Starting the work to fix #3803.

- We still need a way to bubble up this error.
9 years ago · 2e3c9ad6dd
parent a71b0afdc2
commit 2e3c9ad6dd
6 changed files with 54 additions and 43 deletions
--- a/src/core/lib/security/client_auth_filter.c
+++ b/src/core/lib/security/client_auth_filter.c
@ -98,7 +98,8 @@ static void bubble_up_error(grpc_exec_ctx *exec_ctx, grpc_call_element *elem,
 static void on_credentials_metadata(grpc_exec_ctx *exec_ctx, void *user_data,
                                    grpc_credentials_md *md_elems,
                                    size_t num_md,
-                                    grpc_credentials_status status) {
+                                    grpc_credentials_status status,
                                    const char *error_details) {
  grpc_call_element *elem = (grpc_call_element *)user_data;
  call_data *calld = elem->call_data;
  grpc_transport_stream_op *op = &calld->op;
--- a/src/core/lib/security/credentials.c
+++ b/src/core/lib/security/credentials.c
@ -122,7 +122,7 @@ void grpc_call_credentials_get_request_metadata(
    grpc_credentials_metadata_cb cb, void *user_data) {
  if (creds == NULL || creds->vtable->get_request_metadata == NULL) {
    if (cb != NULL) {
-      cb(exec_ctx, user_data, NULL, 0, GRPC_CREDENTIALS_OK);
+      cb(exec_ctx, user_data, NULL, 0, GRPC_CREDENTIALS_OK, NULL);
    }
    return;
  }
@ -497,10 +497,10 @@ static void jwt_get_request_metadata(grpc_exec_ctx *exec_ctx,
  if (jwt_md != NULL) {
    cb(exec_ctx, user_data, jwt_md->entries, jwt_md->num_entries,
-       GRPC_CREDENTIALS_OK);
+       GRPC_CREDENTIALS_OK, NULL);
    grpc_credentials_md_store_unref(jwt_md);
  } else {
-    cb(exec_ctx, user_data, NULL, 0, GRPC_CREDENTIALS_ERROR);
+    cb(exec_ctx, user_data, NULL, 0, GRPC_CREDENTIALS_ERROR, "");
  }
 }
@ -660,10 +660,10 @@ static void on_oauth2_token_fetcher_http_response(
    c->token_expiration =
        gpr_time_add(gpr_now(GPR_CLOCK_REALTIME), token_lifetime);
    r->cb(exec_ctx, r->user_data, c->access_token_md->entries,
-          c->access_token_md->num_entries, status);
+          c->access_token_md->num_entries, status, NULL);
  } else {
    c->token_expiration = gpr_inf_past(GPR_CLOCK_REALTIME);
-    r->cb(exec_ctx, r->user_data, NULL, 0, status);
+    r->cb(exec_ctx, r->user_data, NULL, 0, status, "");
  }
  gpr_mu_unlock(&c->mu);
  grpc_credentials_metadata_request_destroy(r);
@ -691,7 +691,7 @@ static void oauth2_token_fetcher_get_request_metadata(
  }
  if (cached_access_token_md != NULL) {
    cb(exec_ctx, user_data, cached_access_token_md->entries,
-       cached_access_token_md->num_entries, GRPC_CREDENTIALS_OK);
+       cached_access_token_md->num_entries, GRPC_CREDENTIALS_OK, NULL);
    grpc_credentials_md_store_unref(cached_access_token_md);
  } else {
    c->fetch_func(
@ -821,7 +821,7 @@ static void on_simulated_token_fetch_done(grpc_exec_ctx *exec_ctx,
      (grpc_credentials_metadata_request *)user_data;
  grpc_md_only_test_credentials *c = (grpc_md_only_test_credentials *)r->creds;
  r->cb(exec_ctx, r->user_data, c->md_store->entries, c->md_store->num_entries,
-        GRPC_CREDENTIALS_OK);
+        GRPC_CREDENTIALS_OK, NULL);
  grpc_credentials_metadata_request_destroy(r);
 }
@ -837,7 +837,7 @@ static void md_only_test_get_request_metadata(
    grpc_executor_enqueue(
        grpc_closure_create(on_simulated_token_fetch_done, cb_arg), true);
  } else {
-    cb(exec_ctx, user_data, c->md_store->entries, 1, GRPC_CREDENTIALS_OK);
+    cb(exec_ctx, user_data, c->md_store->entries, 1, GRPC_CREDENTIALS_OK, NULL);
  }
 }
@ -870,7 +870,8 @@ static void access_token_get_request_metadata(
    grpc_pollset *pollset, grpc_auth_metadata_context context,
    grpc_credentials_metadata_cb cb, void *user_data) {
  grpc_access_token_credentials *c = (grpc_access_token_credentials *)creds;
-  cb(exec_ctx, user_data, c->access_token_md->entries, 1, GRPC_CREDENTIALS_OK);
+  cb(exec_ctx, user_data, c->access_token_md->entries, 1, GRPC_CREDENTIALS_OK,
     NULL);
 }
 static grpc_call_credentials_vtable access_token_vtable = {
@ -973,11 +974,12 @@ static void composite_call_md_context_destroy(
 static void composite_call_metadata_cb(grpc_exec_ctx *exec_ctx, void *user_data,
                                       grpc_credentials_md *md_elems,
                                       size_t num_md,
-                                       grpc_credentials_status status) {
+                                       grpc_credentials_status status,
                                       const char *error_details) {
  grpc_composite_call_credentials_metadata_context *ctx =
      (grpc_composite_call_credentials_metadata_context *)user_data;
  if (status != GRPC_CREDENTIALS_OK) {
-    ctx->cb(exec_ctx, ctx->user_data, NULL, 0, status);
+    ctx->cb(exec_ctx, ctx->user_data, NULL, 0, status, NULL);
    return;
  }
@ -1002,7 +1004,7 @@ static void composite_call_metadata_cb(grpc_exec_ctx *exec_ctx, void *user_data,
  /* We're done!. */
  ctx->cb(exec_ctx, ctx->user_data, ctx->md_elems->entries,
-          ctx->md_elems->num_entries, GRPC_CREDENTIALS_OK);
+          ctx->md_elems->num_entries, GRPC_CREDENTIALS_OK, NULL);
  composite_call_md_context_destroy(ctx);
 }
@ -1122,7 +1124,7 @@ static void iam_get_request_metadata(grpc_exec_ctx *exec_ctx,
                                     void *user_data) {
  grpc_google_iam_credentials *c = (grpc_google_iam_credentials *)creds;
  cb(exec_ctx, user_data, c->iam_md->entries, c->iam_md->num_entries,
-     GRPC_CREDENTIALS_OK);
+     GRPC_CREDENTIALS_OK, NULL);
 }
 static grpc_call_credentials_vtable iam_vtable = {iam_destruct,
@ -1178,7 +1180,8 @@ static void plugin_md_request_metadata_ready(void *request,
      gpr_log(GPR_ERROR, "Getting metadata from plugin failed with error: %s",
              error_details);
    }
-    r->cb(&exec_ctx, r->user_data, NULL, 0, GRPC_CREDENTIALS_ERROR);
+    r->cb(&exec_ctx, r->user_data, NULL, 0, GRPC_CREDENTIALS_ERROR,
          error_details);
  } else {
    size_t i;
    grpc_credentials_md *md_array = NULL;
@ -1190,7 +1193,7 @@ static void plugin_md_request_metadata_ready(void *request,
            gpr_slice_from_copied_buffer(md[i].value, md[i].value_length);
      }
    }
-    r->cb(&exec_ctx, r->user_data, md_array, num_md, GRPC_CREDENTIALS_OK);
+    r->cb(&exec_ctx, r->user_data, md_array, num_md, GRPC_CREDENTIALS_OK, NULL);
    if (md_array != NULL) {
      for (i = 0; i < num_md; i++) {
        gpr_slice_unref(md_array[i].key);
@ -1218,7 +1221,7 @@ static void plugin_get_request_metadata(grpc_exec_ctx *exec_ctx,
    c->plugin.get_metadata(c->plugin.state, context,
                           plugin_md_request_metadata_ready, request);
  } else {
-    cb(exec_ctx, user_data, NULL, 0, GRPC_CREDENTIALS_OK);
+    cb(exec_ctx, user_data, NULL, 0, GRPC_CREDENTIALS_OK, NULL);
  }
 }
--- a/src/core/lib/security/credentials.h
+++ b/src/core/lib/security/credentials.h
@ -160,11 +160,13 @@ void grpc_credentials_md_store_unref(grpc_credentials_md_store *store);
 /* --- grpc_call_credentials. --- */
 /* error_details must be NULL if status is GRPC_CREDENTIALS_OK. */
 typedef void (*grpc_credentials_metadata_cb)(grpc_exec_ctx *exec_ctx,
                                             void *user_data,
                                             grpc_credentials_md *md_elems,
                                             size_t num_md,
-                                             grpc_credentials_status status);
+                                             grpc_credentials_status status,
                                             const char *error_details);
 typedef struct {
  void (*destruct)(grpc_call_credentials *c);
--- a/test/core/security/credentials_test.c
+++ b/test/core/security/credentials_test.c
@ -338,13 +338,15 @@ static void check_metadata(expected_md *expected, grpc_credentials_md *md_elems,
 static void check_google_iam_metadata(grpc_exec_ctx *exec_ctx, void *user_data,
                                      grpc_credentials_md *md_elems,
                                      size_t num_md,
-                                      grpc_credentials_status status) {
+                                      grpc_credentials_status status,
                                      const char *error_details) {
  grpc_call_credentials *c = (grpc_call_credentials *)user_data;
  expected_md emd[] = {{GRPC_IAM_AUTHORIZATION_TOKEN_METADATA_KEY,
                        test_google_iam_authorization_token},
                       {GRPC_IAM_AUTHORITY_SELECTOR_METADATA_KEY,
                        test_google_iam_authority_selector}};
  GPR_ASSERT(status == GRPC_CREDENTIALS_OK);
  GPR_ASSERT(error_details == NULL);
  GPR_ASSERT(num_md == 2);
  check_metadata(emd, md_elems, num_md);
  grpc_call_credentials_unref(c);
@ -362,14 +364,13 @@ static void test_google_iam_creds(void) {
  grpc_exec_ctx_finish(&exec_ctx);
 }
-static void check_access_token_metadata(grpc_exec_ctx *exec_ctx,
+static void check_access_token_metadata(
-                                        void *user_data,
+    grpc_exec_ctx *exec_ctx, void *user_data, grpc_credentials_md *md_elems,
-                                        grpc_credentials_md *md_elems,
+    size_t num_md, grpc_credentials_status status, const char *error_details) {
                                        size_t num_md,
                                        grpc_credentials_status status) {
  grpc_call_credentials *c = (grpc_call_credentials *)user_data;
  expected_md emd[] = {{GRPC_AUTHORIZATION_METADATA_KEY, "Bearer blah"}};
  GPR_ASSERT(status == GRPC_CREDENTIALS_OK);
  GPR_ASSERT(error_details == NULL);
  GPR_ASSERT(num_md == 1);
  check_metadata(emd, md_elems, num_md);
  grpc_call_credentials_unref(c);
@ -418,7 +419,7 @@ static void test_channel_oauth2_composite_creds(void) {
 static void check_oauth2_google_iam_composite_metadata(
    grpc_exec_ctx *exec_ctx, void *user_data, grpc_credentials_md *md_elems,
-    size_t num_md, grpc_credentials_status status) {
+    size_t num_md, grpc_credentials_status status, const char *error_details) {
  grpc_call_credentials *c = (grpc_call_credentials *)user_data;
  expected_md emd[] = {
      {GRPC_AUTHORIZATION_METADATA_KEY, test_oauth2_bearer_token},
@ -427,6 +428,7 @@ static void check_oauth2_google_iam_composite_metadata(
      {GRPC_IAM_AUTHORITY_SELECTOR_METADATA_KEY,
       test_google_iam_authority_selector}};
  GPR_ASSERT(status == GRPC_CREDENTIALS_OK);
  GPR_ASSERT(error_details == NULL);
  GPR_ASSERT(num_md == 3);
  check_metadata(emd, md_elems, num_md);
  grpc_call_credentials_unref(c);
@ -511,8 +513,9 @@ static void test_channel_oauth2_google_iam_composite_creds(void) {
 static void on_oauth2_creds_get_metadata_success(
    grpc_exec_ctx *exec_ctx, void *user_data, grpc_credentials_md *md_elems,
-    size_t num_md, grpc_credentials_status status) {
+    size_t num_md, grpc_credentials_status status, const char *error_details) {
  GPR_ASSERT(status == GRPC_CREDENTIALS_OK);
  GPR_ASSERT(error_details == NULL);
  GPR_ASSERT(num_md == 1);
  GPR_ASSERT(gpr_slice_str_cmp(md_elems[0].key, "authorization") == 0);
  GPR_ASSERT(gpr_slice_str_cmp(md_elems[0].value,
@ -524,7 +527,7 @@ static void on_oauth2_creds_get_metadata_success(
 static void on_oauth2_creds_get_metadata_failure(
    grpc_exec_ctx *exec_ctx, void *user_data, grpc_credentials_md *md_elems,
-    size_t num_md, grpc_credentials_status status) {
+    size_t num_md, grpc_credentials_status status, const char *error_details) {
  GPR_ASSERT(status == GRPC_CREDENTIALS_ERROR);
  GPR_ASSERT(num_md == 0);
  GPR_ASSERT(user_data != NULL);
@ -760,14 +763,13 @@ static char *encode_and_sign_jwt_should_not_be_called(
  return NULL;
 }
-static void on_jwt_creds_get_metadata_success(grpc_exec_ctx *exec_ctx,
+static void on_jwt_creds_get_metadata_success(
-                                              void *user_data,
+    grpc_exec_ctx *exec_ctx, void *user_data, grpc_credentials_md *md_elems,
-                                              grpc_credentials_md *md_elems,
+    size_t num_md, grpc_credentials_status status, const char *error_details) {
                                              size_t num_md,
                                              grpc_credentials_status status) {
  char *expected_md_value;
  gpr_asprintf(&expected_md_value, "Bearer %s", test_signed_jwt);
  GPR_ASSERT(status == GRPC_CREDENTIALS_OK);
  GPR_ASSERT(error_details == NULL);
  GPR_ASSERT(num_md == 1);
  GPR_ASSERT(gpr_slice_str_cmp(md_elems[0].key, "authorization") == 0);
  GPR_ASSERT(gpr_slice_str_cmp(md_elems[0].value, expected_md_value) == 0);
@ -776,11 +778,9 @@ static void on_jwt_creds_get_metadata_success(grpc_exec_ctx *exec_ctx,
  gpr_free(expected_md_value);
 }
-static void on_jwt_creds_get_metadata_failure(grpc_exec_ctx *exec_ctx,
+static void on_jwt_creds_get_metadata_failure(
-                                              void *user_data,
+    grpc_exec_ctx *exec_ctx, void *user_data, grpc_credentials_md *md_elems,
-                                              grpc_credentials_md *md_elems,
+    size_t num_md, grpc_credentials_status status, const char *error_details) {
                                              size_t num_md,
                                              grpc_credentials_status status) {
  GPR_ASSERT(status == GRPC_CREDENTIALS_ERROR);
  GPR_ASSERT(num_md == 0);
  GPR_ASSERT(user_data != NULL);
@ -1024,6 +1024,8 @@ static void plugin_get_metadata_success(void *state,
  cb(user_data, md, GPR_ARRAY_SIZE(md), GRPC_STATUS_OK, NULL);
 }
 static const char *plugin_error_details = "Could not get metadata for plugin.";
 static void plugin_get_metadata_failure(void *state,
                                        grpc_auth_metadata_context context,
                                        grpc_credentials_plugin_metadata_cb cb,
@ -1034,13 +1036,12 @@ static void plugin_get_metadata_failure(void *state,
  GPR_ASSERT(context.channel_auth_context == NULL);
  GPR_ASSERT(context.reserved == NULL);
  *s = PLUGIN_GET_METADATA_CALLED_STATE;
-  cb(user_data, NULL, 0, GRPC_STATUS_UNAUTHENTICATED,
+  cb(user_data, NULL, 0, GRPC_STATUS_UNAUTHENTICATED, plugin_error_details);
     "Could not get metadata for plugin.");
 }
 static void on_plugin_metadata_received_success(
    grpc_exec_ctx *exec_ctx, void *user_data, grpc_credentials_md *md_elems,
-    size_t num_md, grpc_credentials_status status) {
+    size_t num_md, grpc_credentials_status status, const char *error_details) {
  size_t i = 0;
  GPR_ASSERT(user_data == NULL);
  GPR_ASSERT(md_elems != NULL);
@ -1053,11 +1054,13 @@ static void on_plugin_metadata_received_success(
 static void on_plugin_metadata_received_failure(
    grpc_exec_ctx *exec_ctx, void *user_data, grpc_credentials_md *md_elems,
-    size_t num_md, grpc_credentials_status status) {
+    size_t num_md, grpc_credentials_status status, const char *error_details) {
  GPR_ASSERT(user_data == NULL);
  GPR_ASSERT(md_elems == NULL);
  GPR_ASSERT(num_md == 0);
  GPR_ASSERT(status == GRPC_CREDENTIALS_ERROR);
  GPR_ASSERT(error_details != NULL);
  GPR_ASSERT(strcmp(error_details, plugin_error_details) == 0);
 }
 static void plugin_destroy(void *state) {
--- a/test/core/security/oauth2_utils.c
+++ b/test/core/security/oauth2_utils.c
@ -53,7 +53,8 @@ typedef struct {
 static void on_oauth2_response(grpc_exec_ctx *exec_ctx, void *user_data,
                               grpc_credentials_md *md_elems, size_t num_md,
-                               grpc_credentials_status status) {
+                               grpc_credentials_status status,
                               const char *error_details) {
  oauth2_request *request = user_data;
  char *token = NULL;
  gpr_slice token_slice;
--- a/test/core/security/print_google_default_creds_token.c
+++ b/test/core/security/print_google_default_creds_token.c
@ -53,7 +53,8 @@ typedef struct {
 static void on_metadata_response(grpc_exec_ctx *exec_ctx, void *user_data,
                                 grpc_credentials_md *md_elems, size_t num_md,
-                                 grpc_credentials_status status) {
+                                 grpc_credentials_status status,
                                 const char *error_details) {
  synchronizer *sync = user_data;
  if (status == GRPC_CREDENTIALS_ERROR) {
    fprintf(stderr, "Fetching token failed.\n");