Chiebot-Mirror
/
grpc
mirror of https://github.com/grpc/grpc.git
8
0
Fork 0
Code Issues Projects Releases Wiki Activity

Successfully compile C++ libary (not tests yet).

Browse Source
reviewable/pr3765/r1
Julien Boeuf 9 years ago
parent 26bf71ce37
commit 54a902ed17
10 changed files with 152 additions and 91 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      include/grpc++/channel.h
  2. 6
      include/grpc++/client_context.h
  3. 6
      include/grpc++/create_channel.h
  4. 88
      include/grpc++/security/credentials.h
  5. 2
      include/grpc++/support/channel_arguments.h
  6. 6
      src/cpp/client/create_channel.cc
  7. 4
      src/cpp/client/credentials.cc
  8. 12
      src/cpp/client/insecure_credentials.cc
  9. 82
      src/cpp/client/secure_credentials.cc
  10. 33
      src/cpp/client/secure_credentials.h

4
include/grpc++/channel.h
Unescape View File

@ -47,8 +47,8 @@ namespace grpc {
class CallOpSetInterface;
class ChannelArguments;
class CompletionQueue;
class Credentials;
class SecureCredentials;
class ChannelCredentials;
class SecureChannelCredentials;
template <class R>
class ClientReader;

6
include/grpc++/client_context.h
Unescape View File

@ -69,7 +69,7 @@ namespace grpc {
class Channel;
class CompletionQueue;
class Credentials;
class CallCredentials;
class RpcMethod;
template <class R>
class ClientReader;
@ -244,7 +244,7 @@ class ClientContext {
/// call.
///
/// \see https://github.com/grpc/grpc/blob/master/doc/grpc-auth-support.md
void set_credentials(const std::shared_ptr<Credentials>& creds) {
void set_credentials(const std::shared_ptr<CallCredentials>& creds) {
creds_ = creds;
}
@ -318,7 +318,7 @@ class ClientContext {
grpc_call* call_;
gpr_timespec deadline_;
grpc::string authority_;
std::shared_ptr<Credentials> creds_;
std::shared_ptr<CallCredentials> creds_;
mutable std::shared_ptr<const AuthContext> auth_context_;
struct census_context* census_context_;
std::multimap<grpc::string, grpc::string> send_initial_metadata_;

6
include/grpc++/create_channel.h
Unescape View File

@ -49,7 +49,8 @@ namespace grpc {
/// an object or is invalid, a lame channel is returned.
/// \param args Options for channel creation.
std::shared_ptr<Channel> CreateChannel(
const grpc::string& target, const std::shared_ptr<Credentials>& creds);
const grpc::string& target,
const std::shared_ptr<ChannelCredentials>& creds);
/// Create a new \em custom \a Channel pointing to \a target
///
@ -61,7 +62,8 @@ std::shared_ptr<Channel> CreateChannel(
/// an object or is invalid, a lame channel is returned.
/// \param args Options for channel creation.
std::shared_ptr<Channel> CreateCustomChannel(
const grpc::string& target, const std::shared_ptr<Credentials>& creds,
const grpc::string& target,
const std::shared_ptr<ChannelCredentials>& creds,
const ChannelArguments& args);
} // namespace grpc

88
include/grpc++/security/credentials.h
Unescape View File

@ -45,37 +45,60 @@
namespace grpc {
class ChannelArguments;
class Channel;
class SecureCredentials;
/// A credentials object encapsulates all the state needed by a client to
/// authenticate with a server and make various assertions, e.g., about the
/// client’s identity, role, or whether it is authorized to make a particular
/// call.
class SecureChannelCredentials;
class CallCredentials;
class SecureCallCredentials;
/// A channel credentials object encapsulates all the state needed by a client
/// to authenticate with a server for a given channel.
/// It can make various assertions, e.g., about the client’s identity, role
/// for all the calls on that channel.
///
/// \see https://github.com/grpc/grpc/blob/master/doc/grpc-auth-support.md
class Credentials : public GrpcLibrary {
class ChannelCredentials : public GrpcLibrary {
public:
~Credentials() GRPC_OVERRIDE;
/// Apply this instance's credentials to \a call.
virtual bool ApplyToCall(grpc_call* call) = 0;
~ChannelCredentials() GRPC_OVERRIDE;
protected:
friend std::shared_ptr<Credentials> CompositeCredentials(
const std::shared_ptr<Credentials>& creds1,
const std::shared_ptr<Credentials>& creds2);
friend std::shared_ptr<ChannelCredentials> CompositeChannelCredentials(
const std::shared_ptr<ChannelCredentials>& channel_creds,
const std::shared_ptr<CallCredentials>& call_creds);
virtual SecureCredentials* AsSecureCredentials() = 0;
virtual SecureChannelCredentials* AsSecureCredentials() = 0;
private:
friend std::shared_ptr<Channel> CreateCustomChannel(
const grpc::string& target, const std::shared_ptr<Credentials>& creds,
const grpc::string& target,
const std::shared_ptr<ChannelCredentials>& creds,
const ChannelArguments& args);
virtual std::shared_ptr<Channel> CreateChannel(
const grpc::string& target, const ChannelArguments& args) = 0;
};
/// A call credentials object encapsulates the state needed by a client to
/// authenticate with a server for a given call on a channel.
///
/// \see https://github.com/grpc/grpc/blob/master/doc/grpc-auth-support.md
class CallCredentials : public GrpcLibrary {
public:
~CallCredentials() GRPC_OVERRIDE;
/// Apply this instance's credentials to \a call.
virtual bool ApplyToCall(grpc_call* call) = 0;
protected:
friend std::shared_ptr<ChannelCredentials> CompositeChannelCredentials(
const std::shared_ptr<ChannelCredentials>& channel_creds,
const std::shared_ptr<CallCredentials>& call_creds);
friend std::shared_ptr<CallCredentials> CompositeCallCredentials(
const std::shared_ptr<CallCredentials>& creds1,
const std::shared_ptr<CallCredentials>& creds2);
virtual SecureCallCredentials* AsSecureCredentials() = 0;
};
/// Options used to build SslCredentials.
struct SslCredentialsOptions {
/// The buffer containing the PEM encoding of the server root certificates. If
@ -106,10 +129,10 @@ struct SslCredentialsOptions {
/// Using these credentials to connect to any other service may result in this
/// service being able to impersonate your client for requests to Google
/// services.
std::shared_ptr<Credentials> GoogleDefaultCredentials();
std::shared_ptr<ChannelCredentials> GoogleDefaultCredentials();
/// Builds SSL Credentials given SSL specific options
std::shared_ptr<Credentials> SslCredentials(
std::shared_ptr<ChannelCredentials> SslCredentials(
const SslCredentialsOptions& options);
/// Builds credentials for use when running in GCE
@ -118,14 +141,14 @@ std::shared_ptr<Credentials> SslCredentials(
/// Using these credentials to connect to any other service may result in this
/// service being able to impersonate your client for requests to Google
/// services.
std::shared_ptr<Credentials> GoogleComputeEngineCredentials();
std::shared_ptr<CallCredentials> GoogleComputeEngineCredentials();
/// Builds Service Account JWT Access credentials.
/// json_key is the JSON key string containing the client's private key.
/// token_lifetime_seconds is the lifetime in seconds of each Json Web Token
/// (JWT) created with this credentials. It should not exceed
/// grpc_max_auth_token_lifetime or will be cropped to this value.
std::shared_ptr<Credentials> ServiceAccountJWTAccessCredentials(
std::shared_ptr<CallCredentials> ServiceAccountJWTAccessCredentials(
const grpc::string& json_key, long token_lifetime_seconds);
/// Builds refresh token credentials.
@ -136,7 +159,7 @@ std::shared_ptr<Credentials> ServiceAccountJWTAccessCredentials(
/// Using these credentials to connect to any other service may result in this
/// service being able to impersonate your client for requests to Google
/// services.
std::shared_ptr<Credentials> GoogleRefreshTokenCredentials(
std::shared_ptr<CallCredentials> GoogleRefreshTokenCredentials(
const grpc::string& json_refresh_token);
/// Builds access token credentials.
@ -147,7 +170,7 @@ std::shared_ptr<Credentials> GoogleRefreshTokenCredentials(
/// Using these credentials to connect to any other service may result in this
/// service being able to impersonate your client for requests to Google
/// services.
std::shared_ptr<Credentials> AccessTokenCredentials(
std::shared_ptr<CallCredentials> AccessTokenCredentials(
const grpc::string& access_token);
/// Builds IAM credentials.
@ -156,17 +179,24 @@ std::shared_ptr<Credentials> AccessTokenCredentials(
/// Using these credentials to connect to any other service may result in this
/// service being able to impersonate your client for requests to Google
/// services.
std::shared_ptr<Credentials> GoogleIAMCredentials(
std::shared_ptr<CallCredentials> GoogleIAMCredentials(
const grpc::string& authorization_token,
const grpc::string& authority_selector);
/// Combines two credentials objects into a composite credentials
std::shared_ptr<Credentials> CompositeCredentials(
const std::shared_ptr<Credentials>& creds1,
const std::shared_ptr<Credentials>& creds2);
/// Combines a channel credentials and a call credentials into a composite
/// channel credentials.
std::shared_ptr<ChannelCredentials> CompositeChannelCredentials(
const std::shared_ptr<ChannelCredentials>& channel_creds,
const std::shared_ptr<CallCredentials>& call_creds);
/// Combines two call credentials objects into a composite call credentials.
std::shared_ptr<CallCredentials> CompositeCallCredentials(
const std::shared_ptr<CallCredentials>& creds1,
const std::shared_ptr<CallCredentials>& creds2);
/// Credentials for an unencrypted, unauthenticated channel
std::shared_ptr<Credentials> InsecureCredentials();
std::shared_ptr<ChannelCredentials> InsecureChannelCredentials();
// User defined metadata credentials.
class MetadataCredentialsPlugin {
@ -183,7 +213,7 @@ class MetadataCredentialsPlugin {
std::multimap<grpc::string, grpc::string>* metadata) = 0;
};
std::shared_ptr<Credentials> MetadataCredentialsFromPlugin(
std::shared_ptr<CallCredentials> MetadataCredentialsFromPlugin(
std::unique_ptr<MetadataCredentialsPlugin> plugin);
} // namespace grpc

2
include/grpc++/support/channel_arguments.h
Unescape View File

@ -83,7 +83,7 @@ class ChannelArguments {
void SetString(const grpc::string& key, const grpc::string& value);
private:
friend class SecureCredentials;
friend class SecureChannelCredentials;
friend class testing::ChannelArgumentsTest;
// Returns empty string when it is not set.

6
src/cpp/client/create_channel.cc
Unescape View File

@ -44,12 +44,14 @@ namespace grpc {
class ChannelArguments;
std::shared_ptr<Channel> CreateChannel(
const grpc::string& target, const std::shared_ptr<Credentials>& creds) {
const grpc::string& target,
const std::shared_ptr<ChannelCredentials>& creds) {
return CreateCustomChannel(target, creds, ChannelArguments());
}
std::shared_ptr<Channel> CreateCustomChannel(
const grpc::string& target, const std::shared_ptr<Credentials>& creds,
const grpc::string& target,
const std::shared_ptr<ChannelCredentials>& creds,
const ChannelArguments& args) {
GrpcLibrary init_lib; // We need to call init in case of a bad creds.
ChannelArguments cp_args = args;

4
src/cpp/client/credentials.cc
Unescape View File

@ -35,6 +35,8 @@
namespace grpc {
Credentials::~Credentials() {}
ChannelCredentials::~ChannelCredentials() {}
CallCredentials::~CallCredentials() {}
} // namespace grpc

12
src/cpp/client/insecure_credentials.cc
Unescape View File

@ -43,7 +43,7 @@
namespace grpc {
namespace {
class InsecureCredentialsImpl GRPC_FINAL : public Credentials {
class InsecureChannelCredentialsImpl GRPC_FINAL : public ChannelCredentials {
public:
std::shared_ptr<grpc::Channel> CreateChannel(
const string& target, const grpc::ChannelArguments& args) GRPC_OVERRIDE {
@ -54,15 +54,13 @@ class InsecureCredentialsImpl GRPC_FINAL : public Credentials {
grpc_insecure_channel_create(target.c_str(), &channel_args, nullptr));
}
// InsecureCredentials should not be applied to a call.
bool ApplyToCall(grpc_call* call) GRPC_OVERRIDE { return false; }
SecureCredentials* AsSecureCredentials() GRPC_OVERRIDE { return nullptr; }
SecureChannelCredentials* AsSecureCredentials() GRPC_OVERRIDE { return nullptr; }
};
} // namespace
std::shared_ptr<Credentials> InsecureCredentials() {
return std::shared_ptr<Credentials>(new InsecureCredentialsImpl());
std::shared_ptr<ChannelCredentials> InsecureChannelCredentials() {
return std::shared_ptr<ChannelCredentials>(
new InsecureChannelCredentialsImpl());
}
} // namespace grpc

82
src/cpp/client/secure_credentials.cc
Unescape View File

@ -40,7 +40,7 @@
namespace grpc {
std::shared_ptr<grpc::Channel> SecureCredentials::CreateChannel(
std::shared_ptr<grpc::Channel> SecureChannelCredentials::CreateChannel(
const string& target, const grpc::ChannelArguments& args) {
grpc_channel_args channel_args;
args.SetChannelArgs(&channel_args);
@ -50,96 +50,104 @@ std::shared_ptr<grpc::Channel> SecureCredentials::CreateChannel(
nullptr));
}
bool SecureCredentials::ApplyToCall(grpc_call* call) {
bool SecureCallCredentials::ApplyToCall(grpc_call* call) {
return grpc_call_set_credentials(call, c_creds_) == GRPC_CALL_OK;
}
namespace {
std::shared_ptr<Credentials> WrapCredentials(grpc_credentials* creds) {
return creds == nullptr
? nullptr
: std::shared_ptr<Credentials>(new SecureCredentials(creds));
std::shared_ptr<ChannelCredentials> WrapChannelCredentials(
grpc_channel_credentials* creds) {
return creds == nullptr ? nullptr : std::shared_ptr<ChannelCredentials>(
new SecureChannelCredentials(creds));
}
std::shared_ptr<CallCredentials> WrapCallCredentials(
grpc_call_credentials* creds) {
return creds == nullptr ? nullptr : std::shared_ptr<CallCredentials>(
new SecureCallCredentials(creds));
}
} // namespace
std::shared_ptr<Credentials> GoogleDefaultCredentials() {
std::shared_ptr<ChannelCredentials> GoogleDefaultCredentials() {
GrpcLibrary init; // To call grpc_init().
return WrapCredentials(grpc_google_default_credentials_create());
return WrapChannelCredentials(grpc_google_default_credentials_create());
}
// Builds SSL Credentials given SSL specific options
std::shared_ptr<Credentials> SslCredentials(
std::shared_ptr<ChannelCredentials> SslCredentials(
const SslCredentialsOptions& options) {
GrpcLibrary init; // To call grpc_init().
grpc_ssl_pem_key_cert_pair pem_key_cert_pair = {
options.pem_private_key.c_str(), options.pem_cert_chain.c_str()};
grpc_credentials* c_creds = grpc_ssl_credentials_create(
grpc_channel_credentials* c_creds = grpc_ssl_credentials_create(
options.pem_root_certs.empty() ? nullptr : options.pem_root_certs.c_str(),
options.pem_private_key.empty() ? nullptr : &pem_key_cert_pair, nullptr);
return WrapCredentials(c_creds);
return WrapChannelCredentials(c_creds);
}
// Builds credentials for use when running in GCE
std::shared_ptr<Credentials> GoogleComputeEngineCredentials() {
std::shared_ptr<CallCredentials> GoogleComputeEngineCredentials() {
GrpcLibrary init; // To call grpc_init().
return WrapCredentials(
return WrapCallCredentials(
grpc_google_compute_engine_credentials_create(nullptr));
}
// Builds JWT credentials.
std::shared_ptr<Credentials> ServiceAccountJWTAccessCredentials(
std::shared_ptr<CallCredentials> ServiceAccountJWTAccessCredentials(
const grpc::string& json_key, long token_lifetime_seconds) {
GrpcLibrary init; // To call grpc_init().
if (token_lifetime_seconds <= 0) {
gpr_log(GPR_ERROR,
"Trying to create JWTCredentials with non-positive lifetime");
return WrapCredentials(nullptr);
return WrapCallCredentials(nullptr);
}
gpr_timespec lifetime =
gpr_time_from_seconds(token_lifetime_seconds, GPR_TIMESPAN);
return WrapCredentials(grpc_service_account_jwt_access_credentials_create(
return WrapCallCredentials(grpc_service_account_jwt_access_credentials_create(
json_key.c_str(), lifetime, nullptr));
}
// Builds refresh token credentials.
std::shared_ptr<Credentials> GoogleRefreshTokenCredentials(
std::shared_ptr<CallCredentials> GoogleRefreshTokenCredentials(
const grpc::string& json_refresh_token) {
GrpcLibrary init; // To call grpc_init().
return WrapCredentials(grpc_google_refresh_token_credentials_create(
return WrapCallCredentials(grpc_google_refresh_token_credentials_create(
json_refresh_token.c_str(), nullptr));
}
// Builds access token credentials.
std::shared_ptr<Credentials> AccessTokenCredentials(
std::shared_ptr<CallCredentials> AccessTokenCredentials(
const grpc::string& access_token) {
GrpcLibrary init; // To call grpc_init().
return WrapCredentials(
return WrapCallCredentials(
grpc_access_token_credentials_create(access_token.c_str(), nullptr));
}
// Builds IAM credentials.
std::shared_ptr<Credentials> GoogleIAMCredentials(
std::shared_ptr<CallCredentials> GoogleIAMCredentials(
const grpc::string& authorization_token,
const grpc::string& authority_selector) {
GrpcLibrary init; // To call grpc_init().
return WrapCredentials(grpc_google_iam_credentials_create(
return WrapCallCredentials(grpc_google_iam_credentials_create(
authorization_token.c_str(), authority_selector.c_str(), nullptr));
}
// Combines two credentials objects into a composite credentials.
std::shared_ptr<Credentials> CompositeCredentials(
const std::shared_ptr<Credentials>& creds1,
const std::shared_ptr<Credentials>& creds2) {
// Note that we are not saving shared_ptrs to the two credentials
// passed in here. This is OK because the underlying C objects (i.e.,
// creds1 and creds2) into grpc_composite_credentials_create will see their
// refcounts incremented.
SecureCredentials* s1 = creds1->AsSecureCredentials();
SecureCredentials* s2 = creds2->AsSecureCredentials();
if (s1 && s2) {
return WrapCredentials(grpc_composite_credentials_create(
s1->GetRawCreds(), s2->GetRawCreds(), nullptr));
// Combines one channel credentials and one call credentials into a channel
// composite credentials.
std::shared_ptr<ChannelCredentials> CompositeChannelCredentials(
const std::shared_ptr<ChannelCredentials>& channel_creds,
const std::shared_ptr<CallCredentials>& call_creds) {
// Note that we are not saving shared_ptrs to the two credentials passed in
// here. This is OK because the underlying C objects (i.e., channel_creds and
// call_creds) into grpc_composite_credentials_create will see their refcounts
// incremented.
SecureChannelCredentials* s_channel_creds =
channel_creds->AsSecureCredentials();
SecureCallCredentials* s_call_creds = call_creds->AsSecureCredentials();
if (s_channel_creds && s_call_creds) {
return WrapChannelCredentials(grpc_composite_channel_credentials_create(
s_channel_creds->GetRawCreds(), s_call_creds->GetRawCreds(), nullptr));
}
return nullptr;
}
@ -193,7 +201,7 @@ MetadataCredentialsPluginWrapper::MetadataCredentialsPluginWrapper(
std::unique_ptr<MetadataCredentialsPlugin> plugin)
: thread_pool_(CreateDefaultThreadPool()), plugin_(std::move(plugin)) {}
std::shared_ptr<Credentials> MetadataCredentialsFromPlugin(
std::shared_ptr<CallCredentials> MetadataCredentialsFromPlugin(
std::unique_ptr<MetadataCredentialsPlugin> plugin) {
GrpcLibrary init; // To call grpc_init().
MetadataCredentialsPluginWrapper* wrapper =
@ -201,7 +209,7 @@ std::shared_ptr<Credentials> MetadataCredentialsFromPlugin(
grpc_metadata_credentials_plugin c_plugin = {
MetadataCredentialsPluginWrapper::GetMetadata,
MetadataCredentialsPluginWrapper::Destroy, wrapper};
return WrapCredentials(
return WrapCallCredentials(
grpc_metadata_credentials_create_from_plugin(c_plugin, nullptr));
}

33
src/cpp/client/secure_credentials.h
Unescape View File

@ -43,21 +43,40 @@
namespace grpc {
class SecureCredentials GRPC_FINAL : public Credentials {
class SecureChannelCredentials GRPC_FINAL : public ChannelCredentials {
public:
explicit SecureCredentials(grpc_credentials* c_creds) : c_creds_(c_creds) {}
~SecureCredentials() GRPC_OVERRIDE { grpc_credentials_release(c_creds_); }
grpc_credentials* GetRawCreds() { return c_creds_; }
bool ApplyToCall(grpc_call* call) GRPC_OVERRIDE;
explicit SecureChannelCredentials(grpc_channel_credentials* c_creds)
: c_creds_(c_creds) {}
~SecureChannelCredentials() GRPC_OVERRIDE {
grpc_channel_credentials_release(c_creds_);
}
grpc_channel_credentials* GetRawCreds() { return c_creds_; }
std::shared_ptr<grpc::Channel> CreateChannel(
const string& target, const grpc::ChannelArguments& args) GRPC_OVERRIDE;
SecureCredentials* AsSecureCredentials() GRPC_OVERRIDE { return this; }
SecureChannelCredentials* AsSecureCredentials() GRPC_OVERRIDE { return this; }
private:
grpc_credentials* const c_creds_;
grpc_channel_credentials* const c_creds_;
};
class SecureCallCredentials GRPC_FINAL : public CallCredentials {
public:
explicit SecureCallCredentials(grpc_call_credentials* c_creds)
: c_creds_(c_creds) {}
~SecureCallCredentials() GRPC_OVERRIDE {
grpc_call_credentials_release(c_creds_);
}
grpc_call_credentials* GetRawCreds() { return c_creds_; }
bool ApplyToCall(grpc_call* call) GRPC_OVERRIDE;
SecureCallCredentials* AsSecureCredentials() GRPC_OVERRIDE { return this; }
private:
grpc_call_credentials* const c_creds_;
};
class MetadataCredentialsPluginWrapper GRPC_FINAL {
public:
static void Destroy(void* wrapper);

Write Preview
Loading…
Cancel
Save