Chiebot-Mirror
/
grpc
mirror of https://github.com/grpc/grpc.git
8
0
Fork 0
Code Issues Projects Releases Wiki Activity

Move XdsChannelCreds to CoreConfiguration (#28746)

Browse Source 
* Move XdsChannelCreds to CoreConfiguration

* move xDS channel creds files to src/core/lib/security/credentials/xds

* Change back to returning a RefCountedPtr.

* make remove "xds_" from xds_channel_* files.

* Renamed to address comments.

* clang fix

* Fix another clang error
reviewable/pr25586/r27^2
Yousuk Seung 3 years ago committed by GitHub
parent 4169f24dcc
commit 172120f6b4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
28 changed files with 476 additions and 499 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 35
      BUILD
  2. 144
      CMakeLists.txt
  3. 4
      Makefile
  4. 141
      build_autogenerated.yaml
  5. 2
      config.m4
  6. 2
      config.w32
  7. 4
      gRPC-C++.podspec
  8. 6
      gRPC-Core.podspec
  9. 4
      grpc.gemspec
  10. 2
      grpc.gyp
  11. 4
      package.xml
  12. 8
      src/core/ext/xds/xds_bootstrap.cc
  13. 108
      src/core/ext/xds/xds_channel_creds.cc
  14. 50
      src/core/ext/xds/xds_channel_creds.h
  15. 7
      src/core/ext/xds/xds_client.cc
  16. 3
      src/core/lib/config/core_configuration.cc
  17. 11
      src/core/lib/config/core_configuration.h
  18. 97
      src/core/lib/security/credentials/channel_creds_registry.h
  19. 70
      src/core/lib/security/credentials/channel_creds_registry_init.cc
  20. 2
      src/core/plugin_registry/grpc_plugin_registry.cc
  21. 2
      src/python/grpcio/grpc_core_dependencies.py
  22. 15
      test/core/security/BUILD
  23. 104
      test/core/security/channel_creds_registry_test.cc
  24. 15
      test/core/xds/BUILD
  25. 79
      test/core/xds/xds_channel_creds_registry_test.cc
  26. 4
      tools/doxygen/Doxyfile.c++.internal
  27. 4
      tools/doxygen/Doxyfile.core.internal
  28. 48
      tools/run_tests/generated/tests.json

35
BUILD
Unescape View File

@ -414,6 +414,9 @@ GRPC_XDS_TARGETS = [
"grpc_resolver_xds",
"grpc_resolver_c2p",
"grpc_xds_server_config_fetcher",
# Not xDS-specific but currently only used by xDS.
"channel_creds_registry_init",
]
grpc_cc_library(
@ -979,6 +982,7 @@ grpc_cc_library(
],
deps = [
"channel_args_preconditioning",
"channel_creds_registry",
"channel_init",
"gpr_base",
"handshaker_registry",
@ -1464,6 +1468,18 @@ grpc_cc_library(
],
)
grpc_cc_library(
name = "channel_creds_registry",
hdrs = [
"src/core/lib/security/credentials/channel_creds_registry.h",
],
language = "c++",
deps = [
"gpr_base",
"json",
],
)
grpc_cc_library(
name = "event_engine_memory_allocator",
srcs = [
@ -2778,7 +2794,6 @@ grpc_cc_library(
"src/core/ext/xds/xds_api.cc",
"src/core/ext/xds/xds_bootstrap.cc",
"src/core/ext/xds/xds_certificate_provider.cc",
"src/core/ext/xds/xds_channel_creds.cc",
"src/core/ext/xds/xds_client.cc",
"src/core/ext/xds/xds_client_stats.cc",
"src/core/ext/xds/xds_cluster.cc",
@ -2803,7 +2818,6 @@ grpc_cc_library(
"src/core/ext/xds/xds_bootstrap.h",
"src/core/ext/xds/xds_certificate_provider.h",
"src/core/ext/xds/xds_channel_args.h",
"src/core/ext/xds/xds_channel_creds.h",
"src/core/ext/xds/xds_client.h",
"src/core/ext/xds/xds_client_stats.h",
"src/core/ext/xds/xds_cluster.h",
@ -2834,6 +2848,8 @@ grpc_cc_library(
],
language = "c++",
deps = [
"channel_creds_registry",
"config",
"envoy_admin_upb",
"envoy_config_cluster_upb",
"envoy_config_cluster_upbdefs",
@ -2942,6 +2958,21 @@ grpc_cc_library(
],
)
grpc_cc_library(
name = "channel_creds_registry_init",
srcs = [
"src/core/lib/security/credentials/channel_creds_registry_init.cc",
],
language = "c++",
deps = [
"config",
"gpr_base",
"grpc_secure",
"grpc_security_base",
"json",
],
)
grpc_cc_library(
name = "grpc_google_mesh_ca_certificate_provider_factory",
srcs = [

144
CMakeLists.txt generated
Unescape View File

@ -809,6 +809,7 @@ if(gRPC_BUILD_TESTS)
add_dependencies(buildtests_cxx certificate_provider_store_test)
add_dependencies(buildtests_cxx cfstream_test)
add_dependencies(buildtests_cxx channel_arguments_test)
add_dependencies(buildtests_cxx channel_creds_registry_test)
add_dependencies(buildtests_cxx channel_filter_test)
add_dependencies(buildtests_cxx channel_stack_builder_test)
add_dependencies(buildtests_cxx channel_trace_test)
@ -1037,7 +1038,6 @@ if(gRPC_BUILD_TESTS)
endif()
add_dependencies(buildtests_cxx xds_bootstrap_test)
add_dependencies(buildtests_cxx xds_certificate_provider_test)
add_dependencies(buildtests_cxx xds_channel_creds_registry_test)
add_dependencies(buildtests_cxx xds_credentials_end2end_test)
add_dependencies(buildtests_cxx xds_credentials_test)
if(_gRPC_PLATFORM_LINUX OR _gRPC_PLATFORM_MAC OR _gRPC_PLATFORM_POSIX)
@ -1935,7 +1935,6 @@ add_library(grpc
src/core/ext/xds/xds_api.cc
src/core/ext/xds/xds_bootstrap.cc
src/core/ext/xds/xds_certificate_provider.cc
src/core/ext/xds/xds_channel_creds.cc
src/core/ext/xds/xds_channel_stack_modifier.cc
src/core/ext/xds/xds_client.cc
src/core/ext/xds/xds_client_stats.cc
@ -2104,6 +2103,7 @@ add_library(grpc
src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc
src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc
src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc
src/core/lib/security/credentials/channel_creds_registry_init.cc
src/core/lib/security/credentials/composite/composite_credentials.cc
src/core/lib/security/credentials/credentials.cc
src/core/lib/security/credentials/external/aws_external_account_credentials.cc
@ -8725,6 +8725,41 @@ target_link_libraries(channel_arguments_test
)
endif()
if(gRPC_BUILD_TESTS)
add_executable(channel_creds_registry_test
test/core/security/channel_creds_registry_test.cc
third_party/googletest/googletest/src/gtest-all.cc
third_party/googletest/googlemock/src/gmock-all.cc
)
target_include_directories(channel_creds_registry_test
PRIVATE
${CMAKE_CURRENT_SOURCE_DIR}
${CMAKE_CURRENT_SOURCE_DIR}/include
${_gRPC_ADDRESS_SORTING_INCLUDE_DIR}
${_gRPC_RE2_INCLUDE_DIR}
${_gRPC_SSL_INCLUDE_DIR}
${_gRPC_UPB_GENERATED_DIR}
${_gRPC_UPB_GRPC_GENERATED_DIR}
${_gRPC_UPB_INCLUDE_DIR}
${_gRPC_XXHASH_INCLUDE_DIR}
${_gRPC_ZLIB_INCLUDE_DIR}
third_party/googletest/googletest/include
third_party/googletest/googletest
third_party/googletest/googlemock/include
third_party/googletest/googlemock
${_gRPC_PROTO_GENS_DIR}
)
target_link_libraries(channel_creds_registry_test
${_gRPC_PROTOBUF_LIBRARIES}
${_gRPC_ALLTARGETS_LIBRARIES}
grpc_test_util
)
endif()
if(gRPC_BUILD_TESTS)
@ -9625,56 +9660,21 @@ endif()
if(gRPC_BUILD_TESTS)
add_executable(core_configuration_test
src/core/ext/upb-generated/google/protobuf/any.upb.c
src/core/ext/upb-generated/google/rpc/status.upb.c
src/core/lib/channel/channel_args.cc
src/core/lib/channel/channel_args_preconditioning.cc
src/core/lib/channel/handshaker_registry.cc
src/core/lib/config/core_configuration.cc
src/core/lib/gpr/alloc.cc
src/core/lib/gpr/atm.cc
src/core/lib/gpr/cpu_iphone.cc
src/core/lib/gpr/cpu_linux.cc
src/core/lib/gpr/cpu_posix.cc
src/core/lib/gpr/cpu_windows.cc
src/core/lib/gpr/env_linux.cc
src/core/lib/gpr/env_posix.cc
src/core/lib/gpr/env_windows.cc
src/core/lib/gpr/log.cc
src/core/lib/gpr/log_android.cc
src/core/lib/gpr/log_linux.cc
src/core/lib/gpr/log_posix.cc
src/core/lib/gpr/log_windows.cc
src/core/lib/gpr/murmur_hash.cc
src/core/lib/gpr/string.cc
src/core/lib/gpr/string_posix.cc
src/core/lib/gpr/string_util_windows.cc
src/core/lib/gpr/string_windows.cc
src/core/lib/gpr/sync.cc
src/core/lib/gpr/sync_abseil.cc
src/core/lib/gpr/sync_posix.cc
src/core/lib/gpr/sync_windows.cc
src/core/lib/gpr/time.cc
src/core/lib/gpr/time_posix.cc
src/core/lib/gpr/time_precise.cc
src/core/lib/gpr/time_windows.cc
src/core/lib/gpr/tmpfile_msys.cc
src/core/lib/gpr/tmpfile_posix.cc
src/core/lib/gpr/tmpfile_windows.cc
src/core/lib/gpr/wrap_memcpy.cc
src/core/lib/gprpp/examine_stack.cc
src/core/lib/gprpp/fork.cc
src/core/lib/gprpp/global_config_env.cc
src/core/lib/gprpp/host_port.cc
src/core/lib/gprpp/mpscq.cc
src/core/lib/gprpp/stat_posix.cc
src/core/lib/gprpp/stat_windows.cc
src/core/lib/gprpp/status_helper.cc
src/core/lib/gprpp/thd_posix.cc
src/core/lib/gprpp/thd_windows.cc
src/core/lib/gprpp/time_util.cc
src/core/lib/profiling/basic_timers.cc
src/core/lib/profiling/stap_timers.cc
src/core/lib/debug/trace.cc
src/core/lib/iomgr/combiner.cc
src/core/lib/iomgr/error.cc
src/core/lib/iomgr/exec_ctx.cc
src/core/lib/iomgr/executor.cc
src/core/lib/iomgr/iomgr_internal.cc
src/core/lib/json/json_reader.cc
src/core/lib/json/json_writer.cc
src/core/lib/slice/slice.cc
src/core/lib/slice/slice_refcount.cc
src/core/lib/slice/slice_string_helpers.cc
src/core/lib/surface/channel_init.cc
src/core/lib/surface/channel_stack_type.cc
test/core/config/core_configuration_test.cc
@ -9704,18 +9704,7 @@ target_include_directories(core_configuration_test
target_link_libraries(core_configuration_test
${_gRPC_PROTOBUF_LIBRARIES}
${_gRPC_ALLTARGETS_LIBRARIES}
absl::base
absl::core_headers
absl::memory
absl::random_random
absl::status
absl::cord
absl::str_format
absl::strings
absl::synchronization
absl::time
absl::optional
upb
gpr
)
@ -17011,41 +17000,6 @@ target_link_libraries(xds_certificate_provider_test
)
endif()
if(gRPC_BUILD_TESTS)
add_executable(xds_channel_creds_registry_test
test/core/xds/xds_channel_creds_registry_test.cc
third_party/googletest/googletest/src/gtest-all.cc
third_party/googletest/googlemock/src/gmock-all.cc
)
target_include_directories(xds_channel_creds_registry_test
PRIVATE
${CMAKE_CURRENT_SOURCE_DIR}
${CMAKE_CURRENT_SOURCE_DIR}/include
${_gRPC_ADDRESS_SORTING_INCLUDE_DIR}
${_gRPC_RE2_INCLUDE_DIR}
${_gRPC_SSL_INCLUDE_DIR}
${_gRPC_UPB_GENERATED_DIR}
${_gRPC_UPB_GRPC_GENERATED_DIR}
${_gRPC_UPB_INCLUDE_DIR}
${_gRPC_XXHASH_INCLUDE_DIR}
${_gRPC_ZLIB_INCLUDE_DIR}
third_party/googletest/googletest/include
third_party/googletest/googletest
third_party/googletest/googlemock/include
third_party/googletest/googlemock
${_gRPC_PROTO_GENS_DIR}
)
target_link_libraries(xds_channel_creds_registry_test
${_gRPC_PROTOBUF_LIBRARIES}
${_gRPC_ALLTARGETS_LIBRARIES}
grpc_test_util
)
endif()
if(gRPC_BUILD_TESTS)

4
Makefile generated
Unescape View File

@ -1410,7 +1410,6 @@ LIBGRPC_SRC = \
src/core/ext/xds/xds_api.cc \
src/core/ext/xds/xds_bootstrap.cc \
src/core/ext/xds/xds_certificate_provider.cc \
src/core/ext/xds/xds_channel_creds.cc \
src/core/ext/xds/xds_channel_stack_modifier.cc \
src/core/ext/xds/xds_client.cc \
src/core/ext/xds/xds_client_stats.cc \
@ -1579,6 +1578,7 @@ LIBGRPC_SRC = \
src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc \
src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc \
src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc \
src/core/lib/security/credentials/channel_creds_registry_init.cc \
src/core/lib/security/credentials/composite/composite_credentials.cc \
src/core/lib/security/credentials/credentials.cc \
src/core/lib/security/credentials/external/aws_external_account_credentials.cc \
@ -3108,7 +3108,6 @@ src/core/ext/xds/file_watcher_certificate_provider_factory.cc: $(OPENSSL_DEP)
src/core/ext/xds/xds_api.cc: $(OPENSSL_DEP)
src/core/ext/xds/xds_bootstrap.cc: $(OPENSSL_DEP)
src/core/ext/xds/xds_certificate_provider.cc: $(OPENSSL_DEP)
src/core/ext/xds/xds_channel_creds.cc: $(OPENSSL_DEP)
src/core/ext/xds/xds_channel_stack_modifier.cc: $(OPENSSL_DEP)
src/core/ext/xds/xds_client.cc: $(OPENSSL_DEP)
src/core/ext/xds/xds_client_stats.cc: $(OPENSSL_DEP)
@ -3139,6 +3138,7 @@ src/core/lib/security/credentials/alts/check_gcp_environment_windows.cc: $(OPENS
src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc: $(OPENSSL_DEP)
src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc: $(OPENSSL_DEP)
src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc: $(OPENSSL_DEP)
src/core/lib/security/credentials/channel_creds_registry_init.cc: $(OPENSSL_DEP)
src/core/lib/security/credentials/external/aws_external_account_credentials.cc: $(OPENSSL_DEP)
src/core/lib/security/credentials/external/aws_request_signer.cc: $(OPENSSL_DEP)
src/core/lib/security/credentials/external/external_account_credentials.cc: $(OPENSSL_DEP)

141
build_autogenerated.yaml generated
Unescape View File

@ -774,7 +774,6 @@ libs:
- src/core/ext/xds/xds_bootstrap.h
- src/core/ext/xds/xds_certificate_provider.h
- src/core/ext/xds/xds_channel_args.h
- src/core/ext/xds/xds_channel_creds.h
- src/core/ext/xds/xds_channel_stack_modifier.h
- src/core/ext/xds/xds_client.h
- src/core/ext/xds/xds_client_stats.h
@ -949,6 +948,7 @@ libs:
- src/core/lib/security/credentials/alts/alts_credentials.h
- src/core/lib/security/credentials/alts/check_gcp_environment.h
- src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h
- src/core/lib/security/credentials/channel_creds_registry.h
- src/core/lib/security/credentials/composite/composite_credentials.h
- src/core/lib/security/credentials/credentials.h
- src/core/lib/security/credentials/external/aws_external_account_credentials.h
@ -1445,7 +1445,6 @@ libs:
- src/core/ext/xds/xds_api.cc
- src/core/ext/xds/xds_bootstrap.cc
- src/core/ext/xds/xds_certificate_provider.cc
- src/core/ext/xds/xds_channel_creds.cc
- src/core/ext/xds/xds_channel_stack_modifier.cc
- src/core/ext/xds/xds_client.cc
- src/core/ext/xds/xds_client_stats.cc
@ -1614,6 +1613,7 @@ libs:
- src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc
- src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc
- src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc
- src/core/lib/security/credentials/channel_creds_registry_init.cc
- src/core/lib/security/credentials/composite/composite_credentials.cc
- src/core/lib/security/credentials/credentials.cc
- src/core/lib/security/credentials/external/aws_external_account_credentials.cc
@ -2121,6 +2121,7 @@ libs:
- src/core/lib/resource_quota/thread_quota.h
- src/core/lib/resource_quota/trace.h
- src/core/lib/security/context/security_context.h
- src/core/lib/security/credentials/channel_creds_registry.h
- src/core/lib/security/credentials/composite/composite_credentials.h
- src/core/lib/security/credentials/credentials.h
- src/core/lib/security/credentials/plugin/plugin_credentials.h
@ -5032,6 +5033,15 @@ targets:
- grpc++
- grpc_test_util
uses_polling: false
- name: channel_creds_registry_test
gtest: true
build: test
language: c++
headers: []
src:
- test/core/security/channel_creds_registry_test.cc
deps:
- grpc_test_util
- name: channel_filter_test
gtest: true
build: test
@ -5377,110 +5387,52 @@ targets:
build: test
language: c++
headers:
- src/core/ext/upb-generated/google/protobuf/any.upb.h
- src/core/ext/upb-generated/google/rpc/status.upb.h
- src/core/lib/channel/channel_args.h
- src/core/lib/channel/channel_args_preconditioning.h
- src/core/lib/channel/handshaker_factory.h
- src/core/lib/channel/handshaker_registry.h
- src/core/lib/config/core_configuration.h
- src/core/lib/gpr/alloc.h
- src/core/lib/gpr/env.h
- src/core/lib/gpr/murmur_hash.h
- src/core/lib/gpr/spinlock.h
- src/core/lib/gpr/string.h
- src/core/lib/gpr/string_windows.h
- src/core/lib/gpr/time_precise.h
- src/core/lib/gpr/tls.h
- src/core/lib/gpr/tmpfile.h
- src/core/lib/gpr/useful.h
- src/core/lib/gprpp/construct_destruct.h
- src/core/lib/gprpp/debug_location.h
- src/core/lib/gprpp/examine_stack.h
- src/core/lib/gprpp/fork.h
- src/core/lib/gprpp/global_config.h
- src/core/lib/gprpp/global_config_custom.h
- src/core/lib/gprpp/global_config_env.h
- src/core/lib/gprpp/global_config_generic.h
- src/core/lib/gprpp/host_port.h
- src/core/lib/gprpp/manual_constructor.h
- src/core/lib/gprpp/memory.h
- src/core/lib/gprpp/mpscq.h
- src/core/lib/gprpp/stat.h
- src/core/lib/gprpp/status_helper.h
- src/core/lib/gprpp/sync.h
- src/core/lib/gprpp/thd.h
- src/core/lib/gprpp/time_util.h
- src/core/lib/profiling/timers.h
- src/core/lib/debug/trace.h
- src/core/lib/gprpp/atomic_utils.h
- src/core/lib/gprpp/ref_counted.h
- src/core/lib/gprpp/ref_counted_ptr.h
- src/core/lib/iomgr/closure.h
- src/core/lib/iomgr/combiner.h
- src/core/lib/iomgr/error.h
- src/core/lib/iomgr/error_internal.h
- src/core/lib/iomgr/exec_ctx.h
- src/core/lib/iomgr/executor.h
- src/core/lib/iomgr/iomgr_internal.h
- src/core/lib/json/json.h
- src/core/lib/security/credentials/channel_creds_registry.h
- src/core/lib/slice/slice.h
- src/core/lib/slice/slice_internal.h
- src/core/lib/slice/slice_refcount.h
- src/core/lib/slice/slice_refcount_base.h
- src/core/lib/slice/slice_string_helpers.h
- src/core/lib/surface/channel_init.h
- src/core/lib/surface/channel_stack_type.h
src:
- src/core/ext/upb-generated/google/protobuf/any.upb.c
- src/core/ext/upb-generated/google/rpc/status.upb.c
- src/core/lib/channel/channel_args.cc
- src/core/lib/channel/channel_args_preconditioning.cc
- src/core/lib/channel/handshaker_registry.cc
- src/core/lib/config/core_configuration.cc
- src/core/lib/gpr/alloc.cc
- src/core/lib/gpr/atm.cc
- src/core/lib/gpr/cpu_iphone.cc
- src/core/lib/gpr/cpu_linux.cc
- src/core/lib/gpr/cpu_posix.cc
- src/core/lib/gpr/cpu_windows.cc
- src/core/lib/gpr/env_linux.cc
- src/core/lib/gpr/env_posix.cc
- src/core/lib/gpr/env_windows.cc
- src/core/lib/gpr/log.cc
- src/core/lib/gpr/log_android.cc
- src/core/lib/gpr/log_linux.cc
- src/core/lib/gpr/log_posix.cc
- src/core/lib/gpr/log_windows.cc
- src/core/lib/gpr/murmur_hash.cc
- src/core/lib/gpr/string.cc
- src/core/lib/gpr/string_posix.cc
- src/core/lib/gpr/string_util_windows.cc
- src/core/lib/gpr/string_windows.cc
- src/core/lib/gpr/sync.cc
- src/core/lib/gpr/sync_abseil.cc
- src/core/lib/gpr/sync_posix.cc
- src/core/lib/gpr/sync_windows.cc
- src/core/lib/gpr/time.cc
- src/core/lib/gpr/time_posix.cc
- src/core/lib/gpr/time_precise.cc
- src/core/lib/gpr/time_windows.cc
- src/core/lib/gpr/tmpfile_msys.cc
- src/core/lib/gpr/tmpfile_posix.cc
- src/core/lib/gpr/tmpfile_windows.cc
- src/core/lib/gpr/wrap_memcpy.cc
- src/core/lib/gprpp/examine_stack.cc
- src/core/lib/gprpp/fork.cc
- src/core/lib/gprpp/global_config_env.cc
- src/core/lib/gprpp/host_port.cc
- src/core/lib/gprpp/mpscq.cc
- src/core/lib/gprpp/stat_posix.cc
- src/core/lib/gprpp/stat_windows.cc
- src/core/lib/gprpp/status_helper.cc
- src/core/lib/gprpp/thd_posix.cc
- src/core/lib/gprpp/thd_windows.cc
- src/core/lib/gprpp/time_util.cc
- src/core/lib/profiling/basic_timers.cc
- src/core/lib/profiling/stap_timers.cc
- src/core/lib/debug/trace.cc
- src/core/lib/iomgr/combiner.cc
- src/core/lib/iomgr/error.cc
- src/core/lib/iomgr/exec_ctx.cc
- src/core/lib/iomgr/executor.cc
- src/core/lib/iomgr/iomgr_internal.cc
- src/core/lib/json/json_reader.cc
- src/core/lib/json/json_writer.cc
- src/core/lib/slice/slice.cc
- src/core/lib/slice/slice_refcount.cc
- src/core/lib/slice/slice_string_helpers.cc
- src/core/lib/surface/channel_init.cc
- src/core/lib/surface/channel_stack_type.cc
- test/core/config/core_configuration_test.cc
deps:
- absl/base:base
- absl/base:core_headers
- absl/memory:memory
- absl/random:random
- absl/status:status
- absl/strings:cord
- absl/strings:str_format
- absl/strings:strings
- absl/synchronization:synchronization
- absl/time:time
- absl/types:optional
- upb
- gpr
uses_polling: false
- name: cpp_impl_of_test
gtest: true
@ -8587,15 +8539,6 @@ targets:
- test/core/xds/xds_certificate_provider_test.cc
deps:
- grpc_test_util
- name: xds_channel_creds_registry_test
gtest: true
build: test
language: c++
headers: []
src:
- test/core/xds/xds_channel_creds_registry_test.cc
deps:
- grpc_test_util
- name: xds_credentials_end2end_test
gtest: true
build: test

2
config.m4 generated
Unescape View File

@ -428,7 +428,6 @@ if test "$PHP_GRPC" != "no"; then
src/core/ext/xds/xds_api.cc \
src/core/ext/xds/xds_bootstrap.cc \
src/core/ext/xds/xds_certificate_provider.cc \
src/core/ext/xds/xds_channel_creds.cc \
src/core/ext/xds/xds_channel_stack_modifier.cc \
src/core/ext/xds/xds_client.cc \
src/core/ext/xds/xds_client_stats.cc \
@ -641,6 +640,7 @@ if test "$PHP_GRPC" != "no"; then
src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc \
src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc \
src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc \
src/core/lib/security/credentials/channel_creds_registry_init.cc \
src/core/lib/security/credentials/composite/composite_credentials.cc \
src/core/lib/security/credentials/credentials.cc \
src/core/lib/security/credentials/external/aws_external_account_credentials.cc \

2
config.w32 generated
Unescape View File

@ -394,7 +394,6 @@ if (PHP_GRPC != "no") {
"src\\core\\ext\\xds\\xds_api.cc " +
"src\\core\\ext\\xds\\xds_bootstrap.cc " +
"src\\core\\ext\\xds\\xds_certificate_provider.cc " +
"src\\core\\ext\\xds\\xds_channel_creds.cc " +
"src\\core\\ext\\xds\\xds_channel_stack_modifier.cc " +
"src\\core\\ext\\xds\\xds_client.cc " +
"src\\core\\ext\\xds\\xds_client_stats.cc " +
@ -607,6 +606,7 @@ if (PHP_GRPC != "no") {
"src\\core\\lib\\security\\credentials\\alts\\grpc_alts_credentials_client_options.cc " +
"src\\core\\lib\\security\\credentials\\alts\\grpc_alts_credentials_options.cc " +
"src\\core\\lib\\security\\credentials\\alts\\grpc_alts_credentials_server_options.cc " +
"src\\core\\lib\\security\\credentials\\channel_creds_registry_init.cc " +
"src\\core\\lib\\security\\credentials\\composite\\composite_credentials.cc " +
"src\\core\\lib\\security\\credentials\\credentials.cc " +
"src\\core\\lib\\security\\credentials\\external\\aws_external_account_credentials.cc " +

4
gRPC-C++.podspec generated
Unescape View File

@ -617,7 +617,6 @@ Pod::Spec.new do |s|
'src/core/ext/xds/xds_bootstrap.h',
'src/core/ext/xds/xds_certificate_provider.h',
'src/core/ext/xds/xds_channel_args.h',
'src/core/ext/xds/xds_channel_creds.h',
'src/core/ext/xds/xds_channel_stack_modifier.h',
'src/core/ext/xds/xds_client.h',
'src/core/ext/xds/xds_client_stats.h',
@ -820,6 +819,7 @@ Pod::Spec.new do |s|
'src/core/lib/security/credentials/alts/alts_credentials.h',
'src/core/lib/security/credentials/alts/check_gcp_environment.h',
'src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h',
'src/core/lib/security/credentials/channel_creds_registry.h',
'src/core/lib/security/credentials/composite/composite_credentials.h',
'src/core/lib/security/credentials/credentials.h',
'src/core/lib/security/credentials/external/aws_external_account_credentials.h',
@ -1416,7 +1416,6 @@ Pod::Spec.new do |s|
'src/core/ext/xds/xds_bootstrap.h',
'src/core/ext/xds/xds_certificate_provider.h',
'src/core/ext/xds/xds_channel_args.h',
'src/core/ext/xds/xds_channel_creds.h',
'src/core/ext/xds/xds_channel_stack_modifier.h',
'src/core/ext/xds/xds_client.h',
'src/core/ext/xds/xds_client_stats.h',
@ -1619,6 +1618,7 @@ Pod::Spec.new do |s|
'src/core/lib/security/credentials/alts/alts_credentials.h',
'src/core/lib/security/credentials/alts/check_gcp_environment.h',
'src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h',
'src/core/lib/security/credentials/channel_creds_registry.h',
'src/core/lib/security/credentials/composite/composite_credentials.h',
'src/core/lib/security/credentials/credentials.h',
'src/core/lib/security/credentials/external/aws_external_account_credentials.h',

6
gRPC-Core.podspec generated
Unescape View File

@ -944,8 +944,6 @@ Pod::Spec.new do |s|
'src/core/ext/xds/xds_certificate_provider.cc',
'src/core/ext/xds/xds_certificate_provider.h',
'src/core/ext/xds/xds_channel_args.h',
'src/core/ext/xds/xds_channel_creds.cc',
'src/core/ext/xds/xds_channel_creds.h',
'src/core/ext/xds/xds_channel_stack_modifier.cc',
'src/core/ext/xds/xds_channel_stack_modifier.h',
'src/core/ext/xds/xds_client.cc',
@ -1360,6 +1358,8 @@ Pod::Spec.new do |s|
'src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc',
'src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h',
'src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc',
'src/core/lib/security/credentials/channel_creds_registry.h',
'src/core/lib/security/credentials/channel_creds_registry_init.cc',
'src/core/lib/security/credentials/composite/composite_credentials.cc',
'src/core/lib/security/credentials/composite/composite_credentials.h',
'src/core/lib/security/credentials/credentials.cc',
@ -2021,7 +2021,6 @@ Pod::Spec.new do |s|
'src/core/ext/xds/xds_bootstrap.h',
'src/core/ext/xds/xds_certificate_provider.h',
'src/core/ext/xds/xds_channel_args.h',
'src/core/ext/xds/xds_channel_creds.h',
'src/core/ext/xds/xds_channel_stack_modifier.h',
'src/core/ext/xds/xds_client.h',
'src/core/ext/xds/xds_client_stats.h',
@ -2224,6 +2223,7 @@ Pod::Spec.new do |s|
'src/core/lib/security/credentials/alts/alts_credentials.h',
'src/core/lib/security/credentials/alts/check_gcp_environment.h',
'src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h',
'src/core/lib/security/credentials/channel_creds_registry.h',
'src/core/lib/security/credentials/composite/composite_credentials.h',
'src/core/lib/security/credentials/credentials.h',
'src/core/lib/security/credentials/external/aws_external_account_credentials.h',

4
grpc.gemspec generated
Unescape View File

@ -863,8 +863,6 @@ Gem::Specification.new do |s|
s.files += %w( src/core/ext/xds/xds_certificate_provider.cc )
s.files += %w( src/core/ext/xds/xds_certificate_provider.h )
s.files += %w( src/core/ext/xds/xds_channel_args.h )
s.files += %w( src/core/ext/xds/xds_channel_creds.cc )
s.files += %w( src/core/ext/xds/xds_channel_creds.h )
s.files += %w( src/core/ext/xds/xds_channel_stack_modifier.cc )
s.files += %w( src/core/ext/xds/xds_channel_stack_modifier.h )
s.files += %w( src/core/ext/xds/xds_client.cc )
@ -1279,6 +1277,8 @@ Gem::Specification.new do |s|
s.files += %w( src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc )
s.files += %w( src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h )
s.files += %w( src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc )
s.files += %w( src/core/lib/security/credentials/channel_creds_registry.h )
s.files += %w( src/core/lib/security/credentials/channel_creds_registry_init.cc )
s.files += %w( src/core/lib/security/credentials/composite/composite_credentials.cc )
s.files += %w( src/core/lib/security/credentials/composite/composite_credentials.h )
s.files += %w( src/core/lib/security/credentials/credentials.cc )

2
grpc.gyp generated
Unescape View File

@ -860,7 +860,6 @@
'src/core/ext/xds/xds_api.cc',
'src/core/ext/xds/xds_bootstrap.cc',
'src/core/ext/xds/xds_certificate_provider.cc',
'src/core/ext/xds/xds_channel_creds.cc',
'src/core/ext/xds/xds_channel_stack_modifier.cc',
'src/core/ext/xds/xds_client.cc',
'src/core/ext/xds/xds_client_stats.cc',
@ -1029,6 +1028,7 @@
'src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc',
'src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc',
'src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc',
'src/core/lib/security/credentials/channel_creds_registry_init.cc',
'src/core/lib/security/credentials/composite/composite_credentials.cc',
'src/core/lib/security/credentials/credentials.cc',
'src/core/lib/security/credentials/external/aws_external_account_credentials.cc',

4
package.xml generated
Unescape View File

@ -843,8 +843,6 @@
<file baseinstalldir="/" name="src/core/ext/xds/xds_certificate_provider.cc" role="src" />
<file baseinstalldir="/" name="src/core/ext/xds/xds_certificate_provider.h" role="src" />
<file baseinstalldir="/" name="src/core/ext/xds/xds_channel_args.h" role="src" />
<file baseinstalldir="/" name="src/core/ext/xds/xds_channel_creds.cc" role="src" />
<file baseinstalldir="/" name="src/core/ext/xds/xds_channel_creds.h" role="src" />
<file baseinstalldir="/" name="src/core/ext/xds/xds_channel_stack_modifier.cc" role="src" />
<file baseinstalldir="/" name="src/core/ext/xds/xds_channel_stack_modifier.h" role="src" />
<file baseinstalldir="/" name="src/core/ext/xds/xds_client.cc" role="src" />
@ -1259,6 +1257,8 @@
<file baseinstalldir="/" name="src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc" role="src" />
<file baseinstalldir="/" name="src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h" role="src" />
<file baseinstalldir="/" name="src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc" role="src" />
<file baseinstalldir="/" name="src/core/lib/security/credentials/channel_creds_registry.h" role="src" />
<file baseinstalldir="/" name="src/core/lib/security/credentials/channel_creds_registry_init.cc" role="src" />
<file baseinstalldir="/" name="src/core/lib/security/credentials/composite/composite_credentials.cc" role="src" />
<file baseinstalldir="/" name="src/core/lib/security/credentials/composite/composite_credentials.h" role="src" />
<file baseinstalldir="/" name="src/core/lib/security/credentials/credentials.cc" role="src" />

8
src/core/ext/xds/xds_bootstrap.cc
Unescape View File

@ -32,11 +32,12 @@
#include "src/core/ext/xds/certificate_provider_registry.h"
#include "src/core/ext/xds/xds_api.h"
#include "src/core/ext/xds/xds_channel_creds.h"
#include "src/core/lib/config/core_configuration.h"
#include "src/core/lib/gpr/env.h"
#include "src/core/lib/gpr/string.h"
#include "src/core/lib/iomgr/load_file.h"
#include "src/core/lib/json/json_util.h"
#include "src/core/lib/security/credentials/channel_creds_registry.h"
#include "src/core/lib/security/credentials/credentials.h"
#include "src/core/lib/security/credentials/fake/fake_credentials.h"
#include "src/core/lib/slice/slice_internal.h"
@ -65,10 +66,11 @@ grpc_error_handle ParseChannelCreds(const Json::Object& json, size_t idx,
/*required=*/false);
// Select the first channel creds type that we support.
if (server->channel_creds_type.empty() &&
XdsChannelCredsRegistry::IsSupported(type)) {
CoreConfiguration::Get().channel_creds_registry().IsSupported(type)) {
Json config;
if (config_ptr != nullptr) config = *config_ptr;
if (!XdsChannelCredsRegistry::IsValidConfig(type, config)) {
if (!CoreConfiguration::Get().channel_creds_registry().IsValidConfig(
type, config)) {
error_list.push_back(GRPC_ERROR_CREATE_FROM_CPP_STRING(absl::StrCat(
"invalid config for channel creds type \"", type, "\"")));
}

108
src/core/ext/xds/xds_channel_creds.cc
Unescape View File

@ -1,108 +0,0 @@
//
// Copyright 2019 gRPC authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
#include <grpc/support/port_platform.h>
#include "src/core/ext/xds/xds_channel_creds.h"
#include "src/core/lib/security/credentials/fake/fake_credentials.h"
namespace grpc_core {
namespace {
using ChannelCredsMap =
std::map<absl::string_view, std::unique_ptr<XdsChannelCredsImpl>>;
ChannelCredsMap* g_creds = nullptr;
} // namespace
//
// XdsChannelCredsImpl implementations for default-supported cred types.
//
class GoogleDefaultXdsChannelCredsImpl : public XdsChannelCredsImpl {
public:
absl::string_view creds_type() const override { return "google_default"; }
RefCountedPtr<grpc_channel_credentials> CreateXdsChannelCreds(
const Json& /*config*/) const override {
return RefCountedPtr<grpc_channel_credentials>(
grpc_google_default_credentials_create(nullptr));
}
bool IsValidConfig(const Json& /*config*/) const override { return true; }
};
class InsecureXdsChannelCredsImpl : public XdsChannelCredsImpl {
public:
absl::string_view creds_type() const override { return "insecure"; }
RefCountedPtr<grpc_channel_credentials> CreateXdsChannelCreds(
const Json& /*config*/) const override {
return RefCountedPtr<grpc_channel_credentials>(
grpc_insecure_credentials_create());
}
bool IsValidConfig(const Json& /*config*/) const override { return true; }
};
class FakeXdsChannelCredsImpl : public XdsChannelCredsImpl {
public:
absl::string_view creds_type() const override { return "fake"; }
RefCountedPtr<grpc_channel_credentials> CreateXdsChannelCreds(
const Json& /*config*/) const override {
return RefCountedPtr<grpc_channel_credentials>(
grpc_fake_transport_security_credentials_create());
}
bool IsValidConfig(const Json& /*config*/) const override { return true; }
};
//
// XdsChannelCredsRegistry
//
bool XdsChannelCredsRegistry::IsSupported(const std::string& creds_type) {
return g_creds->find(creds_type) != g_creds->end();
}
bool XdsChannelCredsRegistry::IsValidConfig(const std::string& creds_type,
const Json& config) {
const auto iter = g_creds->find(creds_type);
if (iter == g_creds->cend()) return false;
return iter->second->IsValidConfig(config);
}
RefCountedPtr<grpc_channel_credentials>
XdsChannelCredsRegistry::CreateXdsChannelCreds(const std::string& creds_type,
const Json& config) {
const auto iter = g_creds->find(creds_type);
if (iter == g_creds->cend()) return nullptr;
return iter->second->CreateXdsChannelCreds(config);
}
void XdsChannelCredsRegistry::Init() {
g_creds = new ChannelCredsMap();
RegisterXdsChannelCreds(
absl::make_unique<GoogleDefaultXdsChannelCredsImpl>());
RegisterXdsChannelCreds(absl::make_unique<InsecureXdsChannelCredsImpl>());
RegisterXdsChannelCreds(absl::make_unique<FakeXdsChannelCredsImpl>());
}
void XdsChannelCredsRegistry::Shutdown() { delete g_creds; }
void XdsChannelCredsRegistry::RegisterXdsChannelCreds(
std::unique_ptr<XdsChannelCredsImpl> creds) {
(*g_creds)[creds->creds_type()] = std::move(creds);
}
} // namespace grpc_core

50
src/core/ext/xds/xds_channel_creds.h
Unescape View File

@ -1,50 +0,0 @@
//
// Copyright 2022 gRPC authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
#ifndef GRPC_CORE_EXT_XDS_XDS_CHANNEL_CREDS_H
#define GRPC_CORE_EXT_XDS_XDS_CHANNEL_CREDS_H
#include <grpc/support/port_platform.h>
#include "src/core/lib/json/json.h"
#include "src/core/lib/security/credentials/credentials.h"
namespace grpc_core {
class XdsChannelCredsImpl {
public:
virtual ~XdsChannelCredsImpl() {}
virtual absl::string_view creds_type() const = 0;
virtual bool IsValidConfig(const Json& config) const = 0;
virtual RefCountedPtr<grpc_channel_credentials> CreateXdsChannelCreds(
const Json& config) const = 0;
};
class XdsChannelCredsRegistry {
public:
static bool IsSupported(const std::string& creds_type);
static bool IsValidConfig(const std::string& creds_type, const Json& config);
static RefCountedPtr<grpc_channel_credentials> CreateXdsChannelCreds(
const std::string& creds_type, const Json& config);
static void Init();
static void Shutdown();
static void RegisterXdsChannelCreds(
std::unique_ptr<XdsChannelCredsImpl> creds);
};
} // namespace grpc_core
#endif // GRPC_CORE_EXT_XDS_XDS_CHANNEL_CREDS_H

7
src/core/ext/xds/xds_client.cc
Unescape View File

@ -36,7 +36,6 @@
#include "src/core/ext/xds/xds_api.h"
#include "src/core/ext/xds/xds_bootstrap.h"
#include "src/core/ext/xds/xds_channel_args.h"
#include "src/core/ext/xds/xds_channel_creds.h"
#include "src/core/ext/xds/xds_client_stats.h"
#include "src/core/ext/xds/xds_cluster.h"
#include "src/core/ext/xds/xds_endpoint.h"
@ -46,6 +45,7 @@
#include "src/core/lib/backoff/backoff.h"
#include "src/core/lib/channel/channel_args.h"
#include "src/core/lib/channel/channel_stack.h"
#include "src/core/lib/config/core_configuration.h"
#include "src/core/lib/gpr/env.h"
#include "src/core/lib/gpr/string.h"
#include "src/core/lib/gprpp/memory.h"
@ -54,6 +54,7 @@
#include "src/core/lib/gprpp/sync.h"
#include "src/core/lib/iomgr/sockaddr.h"
#include "src/core/lib/iomgr/timer.h"
#include "src/core/lib/security/credentials/channel_creds_registry.h"
#include "src/core/lib/slice/slice_internal.h"
#include "src/core/lib/slice/slice_string_helpers.h"
#include "src/core/lib/surface/call.h"
@ -513,7 +514,7 @@ namespace {
grpc_channel* CreateXdsChannel(grpc_channel_args* args,
const XdsBootstrap::XdsServer& server) {
RefCountedPtr<grpc_channel_credentials> channel_creds =
XdsChannelCredsRegistry::CreateXdsChannelCreds(
CoreConfiguration::Get().channel_creds_registry().CreateChannelCreds(
server.channel_creds_type, server.channel_creds_config);
return grpc_secure_channel_create(channel_creds.get(),
server.server_uri.c_str(), args, nullptr);
@ -2331,7 +2332,6 @@ std::string XdsClient::DumpClientConfigBinary() {
void XdsClientGlobalInit() {
g_mu = new Mutex;
XdsHttpFilterRegistry::Init();
XdsChannelCredsRegistry::Init();
}
// TODO(roth): Find a better way to clear the fallback config that does
@ -2341,7 +2341,6 @@ void XdsClientGlobalShutdown() ABSL_NO_THREAD_SAFETY_ANALYSIS {
g_fallback_bootstrap_config = nullptr;
delete g_mu;
g_mu = nullptr;
XdsChannelCredsRegistry::Shutdown();
XdsHttpFilterRegistry::Shutdown();
}

3
src/core/lib/config/core_configuration.cc
Unescape View File

@ -34,7 +34,8 @@ CoreConfiguration::CoreConfiguration(Builder* builder)
: channel_args_preconditioning_(
builder->channel_args_preconditioning_.Build()),
channel_init_(builder->channel_init_.Build()),
handshaker_registry_(builder->handshaker_registry_.Build()) {}
handshaker_registry_(builder->handshaker_registry_.Build()),
channel_creds_registry_(builder->channel_creds_registry_.Build()) {}
void CoreConfiguration::RegisterBuilder(std::function<void(Builder*)> builder) {
GPR_ASSERT(config_.load(std::memory_order_relaxed) == nullptr &&

11
src/core/lib/config/core_configuration.h
Unescape View File

@ -21,6 +21,7 @@
#include "src/core/lib/channel/channel_args_preconditioning.h"
#include "src/core/lib/channel/handshaker_registry.h"
#include "src/core/lib/security/credentials/channel_creds_registry.h"
#include "src/core/lib/surface/channel_init.h"
namespace grpc_core {
@ -46,12 +47,17 @@ class CoreConfiguration {
return &handshaker_registry_;
}
ChannelCredsRegistry<>::Builder* channel_creds_registry() {
return &channel_creds_registry_;
}
private:
friend class CoreConfiguration;
ChannelArgsPreconditioning::Builder channel_args_preconditioning_;
ChannelInit::Builder channel_init_;
HandshakerRegistry::Builder handshaker_registry_;
ChannelCredsRegistry<>::Builder channel_creds_registry_;
Builder();
CoreConfiguration* Build();
@ -127,6 +133,10 @@ class CoreConfiguration {
return handshaker_registry_;
}
const ChannelCredsRegistry<>& channel_creds_registry() const {
return channel_creds_registry_;
}
private:
explicit CoreConfiguration(Builder* builder);
@ -148,6 +158,7 @@ class CoreConfiguration {
ChannelArgsPreconditioning channel_args_preconditioning_;
ChannelInit channel_init_;
HandshakerRegistry handshaker_registry_;
ChannelCredsRegistry<> channel_creds_registry_;
};
extern void BuildCoreConfiguration(CoreConfiguration::Builder* builder);

97
src/core/lib/security/credentials/channel_creds_registry.h
Unescape View File

@ -0,0 +1,97 @@
//
// Copyright 2022 gRPC authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
#ifndef GRPC_CORE_LIB_SECURITY_CREDENTIALS_CHANNEL_CREDS_REGISTRY_H
#define GRPC_CORE_LIB_SECURITY_CREDENTIALS_CHANNEL_CREDS_REGISTRY_H
#include <grpc/support/port_platform.h>
#include <grpc/impl/codegen/grpc_types.h>
#include "src/core/lib/json/json.h"
struct grpc_channel_credentials;
namespace grpc_core {
template <typename T = grpc_channel_credentials>
class ChannelCredsFactory final {
public:
virtual ~ChannelCredsFactory() {}
virtual absl::string_view creds_type() const = delete;
virtual bool IsValidConfig(const Json& config) const = delete;
virtual RefCountedPtr<T> CreateChannelCreds(const Json& config) const =
delete;
};
template <>
class ChannelCredsFactory<grpc_channel_credentials> {
public:
virtual ~ChannelCredsFactory() {}
virtual absl::string_view creds_type() const = 0;
virtual bool IsValidConfig(const Json& config) const = 0;
virtual RefCountedPtr<grpc_channel_credentials> CreateChannelCreds(
const Json& config) const = 0;
};
template <typename T = grpc_channel_credentials>
class ChannelCredsRegistry {
public:
static_assert(std::is_base_of<grpc_channel_credentials, T>::value,
"ChannelCredsRegistry must be instantiated with "
"grpc_channel_credentials.");
class Builder {
public:
void RegisterChannelCredsFactory(
std::unique_ptr<ChannelCredsFactory<T>> factory) {
factories_[factory->creds_type()] = std::move(factory);
}
ChannelCredsRegistry Build() {
ChannelCredsRegistry<T> registry;
registry.factories_.swap(factories_);
return registry;
}
private:
std::map<absl::string_view, std::unique_ptr<ChannelCredsFactory<T>>>
factories_;
};
bool IsSupported(const std::string& creds_type) const {
return factories_.find(creds_type) != factories_.end();
}
bool IsValidConfig(const std::string& creds_type, const Json& config) const {
const auto iter = factories_.find(creds_type);
return iter != factories_.cend() && iter->second->IsValidConfig(config);
}
RefCountedPtr<T> CreateChannelCreds(const std::string& creds_type,
const Json& config) const {
const auto iter = factories_.find(creds_type);
if (iter == factories_.cend()) return nullptr;
return iter->second->CreateChannelCreds(config);
}
private:
ChannelCredsRegistry() = default;
std::map<absl::string_view, std::unique_ptr<ChannelCredsFactory<T>>>
factories_;
};
} // namespace grpc_core
#endif // GRPC_CORE_LIB_SECURITY_CREDENTIALS_CHANNEL_CREDS_REGISTRY_H

70
src/core/lib/security/credentials/channel_creds_registry_init.cc
Unescape View File

@ -0,0 +1,70 @@
//
//
// Copyright 2022 gRPC authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
//
#include <grpc/support/port_platform.h>
#include "src/core/lib/config/core_configuration.h"
#include "src/core/lib/json/json.h"
#include "src/core/lib/security/credentials/credentials.h"
#include "src/core/lib/security/credentials/fake/fake_credentials.h"
namespace grpc_core {
class GoogleDefaultChannelCredsFactory : public ChannelCredsFactory<> {
public:
absl::string_view creds_type() const override { return "google_default"; }
bool IsValidConfig(const Json& /*config*/) const override { return true; }
RefCountedPtr<grpc_channel_credentials> CreateChannelCreds(
const Json& /*config*/) const override {
return RefCountedPtr<grpc_channel_credentials>(
grpc_google_default_credentials_create(nullptr));
}
};
class InsecureChannelCredsFactory : public ChannelCredsFactory<> {
public:
absl::string_view creds_type() const override { return "insecure"; }
bool IsValidConfig(const Json& /*config*/) const override { return true; }
RefCountedPtr<grpc_channel_credentials> CreateChannelCreds(
const Json& /*config*/) const override {
return RefCountedPtr<grpc_channel_credentials>(
grpc_insecure_credentials_create());
}
};
class FakeChannelCredsFactory : public ChannelCredsFactory<> {
public:
absl::string_view creds_type() const override { return "fake"; }
bool IsValidConfig(const Json& /*config*/) const override { return true; }
RefCountedPtr<grpc_channel_credentials> CreateChannelCreds(
const Json& /*config*/) const override {
return RefCountedPtr<grpc_channel_credentials>(
grpc_fake_transport_security_credentials_create());
}
};
void RegisterChannelDefaultCreds(CoreConfiguration::Builder* builder) {
builder->channel_creds_registry()->RegisterChannelCredsFactory(
absl::make_unique<GoogleDefaultChannelCredsFactory>());
builder->channel_creds_registry()->RegisterChannelCredsFactory(
absl::make_unique<InsecureChannelCredsFactory>());
builder->channel_creds_registry()->RegisterChannelCredsFactory(
absl::make_unique<FakeChannelCredsFactory>());
}
} // namespace grpc_core

2
src/core/plugin_registry/grpc_plugin_registry.cc
Unescape View File

@ -174,6 +174,7 @@ extern void RegisterResourceQuota(CoreConfiguration::Builder* builder);
#ifndef GRPC_NO_XDS
extern void RegisterXdsChannelStackModifier(
CoreConfiguration::Builder* builder);
extern void RegisterChannelDefaultCreds(CoreConfiguration::Builder* builder);
#endif
void BuildCoreConfiguration(CoreConfiguration::Builder* builder) {
@ -190,6 +191,7 @@ void BuildCoreConfiguration(CoreConfiguration::Builder* builder) {
RegisterResourceQuota(builder);
#ifndef GRPC_NO_XDS
RegisterXdsChannelStackModifier(builder);
RegisterChannelDefaultCreds(builder);
#endif
// Run last so it gets a consistent location.
// TODO(ctiller): Is this actually necessary?

2
src/python/grpcio/grpc_core_dependencies.py generated
Unescape View File

@ -403,7 +403,6 @@ CORE_SOURCE_FILES = [
'src/core/ext/xds/xds_api.cc',
'src/core/ext/xds/xds_bootstrap.cc',
'src/core/ext/xds/xds_certificate_provider.cc',
'src/core/ext/xds/xds_channel_creds.cc',
'src/core/ext/xds/xds_channel_stack_modifier.cc',
'src/core/ext/xds/xds_client.cc',
'src/core/ext/xds/xds_client_stats.cc',
@ -616,6 +615,7 @@ CORE_SOURCE_FILES = [
'src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc',
'src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc',
'src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc',
'src/core/lib/security/credentials/channel_creds_registry_init.cc',
'src/core/lib/security/credentials/composite/composite_credentials.cc',
'src/core/lib/security/credentials/credentials.cc',
'src/core/lib/security/credentials/external/aws_external_account_credentials.cc',

15
test/core/security/BUILD
Unescape View File

@ -480,3 +480,18 @@ grpc_cc_test(
"//test/core/util:grpc_test_util",
],
)
grpc_cc_test(
name = "channel_creds_registry_test",
srcs = ["channel_creds_registry_test.cc"],
external_deps = [
"gtest",
],
language = "C++",
deps = [
"//:gpr",
"//:grpc",
"//:grpc_secure",
"//test/core/util:grpc_test_util",
],
)

104
test/core/security/channel_creds_registry_test.cc
Unescape View File

@ -0,0 +1,104 @@
//
//
// Copyright 2022 gRPC authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
//
#include "src/core/lib/security/credentials/channel_creds_registry.h"
#include <gmock/gmock.h>
#include <gtest/gtest.h>
#include <grpc/grpc.h>
#include "src/core/lib/config/core_configuration.h"
#include "src/core/lib/security/credentials/channel_creds_registry.h"
#include "src/core/lib/security/credentials/fake/fake_credentials.h"
#include "test/core/util/test_config.h"
namespace grpc_core {
namespace testing {
namespace {
class TestChannelCredsFactory : public ChannelCredsFactory<> {
public:
absl::string_view creds_type() const override { return "test"; }
bool IsValidConfig(const Json& /*config*/) const override { return true; }
RefCountedPtr<grpc_channel_credentials> CreateChannelCreds(
const Json& /*config*/) const override {
return RefCountedPtr<grpc_channel_credentials>(
grpc_fake_transport_security_credentials_create());
}
};
TEST(ChannelCredsRegistry2Test, DefaultCreds) {
// Default creds.
EXPECT_TRUE(CoreConfiguration::Get().channel_creds_registry().IsSupported(
"google_default"));
EXPECT_TRUE(CoreConfiguration::Get().channel_creds_registry().IsSupported(
"insecure"));
EXPECT_TRUE(
CoreConfiguration::Get().channel_creds_registry().IsSupported("fake"));
// Non-default creds.
EXPECT_EQ(
CoreConfiguration::Get().channel_creds_registry().CreateChannelCreds(
"test", Json()),
nullptr);
EXPECT_EQ(
CoreConfiguration::Get().channel_creds_registry().CreateChannelCreds(
"", Json()),
nullptr);
}
TEST(ChannelCredsRegistry2Test, Register) {
CoreConfiguration::Reset();
grpc_init();
// Before registration.
EXPECT_FALSE(
CoreConfiguration::Get().channel_creds_registry().IsSupported("test"));
EXPECT_EQ(
CoreConfiguration::Get().channel_creds_registry().CreateChannelCreds(
"test", Json()),
nullptr);
// Registration.
CoreConfiguration::BuildSpecialConfiguration(
[](CoreConfiguration::Builder* builder) {
BuildCoreConfiguration(builder);
builder->channel_creds_registry()->RegisterChannelCredsFactory(
absl::make_unique<TestChannelCredsFactory>());
});
RefCountedPtr<grpc_channel_credentials> test_cred(
CoreConfiguration::Get().channel_creds_registry().CreateChannelCreds(
"test", Json()));
EXPECT_TRUE(
CoreConfiguration::Get().channel_creds_registry().IsSupported("test"));
EXPECT_NE(test_cred.get(), nullptr);
}
} // namespace
} // namespace testing
} // namespace grpc_core
int main(int argc, char** argv) {
::testing::InitGoogleTest(&argc, argv);
grpc::testing::TestEnvironment env(argc, argv);
grpc_init();
auto result = RUN_ALL_TESTS();
return result;
}

15
test/core/xds/BUILD
Unescape View File

@ -96,18 +96,3 @@ grpc_cc_test(
"//test/core/util:grpc_test_util",
],
)
grpc_cc_test(
name = "xds_channel_creds_registry_test",
srcs = ["xds_channel_creds_registry_test.cc"],
external_deps = [
"gtest",
],
language = "C++",
deps = [
"//:gpr",
"//:grpc",
"//:grpc_secure",
"//test/core/util:grpc_test_util",
],
)

79
test/core/xds/xds_channel_creds_registry_test.cc
Unescape View File

@ -1,79 +0,0 @@
//
//
// Copyright 2022 gRPC authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
//
#include <gmock/gmock.h>
#include <gtest/gtest.h>
#include <grpc/grpc.h>
#include "src/core/ext/xds/xds_bootstrap.h"
#include "src/core/ext/xds/xds_channel_creds.h"
#include "src/core/lib/security/credentials/fake/fake_credentials.h"
#include "test/core/util/test_config.h"
namespace grpc_core {
namespace testing {
namespace {
class TestXdsChannelCredsImpl : public XdsChannelCredsImpl {
public:
absl::string_view creds_type() const override { return "test"; }
bool IsValidConfig(const Json& /*config*/) const override { return true; }
RefCountedPtr<grpc_channel_credentials> CreateXdsChannelCreds(
const Json& /*config*/) const override {
return RefCountedPtr<grpc_channel_credentials>(
grpc_fake_transport_security_credentials_create());
}
};
TEST(XdsChannelCredsRegistryTest, DefaultCreds) { // Default creds.
EXPECT_TRUE(XdsChannelCredsRegistry::IsSupported("google_default"));
EXPECT_TRUE(XdsChannelCredsRegistry::IsSupported("insecure"));
EXPECT_TRUE(XdsChannelCredsRegistry::IsSupported("fake"));
// Non-default creds.
EXPECT_EQ(XdsChannelCredsRegistry::CreateXdsChannelCreds("test", Json()),
nullptr);
EXPECT_EQ(XdsChannelCredsRegistry::CreateXdsChannelCreds("", Json()),
nullptr);
}
TEST(XdsChannelCredsRegistryTest, Register) {
// Before registration.
EXPECT_FALSE(XdsChannelCredsRegistry::IsSupported("test"));
EXPECT_EQ(XdsChannelCredsRegistry::CreateXdsChannelCreds("test", Json()),
nullptr);
// Registration.
XdsChannelCredsRegistry::RegisterXdsChannelCreds(
absl::make_unique<TestXdsChannelCredsImpl>());
EXPECT_NE(XdsChannelCredsRegistry::CreateXdsChannelCreds("test", Json()),
nullptr);
}
} // namespace
} // namespace testing
} // namespace grpc_core
int main(int argc, char** argv) {
::testing::InitGoogleTest(&argc, argv);
grpc::testing::TestEnvironment env(argc, argv);
grpc_init();
auto result = RUN_ALL_TESTS();
return result;
}

4
tools/doxygen/Doxyfile.c++.internal generated
Unescape View File

@ -1842,8 +1842,6 @@ src/core/ext/xds/xds_bootstrap.h \
src/core/ext/xds/xds_certificate_provider.cc \
src/core/ext/xds/xds_certificate_provider.h \
src/core/ext/xds/xds_channel_args.h \
src/core/ext/xds/xds_channel_creds.cc \
src/core/ext/xds/xds_channel_creds.h \
src/core/ext/xds/xds_channel_stack_modifier.cc \
src/core/ext/xds/xds_channel_stack_modifier.h \
src/core/ext/xds/xds_client.cc \
@ -2258,6 +2256,8 @@ src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc \
src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc \
src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h \
src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc \
src/core/lib/security/credentials/channel_creds_registry.h \
src/core/lib/security/credentials/channel_creds_registry_init.cc \
src/core/lib/security/credentials/composite/composite_credentials.cc \
src/core/lib/security/credentials/composite/composite_credentials.h \
src/core/lib/security/credentials/credentials.cc \

4
tools/doxygen/Doxyfile.core.internal generated
Unescape View File

@ -1636,8 +1636,6 @@ src/core/ext/xds/xds_bootstrap.h \
src/core/ext/xds/xds_certificate_provider.cc \
src/core/ext/xds/xds_certificate_provider.h \
src/core/ext/xds/xds_channel_args.h \
src/core/ext/xds/xds_channel_creds.cc \
src/core/ext/xds/xds_channel_creds.h \
src/core/ext/xds/xds_channel_stack_modifier.cc \
src/core/ext/xds/xds_channel_stack_modifier.h \
src/core/ext/xds/xds_client.cc \
@ -2057,6 +2055,8 @@ src/core/lib/security/credentials/alts/grpc_alts_credentials_client_options.cc \
src/core/lib/security/credentials/alts/grpc_alts_credentials_options.cc \
src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h \
src/core/lib/security/credentials/alts/grpc_alts_credentials_server_options.cc \
src/core/lib/security/credentials/channel_creds_registry.h \
src/core/lib/security/credentials/channel_creds_registry_init.cc \
src/core/lib/security/credentials/composite/composite_credentials.cc \
src/core/lib/security/credentials/composite/composite_credentials.h \
src/core/lib/security/credentials/credentials.cc \

48
tools/run_tests/generated/tests.json generated
Unescape View File

@ -3379,6 +3379,30 @@
],
"uses_polling": false
},
{
"args": [],
"benchmark": false,
"ci_platforms": [
"linux",
"mac",
"posix",
"windows"
],
"cpu_cost": 1.0,
"exclude_configs": [],
"exclude_iomgrs": [],
"flaky": false,
"gtest": true,
"language": "c++",
"name": "channel_creds_registry_test",
"platforms": [
"linux",
"mac",
"posix",
"windows"
],
"uses_polling": true
},
{
"args": [],
"benchmark": false,
@ -7495,30 +7519,6 @@
],
"uses_polling": true
},
{
"args": [],
"benchmark": false,
"ci_platforms": [
"linux",
"mac",
"posix",
"windows"
],
"cpu_cost": 1.0,
"exclude_configs": [],
"exclude_iomgrs": [],
"flaky": false,
"gtest": true,
"language": "c++",
"name": "xds_channel_creds_registry_test",
"platforms": [
"linux",
"mac",
"posix",
"windows"
],
"uses_polling": true
},
{
"args": [],
"benchmark": false,

Write Preview
Loading…
Cancel
Save