From 1de0bfd9e2310a00cbb6467a8f3cb7fe6866c801 Mon Sep 17 00:00:00 2001 From: Karthik Ravi Shankar Date: Fri, 24 Jul 2020 12:47:33 -0700 Subject: [PATCH] Revert "Revert "Move create_channel and credentials from ::grpc_impl to ::grpc"" --- BUILD | 2 - BUILD.gn | 2 - CMakeLists.txt | 4 - Makefile | 4 - build_autogenerated.yaml | 4 - gRPC-C++.podspec | 2 - include/grpcpp/create_channel.h | 67 ++-- include/grpcpp/create_channel_impl.h | 78 ---- .../grpcpp/impl/codegen/client_context_impl.h | 13 +- include/grpcpp/security/credentials.h | 356 +++++++++++++----- include/grpcpp/security/credentials_impl.h | 356 ------------------ include/grpcpp/security/cronet_credentials.h | 5 +- include/grpcpp/security/server_credentials.h | 28 +- .../grpcpp/security/server_credentials_impl.h | 2 +- .../grpcpp/security/tls_credentials_options.h | 4 +- .../grpcpp/support/channel_arguments_impl.h | 5 +- src/cpp/client/client_context.cc | 2 +- src/cpp/client/create_channel.cc | 14 +- src/cpp/client/credentials_cc.cc | 4 +- src/cpp/client/cronet_credentials.cc | 5 +- src/cpp/client/insecure_credentials.cc | 4 +- src/cpp/client/secure_credentials.cc | 5 +- src/cpp/client/secure_credentials.h | 8 +- src/cpp/common/tls_credentials_options.cc | 4 +- .../common/tls_credentials_options_util.cc | 4 +- src/cpp/common/tls_credentials_options_util.h | 4 +- src/cpp/server/insecure_server_credentials.cc | 4 +- src/cpp/server/secure_server_credentials.cc | 6 +- src/cpp/server/secure_server_credentials.h | 13 +- test/core/security/fetch_oauth2.cc | 11 +- test/cpp/client/credentials_test.cc | 29 +- tools/doxygen/Doxyfile.c++ | 2 - tools/doxygen/Doxyfile.c++.internal | 2 - 33 files changed, 382 insertions(+), 671 deletions(-) delete mode 100644 include/grpcpp/create_channel_impl.h delete mode 100644 include/grpcpp/security/credentials_impl.h diff --git a/BUILD b/BUILD index 036c782ac30..0182416c493 100644 --- a/BUILD +++ b/BUILD @@ -225,7 +225,6 @@ GRPCXX_PUBLIC_HDRS = [ "include/grpcpp/completion_queue.h", "include/grpcpp/completion_queue_impl.h", "include/grpcpp/create_channel.h", - "include/grpcpp/create_channel_impl.h", "include/grpcpp/create_channel_posix.h", "include/grpcpp/ext/health_check_service_server_builder_option.h", "include/grpcpp/generic/async_generic_service.h", @@ -251,7 +250,6 @@ GRPCXX_PUBLIC_HDRS = [ "include/grpcpp/security/auth_context.h", "include/grpcpp/security/auth_metadata_processor.h", "include/grpcpp/security/credentials.h", - "include/grpcpp/security/credentials_impl.h", "include/grpcpp/security/server_credentials.h", "include/grpcpp/security/server_credentials_impl.h", "include/grpcpp/security/tls_credentials_options.h", diff --git a/BUILD.gn b/BUILD.gn index 59835609c50..b81612cd95a 100644 --- a/BUILD.gn +++ b/BUILD.gn @@ -1093,7 +1093,6 @@ config("grpc_config") { "include/grpcpp/completion_queue.h", "include/grpcpp/completion_queue_impl.h", "include/grpcpp/create_channel.h", - "include/grpcpp/create_channel_impl.h", "include/grpcpp/create_channel_posix.h", "include/grpcpp/ext/health_check_service_server_builder_option.h", "include/grpcpp/generic/async_generic_service.h", @@ -1177,7 +1176,6 @@ config("grpc_config") { "include/grpcpp/security/auth_context.h", "include/grpcpp/security/auth_metadata_processor.h", "include/grpcpp/security/credentials.h", - "include/grpcpp/security/credentials_impl.h", "include/grpcpp/security/server_credentials.h", "include/grpcpp/security/server_credentials_impl.h", "include/grpcpp/security/tls_credentials_options.h", diff --git a/CMakeLists.txt b/CMakeLists.txt index 1b85e61f25a..89f151b79a6 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -2735,7 +2735,6 @@ foreach(_hdr include/grpcpp/completion_queue.h include/grpcpp/completion_queue_impl.h include/grpcpp/create_channel.h - include/grpcpp/create_channel_impl.h include/grpcpp/create_channel_posix.h include/grpcpp/ext/health_check_service_server_builder_option.h include/grpcpp/generic/async_generic_service.h @@ -2819,7 +2818,6 @@ foreach(_hdr include/grpcpp/security/auth_context.h include/grpcpp/security/auth_metadata_processor.h include/grpcpp/security/credentials.h - include/grpcpp/security/credentials_impl.h include/grpcpp/security/server_credentials.h include/grpcpp/security/server_credentials_impl.h include/grpcpp/security/tls_credentials_options.h @@ -3429,7 +3427,6 @@ foreach(_hdr include/grpcpp/completion_queue.h include/grpcpp/completion_queue_impl.h include/grpcpp/create_channel.h - include/grpcpp/create_channel_impl.h include/grpcpp/create_channel_posix.h include/grpcpp/ext/health_check_service_server_builder_option.h include/grpcpp/generic/async_generic_service.h @@ -3513,7 +3510,6 @@ foreach(_hdr include/grpcpp/security/auth_context.h include/grpcpp/security/auth_metadata_processor.h include/grpcpp/security/credentials.h - include/grpcpp/security/credentials_impl.h include/grpcpp/security/server_credentials.h include/grpcpp/security/server_credentials_impl.h include/grpcpp/security/tls_credentials_options.h diff --git a/Makefile b/Makefile index 40e2642512c..146914f5c37 100644 --- a/Makefile +++ b/Makefile @@ -4885,7 +4885,6 @@ PUBLIC_HEADERS_CXX += \ include/grpcpp/completion_queue.h \ include/grpcpp/completion_queue_impl.h \ include/grpcpp/create_channel.h \ - include/grpcpp/create_channel_impl.h \ include/grpcpp/create_channel_posix.h \ include/grpcpp/ext/health_check_service_server_builder_option.h \ include/grpcpp/generic/async_generic_service.h \ @@ -4969,7 +4968,6 @@ PUBLIC_HEADERS_CXX += \ include/grpcpp/security/auth_context.h \ include/grpcpp/security/auth_metadata_processor.h \ include/grpcpp/security/credentials.h \ - include/grpcpp/security/credentials_impl.h \ include/grpcpp/security/server_credentials.h \ include/grpcpp/security/server_credentials_impl.h \ include/grpcpp/security/tls_credentials_options.h \ @@ -5577,7 +5575,6 @@ PUBLIC_HEADERS_CXX += \ include/grpcpp/completion_queue.h \ include/grpcpp/completion_queue_impl.h \ include/grpcpp/create_channel.h \ - include/grpcpp/create_channel_impl.h \ include/grpcpp/create_channel_posix.h \ include/grpcpp/ext/health_check_service_server_builder_option.h \ include/grpcpp/generic/async_generic_service.h \ @@ -5661,7 +5658,6 @@ PUBLIC_HEADERS_CXX += \ include/grpcpp/security/auth_context.h \ include/grpcpp/security/auth_metadata_processor.h \ include/grpcpp/security/credentials.h \ - include/grpcpp/security/credentials_impl.h \ include/grpcpp/security/server_credentials.h \ include/grpcpp/security/server_credentials_impl.h \ include/grpcpp/security/tls_credentials_options.h \ diff --git a/build_autogenerated.yaml b/build_autogenerated.yaml index 0737db79647..5bf88a42be1 100644 --- a/build_autogenerated.yaml +++ b/build_autogenerated.yaml @@ -2068,7 +2068,6 @@ libs: - include/grpcpp/completion_queue.h - include/grpcpp/completion_queue_impl.h - include/grpcpp/create_channel.h - - include/grpcpp/create_channel_impl.h - include/grpcpp/create_channel_posix.h - include/grpcpp/ext/health_check_service_server_builder_option.h - include/grpcpp/generic/async_generic_service.h @@ -2152,7 +2151,6 @@ libs: - include/grpcpp/security/auth_context.h - include/grpcpp/security/auth_metadata_processor.h - include/grpcpp/security/credentials.h - - include/grpcpp/security/credentials_impl.h - include/grpcpp/security/server_credentials.h - include/grpcpp/security/server_credentials_impl.h - include/grpcpp/security/tls_credentials_options.h @@ -2454,7 +2452,6 @@ libs: - include/grpcpp/completion_queue.h - include/grpcpp/completion_queue_impl.h - include/grpcpp/create_channel.h - - include/grpcpp/create_channel_impl.h - include/grpcpp/create_channel_posix.h - include/grpcpp/ext/health_check_service_server_builder_option.h - include/grpcpp/generic/async_generic_service.h @@ -2538,7 +2535,6 @@ libs: - include/grpcpp/security/auth_context.h - include/grpcpp/security/auth_metadata_processor.h - include/grpcpp/security/credentials.h - - include/grpcpp/security/credentials_impl.h - include/grpcpp/security/server_credentials.h - include/grpcpp/security/server_credentials_impl.h - include/grpcpp/security/tls_credentials_options.h diff --git a/gRPC-C++.podspec b/gRPC-C++.podspec index c1f21867f5e..2633038e47b 100644 --- a/gRPC-C++.podspec +++ b/gRPC-C++.podspec @@ -84,7 +84,6 @@ Pod::Spec.new do |s| 'include/grpcpp/completion_queue.h', 'include/grpcpp/completion_queue_impl.h', 'include/grpcpp/create_channel.h', - 'include/grpcpp/create_channel_impl.h', 'include/grpcpp/create_channel_posix.h', 'include/grpcpp/ext/health_check_service_server_builder_option.h', 'include/grpcpp/generic/async_generic_service.h', @@ -164,7 +163,6 @@ Pod::Spec.new do |s| 'include/grpcpp/security/auth_context.h', 'include/grpcpp/security/auth_metadata_processor.h', 'include/grpcpp/security/credentials.h', - 'include/grpcpp/security/credentials_impl.h', 'include/grpcpp/security/server_credentials.h', 'include/grpcpp/security/server_credentials_impl.h', 'include/grpcpp/security/tls_credentials_options.h', diff --git a/include/grpcpp/create_channel.h b/include/grpcpp/create_channel.h index bfd018b26f0..4b94a08e45e 100644 --- a/include/grpcpp/create_channel.h +++ b/include/grpcpp/create_channel.h @@ -1,6 +1,6 @@ /* * - * Copyright 2019 gRPC authors. + * Copyright 2015 gRPC authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -19,36 +19,59 @@ #ifndef GRPCPP_CREATE_CHANNEL_H #define GRPCPP_CREATE_CHANNEL_H -#include +#include + +#include +#include +#include #include +#include namespace grpc { +/// Create a new \a Channel pointing to \a target. +/// +/// \param target The URI of the endpoint to connect to. +/// \param creds Credentials to use for the created channel. If it does not +/// hold an object or is invalid, a lame channel (one on which all operations +/// fail) is returned. +std::shared_ptr CreateChannel( + const grpc::string& target, + const std::shared_ptr& creds); -static inline std::shared_ptr<::grpc::Channel> CreateChannel( - const std::string& target, - const std::shared_ptr& creds) { - return ::grpc_impl::CreateChannelImpl(target, creds); -} - -static inline std::shared_ptr<::grpc::Channel> CreateCustomChannel( - const std::string& target, const std::shared_ptr& creds, - const ChannelArguments& args) { - return ::grpc_impl::CreateCustomChannelImpl(target, creds, args); -} +/// Create a new \em custom \a Channel pointing to \a target. +/// +/// \warning For advanced use and testing ONLY. Override default channel +/// arguments only if necessary. +/// +/// \param target The URI of the endpoint to connect to. +/// \param creds Credentials to use for the created channel. If it does not +/// hold an object or is invalid, a lame channel (one on which all operations +/// fail) is returned. +/// \param args Options for channel creation. +std::shared_ptr CreateCustomChannel( + const grpc::string& target, + const std::shared_ptr& creds, + const ChannelArguments& args); namespace experimental { - -static inline std::shared_ptr<::grpc::Channel> -CreateCustomChannelWithInterceptors( - const std::string& target, const std::shared_ptr& creds, +/// Create a new \em custom \a Channel pointing to \a target with \a +/// interceptors being invoked per call. +/// +/// \warning For advanced use and testing ONLY. Override default channel +/// arguments only if necessary. +/// +/// \param target The URI of the endpoint to connect to. +/// \param creds Credentials to use for the created channel. If it does not +/// hold an object or is invalid, a lame channel (one on which all operations +/// fail) is returned. +/// \param args Options for channel creation. +std::shared_ptr CreateCustomChannelWithInterceptors( + const grpc::string& target, + const std::shared_ptr& creds, const ChannelArguments& args, std::vector< std::unique_ptr> - interceptor_creators) { - return ::grpc_impl::experimental::CreateCustomChannelWithInterceptors( - target, creds, args, std::move(interceptor_creators)); -} - + interceptor_creators); } // namespace experimental } // namespace grpc diff --git a/include/grpcpp/create_channel_impl.h b/include/grpcpp/create_channel_impl.h deleted file mode 100644 index ac68728692c..00000000000 --- a/include/grpcpp/create_channel_impl.h +++ /dev/null @@ -1,78 +0,0 @@ -/* - * - * Copyright 2015 gRPC authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ - -#ifndef GRPCPP_CREATE_CHANNEL_IMPL_H -#define GRPCPP_CREATE_CHANNEL_IMPL_H - -#include - -#include -#include -#include -#include -#include - -namespace grpc_impl { -/// Create a new \a Channel pointing to \a target. -/// -/// \param target The URI of the endpoint to connect to. -/// \param creds Credentials to use for the created channel. If it does not -/// hold an object or is invalid, a lame channel (one on which all operations -/// fail) is returned. -std::shared_ptr<::grpc::Channel> CreateChannelImpl( - const std::string& target, - const std::shared_ptr<::grpc::ChannelCredentials>& creds); - -/// Create a new \em custom \a Channel pointing to \a target. -/// -/// \warning For advanced use and testing ONLY. Override default channel -/// arguments only if necessary. -/// -/// \param target The URI of the endpoint to connect to. -/// \param creds Credentials to use for the created channel. If it does not -/// hold an object or is invalid, a lame channel (one on which all operations -/// fail) is returned. -/// \param args Options for channel creation. -std::shared_ptr<::grpc::Channel> CreateCustomChannelImpl( - const std::string& target, - const std::shared_ptr<::grpc::ChannelCredentials>& creds, - const ::grpc::ChannelArguments& args); - -namespace experimental { -/// Create a new \em custom \a Channel pointing to \a target with \a -/// interceptors being invoked per call. -/// -/// \warning For advanced use and testing ONLY. Override default channel -/// arguments only if necessary. -/// -/// \param target The URI of the endpoint to connect to. -/// \param creds Credentials to use for the created channel. If it does not -/// hold an object or is invalid, a lame channel (one on which all operations -/// fail) is returned. -/// \param args Options for channel creation. -std::shared_ptr<::grpc::Channel> CreateCustomChannelWithInterceptors( - const std::string& target, - const std::shared_ptr& creds, - const ::grpc::ChannelArguments& args, - std::vector< - std::unique_ptr> - interceptor_creators); -} // namespace experimental -} // namespace grpc_impl - -#endif // GRPCPP_CREATE_CHANNEL_IMPL_H diff --git a/include/grpcpp/impl/codegen/client_context_impl.h b/include/grpcpp/impl/codegen/client_context_impl.h index 9b6d1755edb..2624e571cdb 100644 --- a/include/grpcpp/impl/codegen/client_context_impl.h +++ b/include/grpcpp/impl/codegen/client_context_impl.h @@ -58,6 +58,7 @@ struct grpc_call; namespace grpc { +class CallCredentials; class ChannelInterface; namespace internal { @@ -88,7 +89,6 @@ class ClientCallbackUnaryImpl; class ClientContextAccessor; } // namespace internal -class CallCredentials; class Channel; class CompletionQueue; class ServerContext; @@ -318,16 +318,15 @@ class ClientContext { /// /// It is legal to call this only before initial metadata is sent. /// - /// \see https://grpc.io/docs/guides/auth - void set_credentials( - const std::shared_ptr& creds); + /// \see https://grpc.io/docs/guides/auth.html + void set_credentials(const std::shared_ptr& creds); /// EXPERIMENTAL debugging API /// /// Returns the credentials for the client call. This should be used only in /// tests and for diagnostic purposes, and should not be used by application /// logic. - std::shared_ptr credentials() { return creds_; } + std::shared_ptr credentials() { return creds_; } /// Return the compression algorithm the client call will request be used. /// Note that the gRPC runtime may decide to ignore this request, for example, @@ -494,8 +493,8 @@ class ClientContext { grpc_call* call_; bool call_canceled_; gpr_timespec deadline_; - std::string authority_; - std::shared_ptr creds_; + grpc::string authority_; + std::shared_ptr creds_; mutable std::shared_ptr auth_context_; struct census_context* census_context_; std::multimap send_initial_metadata_; diff --git a/include/grpcpp/security/credentials.h b/include/grpcpp/security/credentials.h index 45c6d55546f..b0da6650b6b 100644 --- a/include/grpcpp/security/credentials.h +++ b/include/grpcpp/security/credentials.h @@ -19,123 +19,301 @@ #ifndef GRPCPP_SECURITY_CREDENTIALS_H #define GRPCPP_SECURITY_CREDENTIALS_H -#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include + +struct grpc_call; namespace grpc { +class CallCredentials; +class SecureCallCredentials; +class SecureChannelCredentials; +class ChannelCredentials; -typedef ::grpc_impl::ChannelCredentials ChannelCredentials; -typedef ::grpc_impl::CallCredentials CallCredentials; -typedef ::grpc_impl::SslCredentialsOptions SslCredentialsOptions; -typedef ::grpc_impl::SecureCallCredentials SecureCallCredentials; -typedef ::grpc_impl::SecureChannelCredentials SecureChannelCredentials; -typedef ::grpc_impl::MetadataCredentialsPlugin MetadataCredentialsPlugin; +std::shared_ptr CreateCustomChannel( + const grpc::string& target, + const std::shared_ptr& creds, + const grpc::ChannelArguments& args); -static inline std::shared_ptr -GoogleDefaultCredentials() { - return ::grpc_impl::GoogleDefaultCredentials(); +namespace experimental { +std::shared_ptr CreateCustomChannelWithInterceptors( + const grpc::string& target, + const std::shared_ptr& creds, + const grpc::ChannelArguments& args, + std::vector< + std::unique_ptr> + interceptor_creators); } -static inline std::shared_ptr SslCredentials( - const SslCredentialsOptions& options) { - return ::grpc_impl::SslCredentials(options); -} +/// A channel credentials object encapsulates all the state needed by a client +/// to authenticate with a server for a given channel. +/// It can make various assertions, e.g., about the client’s identity, role +/// for all the calls on that channel. +/// +/// \see https://grpc.io/docs/guides/auth.html +class ChannelCredentials : private grpc::GrpcLibraryCodegen { + public: + ChannelCredentials(); + ~ChannelCredentials(); -static inline std::shared_ptr -GoogleComputeEngineCredentials() { - return ::grpc_impl::GoogleComputeEngineCredentials(); -} + protected: + friend std::shared_ptr CompositeChannelCredentials( + const std::shared_ptr& channel_creds, + const std::shared_ptr& call_creds); -/// Constant for maximum auth token lifetime. -constexpr long kMaxAuthTokenLifetimeSecs = - ::grpc_impl::kMaxAuthTokenLifetimeSecs; + virtual SecureChannelCredentials* AsSecureCredentials() = 0; -static inline std::shared_ptr -ServiceAccountJWTAccessCredentials( - const std::string& json_key, - long token_lifetime_seconds = grpc::kMaxAuthTokenLifetimeSecs) { - return ::grpc_impl::ServiceAccountJWTAccessCredentials( - json_key, token_lifetime_seconds); -} + private: + friend std::shared_ptr CreateCustomChannel( + const grpc::string& target, + const std::shared_ptr& creds, + const grpc::ChannelArguments& args); -static inline std::shared_ptr -GoogleRefreshTokenCredentials(const std::string& json_refresh_token) { - return ::grpc_impl::GoogleRefreshTokenCredentials(json_refresh_token); -} + friend std::shared_ptr + grpc::experimental::CreateCustomChannelWithInterceptors( + const grpc::string& target, + const std::shared_ptr& creds, + const grpc::ChannelArguments& args, + std::vector> + interceptor_creators); -static inline std::shared_ptr -AccessTokenCredentials(const std::string& access_token) { - return ::grpc_impl::AccessTokenCredentials(access_token); -} + virtual std::shared_ptr CreateChannelImpl( + const grpc::string& target, const ChannelArguments& args) = 0; -static inline std::shared_ptr GoogleIAMCredentials( - const std::string& authorization_token, - const std::string& authority_selector) { - return ::grpc_impl::GoogleIAMCredentials(authorization_token, - authority_selector); -} + // This function should have been a pure virtual function, but it is + // implemented as a virtual function so that it does not break API. + virtual std::shared_ptr CreateChannelWithInterceptors( + const grpc::string& /*target*/, const ChannelArguments& /*args*/, + std::vector> + /*interceptor_creators*/) { + return nullptr; + } +}; + +/// A call credentials object encapsulates the state needed by a client to +/// authenticate with a server for a given call on a channel. +/// +/// \see https://grpc.io/docs/guides/auth.html +class CallCredentials : private grpc::GrpcLibraryCodegen { + public: + CallCredentials(); + ~CallCredentials(); + + /// Apply this instance's credentials to \a call. + virtual bool ApplyToCall(grpc_call* call) = 0; + virtual grpc::string DebugString() { + return "CallCredentials did not provide a debug string"; + } + + protected: + friend std::shared_ptr CompositeChannelCredentials( + const std::shared_ptr& channel_creds, + const std::shared_ptr& call_creds); + + friend std::shared_ptr CompositeCallCredentials( + const std::shared_ptr& creds1, + const std::shared_ptr& creds2); + + virtual SecureCallCredentials* AsSecureCredentials() = 0; +}; + +/// Options used to build SslCredentials. +struct SslCredentialsOptions { + /// The buffer containing the PEM encoding of the server root certificates. If + /// this parameter is empty, the default roots will be used. The default + /// roots can be overridden using the \a GRPC_DEFAULT_SSL_ROOTS_FILE_PATH + /// environment variable pointing to a file on the file system containing the + /// roots. + grpc::string pem_root_certs; + + /// The buffer containing the PEM encoding of the client's private key. This + /// parameter can be empty if the client does not have a private key. + grpc::string pem_private_key; + + /// The buffer containing the PEM encoding of the client's certificate chain. + /// This parameter can be empty if the client does not have a certificate + /// chain. + grpc::string pem_cert_chain; +}; + +// Factories for building different types of Credentials The functions may +// return empty shared_ptr when credentials cannot be created. If a +// Credentials pointer is returned, it can still be invalid when used to create +// a channel. A lame channel will be created then and all rpcs will fail on it. + +/// Builds credentials with reasonable defaults. +/// +/// \warning Only use these credentials when connecting to a Google endpoint. +/// Using these credentials to connect to any other service may result in this +/// service being able to impersonate your client for requests to Google +/// services. +std::shared_ptr GoogleDefaultCredentials(); + +/// Builds SSL Credentials given SSL specific options +std::shared_ptr SslCredentials( + const SslCredentialsOptions& options); + +/// Builds credentials for use when running in GCE +/// +/// \warning Only use these credentials when connecting to a Google endpoint. +/// Using these credentials to connect to any other service may result in this +/// service being able to impersonate your client for requests to Google +/// services. +std::shared_ptr GoogleComputeEngineCredentials(); -static inline std::shared_ptr CompositeChannelCredentials( +constexpr long kMaxAuthTokenLifetimeSecs = 3600; + +/// Builds Service Account JWT Access credentials. +/// json_key is the JSON key string containing the client's private key. +/// token_lifetime_seconds is the lifetime in seconds of each Json Web Token +/// (JWT) created with this credentials. It should not exceed +/// \a kMaxAuthTokenLifetimeSecs or will be cropped to this value. +std::shared_ptr ServiceAccountJWTAccessCredentials( + const grpc::string& json_key, + long token_lifetime_seconds = kMaxAuthTokenLifetimeSecs); + +/// Builds refresh token credentials. +/// json_refresh_token is the JSON string containing the refresh token along +/// with a client_id and client_secret. +/// +/// \warning Only use these credentials when connecting to a Google endpoint. +/// Using these credentials to connect to any other service may result in this +/// service being able to impersonate your client for requests to Google +/// services. +std::shared_ptr GoogleRefreshTokenCredentials( + const grpc::string& json_refresh_token); + +/// Builds access token credentials. +/// access_token is an oauth2 access token that was fetched using an out of band +/// mechanism. +/// +/// \warning Only use these credentials when connecting to a Google endpoint. +/// Using these credentials to connect to any other service may result in this +/// service being able to impersonate your client for requests to Google +/// services. +std::shared_ptr AccessTokenCredentials( + const grpc::string& access_token); + +/// Builds IAM credentials. +/// +/// \warning Only use these credentials when connecting to a Google endpoint. +/// Using these credentials to connect to any other service may result in this +/// service being able to impersonate your client for requests to Google +/// services. +std::shared_ptr GoogleIAMCredentials( + const grpc::string& authorization_token, + const grpc::string& authority_selector); + +/// Combines a channel credentials and a call credentials into a composite +/// channel credentials. +std::shared_ptr CompositeChannelCredentials( const std::shared_ptr& channel_creds, - const std::shared_ptr& call_creds) { - return ::grpc_impl::CompositeChannelCredentials(channel_creds, call_creds); -} + const std::shared_ptr& call_creds); -static inline std::shared_ptr -CompositeCallCredentials(const std::shared_ptr& creds1, - const std::shared_ptr& creds2) { - return ::grpc_impl::CompositeCallCredentials(creds1, creds2); -} +/// Combines two call credentials objects into a composite call credentials. +std::shared_ptr CompositeCallCredentials( + const std::shared_ptr& creds1, + const std::shared_ptr& creds2); -static inline std::shared_ptr -InsecureChannelCredentials() { - return ::grpc_impl::InsecureChannelCredentials(); -} +/// Credentials for an unencrypted, unauthenticated channel +std::shared_ptr InsecureChannelCredentials(); -typedef ::grpc_impl::MetadataCredentialsPlugin MetadataCredentialsPlugin; +/// User defined metadata credentials. +class MetadataCredentialsPlugin { + public: + virtual ~MetadataCredentialsPlugin() {} -static inline std::shared_ptr -MetadataCredentialsFromPlugin( - std::unique_ptr plugin) { - return ::grpc_impl::MetadataCredentialsFromPlugin(std::move(plugin)); -} + /// If this method returns true, the Process function will be scheduled in + /// a different thread from the one processing the call. + virtual bool IsBlocking() const { return true; } + + /// Type of credentials this plugin is implementing. + virtual const char* GetType() const { return ""; } + + /// Gets the auth metatada produced by this plugin. + /// The fully qualified method name is: + /// service_url + "/" + method_name. + /// The channel_auth_context contains (among other things), the identity of + /// the server. + virtual grpc::Status GetMetadata( + grpc::string_ref service_url, grpc::string_ref method_name, + const grpc::AuthContext& channel_auth_context, + std::multimap* metadata) = 0; + + virtual grpc::string DebugString() { + return "MetadataCredentialsPlugin did not provide a debug string"; + } +}; + +std::shared_ptr MetadataCredentialsFromPlugin( + std::unique_ptr plugin); namespace experimental { -typedef ::grpc_impl::experimental::StsCredentialsOptions StsCredentialsOptions; +/// Options for creating STS Oauth Token Exchange credentials following the IETF +/// draft https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-16. +/// Optional fields may be set to empty string. It is the responsibility of the +/// caller to ensure that the subject and actor tokens are refreshed on disk at +/// the specified paths. +struct StsCredentialsOptions { + grpc::string token_exchange_service_uri; // Required. + grpc::string resource; // Optional. + grpc::string audience; // Optional. + grpc::string scope; // Optional. + grpc::string requested_token_type; // Optional. + grpc::string subject_token_path; // Required. + grpc::string subject_token_type; // Required. + grpc::string actor_token_path; // Optional. + grpc::string actor_token_type; // Optional. +}; -static inline grpc::Status StsCredentialsOptionsFromJson( - const std::string& json_string, StsCredentialsOptions* options) { - return ::grpc_impl::experimental::StsCredentialsOptionsFromJson(json_string, - options); -} +grpc::Status StsCredentialsOptionsFromJson(const std::string& json_string, + StsCredentialsOptions* options); -static inline grpc::Status StsCredentialsOptionsFromEnv( - StsCredentialsOptions* options) { - return grpc_impl::experimental::StsCredentialsOptionsFromEnv(options); -} +/// Creates STS credentials options from the $STS_CREDENTIALS environment +/// variable. This environment variable points to the path of a JSON file +/// comforming to the schema described above. +grpc::Status StsCredentialsOptionsFromEnv(StsCredentialsOptions* options); -static inline std::shared_ptr StsCredentials( - const StsCredentialsOptions& options) { - return grpc_impl::experimental::StsCredentials(options); -} +std::shared_ptr StsCredentials( + const StsCredentialsOptions& options); -typedef ::grpc_impl::experimental::AltsCredentialsOptions - AltsCredentialsOptions; +std::shared_ptr MetadataCredentialsFromPlugin( + std::unique_ptr plugin, + grpc_security_level min_security_level); -static inline std::shared_ptr AltsCredentials( - const AltsCredentialsOptions& options) { - return ::grpc_impl::experimental::AltsCredentials(options); -} +/// Options used to build AltsCredentials. +struct AltsCredentialsOptions { + /// service accounts of target endpoint that will be acceptable + /// by the client. If service accounts are provided and none of them matches + /// that of the server, authentication will fail. + std::vector target_service_accounts; +}; -static inline std::shared_ptr LocalCredentials( - grpc_local_connect_type type) { - return ::grpc_impl::experimental::LocalCredentials(type); -} +/// Builds ALTS Credentials given ALTS specific options +std::shared_ptr AltsCredentials( + const AltsCredentialsOptions& options); -static inline std::shared_ptr TlsCredentials( - const ::grpc_impl::experimental::TlsCredentialsOptions& options) { - return ::grpc_impl::experimental::TlsCredentials(options); -} +/// Builds Local Credentials. +std::shared_ptr LocalCredentials( + grpc_local_connect_type type); + +/// Builds TLS Credentials given TLS options. +std::shared_ptr TlsCredentials( + const TlsCredentialsOptions& options); } // namespace experimental } // namespace grpc diff --git a/include/grpcpp/security/credentials_impl.h b/include/grpcpp/security/credentials_impl.h deleted file mode 100644 index 84206a688bc..00000000000 --- a/include/grpcpp/security/credentials_impl.h +++ /dev/null @@ -1,356 +0,0 @@ -/* - * - * Copyright 2015 gRPC authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - */ - -#ifndef GRPCPP_SECURITY_CREDENTIALS_IMPL_H -#define GRPCPP_SECURITY_CREDENTIALS_IMPL_H - -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include - -struct grpc_call; - -namespace grpc_impl { - -class ChannelCredentials; -class CallCredentials; -class SecureCallCredentials; -class SecureChannelCredentials; - -std::shared_ptr CreateCustomChannelImpl( - const std::string& target, const std::shared_ptr& creds, - const ChannelArguments& args); - -namespace experimental { -std::shared_ptr CreateCustomChannelWithInterceptors( - const std::string& target, const std::shared_ptr& creds, - const ChannelArguments& args, - std::vector< - std::unique_ptr> - interceptor_creators); -} - -/// A channel credentials object encapsulates all the state needed by a client -/// to authenticate with a server for a given channel. -/// It can make various assertions, e.g., about the client’s identity, role -/// for all the calls on that channel. -/// -/// \see https://grpc.io/docs/guides/auth -class ChannelCredentials : private grpc::GrpcLibraryCodegen { - public: - ChannelCredentials(); - ~ChannelCredentials(); - - protected: - friend std::shared_ptr CompositeChannelCredentials( - const std::shared_ptr& channel_creds, - const std::shared_ptr& call_creds); - - virtual SecureChannelCredentials* AsSecureCredentials() = 0; - - private: - friend std::shared_ptr CreateCustomChannelImpl( - const std::string& target, - const std::shared_ptr& creds, - const ChannelArguments& args); - - friend std::shared_ptr - grpc_impl::experimental::CreateCustomChannelWithInterceptors( - const std::string& target, - const std::shared_ptr& creds, - const ChannelArguments& args, - std::vector> - interceptor_creators); - - virtual std::shared_ptr CreateChannelImpl( - const std::string& target, const ChannelArguments& args) = 0; - - // This function should have been a pure virtual function, but it is - // implemented as a virtual function so that it does not break API. - virtual std::shared_ptr CreateChannelWithInterceptors( - const std::string& /*target*/, const ChannelArguments& /*args*/, - std::vector> - /*interceptor_creators*/) { - return nullptr; - } -}; - -/// A call credentials object encapsulates the state needed by a client to -/// authenticate with a server for a given call on a channel. -/// -/// \see https://grpc.io/docs/guides/auth -class CallCredentials : private grpc::GrpcLibraryCodegen { - public: - CallCredentials(); - ~CallCredentials(); - - /// Apply this instance's credentials to \a call. - virtual bool ApplyToCall(grpc_call* call) = 0; - virtual std::string DebugString() { - return "CallCredentials did not provide a debug string"; - } - - protected: - friend std::shared_ptr CompositeChannelCredentials( - const std::shared_ptr& channel_creds, - const std::shared_ptr& call_creds); - - friend std::shared_ptr CompositeCallCredentials( - const std::shared_ptr& creds1, - const std::shared_ptr& creds2); - - virtual SecureCallCredentials* AsSecureCredentials() = 0; -}; - -/// Options used to build SslCredentials. -struct SslCredentialsOptions { - /// The buffer containing the PEM encoding of the server root certificates. If - /// this parameter is empty, the default roots will be used. The default - /// roots can be overridden using the \a GRPC_DEFAULT_SSL_ROOTS_FILE_PATH - /// environment variable pointing to a file on the file system containing the - /// roots. - std::string pem_root_certs; - - /// The buffer containing the PEM encoding of the client's private key. This - /// parameter can be empty if the client does not have a private key. - std::string pem_private_key; - - /// The buffer containing the PEM encoding of the client's certificate chain. - /// This parameter can be empty if the client does not have a certificate - /// chain. - std::string pem_cert_chain; -}; - -// Factories for building different types of Credentials The functions may -// return empty shared_ptr when credentials cannot be created. If a -// Credentials pointer is returned, it can still be invalid when used to create -// a channel. A lame channel will be created then and all rpcs will fail on it. - -/// Builds credentials with reasonable defaults. -/// -/// \warning Only use these credentials when connecting to a Google endpoint. -/// Using these credentials to connect to any other service may result in this -/// service being able to impersonate your client for requests to Google -/// services. -std::shared_ptr GoogleDefaultCredentials(); - -/// Builds SSL Credentials given SSL specific options -std::shared_ptr SslCredentials( - const SslCredentialsOptions& options); - -/// Builds credentials for use when running in GCE -/// -/// \warning Only use these credentials when connecting to a Google endpoint. -/// Using these credentials to connect to any other service may result in this -/// service being able to impersonate your client for requests to Google -/// services. -std::shared_ptr GoogleComputeEngineCredentials(); - -constexpr long kMaxAuthTokenLifetimeSecs = 3600; - -/// Builds Service Account JWT Access credentials. -/// json_key is the JSON key string containing the client's private key. -/// token_lifetime_seconds is the lifetime in seconds of each Json Web Token -/// (JWT) created with this credentials. It should not exceed -/// \a kMaxAuthTokenLifetimeSecs or will be cropped to this value. -std::shared_ptr ServiceAccountJWTAccessCredentials( - const std::string& json_key, - long token_lifetime_seconds = grpc_impl::kMaxAuthTokenLifetimeSecs); - -/// Builds refresh token credentials. -/// json_refresh_token is the JSON string containing the refresh token along -/// with a client_id and client_secret. -/// -/// \warning Only use these credentials when connecting to a Google endpoint. -/// Using these credentials to connect to any other service may result in this -/// service being able to impersonate your client for requests to Google -/// services. -std::shared_ptr GoogleRefreshTokenCredentials( - const std::string& json_refresh_token); - -/// Builds access token credentials. -/// access_token is an oauth2 access token that was fetched using an out of band -/// mechanism. -/// -/// \warning Only use these credentials when connecting to a Google endpoint. -/// Using these credentials to connect to any other service may result in this -/// service being able to impersonate your client for requests to Google -/// services. -std::shared_ptr AccessTokenCredentials( - const std::string& access_token); - -/// Builds IAM credentials. -/// -/// \warning Only use these credentials when connecting to a Google endpoint. -/// Using these credentials to connect to any other service may result in this -/// service being able to impersonate your client for requests to Google -/// services. -std::shared_ptr GoogleIAMCredentials( - const std::string& authorization_token, - const std::string& authority_selector); - -/// Combines a channel credentials and a call credentials into a composite -/// channel credentials. -std::shared_ptr CompositeChannelCredentials( - const std::shared_ptr& channel_creds, - const std::shared_ptr& call_creds); - -/// Combines two call credentials objects into a composite call credentials. -std::shared_ptr CompositeCallCredentials( - const std::shared_ptr& creds1, - const std::shared_ptr& creds2); - -/// Credentials for an unencrypted, unauthenticated channel -std::shared_ptr InsecureChannelCredentials(); - -/// User defined metadata credentials. -class MetadataCredentialsPlugin { - public: - virtual ~MetadataCredentialsPlugin() {} - - /// If this method returns true, the Process function will be scheduled in - /// a different thread from the one processing the call. - virtual bool IsBlocking() const { return true; } - - /// Type of credentials this plugin is implementing. - virtual const char* GetType() const { return ""; } - - /// Gets the auth metatada produced by this plugin. - /// The fully qualified method name is: - /// service_url + "/" + method_name. - /// The channel_auth_context contains (among other things), the identity of - /// the server. - virtual grpc::Status GetMetadata( - grpc::string_ref service_url, grpc::string_ref method_name, - const grpc::AuthContext& channel_auth_context, - std::multimap* metadata) = 0; - - virtual std::string DebugString() { - return "MetadataCredentialsPlugin did not provide a debug string"; - } -}; - -std::shared_ptr MetadataCredentialsFromPlugin( - std::unique_ptr plugin); - -namespace experimental { - -/// Options for creating STS Oauth Token Exchange credentials following the IETF -/// draft https://tools.ietf.org/html/draft-ietf-oauth-token-exchange-16. -/// Optional fields may be set to empty string. It is the responsibility of the -/// caller to ensure that the subject and actor tokens are refreshed on disk at -/// the specified paths. -struct StsCredentialsOptions { - std::string token_exchange_service_uri; // Required. - std::string resource; // Optional. - std::string audience; // Optional. - std::string scope; // Optional. - std::string requested_token_type; // Optional. - std::string subject_token_path; // Required. - std::string subject_token_type; // Required. - std::string actor_token_path; // Optional. - std::string actor_token_type; // Optional. -}; - -/// Creates STS Options from a JSON string. The JSON schema is as follows: -/// { -/// "title": "STS Credentials Config", -/// "type": "object", -/// "required": ["token_exchange_service_uri", "subject_token_path", -/// "subject_token_type"], -/// "properties": { -/// "token_exchange_service_uri": { -/// "type": "string" -/// }, -/// "resource": { -/// "type": "string" -/// }, -/// "audience": { -/// "type": "string" -/// }, -/// "scope": { -/// "type": "string" -/// }, -/// "requested_token_type": { -/// "type": "string" -/// }, -/// "subject_token_path": { -/// "type": "string" -/// }, -/// "subject_token_type": { -/// "type": "string" -/// }, -/// "actor_token_path" : { -/// "type": "string" -/// }, -/// "actor_token_type": { -/// "type": "string" -/// } -/// } -/// } -grpc::Status StsCredentialsOptionsFromJson(const std::string& json_string, - StsCredentialsOptions* options); - -/// Creates STS credentials options from the $STS_CREDENTIALS environment -/// variable. This environment variable points to the path of a JSON file -/// comforming to the schema described above. -grpc::Status StsCredentialsOptionsFromEnv(StsCredentialsOptions* options); - -std::shared_ptr StsCredentials( - const StsCredentialsOptions& options); - -std::shared_ptr MetadataCredentialsFromPlugin( - std::unique_ptr plugin, - grpc_security_level min_security_level); - -/// Options used to build AltsCredentials. -struct AltsCredentialsOptions { - /// service accounts of target endpoint that will be acceptable - /// by the client. If service accounts are provided and none of them matches - /// that of the server, authentication will fail. - std::vector target_service_accounts; -}; - -/// Builds ALTS Credentials given ALTS specific options -std::shared_ptr AltsCredentials( - const AltsCredentialsOptions& options); - -/// Builds Local Credentials. -std::shared_ptr LocalCredentials( - grpc_local_connect_type type); - -/// Builds TLS Credentials given TLS options. -std::shared_ptr TlsCredentials( - const TlsCredentialsOptions& options); - -} // namespace experimental -} // namespace grpc_impl - -#endif // GRPCPP_SECURITY_CREDENTIALS_IMPL_H diff --git a/include/grpcpp/security/cronet_credentials.h b/include/grpcpp/security/cronet_credentials.h index 008570b8cdf..81d3200e705 100644 --- a/include/grpcpp/security/cronet_credentials.h +++ b/include/grpcpp/security/cronet_credentials.h @@ -23,10 +23,7 @@ namespace grpc { -static inline std::shared_ptr -CronetChannelCredentials(void* engine) { - return ::grpc_impl::CronetChannelCredentials(engine); -} +std::shared_ptr CronetChannelCredentials(void* engine); } // namespace grpc diff --git a/include/grpcpp/security/server_credentials.h b/include/grpcpp/security/server_credentials.h index 5228ac138cc..1223b10978e 100644 --- a/include/grpcpp/security/server_credentials.h +++ b/include/grpcpp/security/server_credentials.h @@ -55,35 +55,25 @@ struct SslServerCredentialsOptions { grpc_ssl_client_certificate_request_type client_certificate_request; }; -static inline std::shared_ptr SslServerCredentials( - const SslServerCredentialsOptions& options) { - return ::grpc_impl::SslServerCredentials(options); -} +std::shared_ptr SslServerCredentials( + const SslServerCredentialsOptions& options); -static inline std::shared_ptr InsecureServerCredentials() { - return ::grpc_impl::InsecureServerCredentials(); -} +std::shared_ptr InsecureServerCredentials(); namespace experimental { typedef ::grpc_impl::experimental::AltsServerCredentialsOptions AltsServerCredentialsOptions; -static inline std::shared_ptr AltsServerCredentials( - const AltsServerCredentialsOptions& options) { - return ::grpc_impl::experimental::AltsServerCredentials(options); -} +std::shared_ptr AltsServerCredentials( + const AltsServerCredentialsOptions& options); -static inline std::shared_ptr LocalServerCredentials( - grpc_local_connect_type type) { - return ::grpc_impl::experimental::LocalServerCredentials(type); -} +std::shared_ptr LocalServerCredentials( + grpc_local_connect_type type); /// Builds TLS ServerCredentials given TLS options. -static inline std::shared_ptr TlsServerCredentials( - const ::grpc_impl::experimental::TlsCredentialsOptions& options) { - return ::grpc_impl::experimental::TlsServerCredentials(options); -} +std::shared_ptr TlsServerCredentials( + const ::grpc::experimental::TlsCredentialsOptions& options); } // namespace experimental } // namespace grpc diff --git a/include/grpcpp/security/server_credentials_impl.h b/include/grpcpp/security/server_credentials_impl.h index 7e9e784f6e5..734409ab8e5 100644 --- a/include/grpcpp/security/server_credentials_impl.h +++ b/include/grpcpp/security/server_credentials_impl.h @@ -81,7 +81,7 @@ std::shared_ptr LocalServerCredentials( /// Builds TLS ServerCredentials given TLS options. std::shared_ptr TlsServerCredentials( - const TlsCredentialsOptions& options); + const grpc::experimental::TlsCredentialsOptions& options); } // namespace experimental } // namespace grpc_impl diff --git a/include/grpcpp/security/tls_credentials_options.h b/include/grpcpp/security/tls_credentials_options.h index 8df44e37f93..9613e2f69ba 100644 --- a/include/grpcpp/security/tls_credentials_options.h +++ b/include/grpcpp/security/tls_credentials_options.h @@ -36,7 +36,7 @@ typedef struct grpc_tls_server_authorization_check_config grpc_tls_server_authorization_check_config; typedef struct grpc_tls_credentials_options grpc_tls_credentials_options; -namespace grpc_impl { +namespace grpc { namespace experimental { /** TLS key materials config, wrapper for grpc_tls_key_materials_config. It is @@ -340,6 +340,6 @@ class TlsCredentialsOptions { }; } // namespace experimental -} // namespace grpc_impl +} // namespace grpc #endif // GRPCPP_SECURITY_TLS_CREDENTIALS_OPTIONS_H diff --git a/include/grpcpp/support/channel_arguments_impl.h b/include/grpcpp/support/channel_arguments_impl.h index e526f72f177..28cb0cef082 100644 --- a/include/grpcpp/support/channel_arguments_impl.h +++ b/include/grpcpp/support/channel_arguments_impl.h @@ -28,6 +28,7 @@ #include namespace grpc { +class SecureChannelCredentials; namespace testing { class ChannelArgumentsTest; } // namespace testing @@ -35,8 +36,6 @@ class ChannelArgumentsTest; namespace grpc_impl { -class SecureChannelCredentials; - /// Options for channel creation. The user can use generic setters to pass /// key value pairs down to C channel creation code. For gRPC related options, /// concrete setters are provided. @@ -126,7 +125,7 @@ class ChannelArguments { } private: - friend class grpc_impl::SecureChannelCredentials; + friend class grpc::SecureChannelCredentials; friend class grpc::testing::ChannelArgumentsTest; /// Default pointer argument operations. diff --git a/src/cpp/client/client_context.cc b/src/cpp/client/client_context.cc index 8642799e905..d0ec597fc63 100644 --- a/src/cpp/client/client_context.cc +++ b/src/cpp/client/client_context.cc @@ -73,7 +73,7 @@ ClientContext::~ClientContext() { } void ClientContext::set_credentials( - const std::shared_ptr& creds) { + const std::shared_ptr& creds) { creds_ = creds; // If call_ is set, we have already created the call, and set the call // credentials. This should only be done before we have started the batch diff --git a/src/cpp/client/create_channel.cc b/src/cpp/client/create_channel.cc index 2bbeebc2df6..48831d0fede 100644 --- a/src/cpp/client/create_channel.cc +++ b/src/cpp/client/create_channel.cc @@ -26,15 +26,15 @@ #include "src/cpp/client/create_channel_internal.h" -namespace grpc_impl { -std::shared_ptr CreateChannelImpl( - const std::string& target, +namespace grpc { +std::shared_ptr CreateChannel( + const grpc::string& target, const std::shared_ptr& creds) { - return CreateCustomChannelImpl(target, creds, grpc::ChannelArguments()); + return CreateCustomChannel(target, creds, grpc::ChannelArguments()); } -std::shared_ptr CreateCustomChannelImpl( - const std::string& target, +std::shared_ptr CreateCustomChannel( + const grpc::string& target, const std::shared_ptr& creds, const grpc::ChannelArguments& args) { grpc::GrpcLibraryCodegen @@ -82,4 +82,4 @@ std::shared_ptr CreateCustomChannelWithInterceptors( } } // namespace experimental -} // namespace grpc_impl +} // namespace grpc diff --git a/src/cpp/client/credentials_cc.cc b/src/cpp/client/credentials_cc.cc index 62334bd9eba..9dfb2f491ca 100644 --- a/src/cpp/client/credentials_cc.cc +++ b/src/cpp/client/credentials_cc.cc @@ -19,7 +19,7 @@ #include #include -namespace grpc_impl { +namespace grpc { static grpc::internal::GrpcLibraryInitializer g_gli_initializer; ChannelCredentials::ChannelCredentials() { g_gli_initializer.summon(); } @@ -30,4 +30,4 @@ CallCredentials::CallCredentials() { g_gli_initializer.summon(); } CallCredentials::~CallCredentials() {} -} // namespace grpc_impl +} // namespace grpc diff --git a/src/cpp/client/cronet_credentials.cc b/src/cpp/client/cronet_credentials.cc index f4ead14cde8..d09e2841279 100644 --- a/src/cpp/client/cronet_credentials.cc +++ b/src/cpp/client/cronet_credentials.cc @@ -55,10 +55,9 @@ class CronetChannelCredentialsImpl final : public ChannelCredentials { } void* engine_; }; -} // namespace grpc -namespace grpc_impl { + std::shared_ptr CronetChannelCredentials(void* engine) { return std::shared_ptr( new grpc::CronetChannelCredentialsImpl(engine)); } -} // namespace grpc_impl +} // namespace grpc diff --git a/src/cpp/client/insecure_credentials.cc b/src/cpp/client/insecure_credentials.cc index 0495b9378b0..a9be08d5a10 100644 --- a/src/cpp/client/insecure_credentials.cc +++ b/src/cpp/client/insecure_credentials.cc @@ -24,7 +24,7 @@ #include #include "src/cpp/client/create_channel_internal.h" -namespace grpc_impl { +namespace grpc { namespace { class InsecureChannelCredentialsImpl final : public ChannelCredentials { @@ -59,4 +59,4 @@ std::shared_ptr InsecureChannelCredentials() { new InsecureChannelCredentialsImpl()); } -} // namespace grpc_impl +} // namespace grpc diff --git a/src/cpp/client/secure_credentials.cc b/src/cpp/client/secure_credentials.cc index 108762e76ab..378cceaa114 100644 --- a/src/cpp/client/secure_credentials.cc +++ b/src/cpp/client/secure_credentials.cc @@ -38,7 +38,7 @@ #include "src/cpp/client/create_channel_internal.h" #include "src/cpp/common/secure_auth_context.h" -namespace grpc_impl { +namespace grpc { static grpc::internal::GrpcLibraryInitializer g_gli_initializer; SecureChannelCredentials::SecureChannelCredentials( @@ -388,9 +388,6 @@ std::shared_ptr MetadataCredentialsFromPlugin( c_plugin, GRPC_PRIVACY_AND_INTEGRITY, nullptr)); } -} // namespace grpc_impl - -namespace grpc { namespace { void DeleteWrapper(void* wrapper, grpc_error* /*ignored*/) { MetadataCredentialsPluginWrapper* w = diff --git a/src/cpp/client/secure_credentials.h b/src/cpp/client/secure_credentials.h index 9238738146d..7d36de2adcc 100644 --- a/src/cpp/client/secure_credentials.h +++ b/src/cpp/client/secure_credentials.h @@ -22,7 +22,6 @@ #include #include -#include #include #include @@ -33,6 +32,9 @@ namespace grpc_impl { class Channel; +} // namespace grpc_impl + +namespace grpc { class SecureChannelCredentials final : public ChannelCredentials { public: @@ -85,10 +87,6 @@ grpc_sts_credentials_options StsCredentialsCppToCoreOptions( } // namespace experimental -} // namespace grpc_impl - -namespace grpc { - class MetadataCredentialsPluginWrapper final : private GrpcLibraryCodegen { public: static void Destroy(void* wrapper); diff --git a/src/cpp/common/tls_credentials_options.cc b/src/cpp/common/tls_credentials_options.cc index a9122e962d3..011cf4b3e5d 100644 --- a/src/cpp/common/tls_credentials_options.cc +++ b/src/cpp/common/tls_credentials_options.cc @@ -23,7 +23,7 @@ #include "src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h" #include "src/cpp/common/tls_credentials_options_util.h" -namespace grpc_impl { +namespace grpc { namespace experimental { /** TLS key materials config API implementation **/ @@ -340,4 +340,4 @@ TlsCredentialsOptions::TlsCredentialsOptions( TlsCredentialsOptions::~TlsCredentialsOptions() {} } // namespace experimental -} // namespace grpc_impl +} // namespace grpc diff --git a/src/cpp/common/tls_credentials_options_util.cc b/src/cpp/common/tls_credentials_options_util.cc index 2211460e664..51cc4e2aefa 100644 --- a/src/cpp/common/tls_credentials_options_util.cc +++ b/src/cpp/common/tls_credentials_options_util.cc @@ -21,7 +21,7 @@ #include #include "src/cpp/common/tls_credentials_options_util.h" -namespace grpc_impl { +namespace grpc { namespace experimental { /** Converts the Cpp key materials to C key materials; this allocates memory for @@ -146,4 +146,4 @@ void TlsServerAuthorizationCheckArgDestroyContext(void* context) { } } // namespace experimental -} // namespace grpc_impl +} // namespace grpc diff --git a/src/cpp/common/tls_credentials_options_util.h b/src/cpp/common/tls_credentials_options_util.h index 93e94562398..4ee04d15d7f 100644 --- a/src/cpp/common/tls_credentials_options_util.h +++ b/src/cpp/common/tls_credentials_options_util.h @@ -24,7 +24,7 @@ #include "src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h" -namespace grpc_impl { +namespace grpc { namespace experimental { /** The following function is exposed for testing purposes. **/ @@ -53,6 +53,6 @@ void TlsCredentialReloadArgDestroyContext(void* context); void TlsServerAuthorizationCheckArgDestroyContext(void* context); } // namespace experimental -} // namespace grpc_impl +} // namespace grpc #endif // GRPC_INTERNAL_CPP_COMMON_TLS_CREDENTIALS_OPTIONS_UTIL_H diff --git a/src/cpp/server/insecure_server_credentials.cc b/src/cpp/server/insecure_server_credentials.cc index bc908920b8d..04e5435efb9 100644 --- a/src/cpp/server/insecure_server_credentials.cc +++ b/src/cpp/server/insecure_server_credentials.cc @@ -21,7 +21,7 @@ #include #include -namespace grpc_impl { +namespace grpc { namespace { class InsecureServerCredentialsImpl final : public ServerCredentials { public: @@ -41,4 +41,4 @@ std::shared_ptr InsecureServerCredentials() { new InsecureServerCredentialsImpl()); } -} // namespace grpc_impl +} // namespace grpc diff --git a/src/cpp/server/secure_server_credentials.cc b/src/cpp/server/secure_server_credentials.cc index f94696fd767..48fb3ad9f34 100644 --- a/src/cpp/server/secure_server_credentials.cc +++ b/src/cpp/server/secure_server_credentials.cc @@ -94,7 +94,7 @@ void AuthMetadataProcessorAyncWrapper::InvokeProcessor( } // namespace grpc -namespace grpc_impl { +namespace grpc { int SecureServerCredentials::AddPortToServer(const std::string& addr, grpc_server* server) { @@ -149,11 +149,11 @@ std::shared_ptr LocalServerCredentials( } std::shared_ptr TlsServerCredentials( - const TlsCredentialsOptions& options) { + const grpc::experimental::TlsCredentialsOptions& options) { grpc::GrpcLibraryCodegen init; return std::shared_ptr(new SecureServerCredentials( grpc_tls_server_credentials_create(options.c_credentials_options()))); } } // namespace experimental -} // namespace grpc_impl +} // namespace grpc diff --git a/src/cpp/server/secure_server_credentials.h b/src/cpp/server/secure_server_credentials.h index 9e9e33579f0..407d70766b5 100644 --- a/src/cpp/server/secure_server_credentials.h +++ b/src/cpp/server/secure_server_credentials.h @@ -28,14 +28,9 @@ #include "src/cpp/server/thread_pool_interface.h" -namespace grpc_impl { - -class SecureServerCredentials; -} // namespace grpc_impl - namespace grpc { -typedef ::grpc_impl::SecureServerCredentials SecureServerCredentials; +class SecureServerCredentials; class AuthMetadataProcessorAyncWrapper final { public: @@ -61,10 +56,6 @@ class AuthMetadataProcessorAyncWrapper final { std::shared_ptr processor_; }; -} // namespace grpc - -namespace grpc_impl { - class SecureServerCredentials final : public ServerCredentials { public: explicit SecureServerCredentials(grpc_server_credentials* creds) @@ -83,6 +74,6 @@ class SecureServerCredentials final : public ServerCredentials { std::unique_ptr processor_; }; -} // namespace grpc_impl +} // namespace grpc #endif // GRPC_INTERNAL_CPP_SERVER_SECURE_SERVER_CREDENTIALS_H diff --git a/test/core/security/fetch_oauth2.cc b/test/core/security/fetch_oauth2.cc index 1aa999758b0..99d7c76d0d3 100644 --- a/test/core/security/fetch_oauth2.cc +++ b/test/core/security/fetch_oauth2.cc @@ -26,7 +26,7 @@ #include #include -#include "grpcpp/security/credentials_impl.h" +#include "grpcpp/security/credentials.h" #include "src/core/lib/iomgr/error.h" #include "src/core/lib/iomgr/load_file.h" #include "src/core/lib/security/credentials/credentials.h" @@ -36,10 +36,9 @@ #include "test/core/util/cmdline.h" static grpc_call_credentials* create_sts_creds(const char* json_file_path) { - grpc_impl::experimental::StsCredentialsOptions options; + grpc::experimental::StsCredentialsOptions options; if (strlen(json_file_path) == 0) { - auto status = - grpc_impl::experimental::StsCredentialsOptionsFromEnv(&options); + auto status = grpc::experimental::StsCredentialsOptionsFromEnv(&options); if (!status.ok()) { gpr_log(GPR_ERROR, "%s", status.error_message().c_str()); return nullptr; @@ -48,7 +47,7 @@ static grpc_call_credentials* create_sts_creds(const char* json_file_path) { grpc_slice sts_options_slice; GPR_ASSERT(GRPC_LOG_IF_ERROR( "load_file", grpc_load_file(json_file_path, 1, &sts_options_slice))); - auto status = grpc_impl::experimental::StsCredentialsOptionsFromJson( + auto status = grpc::experimental::StsCredentialsOptionsFromJson( reinterpret_cast(GRPC_SLICE_START_PTR(sts_options_slice)), &options); gpr_slice_unref(sts_options_slice); @@ -58,7 +57,7 @@ static grpc_call_credentials* create_sts_creds(const char* json_file_path) { } } grpc_sts_credentials_options opts = - grpc_impl::experimental::StsCredentialsCppToCoreOptions(options); + grpc::experimental::StsCredentialsCppToCoreOptions(options); grpc_call_credentials* result = grpc_sts_credentials_create(&opts, nullptr); return result; } diff --git a/test/cpp/client/credentials_test.cc b/test/cpp/client/credentials_test.cc index 7862cd0ecec..9d6d25b21e5 100644 --- a/test/cpp/client/credentials_test.cc +++ b/test/cpp/client/credentials_test.cc @@ -34,15 +34,14 @@ namespace { -typedef class ::grpc_impl::experimental::TlsKeyMaterialsConfig - TlsKeyMaterialsConfig; -typedef class ::grpc_impl::experimental::TlsCredentialReloadArg +typedef class ::grpc::experimental::TlsKeyMaterialsConfig TlsKeyMaterialsConfig; +typedef class ::grpc::experimental::TlsCredentialReloadArg TlsCredentialReloadArg; -typedef struct ::grpc_impl::experimental::TlsCredentialReloadInterface +typedef struct ::grpc::experimental::TlsCredentialReloadInterface TlsCredentialReloadInterface; -typedef class ::grpc_impl::experimental::TlsServerAuthorizationCheckArg +typedef class ::grpc::experimental::TlsServerAuthorizationCheckArg TlsServerAuthorizationCheckArg; -typedef struct ::grpc_impl::experimental::TlsServerAuthorizationCheckInterface +typedef struct ::grpc::experimental::TlsServerAuthorizationCheckInterface TlsServerAuthorizationCheckInterface; static void tls_credential_reload_callback( @@ -131,7 +130,7 @@ TEST_F(CredentialsTest, StsCredentialsOptionsCppToCore) { options.actor_token_path = "/foo/baz"; options.actor_token_type = "even_nicer_token_type"; grpc_sts_credentials_options core_opts = - grpc_impl::experimental::StsCredentialsCppToCoreOptions(options); + grpc::experimental::StsCredentialsCppToCoreOptions(options); EXPECT_EQ(options.token_exchange_service_uri, core_opts.token_exchange_service_uri); EXPECT_EQ(options.resource, core_opts.resource); @@ -271,8 +270,7 @@ TEST_F(CredentialsTest, StsCredentialsOptionsFromEnv) { gpr_unsetenv("STS_CREDENTIALS"); } -typedef class ::grpc_impl::experimental::TlsKeyMaterialsConfig - TlsKeyMaterialsConfig; +typedef class ::grpc::experimental::TlsKeyMaterialsConfig TlsKeyMaterialsConfig; TEST_F(CredentialsTest, TlsKeyMaterialsConfigCppToC) { std::shared_ptr config(new TlsKeyMaterialsConfig()); @@ -304,9 +302,9 @@ TEST_F(CredentialsTest, TlsKeyMaterialsModifiers) { EXPECT_STREQ(list[0].cert_chain.c_str(), "cert_chain"); } -typedef class ::grpc_impl::experimental::TlsCredentialReloadArg +typedef class ::grpc::experimental::TlsCredentialReloadArg TlsCredentialReloadArg; -typedef class ::grpc_impl::experimental::TlsCredentialReloadConfig +typedef class ::grpc::experimental::TlsCredentialReloadConfig TlsCredentialReloadConfig; TEST_F(CredentialsTest, TlsCredentialReloadArgCallback) { @@ -433,9 +431,9 @@ TEST_F(CredentialsTest, TlsCredentialReloadConfigCppToC) { delete config.c_config(); } -typedef class ::grpc_impl::experimental::TlsServerAuthorizationCheckArg +typedef class ::grpc::experimental::TlsServerAuthorizationCheckArg TlsServerAuthorizationCheckArg; -typedef class ::grpc_impl::experimental::TlsServerAuthorizationCheckConfig +typedef class ::grpc::experimental::TlsServerAuthorizationCheckConfig TlsServerAuthorizationCheckConfig; TEST_F(CredentialsTest, TlsServerAuthorizationCheckArgCallback) { @@ -550,8 +548,7 @@ TEST_F(CredentialsTest, TlsServerAuthorizationCheckConfigCppToC) { delete config.c_config(); } -typedef class ::grpc_impl::experimental::TlsCredentialsOptions - TlsCredentialsOptions; +typedef class ::grpc::experimental::TlsCredentialsOptions TlsCredentialsOptions; TEST_F(CredentialsTest, TlsCredentialsOptionsCppToC) { std::shared_ptr key_materials_config( @@ -681,7 +678,7 @@ TEST_F(CredentialsTest, LoadTlsChannelCredentials) { TlsCredentialsOptions options = TlsCredentialsOptions( GRPC_TLS_SERVER_VERIFICATION, nullptr, credential_reload_config, server_authorization_check_config); - std::shared_ptr channel_credentials = + std::shared_ptr channel_credentials = grpc::experimental::TlsCredentials(options); GPR_ASSERT(channel_credentials.get() != nullptr); } diff --git a/tools/doxygen/Doxyfile.c++ b/tools/doxygen/Doxyfile.c++ index 3ce6109b49d..a4080632735 100644 --- a/tools/doxygen/Doxyfile.c++ +++ b/tools/doxygen/Doxyfile.c++ @@ -940,7 +940,6 @@ include/grpcpp/client_context.h \ include/grpcpp/completion_queue.h \ include/grpcpp/completion_queue_impl.h \ include/grpcpp/create_channel.h \ -include/grpcpp/create_channel_impl.h \ include/grpcpp/create_channel_posix.h \ include/grpcpp/ext/health_check_service_server_builder_option.h \ include/grpcpp/generic/async_generic_service.h \ @@ -1024,7 +1023,6 @@ include/grpcpp/resource_quota.h \ include/grpcpp/security/auth_context.h \ include/grpcpp/security/auth_metadata_processor.h \ include/grpcpp/security/credentials.h \ -include/grpcpp/security/credentials_impl.h \ include/grpcpp/security/server_credentials.h \ include/grpcpp/security/server_credentials_impl.h \ include/grpcpp/security/tls_credentials_options.h \ diff --git a/tools/doxygen/Doxyfile.c++.internal b/tools/doxygen/Doxyfile.c++.internal index 2dd2cb0c123..bcb79a23158 100644 --- a/tools/doxygen/Doxyfile.c++.internal +++ b/tools/doxygen/Doxyfile.c++.internal @@ -940,7 +940,6 @@ include/grpcpp/client_context.h \ include/grpcpp/completion_queue.h \ include/grpcpp/completion_queue_impl.h \ include/grpcpp/create_channel.h \ -include/grpcpp/create_channel_impl.h \ include/grpcpp/create_channel_posix.h \ include/grpcpp/ext/health_check_service_server_builder_option.h \ include/grpcpp/generic/async_generic_service.h \ @@ -1024,7 +1023,6 @@ include/grpcpp/resource_quota.h \ include/grpcpp/security/auth_context.h \ include/grpcpp/security/auth_metadata_processor.h \ include/grpcpp/security/credentials.h \ -include/grpcpp/security/credentials_impl.h \ include/grpcpp/security/server_credentials.h \ include/grpcpp/security/server_credentials_impl.h \ include/grpcpp/security/tls_credentials_options.h \