mirror of https://github.com/grpc/grpc.git
parent
2250454721
commit
9e14414415
7 changed files with 112 additions and 159 deletions
@ -0,0 +1,84 @@ |
||||
#region Copyright notice and license |
||||
|
||||
// Copyright 2015, Google Inc. |
||||
// All rights reserved. |
||||
// |
||||
// Redistribution and use in source and binary forms, with or without |
||||
// modification, are permitted provided that the following conditions are |
||||
// met: |
||||
// |
||||
// * Redistributions of source code must retain the above copyright |
||||
// notice, this list of conditions and the following disclaimer. |
||||
// * Redistributions in binary form must reproduce the above |
||||
// copyright notice, this list of conditions and the following disclaimer |
||||
// in the documentation and/or other materials provided with the |
||||
// distribution. |
||||
// * Neither the name of Google Inc. nor the names of its |
||||
// contributors may be used to endorse or promote products derived from |
||||
// this software without specific prior written permission. |
||||
// |
||||
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
||||
// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
||||
// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR |
||||
// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT |
||||
// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
||||
// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
||||
// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
||||
// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
||||
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
||||
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
||||
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
||||
|
||||
#endregion |
||||
|
||||
using System; |
||||
using System.Threading; |
||||
|
||||
using Google.Apis.Auth.OAuth2; |
||||
using Grpc.Core; |
||||
using Grpc.Core.Utils; |
||||
|
||||
namespace Grpc.Auth |
||||
{ |
||||
/// <summary> |
||||
/// Factory methods to create authorization interceptors. |
||||
/// </summary> |
||||
public static class AuthInterceptors |
||||
{ |
||||
private const string AuthorizationHeader = "Authorization"; |
||||
private const string Schema = "Bearer"; |
||||
|
||||
/// <summary> |
||||
/// Creates interceptor that will obtain access token from any credential type that implements |
||||
/// <c>ITokenAccess</c>. (e.g. <c>GoogleCredential</c>). |
||||
/// </summary> |
||||
public static HeaderInterceptor FromCredential(ITokenAccess credential) |
||||
{ |
||||
return new HeaderInterceptor((authUri, metadata) => |
||||
{ |
||||
// TODO(jtattermusch): Rethink synchronous wait to obtain the result. |
||||
var accessToken = credential.GetAccessTokenForRequestAsync(authUri, CancellationToken.None) |
||||
.ConfigureAwait(false).GetAwaiter().GetResult(); |
||||
metadata.Add(CreateBearerTokenHeader(accessToken)); |
||||
}); |
||||
} |
||||
|
||||
/// <summary> |
||||
/// Creates OAuth2 interceptor that will use given access token as authorization. |
||||
/// </summary> |
||||
/// <param name="accessToken">OAuth2 access token.</param> |
||||
public static HeaderInterceptor FromAccessToken(string accessToken) |
||||
{ |
||||
Preconditions.CheckNotNull(accessToken); |
||||
return new HeaderInterceptor((authUri, metadata) => |
||||
{ |
||||
metadata.Add(CreateBearerTokenHeader(accessToken)); |
||||
}); |
||||
} |
||||
|
||||
private static Metadata.Entry CreateBearerTokenHeader(string accessToken) |
||||
{ |
||||
return new Metadata.Entry(AuthorizationHeader, Schema + " " + accessToken); |
||||
} |
||||
} |
||||
} |
@ -1,115 +0,0 @@ |
||||
#region Copyright notice and license |
||||
|
||||
// Copyright 2015, Google Inc. |
||||
// All rights reserved. |
||||
// |
||||
// Redistribution and use in source and binary forms, with or without |
||||
// modification, are permitted provided that the following conditions are |
||||
// met: |
||||
// |
||||
// * Redistributions of source code must retain the above copyright |
||||
// notice, this list of conditions and the following disclaimer. |
||||
// * Redistributions in binary form must reproduce the above |
||||
// copyright notice, this list of conditions and the following disclaimer |
||||
// in the documentation and/or other materials provided with the |
||||
// distribution. |
||||
// * Neither the name of Google Inc. nor the names of its |
||||
// contributors may be used to endorse or promote products derived from |
||||
// this software without specific prior written permission. |
||||
// |
||||
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
||||
// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
||||
// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR |
||||
// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT |
||||
// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
||||
// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
||||
// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
||||
// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
||||
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
||||
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
||||
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
||||
|
||||
#endregion |
||||
|
||||
using System; |
||||
using System.Collections.Generic; |
||||
using System.Diagnostics; |
||||
using System.IO; |
||||
using System.Security.Cryptography.X509Certificates; |
||||
using System.Text.RegularExpressions; |
||||
using System.Threading; |
||||
using System.Threading.Tasks; |
||||
|
||||
using Google.Apis.Auth.OAuth2; |
||||
using Google.Apis.Util; |
||||
using Grpc.Core; |
||||
using Grpc.Core.Utils; |
||||
|
||||
namespace Grpc.Auth |
||||
{ |
||||
public static class OAuth2Interceptors |
||||
{ |
||||
/// <summary> |
||||
/// Creates OAuth2 interceptor that will obtain access token from GoogleCredentials. |
||||
/// </summary> |
||||
public static MetadataInterceptorDelegate FromCredential(GoogleCredential googleCredential) |
||||
{ |
||||
var interceptor = new OAuth2Interceptor(googleCredential, SystemClock.Default); |
||||
return new MetadataInterceptorDelegate(interceptor.InterceptHeaders); |
||||
} |
||||
|
||||
/// <summary> |
||||
/// Creates OAuth2 interceptor that will use given OAuth2 token. |
||||
/// </summary> |
||||
/// <param name="oauth2Token"></param> |
||||
/// <returns></returns> |
||||
public static MetadataInterceptorDelegate FromAccessToken(string oauth2Token) |
||||
{ |
||||
Preconditions.CheckNotNull(oauth2Token); |
||||
return new MetadataInterceptorDelegate((authUri, metadata) => |
||||
{ |
||||
metadata.Add(OAuth2Interceptor.CreateBearerTokenHeader(oauth2Token)); |
||||
}); |
||||
} |
||||
|
||||
/// <summary> |
||||
/// Injects OAuth2 authorization header into initial metadata (= request headers). |
||||
/// </summary> |
||||
private class OAuth2Interceptor |
||||
{ |
||||
private const string AuthorizationHeader = "Authorization"; |
||||
private const string Schema = "Bearer"; |
||||
|
||||
private ITokenAccess credential; |
||||
private IClock clock; |
||||
|
||||
public OAuth2Interceptor(ITokenAccess credential, IClock clock) |
||||
{ |
||||
this.credential = credential; |
||||
this.clock = clock; |
||||
} |
||||
|
||||
/// <summary> |
||||
/// Gets access token and requests refreshing it if is going to expire soon. |
||||
/// </summary> |
||||
/// <param name="cancellationToken"></param> |
||||
/// <returns></returns> |
||||
public string GetAccessToken(string authUri, CancellationToken cancellationToken) |
||||
{ |
||||
// TODO(jtattermusch): Rethink synchronous wait to obtain the result. |
||||
return credential.GetAccessTokenForRequestAsync(authUri, cancellationToken: cancellationToken).GetAwaiter().GetResult(); |
||||
} |
||||
|
||||
public void InterceptHeaders(string authUri, Metadata metadata) |
||||
{ |
||||
var accessToken = GetAccessToken(authUri, CancellationToken.None); |
||||
metadata.Add(CreateBearerTokenHeader(accessToken)); |
||||
} |
||||
|
||||
public static Metadata.Entry CreateBearerTokenHeader(string accessToken) |
||||
{ |
||||
return new Metadata.Entry(AuthorizationHeader, Schema + " " + accessToken); |
||||
} |
||||
} |
||||
} |
||||
} |
Loading…
Reference in new issue