From caf9935e456436a54931bf8112c25515100ccd20 Mon Sep 17 00:00:00 2001 From: Julien Boeuf Date: Thu, 19 Nov 2015 22:00:30 -0800 Subject: [PATCH] Also adding a credentials type to the plugin API. The purpose of this is to be able to install a composition policy that describes which types are incompatible and that will be enforced during call creds composition. If this functionality is wanted it will be done in an additive function in the API like : void grpc_call_credentials_set_composite_policy( grpc_call_credentials_composite_policy policy); --- include/grpc/grpc_security.h | 3 +++ src/core/security/credentials.c | 2 +- src/core/security/credentials.h | 1 - src/cpp/client/secure_credentials.cc | 2 +- src/csharp/ext/grpc_csharp_ext.c | 1 + src/node/ext/call_credentials.cc | 1 + 6 files changed, 7 insertions(+), 3 deletions(-) diff --git a/include/grpc/grpc_security.h b/include/grpc/grpc_security.h index 4f3efae4be5..f4e90a5ef58 100644 --- a/include/grpc/grpc_security.h +++ b/include/grpc/grpc_security.h @@ -276,6 +276,9 @@ typedef struct { /* State that will be set as the first parameter of the methods above. */ void *state; + + /* Type of credentials that this plugin is implementing. */ + const char *type; } grpc_metadata_credentials_plugin; /* Creates a credentials object from a plugin. */ diff --git a/src/core/security/credentials.c b/src/core/security/credentials.c index 806f9a6f1c5..751665b4947 100644 --- a/src/core/security/credentials.c +++ b/src/core/security/credentials.c @@ -1210,7 +1210,7 @@ grpc_call_credentials *grpc_metadata_credentials_create_from_plugin( (reserved)); GPR_ASSERT(reserved == NULL); memset(c, 0, sizeof(*c)); - c->base.type = GRPC_CALL_CREDENTIALS_TYPE_METADATA_PLUGIN; + c->base.type = plugin.type; c->base.vtable = &plugin_vtable; gpr_ref_init(&c->base.refcount, 1); c->plugin = plugin; diff --git a/src/core/security/credentials.h b/src/core/security/credentials.h index 79caee7f99d..0ce33d5e7cd 100644 --- a/src/core/security/credentials.h +++ b/src/core/security/credentials.h @@ -59,7 +59,6 @@ typedef enum { "FakeTransportSecurity" #define GRPC_CALL_CREDENTIALS_TYPE_OAUTH2 "Oauth2" -#define GRPC_CALL_CREDENTIALS_TYPE_METADATA_PLUGIN "Plugin" #define GRPC_CALL_CREDENTIALS_TYPE_JWT "Jwt" #define GRPC_CALL_CREDENTIALS_TYPE_IAM "Iam" #define GRPC_CALL_CREDENTIALS_TYPE_COMPOSITE "Composite" diff --git a/src/cpp/client/secure_credentials.cc b/src/cpp/client/secure_credentials.cc index fa374f808a0..bd682284602 100644 --- a/src/cpp/client/secure_credentials.cc +++ b/src/cpp/client/secure_credentials.cc @@ -208,7 +208,7 @@ std::shared_ptr MetadataCredentialsFromPlugin( new MetadataCredentialsPluginWrapper(std::move(plugin)); grpc_metadata_credentials_plugin c_plugin = { MetadataCredentialsPluginWrapper::GetMetadata, - MetadataCredentialsPluginWrapper::Destroy, wrapper}; + MetadataCredentialsPluginWrapper::Destroy, wrapper, ""}; return WrapCallCredentials( grpc_metadata_credentials_create_from_plugin(c_plugin, nullptr)); } diff --git a/src/csharp/ext/grpc_csharp_ext.c b/src/csharp/ext/grpc_csharp_ext.c index e6a2664c53d..b8705c49d32 100644 --- a/src/csharp/ext/grpc_csharp_ext.c +++ b/src/csharp/ext/grpc_csharp_ext.c @@ -950,6 +950,7 @@ GPR_EXPORT grpc_call_credentials *GPR_CALLTYPE grpcsharp_metadata_credentials_cr plugin.get_metadata = grpcsharp_get_metadata_handler; plugin.destroy = grpcsharp_metadata_credentials_destroy_handler; plugin.state = (void*)(gpr_intptr)metadata_interceptor; + plugin.type = ""; return grpc_metadata_credentials_create_from_plugin(plugin, NULL); } diff --git a/src/node/ext/call_credentials.cc b/src/node/ext/call_credentials.cc index d0d7140bb44..8cbfb1ebea0 100644 --- a/src/node/ext/call_credentials.cc +++ b/src/node/ext/call_credentials.cc @@ -162,6 +162,7 @@ NAN_METHOD(CallCredentials::CreateFromPlugin) { plugin.get_metadata = plugin_get_metadata; plugin.destroy = plugin_destroy_state; plugin.state = reinterpret_cast(state); + plugin.type = ""; grpc_call_credentials *creds = grpc_metadata_credentials_create_from_plugin( plugin, NULL); info.GetReturnValue().Set(WrapStruct(creds));