@
#include "src/core/ext/xds/xds_api.h"
#include "src/core/ext/xds/xds_bootstrap.h"
#include "src/core/ext/xds/xds_channel_args.h"
-#include "src/core/ext/xds/xds_channel_creds.h"
#include "src/core/ext/xds/xds_client_stats.h"
#include "src/core/ext/xds/xds_cluster.h"
#include "src/core/ext/xds/xds_endpoint.h"
@@ -46,6 +45,7 @@
#include "src/core/lib/backoff/backoff.h"
#include "src/core/lib/channel/channel_args.h"
#include "src/core/lib/channel/channel_stack.h"
+#include "src/core/lib/config/core_configuration.h"
#include "src/core/lib/gpr/env.h"
#include "src/core/lib/gpr/string.h"
#include "src/core/lib/gprpp/memory.h"
@@ -54,6 +54,7 @@
#include "src/core/lib/gprpp/sync.h"
#include "src/core/lib/iomgr/sockaddr.h"
#include "src/core/lib/iomgr/timer.h"
+#include "src/core/lib/security/credentials/channel_creds_registry.h"
#include "src/core/lib/slice/slice_internal.h"
#include "src/core/lib/slice/slice_string_helpers.h"
#include "src/core/lib/surface/call.h"
@@ -513,7 +514,7 @@ namespace {
grpc_channel* CreateXdsChannel(grpc_channel_args* args,
const XdsBootstrap::XdsServer& server) {
RefCountedPtr channel_creds =
- XdsChannelCredsRegistry::CreateXdsChannelCreds(
+ CoreConfiguration::Get().channel_creds_registry().CreateChannelCreds(
server.channel_creds_type, server.channel_creds_config);
return grpc_secure_channel_create(channel_creds.get(),
server.server_uri.c_str(), args, nullptr);
@@ -2331,7 +2332,6 @@ std::string XdsClient::DumpClientConfigBinary() {
void XdsClientGlobalInit() {
g_mu = new Mutex;
XdsHttpFilterRegistry::Init();
- XdsChannelCredsRegistry::Init();
}
// TODO(roth): Find a better way to clear the fallback config that does
@@ -2341,7 +2341,6 @@ void XdsClientGlobalShutdown() ABSL_NO_THREAD_SAFETY_ANALYSIS {
g_fallback_bootstrap_config = nullptr;
delete g_mu;
g_mu = nullptr;
- XdsChannelCredsRegistry::Shutdown();
XdsHttpFilterRegistry::Shutdown();
}
diff --git a/src/core/lib/config/core_configuration.cc b/src/core/lib/config/core_configuration.cc
index e8bcc1e7e7a..8fe32b3030e 100644
--- a/src/core/lib/config/core_configuration.cc
+++ b/src/core/lib/config/core_configuration.cc
@@ -34,7 +34,8 @@ CoreConfiguration::CoreConfiguration(Builder* builder)
: channel_args_preconditioning_(
builder->channel_args_preconditioning_.Build()),
channel_init_(builder->channel_init_.Build()),
- handshaker_registry_(builder->handshaker_registry_.Build()) {}
+ handshaker_registry_(builder->handshaker_registry_.Build()),
+ channel_creds_registry_(builder->channel_creds_registry_.Build()) {}
void CoreConfiguration::RegisterBuilder(std::function builder) {
GPR_ASSERT(config_.load(std::memory_order_relaxed) == nullptr &&
diff --git a/src/core/lib/config/core_configuration.h b/src/core/lib/config/core_configuration.h
index b3fed2100b8..df329153be6 100644
--- a/src/core/lib/config/core_configuration.h
+++ b/src/core/lib/config/core_configuration.h
@@ -21,6 +21,7 @@
#include "src/core/lib/channel/channel_args_preconditioning.h"
#include "src/core/lib/channel/handshaker_registry.h"
+#include "src/core/lib/security/credentials/channel_creds_registry.h"
#include "src/core/lib/surface/channel_init.h"
namespace grpc_core {
@@ -46,12 +47,17 @@ class CoreConfiguration {
return &handshaker_registry_;
}
+ ChannelCredsRegistry<>::Builder* channel_creds_registry() {
+ return &channel_creds_registry_;
+ }
+
private:
friend class CoreConfiguration;
ChannelArgsPreconditioning::Builder channel_args_preconditioning_;
ChannelInit::Builder channel_init_;
HandshakerRegistry::Builder handshaker_registry_;
+ ChannelCredsRegistry<>::Builder channel_creds_registry_;
Builder();
CoreConfiguration* Build();
@@ -127,6 +133,10 @@ class CoreConfiguration {
return handshaker_registry_;
}
+ const ChannelCredsRegistry<>& channel_creds_registry() const {
+ return channel_creds_registry_;
+ }
+
private:
explicit CoreConfiguration(Builder* builder);
@@ -148,6 +158,7 @@ class CoreConfiguration {
ChannelArgsPreconditioning channel_args_preconditioning_;
ChannelInit channel_init_;
HandshakerRegistry handshaker_registry_;
+ ChannelCredsRegistry<> channel_creds_registry_;
};
extern void BuildCoreConfiguration(CoreConfiguration::Builder* builder);
diff --git a/src/core/lib/security/credentials/channel_creds_registry.h b/src/core/lib/security/credentials/channel_creds_registry.h
new file mode 100644
index 00000000000..241c5853919
--- /dev/null
+++ b/src/core/lib/security/credentials/channel_creds_registry.h
@@ -0,0 +1,97 @@
+//
+// Copyright 2022 gRPC authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+#ifndef GRPC_CORE_LIB_SECURITY_CREDENTIALS_CHANNEL_CREDS_REGISTRY_H
+#define GRPC_CORE_LIB_SECURITY_CREDENTIALS_CHANNEL_CREDS_REGISTRY_H
+
+#include
+
+#include
+
+#include "src/core/lib/json/json.h"
+
+struct grpc_channel_credentials;
+
+namespace grpc_core {
+
+template
+class ChannelCredsFactory final {
+ public:
+ virtual ~ChannelCredsFactory() {}
+ virtual absl::string_view creds_type() const = delete;
+ virtual bool IsValidConfig(const Json& config) const = delete;
+ virtual RefCountedPtr CreateChannelCreds(const Json& config) const =
+ delete;
+};
+
+template <>
+class ChannelCredsFactory {
+ public:
+ virtual ~ChannelCredsFactory() {}
+ virtual absl::string_view creds_type() const = 0;
+ virtual bool IsValidConfig(const Json& config) const = 0;
+ virtual RefCountedPtr CreateChannelCreds(
+ const Json& config) const = 0;
+};
+
+template
+class ChannelCredsRegistry {
+ public:
+ static_assert(std::is_base_of::value,
+ "ChannelCredsRegistry must be instantiated with "
+ "grpc_channel_credentials.");
+ class Builder {
+ public:
+ void RegisterChannelCredsFactory(
+ std::unique_ptr> factory) {
+ factories_[factory->creds_type()] = std::move(factory);
+ }
+ ChannelCredsRegistry Build() {
+ ChannelCredsRegistry registry;
+ registry.factories_.swap(factories_);
+ return registry;
+ }
+
+ private:
+ std::map>>
+ factories_;
+ };
+
+ bool IsSupported(const std::string& creds_type) const {
+ return factories_.find(creds_type) != factories_.end();
+ }
+
+ bool IsValidConfig(const std::string& creds_type, const Json& config) const {
+ const auto iter = factories_.find(creds_type);
+ return iter != factories_.cend() && iter->second->IsValidConfig(config);
+ }
+
+ RefCountedPtr CreateChannelCreds(const std::string& creds_type,
+ const Json& config) const {
+ const auto iter = factories_.find(creds_type);
+ if (iter == factories_.cend()) return nullptr;
+ return iter->second->CreateChannelCreds(config);
+ }
+
+ private:
+ ChannelCredsRegistry() = default;
+ std::map>>
+ factories_;
+};
+
+} // namespace grpc_core
+
+#endif // GRPC_CORE_LIB_SECURITY_CREDENTIALS_CHANNEL_CREDS_REGISTRY_H
diff --git a/src/core/lib/security/credentials/channel_creds_registry_init.cc b/src/core/lib/security/credentials/channel_creds_registry_init.cc
new file mode 100644
index 00000000000..09ec4191bc4
--- /dev/null
+++ b/src/core/lib/security/credentials/channel_creds_registry_init.cc
@@ -0,0 +1,70 @@
+//
+//
+// Copyright 2022 gRPC authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+//
+
+#include
+
+#include "src/core/lib/config/core_configuration.h"
+#include "src/core/lib/json/json.h"
+#include "src/core/lib/security/credentials/credentials.h"
+#include "src/core/lib/security/credentials/fake/fake_credentials.h"
+
+namespace grpc_core {
+
+class GoogleDefaultChannelCredsFactory : public ChannelCredsFactory<> {
+ public:
+ absl::string_view creds_type() const override { return "google_default"; }
+ bool IsValidConfig(const Json& /*config*/) const override { return true; }
+ RefCountedPtr CreateChannelCreds(
+ const Json& /*config*/) const override {
+ return RefCountedPtr(
+ grpc_google_default_credentials_create(nullptr));
+ }
+};
+
+class InsecureChannelCredsFactory : public ChannelCredsFactory<> {
+ public:
+ absl::string_view creds_type() const override { return "insecure"; }
+ bool IsValidConfig(const Json& /*config*/) const override { return true; }
+ RefCountedPtr CreateChannelCreds(
+ const Json& /*config*/) const override {
+ return RefCountedPtr(
+ grpc_insecure_credentials_create());
+ }
+};
+
+class FakeChannelCredsFactory : public ChannelCredsFactory<> {
+ public:
+ absl::string_view creds_type() const override { return "fake"; }
+ bool IsValidConfig(const Json& /*config*/) const override { return true; }
+ RefCountedPtr CreateChannelCreds(
+ const Json& /*config*/) const override {
+ return RefCountedPtr(
+ grpc_fake_transport_security_credentials_create());
+ }
+};
+
+void RegisterChannelDefaultCreds(CoreConfiguration::Builder* builder) {
+ builder->channel_creds_registry()->RegisterChannelCredsFactory(
+ absl::make_unique());
+ builder->channel_creds_registry()->RegisterChannelCredsFactory(
+ absl::make_unique());
+ builder->channel_creds_registry()->RegisterChannelCredsFactory(
+ absl::make_unique());
+}
+
+} // namespace grpc_core
diff --git a/src/core/plugin_registry/grpc_plugin_registry.cc b/src/core/plugin_registry/grpc_plugin_registry.cc
index 72a7989bdf7..0109263150c 100644
--- a/src/core/plugin_registry/grpc_plugin_registry.cc
+++ b/src/core/plugin_registry/grpc_plugin_registry.cc
@@ -174,6 +174,7 @@ extern void RegisterResourceQuota(CoreConfiguration::Builder* builder);
#ifndef GRPC_NO_XDS
extern void RegisterXdsChannelStackModifier(
CoreConfiguration::Builder* builder);
+extern void RegisterChannelDefaultCreds(CoreConfiguration::Builder* builder);
#endif
void BuildCoreConfiguration(CoreConfiguration::Builder* builder) {
@@ -190,6 +191,7 @@ void BuildCoreConfiguration(CoreConfiguration::Builder* builder) {
RegisterResourceQuota(builder);
#ifndef GRPC_NO_XDS
RegisterXdsChannelStackModifier(builder);
+ RegisterChannelDefaultCreds(builder);
#endif
// Run last so it gets a consistent location.
// TODO(ctiller): Is this actually necessary?
diff --git a/src/python/grpcio/grpc_core_dependencies.py b/src/python/grpcio/grpc_core_dependencies.py
index ea39ff10c82..5c34468b14c 100644
--- a/src/python/grpcio/grpc_core_dependencies.py
+++ b/src/python/grpcio/grpc_core_dependencies.py
@@ -403,7 +403,6 @@ CORE_SOURCE_FILES = [
'src/core/ext/xds/xds_api.cc',
'src/core/ext/xds/xds_bootstrap.cc',
'src/core/ext/xds/xds_certificate_provider.cc',
- 'src/core/ext/xds/xds_channel_creds.cc',
'src/core/ext/xds/xds_channel_stack_modifier.cc',
'src/core/ext/xds/xds_client.cc',
'src/core/ext/xds/xds_client_stats.cc',
@@ -616,6 +615,7 @@ CORE_SOURCE_FILES = [
'src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc',
'src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc',
'src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc',
+ 'src/core/lib/security/credentials/channel_creds_registry_init.cc',
'src/core/lib/security/credentials/composite/composite_credentials.cc',
'src/core/lib/security/credentials/credentials.cc',
'src/core/lib/security/credentials/external/aws_external_account_credentials.cc',
diff --git a/test/core/security/BUILD b/test/core/security/BUILD
index 8e85204af28..2d17629bac7 100644
--- a/test/core/security/BUILD
+++ b/test/core/security/BUILD
@@ -480,3 +480,18 @@ grpc_cc_test(
"//test/core/util:grpc_test_util",
],
)
+
+grpc_cc_test(
+ name = "channel_creds_registry_test",
+ srcs = ["channel_creds_registry_test.cc"],
+ external_deps = [
+ "gtest",
+ ],
+ language = "C++",
+ deps = [
+ "//:gpr",
+ "//:grpc",
+ "//:grpc_secure",
+ "//test/core/util:grpc_test_util",
+ ],
+)
diff --git a/test/core/security/channel_creds_registry_test.cc b/test/core/security/channel_creds_registry_test.cc
new file mode 100644
index 00000000000..f53efa5327c
--- /dev/null
+++ b/test/core/security/channel_creds_registry_test.cc
@@ -0,0 +1,104 @@
+//
+//
+// Copyright 2022 gRPC authors.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+//
+
+#include "src/core/lib/security/credentials/channel_creds_registry.h"
+
+#include
+#include
+
+#include
+
+#include "src/core/lib/config/core_configuration.h"
+#include "src/core/lib/security/credentials/channel_creds_registry.h"
+#include "src/core/lib/security/credentials/fake/fake_credentials.h"
+#include "test/core/util/test_config.h"
+
+namespace grpc_core {
+namespace testing {
+namespace {
+
+class TestChannelCredsFactory : public ChannelCredsFactory<> {
+ public:
+ absl::string_view creds_type() const override { return "test"; }
+ bool IsValidConfig(const Json& /*config*/) const override { return true; }
+ RefCountedPtr CreateChannelCreds(
+ const Json& /*config*/) const override {
+ return RefCountedPtr(
+ grpc_fake_transport_security_credentials_create());
+ }
+};
+
+TEST(ChannelCredsRegistry2Test, DefaultCreds) {
+ // Default creds.
+ EXPECT_TRUE(CoreConfiguration::Get().channel_creds_registry().IsSupported(
+ "google_default"));
+ EXPECT_TRUE(CoreConfiguration::Get().channel_creds_registry().IsSupported(
+ "insecure"));
+ EXPECT_TRUE(
+ CoreConfiguration::Get().channel_creds_registry().IsSupported("fake"));
+
+ // Non-default creds.
+ EXPECT_EQ(
+ CoreConfiguration::Get().channel_creds_registry().CreateChannelCreds(
+ "test", Json()),
+ nullptr);
+ EXPECT_EQ(
+ CoreConfiguration::Get().channel_creds_registry().CreateChannelCreds(
+ "", Json()),
+ nullptr);
+}
+
+TEST(ChannelCredsRegistry2Test, Register) {
+ CoreConfiguration::Reset();
+ grpc_init();
+
+ // Before registration.
+ EXPECT_FALSE(
+ CoreConfiguration::Get().channel_creds_registry().IsSupported("test"));
+ EXPECT_EQ(
+ CoreConfiguration::Get().channel_creds_registry().CreateChannelCreds(
+ "test", Json()),
+ nullptr);
+
+ // Registration.
+ CoreConfiguration::BuildSpecialConfiguration(
+ [](CoreConfiguration::Builder* builder) {
+ BuildCoreConfiguration(builder);
+ builder->channel_creds_registry()->RegisterChannelCredsFactory(
+ absl::make_unique());
+ });
+
+ RefCountedPtr test_cred(
+ CoreConfiguration::Get().channel_creds_registry().CreateChannelCreds(
+ "test", Json()));
+ EXPECT_TRUE(
+ CoreConfiguration::Get().channel_creds_registry().IsSupported("test"));
+ EXPECT_NE(test_cred.get(), nullptr);
+}
+
+} // namespace
+} // namespace testing
+} // namespace grpc_core
+
+int main(int argc, char** argv) {
+ ::testing::InitGoogleTest(&argc, argv);
+ grpc::testing::TestEnvironment env(argc, argv);
+ grpc_init();
+ auto result = RUN_ALL_TESTS();
+ return result;
+}
diff --git a/test/core/xds/BUILD b/test/core/xds/BUILD
index 01fbea39c0c..1ef10d6cceb 100644
--- a/test/core/xds/BUILD
+++ b/test/core/xds/BUILD
@@ -96,18 +96,3 @@ grpc_cc_test(
"//test/core/util:grpc_test_util",
],
)
-
-grpc_cc_test(
- name = "xds_channel_creds_registry_test",
- srcs = ["xds_channel_creds_registry_test.cc"],
- external_deps = [
- "gtest",
- ],
- language = "C++",
- deps = [
- "//:gpr",
- "//:grpc",
- "//:grpc_secure",
- "//test/core/util:grpc_test_util",
- ],
-)
diff --git a/test/core/xds/xds_channel_creds_registry_test.cc b/test/core/xds/xds_channel_creds_registry_test.cc
deleted file mode 100644
index d27b5c94f05..00000000000
--- a/test/core/xds/xds_channel_creds_registry_test.cc
+++ /dev/null
@@ -1,79 +0,0 @@
-//
-//
-// Copyright 2022 gRPC authors.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-//
-//
-
-#include
-#include
-
-#include
-
-#include "src/core/ext/xds/xds_bootstrap.h"
-#include "src/core/ext/xds/xds_channel_creds.h"
-#include "src/core/lib/security/credentials/fake/fake_credentials.h"
-#include "test/core/util/test_config.h"
-
-namespace grpc_core {
-namespace testing {
-namespace {
-
-class TestXdsChannelCredsImpl : public XdsChannelCredsImpl {
- public:
- absl::string_view creds_type() const override { return "test"; }
- bool IsValidConfig(const Json& /*config*/) const override { return true; }
- RefCountedPtr CreateXdsChannelCreds(
- const Json& /*config*/) const override {
- return RefCountedPtr(
- grpc_fake_transport_security_credentials_create());
- }
-};
-
-TEST(XdsChannelCredsRegistryTest, DefaultCreds) { // Default creds.
- EXPECT_TRUE(XdsChannelCredsRegistry::IsSupported("google_default"));
- EXPECT_TRUE(XdsChannelCredsRegistry::IsSupported("insecure"));
- EXPECT_TRUE(XdsChannelCredsRegistry::IsSupported("fake"));
-
- // Non-default creds.
- EXPECT_EQ(XdsChannelCredsRegistry::CreateXdsChannelCreds("test", Json()),
- nullptr);
- EXPECT_EQ(XdsChannelCredsRegistry::CreateXdsChannelCreds("", Json()),
- nullptr);
-}
-
-TEST(XdsChannelCredsRegistryTest, Register) {
- // Before registration.
- EXPECT_FALSE(XdsChannelCredsRegistry::IsSupported("test"));
- EXPECT_EQ(XdsChannelCredsRegistry::CreateXdsChannelCreds("test", Json()),
- nullptr);
-
- // Registration.
- XdsChannelCredsRegistry::RegisterXdsChannelCreds(
- absl::make_unique());
- EXPECT_NE(XdsChannelCredsRegistry::CreateXdsChannelCreds("test", Json()),
- nullptr);
-}
-
-} // namespace
-} // namespace testing
-} // namespace grpc_core
-
-int main(int argc, char** argv) {
- ::testing::InitGoogleTest(&argc, argv);
- grpc::testing::TestEnvironment env(argc, argv);
- grpc_init();
- auto result = RUN_ALL_TESTS();
- return result;
-}
diff --git a/tools/doxygen/Doxyfile.c++.internal b/tools/doxygen/Doxyfile.c++.internal
index 81b882f0d65..826c7809308 100644
--- a/tools/doxygen/Doxyfile.c++.internal
+++ b/tools/doxygen/Doxyfile.c++.internal
@@ -1842,8 +1842,6 @@ src/core/ext/xds/xds_bootstrap.h \
src/core/ext/xds/xds_certificate_provider.cc \
src/core/ext/xds/xds_certificate_provider.h \
src/core/ext/xds/xds_channel_args.h \
-src/core/ext/xds/xds_channel_creds.cc \
-src/core/ext/xds/xds_channel_creds.h \
src/core/ext/xds/xds_channel_stack_modifier.cc \
src/core/ext/xds/xds_channel_stack_modifier.h \
src/core/ext/xds/xds_client.cc \
@@ -2258,6 +2256,8 @@ src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc \
src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc \
src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h \
src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc \
+src/core/lib/security/credentials/channel_creds_registry.h \
+src/core/lib/security/credentials/channel_creds_registry_init.cc \
src/core/lib/security/credentials/composite/composite_credentials.cc \
src/core/lib/security/credentials/composite/composite_credentials.h \
src/core/lib/security/credentials/credentials.cc \
diff --git a/tools/doxygen/Doxyfile.core.internal b/tools/doxygen/Doxyfile.core.internal
index b3f04fdc547..5f9278b9f9c 100644
--- a/tools/doxygen/Doxyfile.core.internal
+++ b/tools/doxygen/Doxyfile.core.internal
@@ -1636,8 +1636,6 @@ src/core/ext/xds/xds_bootstrap.h \
src/core/ext/xds/xds_certificate_provider.cc \
src/core/ext/xds/xds_certificate_provider.h \
src/core/ext/xds/xds_channel_args.h \
-src/core/ext/xds/xds_channel_creds.cc \
-src/core/ext/xds/xds_channel_creds.h \
src/core/ext/xds/xds_channel_stack_modifier.cc \
src/core/ext/xds/xds_channel_stack_modifier.h \
src/core/ext/xds/xds_client.cc \
@@ -2057,6 +2055,8 @@ src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc \
src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc \
src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h \
src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc \
+src/core/lib/security/credentials/channel_creds_registry.h \
+src/core/lib/security/credentials/channel_creds_registry_init.cc \
src/core/lib/security/credentials/composite/composite_credentials.cc \
src/core/lib/security/credentials/composite/composite_credentials.h \
src/core/lib/security/credentials/credentials.cc \
diff --git a/tools/run_tests/generated/tests.json b/tools/run_tests/generated/tests.json
index 0550a2c810a..47c1fa162eb 100644
--- a/tools/run_tests/generated/tests.json
+++ b/tools/run_tests/generated/tests.json
@@ -3379,6 +3379,30 @@
],
"uses_polling": false
},
+ {
+ "args": [],
+ "benchmark": false,
+ "ci_platforms": [
+ "linux",
+ "mac",
+ "posix",
+ "windows"
+ ],
+ "cpu_cost": 1.0,
+ "exclude_configs": [],
+ "exclude_iomgrs": [],
+ "flaky": false,
+ "gtest": true,
+ "language": "c++",
+ "name": "channel_creds_registry_test",
+ "platforms": [
+ "linux",
+ "mac",
+ "posix",
+ "windows"
+ ],
+ "uses_polling": true
+ },
{
"args": [],
"benchmark": false,
@@ -7495,30 +7519,6 @@
],
"uses_polling": true
},
- {
- "args": [],
- "benchmark": false,
- "ci_platforms": [
- "linux",
- "mac",
- "posix",
- "windows"
- ],
- "cpu_cost": 1.0,
- "exclude_configs": [],
- "exclude_iomgrs": [],
- "flaky": false,
- "gtest": true,
- "language": "c++",
- "name": "xds_channel_creds_registry_test",
- "platforms": [
- "linux",
- "mac",
- "posix",
- "windows"
- ],
- "uses_polling": true
- },
{
"args": [],
"benchmark": false,