Chiebot-Mirror
/
grpc
mirror of https://github.com/grpc/grpc.git
8
0
Fork 0
Code Issues Projects Releases Wiki Activity

Added tests for eval_args address/port getters. Implemented said getters and CreateActivation.

Browse Source 
Added logging for unsupported attributes

fixed make issues by moving grpc_authorization_engine under grpc

changed inet_aton to inet_pton

fixed issue leftover from initial implementation of evalargs
pull/23786/head
Michael Wang 4 years ago
parent 34795b4b1e
commit b8771966f1
26 changed files with 785 additions and 42 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      BUILD
  2. 7
      BUILD.gn
  3. 68
      CMakeLists.txt
  4. 71
      Makefile
  5. 34
      build_autogenerated.yaml
  6. 12
      config.m4
  7. 14
      config.w32
  8. 9
      gRPC-C++.podspec
  9. 13
      gRPC-Core.podspec
  10. 31
      grpc.gemspec
  11. 5
      grpc.gyp
  12. 31
      package.xml
  13. 115
      src/core/lib/security/authorization/authorization_engine.cc
  14. 14
      src/core/lib/security/authorization/authorization_engine.h
  15. 89
      src/core/lib/security/authorization/evaluate_args.cc
  16. 7
      src/core/lib/security/authorization/evaluate_args.h
  17. 16
      src/core/lib/security/authorization/mock_cel/cel_value.h
  18. 9
      src/python/grpcio/grpc_core_dependencies.py
  19. 15
      test/core/security/BUILD
  20. 76
      test/core/security/evaluate_args_test.cc
  21. 2
      test/core/util/BUILD
  22. 118
      test/core/util/eval_args_mock_endpoint.cc
  23. 31
      test/core/util/eval_args_mock_endpoint.h
  24. 6
      tools/doxygen/Doxyfile.c++.internal
  25. 6
      tools/doxygen/Doxyfile.core.internal
  26. 24
      tools/run_tests/generated/tests.json

4
BUILD
Unescape View File

@ -325,6 +325,7 @@ grpc_cc_library(
public_hdrs = GRPC_PUBLIC_HDRS + GRPC_SECURE_PUBLIC_HDRS,
standalone = True,
deps = [
"grpc_authorization_engine",
"grpc_common",
"grpc_lb_policy_cds_secure",
"grpc_lb_policy_eds_secure",
@ -1863,6 +1864,9 @@ grpc_cc_library(
"src/core/lib/security/authorization/mock_cel/activation.h",
"src/core/lib/security/authorization/mock_cel/cel_value.h",
],
external_deps = [
"absl/container:flat_hash_set",
],
language = "c++",
deps = [
"envoy_ads_upb",

7
BUILD.gn
Unescape View File

@ -788,6 +788,12 @@ config("grpc_config") {
"src/core/lib/json/json.h",
"src/core/lib/json/json_reader.cc",
"src/core/lib/json/json_writer.cc",
"src/core/lib/security/authorization/authorization_engine.cc",
"src/core/lib/security/authorization/authorization_engine.h",
"src/core/lib/security/authorization/evaluate_args.cc",
"src/core/lib/security/authorization/evaluate_args.h",
"src/core/lib/security/authorization/mock_cel/activation.h",
"src/core/lib/security/authorization/mock_cel/cel_value.h",
"src/core/lib/security/context/security_context.cc",
"src/core/lib/security/context/security_context.h",
"src/core/lib/security/credentials/alts/alts_credentials.cc",
@ -1003,6 +1009,7 @@ config("grpc_config") {
":absl/strings:strings",
":absl/status:status",
":absl/container:inlined_vector",
":absl/container:flat_hash_set",
"//third_party/cares",
":address_sorting",
]

68
CMakeLists.txt
Unescape View File

@ -103,14 +103,19 @@ set_property(CACHE gRPC_ABSL_PROVIDER PROPERTY STRINGS "module" "package")
set(gRPC_ABSL_USED_TARGETS
absl_algorithm
absl_algorithm_container
absl_atomic_hook
absl_bad_optional_access
absl_bad_variant_access
absl_base
absl_base_internal
absl_bits
absl_city
absl_civil_time
absl_compressed_tuple
absl_config
absl_container_common
absl_container_memory
absl_cord
absl_core_headers
absl_debugging_internal
@ -118,17 +123,27 @@ set(gRPC_ABSL_USED_TARGETS
absl_dynamic_annotations
absl_endian
absl_errno_saver
absl_exponential_biased
absl_fixed_array
absl_flat_hash_set
absl_function_ref
absl_graphcycles_internal
absl_hash
absl_hash_function_defaults
absl_hash_policy_traits
absl_hashtable_debug_hooks
absl_hashtablez_sampler
absl_have_sse
absl_inlined_vector
absl_inlined_vector_internal
absl_int128
absl_kernel_timeout_internal
absl_layout
absl_log_severity
absl_malloc_internal
absl_memory
absl_optional
absl_raw_hash_set
absl_raw_logging_internal
absl_span
absl_spinlock_wait
@ -145,6 +160,7 @@ set(gRPC_ABSL_USED_TARGETS
absl_time_zone
absl_type_traits
absl_utility
absl_variant
absl_meta
)
@ -795,6 +811,7 @@ if(gRPC_BUILD_TESTS)
add_dependencies(buildtests_cxx duplicate_header_bad_client_test)
add_dependencies(buildtests_cxx end2end_test)
add_dependencies(buildtests_cxx error_details_test)
add_dependencies(buildtests_cxx evaluate_args_test)
add_dependencies(buildtests_cxx eventmanager_libuv_test)
add_dependencies(buildtests_cxx exception_test)
add_dependencies(buildtests_cxx filter_end2end_test)
@ -1702,6 +1719,8 @@ add_library(grpc
src/core/lib/iomgr/work_serializer.cc
src/core/lib/json/json_reader.cc
src/core/lib/json/json_writer.cc
src/core/lib/security/authorization/authorization_engine.cc
src/core/lib/security/authorization/evaluate_args.cc
src/core/lib/security/context/security_context.cc
src/core/lib/security/credentials/alts/alts_credentials.cc
src/core/lib/security/credentials/alts/check_gcp_environment.cc
@ -1858,6 +1877,7 @@ target_link_libraries(grpc
absl::strings
absl::status
absl::inlined_vector
absl::flat_hash_set
)
if(_gRPC_PLATFORM_IOS OR _gRPC_PLATFORM_MAC)
target_link_libraries(grpc "-framework CoreFoundation")
@ -1944,6 +1964,7 @@ if(gRPC_BUILD_TESTS)
add_library(grpc_test_util
test/core/util/cmdline.cc
test/core/util/debugger_macros.cc
test/core/util/eval_args_mock_endpoint.cc
test/core/util/fuzzer_util.cc
test/core/util/grpc_profiler.cc
test/core/util/histogram.cc
@ -2010,6 +2031,7 @@ if(gRPC_BUILD_TESTS)
add_library(grpc_test_util_unsecure
test/core/util/cmdline.cc
test/core/util/debugger_macros.cc
test/core/util/eval_args_mock_endpoint.cc
test/core/util/fuzzer_util.cc
test/core/util/grpc_profiler.cc
test/core/util/histogram.cc
@ -8410,8 +8432,6 @@ endif()
if(gRPC_BUILD_TESTS)
add_executable(authorization_engine_test
src/core/lib/security/authorization/authorization_engine.cc
src/core/lib/security/authorization/evaluate_args.cc
test/core/security/authorization_engine_test.cc
third_party/googletest/googletest/src/gtest-all.cc
third_party/googletest/googlemock/src/gmock-all.cc
@ -10747,6 +10767,45 @@ target_link_libraries(error_details_test
)
endif()
if(gRPC_BUILD_TESTS)
add_executable(evaluate_args_test
test/core/security/evaluate_args_test.cc
third_party/googletest/googletest/src/gtest-all.cc
third_party/googletest/googlemock/src/gmock-all.cc
)
target_include_directories(evaluate_args_test
PRIVATE
${CMAKE_CURRENT_SOURCE_DIR}
${CMAKE_CURRENT_SOURCE_DIR}/include
${_gRPC_ADDRESS_SORTING_INCLUDE_DIR}
${_gRPC_RE2_INCLUDE_DIR}
${_gRPC_SSL_INCLUDE_DIR}
${_gRPC_UPB_GENERATED_DIR}
${_gRPC_UPB_GRPC_GENERATED_DIR}
${_gRPC_UPB_INCLUDE_DIR}
${_gRPC_ZLIB_INCLUDE_DIR}
third_party/googletest/googletest/include
third_party/googletest/googletest
third_party/googletest/googlemock/include
third_party/googletest/googlemock
${_gRPC_PROTO_GENS_DIR}
)
target_link_libraries(evaluate_args_test
${_gRPC_PROTOBUF_LIBRARIES}
${_gRPC_ALLTARGETS_LIBRARIES}
grpc_test_util
grpc
gpr
address_sorting
upb
${_gRPC_GFLAGS_LIBRARIES}
)
endif()
if(gRPC_BUILD_TESTS)
@ -14684,6 +14743,7 @@ if(_gRPC_PLATFORM_LINUX OR _gRPC_PLATFORM_MAC OR _gRPC_PLATFORM_POSIX)
${_gRPC_PROTO_GENS_DIR}/src/proto/grpc/testing/simple_messages.grpc.pb.h
test/core/util/cmdline.cc
test/core/util/debugger_macros.cc
test/core/util/eval_args_mock_endpoint.cc
test/core/util/fuzzer_util.cc
test/core/util/grpc_profiler.cc
test/core/util/histogram.cc
@ -15625,7 +15685,7 @@ generate_pkgconfig(
"high performance general RPC framework"
"${gRPC_CORE_VERSION}"
"gpr openssl"
"-lgrpc -laddress_sorting -lre2 -lupb -lcares -lz -labsl_status -labsl_cord -labsl_bad_optional_access -labsl_str_format_internal -labsl_synchronization -labsl_graphcycles_internal -labsl_symbolize -labsl_demangle_internal -labsl_stacktrace -labsl_debugging_internal -labsl_malloc_internal -labsl_time -labsl_time_zone -labsl_civil_time -labsl_strings -labsl_strings_internal -labsl_throw_delegate -labsl_int128 -labsl_base -labsl_spinlock_wait -labsl_raw_logging_internal -labsl_log_severity -labsl_dynamic_annotations"
"-lgrpc -laddress_sorting -lre2 -lupb -lcares -lz -labsl_raw_hash_set -labsl_hashtablez_sampler -labsl_exponential_biased -labsl_hash -labsl_bad_variant_access -labsl_city -labsl_status -labsl_cord -labsl_bad_optional_access -labsl_str_format_internal -labsl_synchronization -labsl_graphcycles_internal -labsl_symbolize -labsl_demangle_internal -labsl_stacktrace -labsl_debugging_internal -labsl_malloc_internal -labsl_time -labsl_time_zone -labsl_civil_time -labsl_strings -labsl_strings_internal -labsl_throw_delegate -labsl_int128 -labsl_base -labsl_spinlock_wait -labsl_raw_logging_internal -labsl_log_severity -labsl_dynamic_annotations"
""
"grpc.pc")
@ -15645,7 +15705,7 @@ generate_pkgconfig(
"C++ wrapper for gRPC"
"${gRPC_CPP_VERSION}"
"grpc"
"-lgrpc++ -labsl_status -labsl_cord -labsl_bad_optional_access -labsl_str_format_internal -labsl_synchronization -labsl_graphcycles_internal -labsl_symbolize -labsl_demangle_internal -labsl_stacktrace -labsl_debugging_internal -labsl_malloc_internal -labsl_time -labsl_time_zone -labsl_civil_time -labsl_strings -labsl_strings_internal -labsl_throw_delegate -labsl_int128 -labsl_base -labsl_spinlock_wait -labsl_raw_logging_internal -labsl_log_severity -labsl_dynamic_annotations"
"-lgrpc++ -labsl_raw_hash_set -labsl_hashtablez_sampler -labsl_exponential_biased -labsl_hash -labsl_bad_variant_access -labsl_city -labsl_status -labsl_cord -labsl_bad_optional_access -labsl_str_format_internal -labsl_synchronization -labsl_graphcycles_internal -labsl_symbolize -labsl_demangle_internal -labsl_stacktrace -labsl_debugging_internal -labsl_malloc_internal -labsl_time -labsl_time_zone -labsl_civil_time -labsl_strings -labsl_strings_internal -labsl_throw_delegate -labsl_int128 -labsl_base -labsl_spinlock_wait -labsl_raw_logging_internal -labsl_log_severity -labsl_dynamic_annotations"
""
"grpc++.pc")

71
Makefile
Unescape View File

@ -1200,6 +1200,7 @@ destroy_grpclb_channel_with_active_connect_stress_test: $(BINDIR)/$(CONFIG)/dest
duplicate_header_bad_client_test: $(BINDIR)/$(CONFIG)/duplicate_header_bad_client_test
end2end_test: $(BINDIR)/$(CONFIG)/end2end_test
error_details_test: $(BINDIR)/$(CONFIG)/error_details_test
evaluate_args_test: $(BINDIR)/$(CONFIG)/evaluate_args_test
eventmanager_libuv_test: $(BINDIR)/$(CONFIG)/eventmanager_libuv_test
exception_test: $(BINDIR)/$(CONFIG)/exception_test
filter_end2end_test: $(BINDIR)/$(CONFIG)/filter_end2end_test
@ -1577,6 +1578,7 @@ buildtests_cxx: privatelibs_cxx \
$(BINDIR)/$(CONFIG)/duplicate_header_bad_client_test \
$(BINDIR)/$(CONFIG)/end2end_test \
$(BINDIR)/$(CONFIG)/error_details_test \
$(BINDIR)/$(CONFIG)/evaluate_args_test \
$(BINDIR)/$(CONFIG)/eventmanager_libuv_test \
$(BINDIR)/$(CONFIG)/exception_test \
$(BINDIR)/$(CONFIG)/filter_end2end_test \
@ -1735,6 +1737,7 @@ buildtests_cxx: privatelibs_cxx \
$(BINDIR)/$(CONFIG)/duplicate_header_bad_client_test \
$(BINDIR)/$(CONFIG)/end2end_test \
$(BINDIR)/$(CONFIG)/error_details_test \
$(BINDIR)/$(CONFIG)/evaluate_args_test \
$(BINDIR)/$(CONFIG)/eventmanager_libuv_test \
$(BINDIR)/$(CONFIG)/exception_test \
$(BINDIR)/$(CONFIG)/filter_end2end_test \
@ -2215,6 +2218,8 @@ test_cxx: buildtests_cxx
$(Q) $(BINDIR)/$(CONFIG)/duplicate_header_bad_client_test || ( echo test duplicate_header_bad_client_test failed ; exit 1 )
$(E) "[RUN] Testing error_details_test"
$(Q) $(BINDIR)/$(CONFIG)/error_details_test || ( echo test error_details_test failed ; exit 1 )
$(E) "[RUN] Testing evaluate_args_test"
$(Q) $(BINDIR)/$(CONFIG)/evaluate_args_test || ( echo test evaluate_args_test failed ; exit 1 )
$(E) "[RUN] Testing eventmanager_libuv_test"
$(Q) $(BINDIR)/$(CONFIG)/eventmanager_libuv_test || ( echo test eventmanager_libuv_test failed ; exit 1 )
$(E) "[RUN] Testing exception_test"
@ -3945,6 +3950,8 @@ LIBGRPC_SRC = \
src/core/lib/iomgr/work_serializer.cc \
src/core/lib/json/json_reader.cc \
src/core/lib/json/json_writer.cc \
src/core/lib/security/authorization/authorization_engine.cc \
src/core/lib/security/authorization/evaluate_args.cc \
src/core/lib/security/context/security_context.cc \
src/core/lib/security/credentials/alts/alts_credentials.cc \
src/core/lib/security/credentials/alts/check_gcp_environment.cc \
@ -4184,6 +4191,7 @@ endif
LIBGRPC_TEST_UTIL_SRC = \
test/core/util/cmdline.cc \
test/core/util/debugger_macros.cc \
test/core/util/eval_args_mock_endpoint.cc \
test/core/util/fuzzer_util.cc \
test/core/util/grpc_profiler.cc \
test/core/util/histogram.cc \
@ -4242,6 +4250,7 @@ endif
LIBGRPC_TEST_UTIL_UNSECURE_SRC = \
test/core/util/cmdline.cc \
test/core/util/debugger_macros.cc \
test/core/util/eval_args_mock_endpoint.cc \
test/core/util/fuzzer_util.cc \
test/core/util/grpc_profiler.cc \
test/core/util/histogram.cc \
@ -6465,6 +6474,7 @@ endif
LIBGRPC_ABSEIL_SRC = \
third_party/abseil-cpp/absl/base/dynamic_annotations.cc \
third_party/abseil-cpp/absl/base/internal/cycleclock.cc \
third_party/abseil-cpp/absl/base/internal/exponential_biased.cc \
third_party/abseil-cpp/absl/base/internal/low_level_alloc.cc \
third_party/abseil-cpp/absl/base/internal/raw_logging.cc \
third_party/abseil-cpp/absl/base/internal/spinlock.cc \
@ -6474,12 +6484,17 @@ LIBGRPC_ABSEIL_SRC = \
third_party/abseil-cpp/absl/base/internal/throw_delegate.cc \
third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.cc \
third_party/abseil-cpp/absl/base/log_severity.cc \
third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.cc \
third_party/abseil-cpp/absl/container/internal/hashtablez_sampler_force_weak_definition.cc \
third_party/abseil-cpp/absl/container/internal/raw_hash_set.cc \
third_party/abseil-cpp/absl/debugging/internal/address_is_readable.cc \
third_party/abseil-cpp/absl/debugging/internal/demangle.cc \
third_party/abseil-cpp/absl/debugging/internal/elf_mem_image.cc \
third_party/abseil-cpp/absl/debugging/internal/vdso_support.cc \
third_party/abseil-cpp/absl/debugging/stacktrace.cc \
third_party/abseil-cpp/absl/debugging/symbolize.cc \
third_party/abseil-cpp/absl/hash/internal/city.cc \
third_party/abseil-cpp/absl/hash/internal/hash.cc \
third_party/abseil-cpp/absl/numeric/int128.cc \
third_party/abseil-cpp/absl/status/status.cc \
third_party/abseil-cpp/absl/status/status_payload_printer.cc \
@ -6530,6 +6545,7 @@ LIBGRPC_ABSEIL_SRC = \
third_party/abseil-cpp/absl/time/internal/cctz/src/zone_info_source.cc \
third_party/abseil-cpp/absl/time/time.cc \
third_party/abseil-cpp/absl/types/bad_optional_access.cc \
third_party/abseil-cpp/absl/types/bad_variant_access.cc \
LIBGRPC_ABSEIL_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(LIBGRPC_ABSEIL_SRC))))
@ -11651,8 +11667,6 @@ endif
AUTHORIZATION_ENGINE_TEST_SRC = \
src/core/lib/security/authorization/authorization_engine.cc \
src/core/lib/security/authorization/evaluate_args.cc \
test/core/security/authorization_engine_test.cc \
AUTHORIZATION_ENGINE_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(AUTHORIZATION_ENGINE_TEST_SRC))))
@ -11684,10 +11698,6 @@ endif
endif
$(OBJDIR)/$(CONFIG)/src/core/lib/security/authorization/authorization_engine.o: $(LIBDIR)/$(CONFIG)/libgrpc_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libaddress_sorting.a $(LIBDIR)/$(CONFIG)/libupb.a
$(OBJDIR)/$(CONFIG)/src/core/lib/security/authorization/evaluate_args.o: $(LIBDIR)/$(CONFIG)/libgrpc_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libaddress_sorting.a $(LIBDIR)/$(CONFIG)/libupb.a
$(OBJDIR)/$(CONFIG)/test/core/security/authorization_engine_test.o: $(LIBDIR)/$(CONFIG)/libgrpc_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libaddress_sorting.a $(LIBDIR)/$(CONFIG)/libupb.a
deps_authorization_engine_test: $(AUTHORIZATION_ENGINE_TEST_OBJS:.o=.dep)
@ -14170,6 +14180,49 @@ endif
$(OBJDIR)/$(CONFIG)/test/cpp/util/error_details_test.o: $(GENDIR)/src/proto/grpc/testing/echo_messages.pb.cc $(GENDIR)/src/proto/grpc/testing/echo_messages.grpc.pb.cc
EVALUATE_ARGS_TEST_SRC = \
test/core/security/evaluate_args_test.cc \
EVALUATE_ARGS_TEST_OBJS = $(addprefix $(OBJDIR)/$(CONFIG)/, $(addsuffix .o, $(basename $(EVALUATE_ARGS_TEST_SRC))))
ifeq ($(NO_SECURE),true)
# You can't build secure targets if you don't have OpenSSL.
$(BINDIR)/$(CONFIG)/evaluate_args_test: openssl_dep_error
else
ifeq ($(NO_PROTOBUF),true)
# You can't build the protoc plugins or protobuf-enabled targets if you don't have protobuf 3.12.0+.
$(BINDIR)/$(CONFIG)/evaluate_args_test: protobuf_dep_error
else
$(BINDIR)/$(CONFIG)/evaluate_args_test: $(PROTOBUF_DEP) $(EVALUATE_ARGS_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libgrpc_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libaddress_sorting.a $(LIBDIR)/$(CONFIG)/libupb.a
$(E) "[LD] Linking $@"
$(Q) mkdir -p `dirname $@`
$(Q) $(LDXX) $(LDFLAGS) $(EVALUATE_ARGS_TEST_OBJS) $(LIBDIR)/$(CONFIG)/libgrpc_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libaddress_sorting.a $(LIBDIR)/$(CONFIG)/libupb.a $(LDLIBSXX) $(LDLIBS_PROTOBUF) $(LDLIBS) $(LDLIBS_SECURE) $(GTEST_LIB) -o $(BINDIR)/$(CONFIG)/evaluate_args_test
endif
endif
$(OBJDIR)/$(CONFIG)/test/core/security/evaluate_args_test.o: $(LIBDIR)/$(CONFIG)/libgrpc_test_util.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libaddress_sorting.a $(LIBDIR)/$(CONFIG)/libupb.a
deps_evaluate_args_test: $(EVALUATE_ARGS_TEST_OBJS:.o=.dep)
ifneq ($(NO_SECURE),true)
ifneq ($(NO_DEPS),true)
-include $(EVALUATE_ARGS_TEST_OBJS:.o=.dep)
endif
endif
EVENTMANAGER_LIBUV_TEST_SRC = \
test/core/iomgr/poller/eventmanager_libuv_test.cc \
@ -18876,6 +18929,7 @@ WRITES_PER_RPC_TEST_SRC = \
$(GENDIR)/src/proto/grpc/testing/simple_messages.pb.cc $(GENDIR)/src/proto/grpc/testing/simple_messages.grpc.pb.cc \
test/core/util/cmdline.cc \
test/core/util/debugger_macros.cc \
test/core/util/eval_args_mock_endpoint.cc \
test/core/util/fuzzer_util.cc \
test/core/util/grpc_profiler.cc \
test/core/util/histogram.cc \
@ -18935,6 +18989,8 @@ $(OBJDIR)/$(CONFIG)/test/core/util/cmdline.o: $(LIBDIR)/$(CONFIG)/libgrpc++.a $
$(OBJDIR)/$(CONFIG)/test/core/util/debugger_macros.o: $(LIBDIR)/$(CONFIG)/libgrpc++.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libaddress_sorting.a $(LIBDIR)/$(CONFIG)/libupb.a
$(OBJDIR)/$(CONFIG)/test/core/util/eval_args_mock_endpoint.o: $(LIBDIR)/$(CONFIG)/libgrpc++.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libaddress_sorting.a $(LIBDIR)/$(CONFIG)/libupb.a
$(OBJDIR)/$(CONFIG)/test/core/util/fuzzer_util.o: $(LIBDIR)/$(CONFIG)/libgrpc++.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libaddress_sorting.a $(LIBDIR)/$(CONFIG)/libupb.a
$(OBJDIR)/$(CONFIG)/test/core/util/grpc_profiler.o: $(LIBDIR)/$(CONFIG)/libgrpc++.a $(LIBDIR)/$(CONFIG)/libgrpc.a $(LIBDIR)/$(CONFIG)/libgpr.a $(LIBDIR)/$(CONFIG)/libaddress_sorting.a $(LIBDIR)/$(CONFIG)/libupb.a
@ -18982,6 +19038,7 @@ endif
endif
$(OBJDIR)/$(CONFIG)/test/core/util/cmdline.o: $(GENDIR)/src/proto/grpc/testing/echo.pb.cc $(GENDIR)/src/proto/grpc/testing/echo.grpc.pb.cc $(GENDIR)/src/proto/grpc/testing/echo_messages.pb.cc $(GENDIR)/src/proto/grpc/testing/echo_messages.grpc.pb.cc $(GENDIR)/src/proto/grpc/testing/simple_messages.pb.cc $(GENDIR)/src/proto/grpc/testing/simple_messages.grpc.pb.cc
$(OBJDIR)/$(CONFIG)/test/core/util/debugger_macros.o: $(GENDIR)/src/proto/grpc/testing/echo.pb.cc $(GENDIR)/src/proto/grpc/testing/echo.grpc.pb.cc $(GENDIR)/src/proto/grpc/testing/echo_messages.pb.cc $(GENDIR)/src/proto/grpc/testing/echo_messages.grpc.pb.cc $(GENDIR)/src/proto/grpc/testing/simple_messages.pb.cc $(GENDIR)/src/proto/grpc/testing/simple_messages.grpc.pb.cc
$(OBJDIR)/$(CONFIG)/test/core/util/eval_args_mock_endpoint.o: $(GENDIR)/src/proto/grpc/testing/echo.pb.cc $(GENDIR)/src/proto/grpc/testing/echo.grpc.pb.cc $(GENDIR)/src/proto/grpc/testing/echo_messages.pb.cc $(GENDIR)/src/proto/grpc/testing/echo_messages.grpc.pb.cc $(GENDIR)/src/proto/grpc/testing/simple_messages.pb.cc $(GENDIR)/src/proto/grpc/testing/simple_messages.grpc.pb.cc
$(OBJDIR)/$(CONFIG)/test/core/util/fuzzer_util.o: $(GENDIR)/src/proto/grpc/testing/echo.pb.cc $(GENDIR)/src/proto/grpc/testing/echo.grpc.pb.cc $(GENDIR)/src/proto/grpc/testing/echo_messages.pb.cc $(GENDIR)/src/proto/grpc/testing/echo_messages.grpc.pb.cc $(GENDIR)/src/proto/grpc/testing/simple_messages.pb.cc $(GENDIR)/src/proto/grpc/testing/simple_messages.grpc.pb.cc
$(OBJDIR)/$(CONFIG)/test/core/util/grpc_profiler.o: $(GENDIR)/src/proto/grpc/testing/echo.pb.cc $(GENDIR)/src/proto/grpc/testing/echo.grpc.pb.cc $(GENDIR)/src/proto/grpc/testing/echo_messages.pb.cc $(GENDIR)/src/proto/grpc/testing/echo_messages.grpc.pb.cc $(GENDIR)/src/proto/grpc/testing/simple_messages.pb.cc $(GENDIR)/src/proto/grpc/testing/simple_messages.grpc.pb.cc
$(OBJDIR)/$(CONFIG)/test/core/util/histogram.o: $(GENDIR)/src/proto/grpc/testing/echo.pb.cc $(GENDIR)/src/proto/grpc/testing/echo.grpc.pb.cc $(GENDIR)/src/proto/grpc/testing/echo_messages.pb.cc $(GENDIR)/src/proto/grpc/testing/echo_messages.grpc.pb.cc $(GENDIR)/src/proto/grpc/testing/simple_messages.pb.cc $(GENDIR)/src/proto/grpc/testing/simple_messages.grpc.pb.cc
@ -20164,6 +20221,8 @@ src/core/ext/upb-generated/src/proto/grpc/gcp/handshaker.upb.c: $(OPENSSL_DEP)
src/core/ext/upb-generated/src/proto/grpc/gcp/transport_security_common.upb.c: $(OPENSSL_DEP)
src/core/ext/xds/xds_channel_secure.cc: $(OPENSSL_DEP)
src/core/lib/http/httpcli_security_connector.cc: $(OPENSSL_DEP)
src/core/lib/security/authorization/authorization_engine.cc: $(OPENSSL_DEP)
src/core/lib/security/authorization/evaluate_args.cc: $(OPENSSL_DEP)
src/core/lib/security/context/security_context.cc: $(OPENSSL_DEP)
src/core/lib/security/credentials/alts/alts_credentials.cc: $(OPENSSL_DEP)
src/core/lib/security/credentials/alts/check_gcp_environment.cc: $(OPENSSL_DEP)

34
build_autogenerated.yaml
Unescape View File

@ -649,6 +649,10 @@ libs:
- src/core/lib/iomgr/wakeup_fd_posix.h
- src/core/lib/iomgr/work_serializer.h
- src/core/lib/json/json.h
- src/core/lib/security/authorization/authorization_engine.h
- src/core/lib/security/authorization/evaluate_args.h
- src/core/lib/security/authorization/mock_cel/activation.h
- src/core/lib/security/authorization/mock_cel/cel_value.h
- src/core/lib/security/context/security_context.h
- src/core/lib/security/credentials/alts/alts_credentials.h
- src/core/lib/security/credentials/alts/check_gcp_environment.h
@ -1057,6 +1061,8 @@ libs:
- src/core/lib/iomgr/work_serializer.cc
- src/core/lib/json/json_reader.cc
- src/core/lib/json/json_writer.cc
- src/core/lib/security/authorization/authorization_engine.cc
- src/core/lib/security/authorization/evaluate_args.cc
- src/core/lib/security/context/security_context.cc
- src/core/lib/security/credentials/alts/alts_credentials.cc
- src/core/lib/security/credentials/alts/check_gcp_environment.cc
@ -1175,6 +1181,7 @@ libs:
- absl/strings:strings
- absl/status:status
- absl/container:inlined_vector
- absl/container:flat_hash_set
baselib: true
deps_linkage: static
dll: true
@ -1201,6 +1208,7 @@ libs:
headers:
- test/core/util/cmdline.h
- test/core/util/debugger_macros.h
- test/core/util/eval_args_mock_endpoint.h
- test/core/util/fuzzer_util.h
- test/core/util/grpc_profiler.h
- test/core/util/histogram.h
@ -1220,6 +1228,7 @@ libs:
src:
- test/core/util/cmdline.cc
- test/core/util/debugger_macros.cc
- test/core/util/eval_args_mock_endpoint.cc
- test/core/util/fuzzer_util.cc
- test/core/util/grpc_profiler.cc
- test/core/util/histogram.cc
@ -1250,6 +1259,7 @@ libs:
headers:
- test/core/util/cmdline.h
- test/core/util/debugger_macros.h
- test/core/util/eval_args_mock_endpoint.h
- test/core/util/fuzzer_util.h
- test/core/util/grpc_profiler.h
- test/core/util/histogram.h
@ -1269,6 +1279,7 @@ libs:
src:
- test/core/util/cmdline.cc
- test/core/util/debugger_macros.cc
- test/core/util/eval_args_mock_endpoint.cc
- test/core/util/fuzzer_util.cc
- test/core/util/grpc_profiler.cc
- test/core/util/histogram.cc
@ -4769,14 +4780,8 @@ targets:
gtest: true
build: test
language: c++
headers:
- src/core/lib/security/authorization/authorization_engine.h
- src/core/lib/security/authorization/evaluate_args.h
- src/core/lib/security/authorization/mock_cel/activation.h
- src/core/lib/security/authorization/mock_cel/cel_value.h
headers: []
src:
- src/core/lib/security/authorization/authorization_engine.cc
- src/core/lib/security/authorization/evaluate_args.cc
- test/core/security/authorization_engine_test.cc
deps:
- grpc_test_util
@ -5815,6 +5820,19 @@ targets:
- gpr
- address_sorting
- upb
- name: evaluate_args_test
gtest: true
build: test
language: c++
headers: []
src:
- test/core/security/evaluate_args_test.cc
deps:
- grpc_test_util
- grpc
- gpr
- address_sorting
- upb
- name: eventmanager_libuv_test
gtest: true
build: test
@ -7503,6 +7521,7 @@ targets:
headers:
- test/core/util/cmdline.h
- test/core/util/debugger_macros.h
- test/core/util/eval_args_mock_endpoint.h
- test/core/util/fuzzer_util.h
- test/core/util/grpc_profiler.h
- test/core/util/histogram.h
@ -7525,6 +7544,7 @@ targets:
- src/proto/grpc/testing/simple_messages.proto
- test/core/util/cmdline.cc
- test/core/util/debugger_macros.cc
- test/core/util/eval_args_mock_endpoint.cc
- test/core/util/fuzzer_util.cc
- test/core/util/grpc_profiler.cc
- test/core/util/histogram.cc

12
config.m4
Unescape View File

@ -392,6 +392,8 @@ if test "$PHP_GRPC" != "no"; then
src/core/lib/json/json_writer.cc \
src/core/lib/profiling/basic_timers.cc \
src/core/lib/profiling/stap_timers.cc \
src/core/lib/security/authorization/authorization_engine.cc \
src/core/lib/security/authorization/evaluate_args.cc \
src/core/lib/security/context/security_context.cc \
src/core/lib/security/credentials/alts/alts_credentials.cc \
src/core/lib/security/credentials/alts/check_gcp_environment.cc \
@ -514,6 +516,7 @@ if test "$PHP_GRPC" != "no"; then
src/php/ext/grpc/timeval.c \
third_party/abseil-cpp/absl/base/dynamic_annotations.cc \
third_party/abseil-cpp/absl/base/internal/cycleclock.cc \
third_party/abseil-cpp/absl/base/internal/exponential_biased.cc \
third_party/abseil-cpp/absl/base/internal/low_level_alloc.cc \
third_party/abseil-cpp/absl/base/internal/raw_logging.cc \
third_party/abseil-cpp/absl/base/internal/spinlock.cc \
@ -523,12 +526,17 @@ if test "$PHP_GRPC" != "no"; then
third_party/abseil-cpp/absl/base/internal/throw_delegate.cc \
third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.cc \
third_party/abseil-cpp/absl/base/log_severity.cc \
third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.cc \
third_party/abseil-cpp/absl/container/internal/hashtablez_sampler_force_weak_definition.cc \
third_party/abseil-cpp/absl/container/internal/raw_hash_set.cc \
third_party/abseil-cpp/absl/debugging/internal/address_is_readable.cc \
third_party/abseil-cpp/absl/debugging/internal/demangle.cc \
third_party/abseil-cpp/absl/debugging/internal/elf_mem_image.cc \
third_party/abseil-cpp/absl/debugging/internal/vdso_support.cc \
third_party/abseil-cpp/absl/debugging/stacktrace.cc \
third_party/abseil-cpp/absl/debugging/symbolize.cc \
third_party/abseil-cpp/absl/hash/internal/city.cc \
third_party/abseil-cpp/absl/hash/internal/hash.cc \
third_party/abseil-cpp/absl/numeric/int128.cc \
third_party/abseil-cpp/absl/status/status.cc \
third_party/abseil-cpp/absl/status/status_payload_printer.cc \
@ -579,6 +587,7 @@ if test "$PHP_GRPC" != "no"; then
third_party/abseil-cpp/absl/time/internal/cctz/src/zone_info_source.cc \
third_party/abseil-cpp/absl/time/time.cc \
third_party/abseil-cpp/absl/types/bad_optional_access.cc \
third_party/abseil-cpp/absl/types/bad_variant_access.cc \
third_party/address_sorting/address_sorting.c \
third_party/address_sorting/address_sorting_posix.c \
third_party/address_sorting/address_sorting_windows.c \
@ -963,6 +972,7 @@ if test "$PHP_GRPC" != "no"; then
PHP_ADD_BUILD_DIR($ext_builddir/src/core/lib/iomgr/poller)
PHP_ADD_BUILD_DIR($ext_builddir/src/core/lib/json)
PHP_ADD_BUILD_DIR($ext_builddir/src/core/lib/profiling)
PHP_ADD_BUILD_DIR($ext_builddir/src/core/lib/security/authorization)
PHP_ADD_BUILD_DIR($ext_builddir/src/core/lib/security/context)
PHP_ADD_BUILD_DIR($ext_builddir/src/core/lib/security/credentials)
PHP_ADD_BUILD_DIR($ext_builddir/src/core/lib/security/credentials/alts)
@ -998,8 +1008,10 @@ if test "$PHP_GRPC" != "no"; then
PHP_ADD_BUILD_DIR($ext_builddir/src/php/ext/grpc)
PHP_ADD_BUILD_DIR($ext_builddir/third_party/abseil-cpp/absl/base)
PHP_ADD_BUILD_DIR($ext_builddir/third_party/abseil-cpp/absl/base/internal)
PHP_ADD_BUILD_DIR($ext_builddir/third_party/abseil-cpp/absl/container/internal)
PHP_ADD_BUILD_DIR($ext_builddir/third_party/abseil-cpp/absl/debugging)
PHP_ADD_BUILD_DIR($ext_builddir/third_party/abseil-cpp/absl/debugging/internal)
PHP_ADD_BUILD_DIR($ext_builddir/third_party/abseil-cpp/absl/hash/internal)
PHP_ADD_BUILD_DIR($ext_builddir/third_party/abseil-cpp/absl/numeric)
PHP_ADD_BUILD_DIR($ext_builddir/third_party/abseil-cpp/absl/status)
PHP_ADD_BUILD_DIR($ext_builddir/third_party/abseil-cpp/absl/strings)

14
config.w32
Unescape View File

@ -360,6 +360,8 @@ if (PHP_GRPC != "no") {
"src\\core\\lib\\json\\json_writer.cc " +
"src\\core\\lib\\profiling\\basic_timers.cc " +
"src\\core\\lib\\profiling\\stap_timers.cc " +
"src\\core\\lib\\security\\authorization\\authorization_engine.cc " +
"src\\core\\lib\\security\\authorization\\evaluate_args.cc " +
"src\\core\\lib\\security\\context\\security_context.cc " +
"src\\core\\lib\\security\\credentials\\alts\\alts_credentials.cc " +
"src\\core\\lib\\security\\credentials\\alts\\check_gcp_environment.cc " +
@ -482,6 +484,7 @@ if (PHP_GRPC != "no") {
"src\\php\\ext\\grpc\\timeval.c " +
"third_party\\abseil-cpp\\absl\\base\\dynamic_annotations.cc " +
"third_party\\abseil-cpp\\absl\\base\\internal\\cycleclock.cc " +
"third_party\\abseil-cpp\\absl\\base\\internal\\exponential_biased.cc " +
"third_party\\abseil-cpp\\absl\\base\\internal\\low_level_alloc.cc " +
"third_party\\abseil-cpp\\absl\\base\\internal\\raw_logging.cc " +
"third_party\\abseil-cpp\\absl\\base\\internal\\spinlock.cc " +
@ -491,12 +494,17 @@ if (PHP_GRPC != "no") {
"third_party\\abseil-cpp\\absl\\base\\internal\\throw_delegate.cc " +
"third_party\\abseil-cpp\\absl\\base\\internal\\unscaledcycleclock.cc " +
"third_party\\abseil-cpp\\absl\\base\\log_severity.cc " +
"third_party\\abseil-cpp\\absl\\container\\internal\\hashtablez_sampler.cc " +
"third_party\\abseil-cpp\\absl\\container\\internal\\hashtablez_sampler_force_weak_definition.cc " +
"third_party\\abseil-cpp\\absl\\container\\internal\\raw_hash_set.cc " +
"third_party\\abseil-cpp\\absl\\debugging\\internal\\address_is_readable.cc " +
"third_party\\abseil-cpp\\absl\\debugging\\internal\\demangle.cc " +
"third_party\\abseil-cpp\\absl\\debugging\\internal\\elf_mem_image.cc " +
"third_party\\abseil-cpp\\absl\\debugging\\internal\\vdso_support.cc " +
"third_party\\abseil-cpp\\absl\\debugging\\stacktrace.cc " +
"third_party\\abseil-cpp\\absl\\debugging\\symbolize.cc " +
"third_party\\abseil-cpp\\absl\\hash\\internal\\city.cc " +
"third_party\\abseil-cpp\\absl\\hash\\internal\\hash.cc " +
"third_party\\abseil-cpp\\absl\\numeric\\int128.cc " +
"third_party\\abseil-cpp\\absl\\status\\status.cc " +
"third_party\\abseil-cpp\\absl\\status\\status_payload_printer.cc " +
@ -547,6 +555,7 @@ if (PHP_GRPC != "no") {
"third_party\\abseil-cpp\\absl\\time\\internal\\cctz\\src\\zone_info_source.cc " +
"third_party\\abseil-cpp\\absl\\time\\time.cc " +
"third_party\\abseil-cpp\\absl\\types\\bad_optional_access.cc " +
"third_party\\abseil-cpp\\absl\\types\\bad_variant_access.cc " +
"third_party\\address_sorting\\address_sorting.c " +
"third_party\\address_sorting\\address_sorting_posix.c " +
"third_party\\address_sorting\\address_sorting_windows.c " +
@ -1006,6 +1015,7 @@ if (PHP_GRPC != "no") {
FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\lib\\json");
FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\lib\\profiling");
FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\lib\\security");
FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\lib\\security\\authorization");
FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\lib\\security\\context");
FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\lib\\security\\credentials");
FSO.CreateFolder(base_dir+"\\ext\\grpc\\src\\core\\lib\\security\\credentials\\alts");
@ -1048,8 +1058,12 @@ if (PHP_GRPC != "no") {
FSO.CreateFolder(base_dir+"\\ext\\grpc\\third_party\\abseil-cpp\\absl");
FSO.CreateFolder(base_dir+"\\ext\\grpc\\third_party\\abseil-cpp\\absl\\base");
FSO.CreateFolder(base_dir+"\\ext\\grpc\\third_party\\abseil-cpp\\absl\\base\\internal");
FSO.CreateFolder(base_dir+"\\ext\\grpc\\third_party\\abseil-cpp\\absl\\container");
FSO.CreateFolder(base_dir+"\\ext\\grpc\\third_party\\abseil-cpp\\absl\\container\\internal");
FSO.CreateFolder(base_dir+"\\ext\\grpc\\third_party\\abseil-cpp\\absl\\debugging");
FSO.CreateFolder(base_dir+"\\ext\\grpc\\third_party\\abseil-cpp\\absl\\debugging\\internal");
FSO.CreateFolder(base_dir+"\\ext\\grpc\\third_party\\abseil-cpp\\absl\\hash");
FSO.CreateFolder(base_dir+"\\ext\\grpc\\third_party\\abseil-cpp\\absl\\hash\\internal");
FSO.CreateFolder(base_dir+"\\ext\\grpc\\third_party\\abseil-cpp\\absl\\numeric");
FSO.CreateFolder(base_dir+"\\ext\\grpc\\third_party\\abseil-cpp\\absl\\status");
FSO.CreateFolder(base_dir+"\\ext\\grpc\\third_party\\abseil-cpp\\absl\\strings");

9
gRPC-C++.podspec
Unescape View File

@ -202,6 +202,7 @@ Pod::Spec.new do |s|
ss.dependency 'gRPC-Core', version
abseil_version = '1.20200225.0'
ss.dependency 'abseil/base/base', abseil_version
ss.dependency 'abseil/container/flat_hash_set', abseil_version
ss.dependency 'abseil/container/inlined_vector', abseil_version
ss.dependency 'abseil/memory/memory', abseil_version
ss.dependency 'abseil/status/status', abseil_version
@ -514,6 +515,10 @@ Pod::Spec.new do |s|
'src/core/lib/iomgr/work_serializer.h',
'src/core/lib/json/json.h',
'src/core/lib/profiling/timers.h',
'src/core/lib/security/authorization/authorization_engine.h',
'src/core/lib/security/authorization/evaluate_args.h',
'src/core/lib/security/authorization/mock_cel/activation.h',
'src/core/lib/security/authorization/mock_cel/cel_value.h',
'src/core/lib/security/context/security_context.h',
'src/core/lib/security/credentials/alts/alts_credentials.h',
'src/core/lib/security/credentials/alts/check_gcp_environment.h',
@ -1004,6 +1009,10 @@ Pod::Spec.new do |s|
'src/core/lib/iomgr/work_serializer.h',
'src/core/lib/json/json.h',
'src/core/lib/profiling/timers.h',
'src/core/lib/security/authorization/authorization_engine.h',
'src/core/lib/security/authorization/evaluate_args.h',
'src/core/lib/security/authorization/mock_cel/activation.h',
'src/core/lib/security/authorization/mock_cel/cel_value.h',
'src/core/lib/security/context/security_context.h',
'src/core/lib/security/credentials/alts/alts_credentials.h',
'src/core/lib/security/credentials/alts/check_gcp_environment.h',

13
gRPC-Core.podspec
Unescape View File

@ -175,6 +175,7 @@ Pod::Spec.new do |s|
ss.dependency 'BoringSSL-GRPC', '0.0.11'
abseil_version = '1.20200225.0'
ss.dependency 'abseil/base/base', abseil_version
ss.dependency 'abseil/container/flat_hash_set', abseil_version
ss.dependency 'abseil/container/inlined_vector', abseil_version
ss.dependency 'abseil/memory/memory', abseil_version
ss.dependency 'abseil/status/status', abseil_version
@ -842,6 +843,12 @@ Pod::Spec.new do |s|
'src/core/lib/profiling/basic_timers.cc',
'src/core/lib/profiling/stap_timers.cc',
'src/core/lib/profiling/timers.h',
'src/core/lib/security/authorization/authorization_engine.cc',
'src/core/lib/security/authorization/authorization_engine.h',
'src/core/lib/security/authorization/evaluate_args.cc',
'src/core/lib/security/authorization/evaluate_args.h',
'src/core/lib/security/authorization/mock_cel/activation.h',
'src/core/lib/security/authorization/mock_cel/cel_value.h',
'src/core/lib/security/context/security_context.cc',
'src/core/lib/security/context/security_context.h',
'src/core/lib/security/credentials/alts/alts_credentials.cc',
@ -1412,6 +1419,10 @@ Pod::Spec.new do |s|
'src/core/lib/iomgr/work_serializer.h',
'src/core/lib/json/json.h',
'src/core/lib/profiling/timers.h',
'src/core/lib/security/authorization/authorization_engine.h',
'src/core/lib/security/authorization/evaluate_args.h',
'src/core/lib/security/authorization/mock_cel/activation.h',
'src/core/lib/security/authorization/mock_cel/cel_value.h',
'src/core/lib/security/context/security_context.h',
'src/core/lib/security/credentials/alts/alts_credentials.h',
'src/core/lib/security/credentials/alts/check_gcp_environment.h',
@ -1672,6 +1683,8 @@ Pod::Spec.new do |s|
'test/core/util/cmdline.h',
'test/core/util/debugger_macros.cc',
'test/core/util/debugger_macros.h',
'test/core/util/eval_args_mock_endpoint.cc',
'test/core/util/eval_args_mock_endpoint.h',
'test/core/util/fuzzer_util.cc',
'test/core/util/fuzzer_util.h',
'test/core/util/grpc_profiler.cc',

31
grpc.gemspec
Unescape View File

@ -761,6 +761,12 @@ Gem::Specification.new do |s|
s.files += %w( src/core/lib/profiling/basic_timers.cc )
s.files += %w( src/core/lib/profiling/stap_timers.cc )
s.files += %w( src/core/lib/profiling/timers.h )
s.files += %w( src/core/lib/security/authorization/authorization_engine.cc )
s.files += %w( src/core/lib/security/authorization/authorization_engine.h )
s.files += %w( src/core/lib/security/authorization/evaluate_args.cc )
s.files += %w( src/core/lib/security/authorization/evaluate_args.h )
s.files += %w( src/core/lib/security/authorization/mock_cel/activation.h )
s.files += %w( src/core/lib/security/authorization/mock_cel/cel_value.h )
s.files += %w( src/core/lib/security/context/security_context.cc )
s.files += %w( src/core/lib/security/context/security_context.h )
s.files += %w( src/core/lib/security/credentials/alts/alts_credentials.cc )
@ -966,6 +972,7 @@ Gem::Specification.new do |s|
s.files += %w( src/core/tsi/transport_security_grpc.h )
s.files += %w( src/core/tsi/transport_security_interface.h )
s.files += %w( third_party/abseil-cpp/absl/algorithm/algorithm.h )
s.files += %w( third_party/abseil-cpp/absl/algorithm/container.h )
s.files += %w( third_party/abseil-cpp/absl/base/attributes.h )
s.files += %w( third_party/abseil-cpp/absl/base/call_once.h )
s.files += %w( third_party/abseil-cpp/absl/base/casts.h )
@ -980,6 +987,8 @@ Gem::Specification.new do |s|
s.files += %w( third_party/abseil-cpp/absl/base/internal/direct_mmap.h )
s.files += %w( third_party/abseil-cpp/absl/base/internal/endian.h )
s.files += %w( third_party/abseil-cpp/absl/base/internal/errno_saver.h )
s.files += %w( third_party/abseil-cpp/absl/base/internal/exponential_biased.cc )
s.files += %w( third_party/abseil-cpp/absl/base/internal/exponential_biased.h )
s.files += %w( third_party/abseil-cpp/absl/base/internal/hide_ptr.h )
s.files += %w( third_party/abseil-cpp/absl/base/internal/identity.h )
s.files += %w( third_party/abseil-cpp/absl/base/internal/inline_variable.h )
@ -1019,9 +1028,22 @@ Gem::Specification.new do |s|
s.files += %w( third_party/abseil-cpp/absl/base/port.h )
s.files += %w( third_party/abseil-cpp/absl/base/thread_annotations.h )
s.files += %w( third_party/abseil-cpp/absl/container/fixed_array.h )
s.files += %w( third_party/abseil-cpp/absl/container/flat_hash_set.h )
s.files += %w( third_party/abseil-cpp/absl/container/inlined_vector.h )
s.files += %w( third_party/abseil-cpp/absl/container/internal/common.h )
s.files += %w( third_party/abseil-cpp/absl/container/internal/compressed_tuple.h )
s.files += %w( third_party/abseil-cpp/absl/container/internal/container_memory.h )
s.files += %w( third_party/abseil-cpp/absl/container/internal/hash_function_defaults.h )
s.files += %w( third_party/abseil-cpp/absl/container/internal/hash_policy_traits.h )
s.files += %w( third_party/abseil-cpp/absl/container/internal/hashtable_debug_hooks.h )
s.files += %w( third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.cc )
s.files += %w( third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.h )
s.files += %w( third_party/abseil-cpp/absl/container/internal/hashtablez_sampler_force_weak_definition.cc )
s.files += %w( third_party/abseil-cpp/absl/container/internal/have_sse.h )
s.files += %w( third_party/abseil-cpp/absl/container/internal/inlined_vector.h )
s.files += %w( third_party/abseil-cpp/absl/container/internal/layout.h )
s.files += %w( third_party/abseil-cpp/absl/container/internal/raw_hash_set.cc )
s.files += %w( third_party/abseil-cpp/absl/container/internal/raw_hash_set.h )
s.files += %w( third_party/abseil-cpp/absl/debugging/internal/address_is_readable.cc )
s.files += %w( third_party/abseil-cpp/absl/debugging/internal/address_is_readable.h )
s.files += %w( third_party/abseil-cpp/absl/debugging/internal/demangle.cc )
@ -1048,6 +1070,11 @@ Gem::Specification.new do |s|
s.files += %w( third_party/abseil-cpp/absl/debugging/symbolize_win32.inc )
s.files += %w( third_party/abseil-cpp/absl/functional/function_ref.h )
s.files += %w( third_party/abseil-cpp/absl/functional/internal/function_ref.h )
s.files += %w( third_party/abseil-cpp/absl/hash/hash.h )
s.files += %w( third_party/abseil-cpp/absl/hash/internal/city.cc )
s.files += %w( third_party/abseil-cpp/absl/hash/internal/city.h )
s.files += %w( third_party/abseil-cpp/absl/hash/internal/hash.cc )
s.files += %w( third_party/abseil-cpp/absl/hash/internal/hash.h )
s.files += %w( third_party/abseil-cpp/absl/memory/memory.h )
s.files += %w( third_party/abseil-cpp/absl/meta/type_traits.h )
s.files += %w( third_party/abseil-cpp/absl/numeric/int128.cc )
@ -1165,10 +1192,14 @@ Gem::Specification.new do |s|
s.files += %w( third_party/abseil-cpp/absl/time/time.h )
s.files += %w( third_party/abseil-cpp/absl/types/bad_optional_access.cc )
s.files += %w( third_party/abseil-cpp/absl/types/bad_optional_access.h )
s.files += %w( third_party/abseil-cpp/absl/types/bad_variant_access.cc )
s.files += %w( third_party/abseil-cpp/absl/types/bad_variant_access.h )
s.files += %w( third_party/abseil-cpp/absl/types/internal/optional.h )
s.files += %w( third_party/abseil-cpp/absl/types/internal/span.h )
s.files += %w( third_party/abseil-cpp/absl/types/internal/variant.h )
s.files += %w( third_party/abseil-cpp/absl/types/optional.h )
s.files += %w( third_party/abseil-cpp/absl/types/span.h )
s.files += %w( third_party/abseil-cpp/absl/types/variant.h )
s.files += %w( third_party/abseil-cpp/absl/utility/utility.h )
s.files += %w( third_party/address_sorting/address_sorting.c )
s.files += %w( third_party/address_sorting/address_sorting_internal.h )

5
grpc.gyp
Unescape View File

@ -436,6 +436,7 @@
'absl/strings:strings',
'absl/status:status',
'absl/container:inlined_vector',
'absl/container:flat_hash_set',
],
'sources': [
'src/core/ext/filters/census/grpc_context.cc',
@ -751,6 +752,8 @@
'src/core/lib/iomgr/work_serializer.cc',
'src/core/lib/json/json_reader.cc',
'src/core/lib/json/json_writer.cc',
'src/core/lib/security/authorization/authorization_engine.cc',
'src/core/lib/security/authorization/evaluate_args.cc',
'src/core/lib/security/context/security_context.cc',
'src/core/lib/security/credentials/alts/alts_credentials.cc',
'src/core/lib/security/credentials/alts/check_gcp_environment.cc',
@ -888,6 +891,7 @@
'sources': [
'test/core/util/cmdline.cc',
'test/core/util/debugger_macros.cc',
'test/core/util/eval_args_mock_endpoint.cc',
'test/core/util/fuzzer_util.cc',
'test/core/util/grpc_profiler.cc',
'test/core/util/histogram.cc',
@ -920,6 +924,7 @@
'sources': [
'test/core/util/cmdline.cc',
'test/core/util/debugger_macros.cc',
'test/core/util/eval_args_mock_endpoint.cc',
'test/core/util/fuzzer_util.cc',
'test/core/util/grpc_profiler.cc',
'test/core/util/histogram.cc',

31
package.xml
Unescape View File

@ -741,6 +741,12 @@
<file baseinstalldir="/" name="src/core/lib/profiling/basic_timers.cc" role="src" />
<file baseinstalldir="/" name="src/core/lib/profiling/stap_timers.cc" role="src" />
<file baseinstalldir="/" name="src/core/lib/profiling/timers.h" role="src" />
<file baseinstalldir="/" name="src/core/lib/security/authorization/authorization_engine.cc" role="src" />
<file baseinstalldir="/" name="src/core/lib/security/authorization/authorization_engine.h" role="src" />
<file baseinstalldir="/" name="src/core/lib/security/authorization/evaluate_args.cc" role="src" />
<file baseinstalldir="/" name="src/core/lib/security/authorization/evaluate_args.h" role="src" />
<file baseinstalldir="/" name="src/core/lib/security/authorization/mock_cel/activation.h" role="src" />
<file baseinstalldir="/" name="src/core/lib/security/authorization/mock_cel/cel_value.h" role="src" />
<file baseinstalldir="/" name="src/core/lib/security/context/security_context.cc" role="src" />
<file baseinstalldir="/" name="src/core/lib/security/context/security_context.h" role="src" />
<file baseinstalldir="/" name="src/core/lib/security/credentials/alts/alts_credentials.cc" role="src" />
@ -968,6 +974,7 @@
<file baseinstalldir="/" name="src/php/ext/grpc/timeval.h" role="src" />
<file baseinstalldir="/" name="src/php/ext/grpc/version.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/algorithm/algorithm.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/algorithm/container.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/base/attributes.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/base/call_once.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/base/casts.h" role="src" />
@ -982,6 +989,8 @@
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/base/internal/direct_mmap.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/base/internal/endian.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/base/internal/errno_saver.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/base/internal/exponential_biased.cc" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/base/internal/exponential_biased.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/base/internal/hide_ptr.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/base/internal/identity.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/base/internal/inline_variable.h" role="src" />
@ -1021,9 +1030,22 @@
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/base/port.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/base/thread_annotations.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/container/fixed_array.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/container/flat_hash_set.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/container/inlined_vector.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/container/internal/common.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/container/internal/compressed_tuple.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/container/internal/container_memory.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/container/internal/hash_function_defaults.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/container/internal/hash_policy_traits.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/container/internal/hashtable_debug_hooks.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.cc" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/container/internal/hashtablez_sampler_force_weak_definition.cc" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/container/internal/have_sse.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/container/internal/inlined_vector.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/container/internal/layout.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/container/internal/raw_hash_set.cc" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/container/internal/raw_hash_set.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/debugging/internal/address_is_readable.cc" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/debugging/internal/address_is_readable.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/debugging/internal/demangle.cc" role="src" />
@ -1050,6 +1072,11 @@
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/debugging/symbolize_win32.inc" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/functional/function_ref.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/functional/internal/function_ref.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/hash/hash.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/hash/internal/city.cc" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/hash/internal/city.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/hash/internal/hash.cc" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/hash/internal/hash.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/memory/memory.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/meta/type_traits.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/numeric/int128.cc" role="src" />
@ -1167,10 +1194,14 @@
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/time/time.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/types/bad_optional_access.cc" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/types/bad_optional_access.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/types/bad_variant_access.cc" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/types/bad_variant_access.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/types/internal/optional.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/types/internal/span.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/types/internal/variant.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/types/optional.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/types/span.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/types/variant.h" role="src" />
<file baseinstalldir="/" name="third_party/abseil-cpp/absl/utility/utility.h" role="src" />
<file baseinstalldir="/" name="third_party/address_sorting/address_sorting.c" role="src" />
<file baseinstalldir="/" name="third_party/address_sorting/address_sorting_internal.h" role="src" />

115
src/core/lib/security/authorization/authorization_engine.cc
Unescape View File

@ -20,6 +20,22 @@
namespace grpc_core {
namespace {
// Symbols for traversing Envoy Attributes
constexpr char kUrlPath[] = "url_path";
constexpr char kHost[] = "host";
constexpr char kMethod[] = "method";
constexpr char kHeaders[] = "headers";
constexpr char kSourceAddress[] = "source_address";
constexpr char kSourcePort[] = "source_port";
constexpr char kDestinationAddress[] = "destination_address";
constexpr char kDestinationPort[] = "destination_port";
constexpr char kSpiffeId[] = "spiffe_id";
constexpr char kCertServerName[] = "cert_server_name";
} // namespace
std::unique_ptr<AuthorizationEngine>
AuthorizationEngine::CreateAuthorizationEngine(
const std::vector<envoy_config_rbac_v3_RBAC*>& rbac_policies) {
@ -74,4 +90,103 @@ AuthorizationEngine::AuthorizationEngine(
}
}
std::unique_ptr<google::api::expr::runtime::Activation>
AuthorizationEngine::CreateActivation(const EvaluateArgs& args) {
std::unique_ptr<google::api::expr::runtime::Activation> activation;
for (const auto& elem : envoy_attributes_) {
if (elem == kUrlPath) {
absl::string_view url_path(args.GetPath());
if (!url_path.empty()) {
activation->InsertValue(
kUrlPath,
google::api::expr::runtime::CelValue::CreateStringView(url_path));
}
} else if (elem == kHost) {
absl::string_view host(args.GetHost());
if (!host.empty()) {
activation->InsertValue(
kHost,
google::api::expr::runtime::CelValue::CreateStringView(host));
}
} else if (elem == kMethod) {
absl::string_view method(args.GetMethod());
if (!method.empty()) {
activation->InsertValue(
kMethod,
google::api::expr::runtime::CelValue::CreateStringView(method));
}
} else if (elem == kHeaders) {
std::multimap<absl::string_view, absl::string_view> headers =
args.GetHeaders();
std::vector<std::pair<google::api::expr::runtime::CelValue,
google::api::expr::runtime::CelValue>>
header_items;
for (const auto& header_key : header_keys_) {
auto header_item = headers.find(header_key);
if (header_item != headers.end()) {
header_items.push_back(
std::pair<google::api::expr::runtime::CelValue,
google::api::expr::runtime::CelValue>(
google::api::expr::runtime::CelValue::CreateStringView(
header_key),
google::api::expr::runtime::CelValue::CreateStringView(
header_item->second)));
}
}
headers_ = google::api::expr::runtime::ContainerBackedMapImpl::Create(
absl::Span<std::pair<google::api::expr::runtime::CelValue,
google::api::expr::runtime::CelValue>>(
header_items));
activation->InsertValue(
kHeaders,
google::api::expr::runtime::CelValue::CreateMap(headers_.get()));
} else if (elem == kSourceAddress) {
absl::string_view source_address(args.GetPeerAddress());
if (!source_address.empty()) {
activation->InsertValue(
kSourceAddress,
google::api::expr::runtime::CelValue::CreateStringView(
source_address));
}
} else if (elem == kSourcePort) {
activation->InsertValue(kSourcePort,
google::api::expr::runtime::CelValue::CreateInt64(
args.GetPeerPort()));
} else if (elem == kDestinationAddress) {
absl::string_view destination_address(args.GetLocalAddress());
if (!destination_address.empty()) {
activation->InsertValue(
kDestinationAddress,
google::api::expr::runtime::CelValue::CreateStringView(
destination_address));
}
} else if (elem == kDestinationPort) {
activation->InsertValue(kDestinationPort,
google::api::expr::runtime::CelValue::CreateInt64(
args.GetLocalPort()));
} else if (elem == kSpiffeId) {
absl::string_view spiffe_id(args.GetSpiffeId());
if (!spiffe_id.empty()) {
activation->InsertValue(
kSpiffeId,
google::api::expr::runtime::CelValue::CreateStringView(spiffe_id));
}
} else if (elem == kCertServerName) {
absl::string_view cert_server_name(args.GetCertServerName());
if (!cert_server_name.empty()) {
activation->InsertValue(
kCertServerName,
google::api::expr::runtime::CelValue::CreateStringView(
cert_server_name));
}
} else {
gpr_log(GPR_ERROR,
"Error: Authorization engine does not support evaluating "
"attribute %s.",
elem.c_str());
}
}
return activation;
}
} // namespace grpc_core

14
src/core/lib/security/authorization/authorization_engine.h
Unescape View File

@ -24,10 +24,14 @@
#include <string>
#include <vector>
#include "src/core/ext/upb-generated/envoy/config/rbac/v3/rbac.upb.h"
#include "src/core/ext/upb-generated/google/api/expr/v1alpha1/syntax.upb.h"
#include "absl/container/flat_hash_set.h"
#include "envoy/config/rbac/v3/rbac.upb.h"
#include "google/api/expr/v1alpha1/syntax.upb.h"
#include "upb/upb.hpp"
#include "src/core/lib/security/authorization/evaluate_args.h"
#include "src/core/lib/security/authorization/mock_cel/activation.h"
namespace grpc_core {
// AuthorizationEngine makes an AuthorizationDecision to ALLOW or DENY the
@ -62,11 +66,17 @@ class AuthorizationEngine {
kDeny,
};
std::unique_ptr<google::api::expr::runtime::Activation> CreateActivation(
const EvaluateArgs& args);
std::map<const std::string, const google_api_expr_v1alpha1_Expr*>
deny_if_matched_;
std::map<const std::string, const google_api_expr_v1alpha1_Expr*>
allow_if_matched_;
upb::Arena arena_;
absl::flat_hash_set<std::string> envoy_attributes_;
absl::flat_hash_set<std::string> header_keys_;
std::unique_ptr<google::api::expr::runtime::CelMap> headers_;
};
} // namespace grpc_core

89
src/core/lib/security/authorization/evaluate_args.cc
Unescape View File

@ -20,6 +20,9 @@
#include "src/core/lib/security/authorization/evaluate_args.h"
#include "src/core/ext/filters/client_channel/parse_address.h"
#include "src/core/lib/iomgr/resolve_address.h"
#include "src/core/lib/iomgr/sockaddr_utils.h"
#include "src/core/lib/slice/slice_utils.h"
namespace grpc_core {
@ -69,42 +72,88 @@ std::multimap<absl::string_view, absl::string_view> EvaluateArgs::GetHeaders()
return headers;
}
absl::string_view EvaluateArgs::GetLocalAddress() const {
absl::string_view addr = grpc_endpoint_get_local_address(endpoint_);
size_t first_colon = addr.find(":");
size_t last_colon = addr.rfind(":");
if (first_colon == std::string::npos || last_colon == std::string::npos) {
return "";
} else {
return addr.substr(first_colon + 1, last_colon - first_colon - 1);
}
}
int EvaluateArgs::GetLocalPort() const {
if (endpoint_ == nullptr) {
return 0;
}
grpc_uri* uri = grpc_uri_parse(
std::string(grpc_endpoint_get_local_address(endpoint_)).c_str(), true);
grpc_resolved_address resolved_addr;
if (uri == nullptr || !grpc_parse_uri(uri, &resolved_addr)) {
grpc_uri_destroy(uri);
return 0;
}
grpc_uri_destroy(uri);
return grpc_sockaddr_get_port(&resolved_addr);
}
absl::string_view EvaluateArgs::GetPeerAddress() const {
absl::string_view addr = grpc_endpoint_get_peer(endpoint_);
size_t first_colon = addr.find(":");
size_t last_colon = addr.rfind(":");
if (first_colon == std::string::npos || last_colon == std::string::npos) {
return "";
} else {
return addr.substr(first_colon + 1, last_colon - first_colon - 1);
}
}
int EvaluateArgs::GetPeerPort() const {
if (endpoint_ == nullptr) {
return 0;
}
grpc_uri* uri = grpc_uri_parse(
std::string(grpc_endpoint_get_peer(endpoint_)).c_str(), true);
grpc_resolved_address resolved_addr;
if (uri == nullptr || !grpc_parse_uri(uri, &resolved_addr)) {
grpc_uri_destroy(uri);
return 0;
}
grpc_uri_destroy(uri);
return grpc_sockaddr_get_port(&resolved_addr);
}
absl::string_view EvaluateArgs::GetSpiffeId() const {
absl::string_view spiffe_id;
if (auth_context_ == nullptr) {
return spiffe_id;
return "";
}
grpc_auth_property_iterator it = grpc_auth_context_find_properties_by_name(
auth_context_, GRPC_PEER_SPIFFE_ID_PROPERTY_NAME);
const grpc_auth_property* prop = grpc_auth_property_iterator_next(&it);
if (prop == nullptr) return spiffe_id;
if (strncmp(prop->value, GRPC_PEER_SPIFFE_ID_PROPERTY_NAME,
prop->value_length) != 0) {
return spiffe_id;
if (prop == nullptr ||
strncmp(prop->value, GRPC_PEER_SPIFFE_ID_PROPERTY_NAME,
prop->value_length) != 0 ||
grpc_auth_property_iterator_next(&it) != nullptr) {
return "";
}
if (grpc_auth_property_iterator_next(&it) != nullptr) return spiffe_id;
spiffe_id = absl::string_view(
reinterpret_cast<const char*>(prop->value, prop->value_length));
return spiffe_id;
return absl::string_view(prop->value, prop->value_length);
}
absl::string_view EvaluateArgs::GetCertServerName() const {
absl::string_view name;
if (auth_context_ == nullptr) {
return name;
return "";
}
grpc_auth_property_iterator it = grpc_auth_context_find_properties_by_name(
auth_context_, GRPC_X509_CN_PROPERTY_NAME);
const grpc_auth_property* prop = grpc_auth_property_iterator_next(&it);
if (prop == nullptr) return name;
if (strncmp(prop->value, GRPC_X509_CN_PROPERTY_NAME, prop->value_length) !=
0) {
return name;
if (prop == nullptr ||
strncmp(prop->value, GRPC_X509_CN_PROPERTY_NAME, prop->value_length) !=
0 ||
grpc_auth_property_iterator_next(&it) != nullptr) {
return "";
}
if (grpc_auth_property_iterator_next(&it) != nullptr) return name;
name = absl::string_view(
reinterpret_cast<const char*>(prop->value, prop->value_length));
return name;
return absl::string_view(prop->value, prop->value_length);
}
} // namespace grpc_core

7
src/core/lib/security/authorization/evaluate_args.h
Unescape View File

@ -32,12 +32,17 @@ namespace grpc_core {
class EvaluateArgs {
public:
EvaluateArgs(grpc_metadata_batch* metadata, grpc_auth_context* auth_context,
grpc_endpoint* endpoint);
grpc_endpoint* endpoint)
: metadata_(metadata), auth_context_(auth_context), endpoint_(endpoint) {}
absl::string_view GetPath() const;
absl::string_view GetHost() const;
absl::string_view GetMethod() const;
std::multimap<absl::string_view, absl::string_view> GetHeaders() const;
absl::string_view GetLocalAddress() const;
int GetLocalPort() const;
absl::string_view GetPeerAddress() const;
int GetPeerPort() const;
absl::string_view GetSpiffeId() const;
absl::string_view GetCertServerName() const;

16
src/core/lib/security/authorization/mock_cel/cel_value.h
Unescape View File

@ -40,7 +40,10 @@ namespace expr {
namespace runtime {
// Break cyclic depdendencies for container types.
class CelMap;
class CelMap {
public:
CelMap() = default;
};
// This is a temporary stub implementation of CEL APIs.
// Once gRPC imports the CEL library, this class will be removed.
@ -75,6 +78,17 @@ class CelValue {
explicit CelValue(T value) {}
};
// CelMap implementation that uses STL map container as backing storage.
class ContainerBackedMapImpl : public CelMap {
public:
ContainerBackedMapImpl() = default;
static std::unique_ptr<CelMap> Create(
absl::Span<std::pair<CelValue, CelValue>> key_values) {
return absl::make_unique<ContainerBackedMapImpl>();
}
};
} // namespace runtime
} // namespace expr
} // namespace api

9
src/python/grpcio/grpc_core_dependencies.py
Unescape View File

@ -369,6 +369,8 @@ CORE_SOURCE_FILES = [
'src/core/lib/json/json_writer.cc',
'src/core/lib/profiling/basic_timers.cc',
'src/core/lib/profiling/stap_timers.cc',
'src/core/lib/security/authorization/authorization_engine.cc',
'src/core/lib/security/authorization/evaluate_args.cc',
'src/core/lib/security/context/security_context.cc',
'src/core/lib/security/credentials/alts/alts_credentials.cc',
'src/core/lib/security/credentials/alts/check_gcp_environment.cc',
@ -481,6 +483,7 @@ CORE_SOURCE_FILES = [
'src/core/tsi/transport_security_grpc.cc',
'third_party/abseil-cpp/absl/base/dynamic_annotations.cc',
'third_party/abseil-cpp/absl/base/internal/cycleclock.cc',
'third_party/abseil-cpp/absl/base/internal/exponential_biased.cc',
'third_party/abseil-cpp/absl/base/internal/low_level_alloc.cc',
'third_party/abseil-cpp/absl/base/internal/raw_logging.cc',
'third_party/abseil-cpp/absl/base/internal/spinlock.cc',
@ -490,12 +493,17 @@ CORE_SOURCE_FILES = [
'third_party/abseil-cpp/absl/base/internal/throw_delegate.cc',
'third_party/abseil-cpp/absl/base/internal/unscaledcycleclock.cc',
'third_party/abseil-cpp/absl/base/log_severity.cc',
'third_party/abseil-cpp/absl/container/internal/hashtablez_sampler.cc',
'third_party/abseil-cpp/absl/container/internal/hashtablez_sampler_force_weak_definition.cc',
'third_party/abseil-cpp/absl/container/internal/raw_hash_set.cc',
'third_party/abseil-cpp/absl/debugging/internal/address_is_readable.cc',
'third_party/abseil-cpp/absl/debugging/internal/demangle.cc',
'third_party/abseil-cpp/absl/debugging/internal/elf_mem_image.cc',
'third_party/abseil-cpp/absl/debugging/internal/vdso_support.cc',
'third_party/abseil-cpp/absl/debugging/stacktrace.cc',
'third_party/abseil-cpp/absl/debugging/symbolize.cc',
'third_party/abseil-cpp/absl/hash/internal/city.cc',
'third_party/abseil-cpp/absl/hash/internal/hash.cc',
'third_party/abseil-cpp/absl/numeric/int128.cc',
'third_party/abseil-cpp/absl/status/status.cc',
'third_party/abseil-cpp/absl/status/status_payload_printer.cc',
@ -546,6 +554,7 @@ CORE_SOURCE_FILES = [
'third_party/abseil-cpp/absl/time/internal/cctz/src/zone_info_source.cc',
'third_party/abseil-cpp/absl/time/time.cc',
'third_party/abseil-cpp/absl/types/bad_optional_access.cc',
'third_party/abseil-cpp/absl/types/bad_variant_access.cc',
'third_party/address_sorting/address_sorting.c',
'third_party/address_sorting/address_sorting_posix.c',
'third_party/address_sorting/address_sorting_windows.c',

15
test/core/security/BUILD
Unescape View File

@ -79,7 +79,7 @@ grpc_cc_test(
language = "C++",
deps = [
"//:gpr",
"//:grpc_authorization_engine",
"//:grpc",
"//test/core/util:grpc_test_util",
],
)
@ -95,6 +95,19 @@ grpc_cc_test(
],
)
grpc_cc_test(
name = "evaluate_args_test",
srcs = ["evaluate_args_test.cc"],
external_deps = ["gtest"],
language = "C++",
deps = [
"//:gpr",
"//:grpc",
"//test/core/util:grpc_test_util",
"//test/core/util:grpc_test_util_base",
],
)
grpc_cc_test(
name = "json_token_test",
srcs = ["json_token_test.cc"],

76
test/core/security/evaluate_args_test.cc
Unescape View File

@ -0,0 +1,76 @@
// Copyright 2020 gRPC authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#include <grpc/support/port_platform.h>
#include <gtest/gtest.h>
#include "absl/strings/string_view.h"
#include "src/core/lib/security/authorization/evaluate_args.h"
#include "test/core/util/eval_args_mock_endpoint.h"
namespace grpc_core {
class EvaluateArgsTest : public ::testing::Test {
protected:
void SetUp() override {
local_address_ = "255.255.255.255";
peer_address_ = "128.128.128.128";
local_port_ = 413;
peer_port_ = 314;
endpoint_ = CreateEvalArgsMockEndpoint(local_address_.c_str(), local_port_,
peer_address_.c_str(), peer_port_);
evaluate_args_ =
absl::make_unique<EvaluateArgs>(nullptr, nullptr, endpoint_);
}
void TearDown() override { grpc_endpoint_destroy(endpoint_); }
grpc_endpoint* endpoint_;
std::unique_ptr<EvaluateArgs> evaluate_args_;
std::string local_address_;
std::string peer_address_;
int local_port_;
int peer_port_;
};
TEST_F(EvaluateArgsTest, TestEvaluateArgsLocalAddress) {
absl::string_view src_address = evaluate_args_->GetLocalAddress();
EXPECT_EQ(src_address, local_address_)
<< "Error: Failed to extract correct Local address from EvaluateArgs.";
}
TEST_F(EvaluateArgsTest, TestEvaluateArgsLocalPort) {
int src_port = evaluate_args_->GetLocalPort();
EXPECT_EQ(src_port, local_port_)
<< "Error: Failed to extract correct Local port from EvaluateArgs.";
}
TEST_F(EvaluateArgsTest, TestEvaluateArgsPeerAddress) {
absl::string_view dest_address = evaluate_args_->GetPeerAddress();
EXPECT_EQ(dest_address, peer_address_)
<< "Error: Failed to extract correct Peer address from "
"EvaluateArgs. ";
}
TEST_F(EvaluateArgsTest, TestEvaluateArgsPeerPort) {
int dest_port = evaluate_args_->GetPeerPort();
EXPECT_EQ(dest_port, peer_port_)
<< "Error: Failed to extract correct Peer port from EvaluateArgs.";
}
} // namespace grpc_core
int main(int argc, char** argv) {
::testing::InitGoogleTest(&argc, argv);
return RUN_ALL_TESTS();
}

2
test/core/util/BUILD
Unescape View File

@ -38,6 +38,7 @@ grpc_cc_library(
name = "grpc_test_util_base",
srcs = [
"cmdline.cc",
"eval_args_mock_endpoint.cc",
"fuzzer_util.cc",
"grpc_profiler.cc",
"histogram.cc",
@ -59,6 +60,7 @@ grpc_cc_library(
],
hdrs = [
"cmdline.h",
"eval_args_mock_endpoint.h",
"fuzzer_util.h",
"grpc_profiler.h",
"histogram.h",

118
test/core/util/eval_args_mock_endpoint.cc
Unescape View File

@ -0,0 +1,118 @@
// Copyright 2020 gRPC authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#include <grpc/support/port_platform.h>
#include "test/core/util/eval_args_mock_endpoint.h"
#include <inttypes.h>
#include <string>
#include "absl/strings/str_format.h"
#include <grpc/support/alloc.h>
#include <grpc/support/string_util.h>
#include "src/core/lib/iomgr/sockaddr.h"
#include "src/core/lib/iomgr/sockaddr_utils.h"
namespace grpc_core {
class EvalArgsMockEndpoint {
public:
EvalArgsMockEndpoint(absl::string_view local_uri, absl::string_view peer_uri)
: local_address_(local_uri), peer_(peer_uri) {
base_.vtable = &vtable_;
}
grpc_endpoint* base() const { return const_cast<grpc_endpoint*>(&base_); }
static void Read(grpc_endpoint* ep, grpc_slice_buffer* slices,
grpc_closure* cb, bool unused) {}
static void Write(grpc_endpoint* ep, grpc_slice_buffer* slices,
grpc_closure* cb, void* unused) {}
static void AddToPollset(grpc_endpoint* ep, grpc_pollset* unused) {}
static void AddToPollsetSet(grpc_endpoint* ep, grpc_pollset_set* unused) {}
static void DeleteFromPollsetSet(grpc_endpoint* ep,
grpc_pollset_set* unused) {}
static void Shutdown(grpc_endpoint* ep, grpc_error* why) {}
static void Destroy(grpc_endpoint* ep) {
EvalArgsMockEndpoint* m = reinterpret_cast<EvalArgsMockEndpoint*>(ep);
delete m;
}
static absl::string_view GetPeer(grpc_endpoint* ep) {
EvalArgsMockEndpoint* m = reinterpret_cast<EvalArgsMockEndpoint*>(ep);
return m->peer_;
}
static absl::string_view GetLocalAddress(grpc_endpoint* ep) {
EvalArgsMockEndpoint* m = reinterpret_cast<EvalArgsMockEndpoint*>(ep);
return m->local_address_;
}
static grpc_resource_user* GetResourceUser(grpc_endpoint* ep) {
return nullptr;
}
static int GetFd(grpc_endpoint* unused) { return -1; }
static bool CanTrackErr(grpc_endpoint* unused) { return false; }
private:
static constexpr grpc_endpoint_vtable vtable_ = {
EvalArgsMockEndpoint::Read,
EvalArgsMockEndpoint::Write,
EvalArgsMockEndpoint::AddToPollset,
EvalArgsMockEndpoint::AddToPollsetSet,
EvalArgsMockEndpoint::DeleteFromPollsetSet,
EvalArgsMockEndpoint::Shutdown,
EvalArgsMockEndpoint::Destroy,
EvalArgsMockEndpoint::GetResourceUser,
EvalArgsMockEndpoint::GetPeer,
EvalArgsMockEndpoint::GetLocalAddress,
EvalArgsMockEndpoint::GetFd,
EvalArgsMockEndpoint::CanTrackErr};
grpc_endpoint base_;
std::string local_address_;
std::string peer_;
};
constexpr grpc_endpoint_vtable EvalArgsMockEndpoint::vtable_;
namespace {
std::string NameAndPortToURI(const char* addr, const int port) {
grpc_sockaddr_in address;
memset(&address, 0, sizeof(address));
address.sin_family = AF_INET;
address.sin_port = htons(port);
inet_pton(AF_INET, addr, &address.sin_addr);
grpc_resolved_address resolved;
memset(&resolved, 0, sizeof(resolved));
memcpy(resolved.addr, &address, sizeof(address));
resolved.len = sizeof(address);
return grpc_sockaddr_to_uri(&resolved);
}
} // namespace
grpc_endpoint* CreateEvalArgsMockEndpoint(const char* local_address,
const int local_port,
const char* peer_address,
const int peer_port) {
EvalArgsMockEndpoint* m =
new EvalArgsMockEndpoint(NameAndPortToURI(local_address, local_port),
NameAndPortToURI(peer_address, peer_port));
return m->base();
}
} // namespace grpc_core

31
test/core/util/eval_args_mock_endpoint.h
Unescape View File

@ -0,0 +1,31 @@
// Copyright 2020 gRPC authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef GRPC_TEST_CORE_UTIL_EVAL_ARGS_MOCK_ENDPOINT_H
#define GRPC_TEST_CORE_UTIL_EVAL_ARGS_MOCK_ENDPOINT_H
#include <grpc/support/port_platform.h>
#include "src/core/lib/iomgr/endpoint.h"
namespace grpc_core {
grpc_endpoint* CreateEvalArgsMockEndpoint(const char* local_address,
const int local_port,
const char* peer_address,
const int peer_port);
} // namespace grpc_core
#endif // GRPC_TEST_CORE_UTIL_EVAL_ARGS_MOCK_ENDPOINT_H

6
tools/doxygen/Doxyfile.c++.internal
Unescape View File

@ -1711,6 +1711,12 @@ src/core/lib/json/json_writer.cc \
src/core/lib/profiling/basic_timers.cc \
src/core/lib/profiling/stap_timers.cc \
src/core/lib/profiling/timers.h \
src/core/lib/security/authorization/authorization_engine.cc \
src/core/lib/security/authorization/authorization_engine.h \
src/core/lib/security/authorization/evaluate_args.cc \
src/core/lib/security/authorization/evaluate_args.h \
src/core/lib/security/authorization/mock_cel/activation.h \
src/core/lib/security/authorization/mock_cel/cel_value.h \
src/core/lib/security/context/security_context.cc \
src/core/lib/security/context/security_context.h \
src/core/lib/security/credentials/alts/alts_credentials.cc \

6
tools/doxygen/Doxyfile.core.internal
Unescape View File

@ -1537,6 +1537,12 @@ src/core/lib/json/json_writer.cc \
src/core/lib/profiling/basic_timers.cc \
src/core/lib/profiling/stap_timers.cc \
src/core/lib/profiling/timers.h \
src/core/lib/security/authorization/authorization_engine.cc \
src/core/lib/security/authorization/authorization_engine.h \
src/core/lib/security/authorization/evaluate_args.cc \
src/core/lib/security/authorization/evaluate_args.h \
src/core/lib/security/authorization/mock_cel/activation.h \
src/core/lib/security/authorization/mock_cel/cel_value.h \
src/core/lib/security/context/security_context.cc \
src/core/lib/security/context/security_context.h \
src/core/lib/security/credentials/alts/alts_credentials.cc \

24
tools/run_tests/generated/tests.json
Unescape View File

@ -4313,6 +4313,30 @@
],
"uses_polling": true
},
{
"args": [],
"benchmark": false,
"ci_platforms": [
"linux",
"mac",
"posix",
"windows"
],
"cpu_cost": 1.0,
"exclude_configs": [],
"exclude_iomgrs": [],
"flaky": false,
"gtest": true,
"language": "c++",
"name": "evaluate_args_test",
"platforms": [
"linux",
"mac",
"posix",
"windows"
],
"uses_polling": true
},
{
"args": [],
"benchmark": false,

Write Preview
Loading…
Cancel
Save