diff --git a/BUILD b/BUILD index 1ced959fc1f..8ab5738f94a 100644 --- a/BUILD +++ b/BUILD @@ -504,8 +504,7 @@ grpc_cc_library( "src/core/ext/transport/binder/client/endpoint_binder_pool.cc", "src/core/ext/transport/binder/client/jni_utils.cc", "src/core/ext/transport/binder/client/security_policy_setting.cc", - "src/core/ext/transport/binder/security_policy/internal_only_security_policy.cc", - "src/core/ext/transport/binder/security_policy/untrusted_security_policy.cc", + "src/core/ext/transport/binder/security_policy/binder_security_policy.cc", "src/core/ext/transport/binder/server/binder_server.cc", "src/core/ext/transport/binder/server/binder_server_credentials.cc", "src/core/ext/transport/binder/transport/binder_transport.cc", @@ -518,17 +517,12 @@ grpc_cc_library( ], hdrs = [ "src/core/ext/transport/binder/client/binder_connector.h", - "src/core/ext/transport/binder/client/channel_create.h", "src/core/ext/transport/binder/client/channel_create_impl.h", "src/core/ext/transport/binder/client/connection_id_generator.h", "src/core/ext/transport/binder/client/endpoint_binder_pool.h", "src/core/ext/transport/binder/client/jni_utils.h", "src/core/ext/transport/binder/client/security_policy_setting.h", - "src/core/ext/transport/binder/security_policy/internal_only_security_policy.h", - "src/core/ext/transport/binder/security_policy/security_policy.h", - "src/core/ext/transport/binder/security_policy/untrusted_security_policy.h", "src/core/ext/transport/binder/server/binder_server.h", - "src/core/ext/transport/binder/server/binder_server_credentials.h", "src/core/ext/transport/binder/transport/binder_stream.h", "src/core/ext/transport/binder/transport/binder_transport.h", "src/core/ext/transport/binder/utils/transport_stream_receiver.h", @@ -552,16 +546,18 @@ grpc_cc_library( "absl/time", ], language = "c++", - # TODO(mingcl): Move public headers under include/ and put them here public_hdrs = [ + "include/grpcpp/security/binder_security_policy.h", + "include/grpcpp/create_channel_binder.h", + "include/grpcpp/security/binder_credentials.h", ], + visibility = ["@grpc:public"], deps = [ "gpr", "gpr_base", "gpr_platform", "grpc", "grpc++_base", - "grpc++_internals", "grpc_base", "grpc_client_channel", "grpc_codegen", diff --git a/CMakeLists.txt b/CMakeLists.txt index b5f76dbd948..3276844bd97 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -8327,8 +8327,7 @@ add_executable(binder_server_test src/core/ext/transport/binder/client/endpoint_binder_pool.cc src/core/ext/transport/binder/client/jni_utils.cc src/core/ext/transport/binder/client/security_policy_setting.cc - src/core/ext/transport/binder/security_policy/internal_only_security_policy.cc - src/core/ext/transport/binder/security_policy/untrusted_security_policy.cc + src/core/ext/transport/binder/security_policy/binder_security_policy.cc src/core/ext/transport/binder/server/binder_server.cc src/core/ext/transport/binder/server/binder_server_credentials.cc src/core/ext/transport/binder/transport/binder_transport.cc @@ -8383,8 +8382,7 @@ add_executable(binder_transport_test src/core/ext/transport/binder/client/endpoint_binder_pool.cc src/core/ext/transport/binder/client/jni_utils.cc src/core/ext/transport/binder/client/security_policy_setting.cc - src/core/ext/transport/binder/security_policy/internal_only_security_policy.cc - src/core/ext/transport/binder/security_policy/untrusted_security_policy.cc + src/core/ext/transport/binder/security_policy/binder_security_policy.cc src/core/ext/transport/binder/server/binder_server.cc src/core/ext/transport/binder/server/binder_server_credentials.cc src/core/ext/transport/binder/transport/binder_transport.cc @@ -8402,23 +8400,14 @@ add_executable(binder_transport_test src/cpp/client/create_channel_internal.cc src/cpp/client/create_channel_posix.cc src/cpp/client/credentials_cc.cc - src/cpp/client/insecure_credentials.cc - src/cpp/client/secure_credentials.cc src/cpp/codegen/codegen_init.cc src/cpp/common/alarm.cc - src/cpp/common/auth_property_iterator.cc src/cpp/common/channel_arguments.cc src/cpp/common/channel_filter.cc src/cpp/common/completion_queue_cc.cc src/cpp/common/core_codegen.cc src/cpp/common/resource_quota_cc.cc src/cpp/common/rpc_method.cc - src/cpp/common/secure_auth_context.cc - src/cpp/common/secure_channel_arguments.cc - src/cpp/common/secure_create_auth_context.cc - src/cpp/common/tls_certificate_provider.cc - src/cpp/common/tls_credentials_options.cc - src/cpp/common/tls_credentials_options_util.cc src/cpp/common/validate_service_config.cc src/cpp/common/version_cc.cc src/cpp/server/async_generic_service.cc @@ -8429,8 +8418,6 @@ add_executable(binder_transport_test src/cpp/server/health/default_health_check_service.cc src/cpp/server/health/health_check_service.cc src/cpp/server/health/health_check_service_server_builder_option.cc - src/cpp/server/insecure_server_credentials.cc - src/cpp/server/secure_server_credentials.cc src/cpp/server/server_builder.cc src/cpp/server/server_callback.cc src/cpp/server/server_cc.cc @@ -10037,8 +10024,7 @@ add_executable(end2end_binder_transport_test src/core/ext/transport/binder/client/endpoint_binder_pool.cc src/core/ext/transport/binder/client/jni_utils.cc src/core/ext/transport/binder/client/security_policy_setting.cc - src/core/ext/transport/binder/security_policy/internal_only_security_policy.cc - src/core/ext/transport/binder/security_policy/untrusted_security_policy.cc + src/core/ext/transport/binder/security_policy/binder_security_policy.cc src/core/ext/transport/binder/server/binder_server.cc src/core/ext/transport/binder/server/binder_server_credentials.cc src/core/ext/transport/binder/transport/binder_transport.cc @@ -10148,8 +10134,7 @@ add_executable(endpoint_binder_pool_test src/core/ext/transport/binder/client/endpoint_binder_pool.cc src/core/ext/transport/binder/client/jni_utils.cc src/core/ext/transport/binder/client/security_policy_setting.cc - src/core/ext/transport/binder/security_policy/internal_only_security_policy.cc - src/core/ext/transport/binder/security_policy/untrusted_security_policy.cc + src/core/ext/transport/binder/security_policy/binder_security_policy.cc src/core/ext/transport/binder/server/binder_server.cc src/core/ext/transport/binder/server/binder_server_credentials.cc src/core/ext/transport/binder/transport/binder_transport.cc @@ -10167,23 +10152,14 @@ add_executable(endpoint_binder_pool_test src/cpp/client/create_channel_internal.cc src/cpp/client/create_channel_posix.cc src/cpp/client/credentials_cc.cc - src/cpp/client/insecure_credentials.cc - src/cpp/client/secure_credentials.cc src/cpp/codegen/codegen_init.cc src/cpp/common/alarm.cc - src/cpp/common/auth_property_iterator.cc src/cpp/common/channel_arguments.cc src/cpp/common/channel_filter.cc src/cpp/common/completion_queue_cc.cc src/cpp/common/core_codegen.cc src/cpp/common/resource_quota_cc.cc src/cpp/common/rpc_method.cc - src/cpp/common/secure_auth_context.cc - src/cpp/common/secure_channel_arguments.cc - src/cpp/common/secure_create_auth_context.cc - src/cpp/common/tls_certificate_provider.cc - src/cpp/common/tls_credentials_options.cc - src/cpp/common/tls_credentials_options_util.cc src/cpp/common/validate_service_config.cc src/cpp/common/version_cc.cc src/cpp/server/async_generic_service.cc @@ -10194,8 +10170,6 @@ add_executable(endpoint_binder_pool_test src/cpp/server/health/default_health_check_service.cc src/cpp/server/health/health_check_service.cc src/cpp/server/health/health_check_service_server_builder_option.cc - src/cpp/server/insecure_server_credentials.cc - src/cpp/server/secure_server_credentials.cc src/cpp/server/server_builder.cc src/cpp/server/server_callback.cc src/cpp/server/server_cc.cc @@ -10567,8 +10541,7 @@ add_executable(fake_binder_test src/core/ext/transport/binder/client/endpoint_binder_pool.cc src/core/ext/transport/binder/client/jni_utils.cc src/core/ext/transport/binder/client/security_policy_setting.cc - src/core/ext/transport/binder/security_policy/internal_only_security_policy.cc - src/core/ext/transport/binder/security_policy/untrusted_security_policy.cc + src/core/ext/transport/binder/security_policy/binder_security_policy.cc src/core/ext/transport/binder/server/binder_server.cc src/core/ext/transport/binder/server/binder_server_credentials.cc src/core/ext/transport/binder/transport/binder_transport.cc @@ -10586,23 +10559,14 @@ add_executable(fake_binder_test src/cpp/client/create_channel_internal.cc src/cpp/client/create_channel_posix.cc src/cpp/client/credentials_cc.cc - src/cpp/client/insecure_credentials.cc - src/cpp/client/secure_credentials.cc src/cpp/codegen/codegen_init.cc src/cpp/common/alarm.cc - src/cpp/common/auth_property_iterator.cc src/cpp/common/channel_arguments.cc src/cpp/common/channel_filter.cc src/cpp/common/completion_queue_cc.cc src/cpp/common/core_codegen.cc src/cpp/common/resource_quota_cc.cc src/cpp/common/rpc_method.cc - src/cpp/common/secure_auth_context.cc - src/cpp/common/secure_channel_arguments.cc - src/cpp/common/secure_create_auth_context.cc - src/cpp/common/tls_certificate_provider.cc - src/cpp/common/tls_credentials_options.cc - src/cpp/common/tls_credentials_options_util.cc src/cpp/common/validate_service_config.cc src/cpp/common/version_cc.cc src/cpp/server/async_generic_service.cc @@ -10613,8 +10577,6 @@ add_executable(fake_binder_test src/cpp/server/health/default_health_check_service.cc src/cpp/server/health/health_check_service.cc src/cpp/server/health/health_check_service_server_builder_option.cc - src/cpp/server/insecure_server_credentials.cc - src/cpp/server/secure_server_credentials.cc src/cpp/server/server_builder.cc src/cpp/server/server_callback.cc src/cpp/server/server_cc.cc @@ -16204,8 +16166,7 @@ add_executable(transport_stream_receiver_test src/core/ext/transport/binder/client/endpoint_binder_pool.cc src/core/ext/transport/binder/client/jni_utils.cc src/core/ext/transport/binder/client/security_policy_setting.cc - src/core/ext/transport/binder/security_policy/internal_only_security_policy.cc - src/core/ext/transport/binder/security_policy/untrusted_security_policy.cc + src/core/ext/transport/binder/security_policy/binder_security_policy.cc src/core/ext/transport/binder/server/binder_server.cc src/core/ext/transport/binder/server/binder_server_credentials.cc src/core/ext/transport/binder/transport/binder_transport.cc @@ -16223,23 +16184,14 @@ add_executable(transport_stream_receiver_test src/cpp/client/create_channel_internal.cc src/cpp/client/create_channel_posix.cc src/cpp/client/credentials_cc.cc - src/cpp/client/insecure_credentials.cc - src/cpp/client/secure_credentials.cc src/cpp/codegen/codegen_init.cc src/cpp/common/alarm.cc - src/cpp/common/auth_property_iterator.cc src/cpp/common/channel_arguments.cc src/cpp/common/channel_filter.cc src/cpp/common/completion_queue_cc.cc src/cpp/common/core_codegen.cc src/cpp/common/resource_quota_cc.cc src/cpp/common/rpc_method.cc - src/cpp/common/secure_auth_context.cc - src/cpp/common/secure_channel_arguments.cc - src/cpp/common/secure_create_auth_context.cc - src/cpp/common/tls_certificate_provider.cc - src/cpp/common/tls_credentials_options.cc - src/cpp/common/tls_credentials_options_util.cc src/cpp/common/validate_service_config.cc src/cpp/common/version_cc.cc src/cpp/server/async_generic_service.cc @@ -16250,8 +16202,6 @@ add_executable(transport_stream_receiver_test src/cpp/server/health/default_health_check_service.cc src/cpp/server/health/health_check_service.cc src/cpp/server/health/health_check_service_server_builder_option.cc - src/cpp/server/insecure_server_credentials.cc - src/cpp/server/secure_server_credentials.cc src/cpp/server/server_builder.cc src/cpp/server/server_callback.cc src/cpp/server/server_cc.cc @@ -16522,8 +16472,7 @@ add_executable(wire_reader_test src/core/ext/transport/binder/client/endpoint_binder_pool.cc src/core/ext/transport/binder/client/jni_utils.cc src/core/ext/transport/binder/client/security_policy_setting.cc - src/core/ext/transport/binder/security_policy/internal_only_security_policy.cc - src/core/ext/transport/binder/security_policy/untrusted_security_policy.cc + src/core/ext/transport/binder/security_policy/binder_security_policy.cc src/core/ext/transport/binder/server/binder_server.cc src/core/ext/transport/binder/server/binder_server_credentials.cc src/core/ext/transport/binder/transport/binder_transport.cc @@ -16541,23 +16490,14 @@ add_executable(wire_reader_test src/cpp/client/create_channel_internal.cc src/cpp/client/create_channel_posix.cc src/cpp/client/credentials_cc.cc - src/cpp/client/insecure_credentials.cc - src/cpp/client/secure_credentials.cc src/cpp/codegen/codegen_init.cc src/cpp/common/alarm.cc - src/cpp/common/auth_property_iterator.cc src/cpp/common/channel_arguments.cc src/cpp/common/channel_filter.cc src/cpp/common/completion_queue_cc.cc src/cpp/common/core_codegen.cc src/cpp/common/resource_quota_cc.cc src/cpp/common/rpc_method.cc - src/cpp/common/secure_auth_context.cc - src/cpp/common/secure_channel_arguments.cc - src/cpp/common/secure_create_auth_context.cc - src/cpp/common/tls_certificate_provider.cc - src/cpp/common/tls_credentials_options.cc - src/cpp/common/tls_credentials_options_util.cc src/cpp/common/validate_service_config.cc src/cpp/common/version_cc.cc src/cpp/server/async_generic_service.cc @@ -16568,8 +16508,6 @@ add_executable(wire_reader_test src/cpp/server/health/default_health_check_service.cc src/cpp/server/health/health_check_service.cc src/cpp/server/health/health_check_service_server_builder_option.cc - src/cpp/server/insecure_server_credentials.cc - src/cpp/server/secure_server_credentials.cc src/cpp/server/server_builder.cc src/cpp/server/server_callback.cc src/cpp/server/server_cc.cc @@ -16624,8 +16562,7 @@ add_executable(wire_writer_test src/core/ext/transport/binder/client/endpoint_binder_pool.cc src/core/ext/transport/binder/client/jni_utils.cc src/core/ext/transport/binder/client/security_policy_setting.cc - src/core/ext/transport/binder/security_policy/internal_only_security_policy.cc - src/core/ext/transport/binder/security_policy/untrusted_security_policy.cc + src/core/ext/transport/binder/security_policy/binder_security_policy.cc src/core/ext/transport/binder/server/binder_server.cc src/core/ext/transport/binder/server/binder_server_credentials.cc src/core/ext/transport/binder/transport/binder_transport.cc @@ -16643,23 +16580,14 @@ add_executable(wire_writer_test src/cpp/client/create_channel_internal.cc src/cpp/client/create_channel_posix.cc src/cpp/client/credentials_cc.cc - src/cpp/client/insecure_credentials.cc - src/cpp/client/secure_credentials.cc src/cpp/codegen/codegen_init.cc src/cpp/common/alarm.cc - src/cpp/common/auth_property_iterator.cc src/cpp/common/channel_arguments.cc src/cpp/common/channel_filter.cc src/cpp/common/completion_queue_cc.cc src/cpp/common/core_codegen.cc src/cpp/common/resource_quota_cc.cc src/cpp/common/rpc_method.cc - src/cpp/common/secure_auth_context.cc - src/cpp/common/secure_channel_arguments.cc - src/cpp/common/secure_create_auth_context.cc - src/cpp/common/tls_certificate_provider.cc - src/cpp/common/tls_credentials_options.cc - src/cpp/common/tls_credentials_options_util.cc src/cpp/common/validate_service_config.cc src/cpp/common/version_cc.cc src/cpp/server/async_generic_service.cc @@ -16670,8 +16598,6 @@ add_executable(wire_writer_test src/cpp/server/health/default_health_check_service.cc src/cpp/server/health/health_check_service.cc src/cpp/server/health/health_check_service_server_builder_option.cc - src/cpp/server/insecure_server_credentials.cc - src/cpp/server/secure_server_credentials.cc src/cpp/server/server_builder.cc src/cpp/server/server_callback.cc src/cpp/server/server_cc.cc diff --git a/build_autogenerated.yaml b/build_autogenerated.yaml index 241ef2a9eb9..0eb592c3c6d 100644 --- a/build_autogenerated.yaml +++ b/build_autogenerated.yaml @@ -4620,17 +4620,12 @@ targets: language: c++ headers: - src/core/ext/transport/binder/client/binder_connector.h - - src/core/ext/transport/binder/client/channel_create.h - src/core/ext/transport/binder/client/channel_create_impl.h - src/core/ext/transport/binder/client/connection_id_generator.h - src/core/ext/transport/binder/client/endpoint_binder_pool.h - src/core/ext/transport/binder/client/jni_utils.h - src/core/ext/transport/binder/client/security_policy_setting.h - - src/core/ext/transport/binder/security_policy/internal_only_security_policy.h - - src/core/ext/transport/binder/security_policy/security_policy.h - - src/core/ext/transport/binder/security_policy/untrusted_security_policy.h - src/core/ext/transport/binder/server/binder_server.h - - src/core/ext/transport/binder/server/binder_server_credentials.h - src/core/ext/transport/binder/transport/binder_stream.h - src/core/ext/transport/binder/transport/binder_transport.h - src/core/ext/transport/binder/utils/transport_stream_receiver.h @@ -4655,8 +4650,7 @@ targets: - src/core/ext/transport/binder/client/endpoint_binder_pool.cc - src/core/ext/transport/binder/client/jni_utils.cc - src/core/ext/transport/binder/client/security_policy_setting.cc - - src/core/ext/transport/binder/security_policy/internal_only_security_policy.cc - - src/core/ext/transport/binder/security_policy/untrusted_security_policy.cc + - src/core/ext/transport/binder/security_policy/binder_security_policy.cc - src/core/ext/transport/binder/server/binder_server.cc - src/core/ext/transport/binder/server/binder_server_credentials.cc - src/core/ext/transport/binder/transport/binder_transport.cc @@ -4678,17 +4672,12 @@ targets: language: c++ headers: - src/core/ext/transport/binder/client/binder_connector.h - - src/core/ext/transport/binder/client/channel_create.h - src/core/ext/transport/binder/client/channel_create_impl.h - src/core/ext/transport/binder/client/connection_id_generator.h - src/core/ext/transport/binder/client/endpoint_binder_pool.h - src/core/ext/transport/binder/client/jni_utils.h - src/core/ext/transport/binder/client/security_policy_setting.h - - src/core/ext/transport/binder/security_policy/internal_only_security_policy.h - - src/core/ext/transport/binder/security_policy/security_policy.h - - src/core/ext/transport/binder/security_policy/untrusted_security_policy.h - src/core/ext/transport/binder/server/binder_server.h - - src/core/ext/transport/binder/server/binder_server_credentials.h - src/core/ext/transport/binder/transport/binder_stream.h - src/core/ext/transport/binder/transport/binder_transport.h - src/core/ext/transport/binder/utils/transport_stream_receiver.h @@ -4701,14 +4690,10 @@ targets: - src/core/ext/transport/binder/wire_format/wire_reader_impl.h - src/core/ext/transport/binder/wire_format/wire_writer.h - src/cpp/client/create_channel_internal.h - - src/cpp/client/secure_credentials.h - src/cpp/common/channel_filter.h - - src/cpp/common/secure_auth_context.h - - src/cpp/common/tls_credentials_options_util.h - src/cpp/server/dynamic_thread_pool.h - src/cpp/server/external_connection_acceptor_impl.h - src/cpp/server/health/default_health_check_service.h - - src/cpp/server/secure_server_credentials.h - src/cpp/server/thread_pool_interface.h - src/cpp/thread_manager/thread_manager.h - test/core/transport/binder/mock_objects.h @@ -4720,8 +4705,7 @@ targets: - src/core/ext/transport/binder/client/endpoint_binder_pool.cc - src/core/ext/transport/binder/client/jni_utils.cc - src/core/ext/transport/binder/client/security_policy_setting.cc - - src/core/ext/transport/binder/security_policy/internal_only_security_policy.cc - - src/core/ext/transport/binder/security_policy/untrusted_security_policy.cc + - src/core/ext/transport/binder/security_policy/binder_security_policy.cc - src/core/ext/transport/binder/server/binder_server.cc - src/core/ext/transport/binder/server/binder_server_credentials.cc - src/core/ext/transport/binder/transport/binder_transport.cc @@ -4739,23 +4723,14 @@ targets: - src/cpp/client/create_channel_internal.cc - src/cpp/client/create_channel_posix.cc - src/cpp/client/credentials_cc.cc - - src/cpp/client/insecure_credentials.cc - - src/cpp/client/secure_credentials.cc - src/cpp/codegen/codegen_init.cc - src/cpp/common/alarm.cc - - src/cpp/common/auth_property_iterator.cc - src/cpp/common/channel_arguments.cc - src/cpp/common/channel_filter.cc - src/cpp/common/completion_queue_cc.cc - src/cpp/common/core_codegen.cc - src/cpp/common/resource_quota_cc.cc - src/cpp/common/rpc_method.cc - - src/cpp/common/secure_auth_context.cc - - src/cpp/common/secure_channel_arguments.cc - - src/cpp/common/secure_create_auth_context.cc - - src/cpp/common/tls_certificate_provider.cc - - src/cpp/common/tls_credentials_options.cc - - src/cpp/common/tls_credentials_options_util.cc - src/cpp/common/validate_service_config.cc - src/cpp/common/version_cc.cc - src/cpp/server/async_generic_service.cc @@ -4766,8 +4741,6 @@ targets: - src/cpp/server/health/default_health_check_service.cc - src/cpp/server/health/health_check_service.cc - src/cpp/server/health/health_check_service_server_builder_option.cc - - src/cpp/server/insecure_server_credentials.cc - - src/cpp/server/secure_server_credentials.cc - src/cpp/server/server_builder.cc - src/cpp/server/server_callback.cc - src/cpp/server/server_cc.cc @@ -5465,17 +5438,12 @@ targets: language: c++ headers: - src/core/ext/transport/binder/client/binder_connector.h - - src/core/ext/transport/binder/client/channel_create.h - src/core/ext/transport/binder/client/channel_create_impl.h - src/core/ext/transport/binder/client/connection_id_generator.h - src/core/ext/transport/binder/client/endpoint_binder_pool.h - src/core/ext/transport/binder/client/jni_utils.h - src/core/ext/transport/binder/client/security_policy_setting.h - - src/core/ext/transport/binder/security_policy/internal_only_security_policy.h - - src/core/ext/transport/binder/security_policy/security_policy.h - - src/core/ext/transport/binder/security_policy/untrusted_security_policy.h - src/core/ext/transport/binder/server/binder_server.h - - src/core/ext/transport/binder/server/binder_server_credentials.h - src/core/ext/transport/binder/transport/binder_stream.h - src/core/ext/transport/binder/transport/binder_transport.h - src/core/ext/transport/binder/utils/transport_stream_receiver.h @@ -5501,8 +5469,7 @@ targets: - src/core/ext/transport/binder/client/endpoint_binder_pool.cc - src/core/ext/transport/binder/client/jni_utils.cc - src/core/ext/transport/binder/client/security_policy_setting.cc - - src/core/ext/transport/binder/security_policy/internal_only_security_policy.cc - - src/core/ext/transport/binder/security_policy/untrusted_security_policy.cc + - src/core/ext/transport/binder/security_policy/binder_security_policy.cc - src/core/ext/transport/binder/server/binder_server.cc - src/core/ext/transport/binder/server/binder_server_credentials.cc - src/core/ext/transport/binder/transport/binder_transport.cc @@ -5544,17 +5511,12 @@ targets: language: c++ headers: - src/core/ext/transport/binder/client/binder_connector.h - - src/core/ext/transport/binder/client/channel_create.h - src/core/ext/transport/binder/client/channel_create_impl.h - src/core/ext/transport/binder/client/connection_id_generator.h - src/core/ext/transport/binder/client/endpoint_binder_pool.h - src/core/ext/transport/binder/client/jni_utils.h - src/core/ext/transport/binder/client/security_policy_setting.h - - src/core/ext/transport/binder/security_policy/internal_only_security_policy.h - - src/core/ext/transport/binder/security_policy/security_policy.h - - src/core/ext/transport/binder/security_policy/untrusted_security_policy.h - src/core/ext/transport/binder/server/binder_server.h - - src/core/ext/transport/binder/server/binder_server_credentials.h - src/core/ext/transport/binder/transport/binder_stream.h - src/core/ext/transport/binder/transport/binder_transport.h - src/core/ext/transport/binder/utils/transport_stream_receiver.h @@ -5567,14 +5529,10 @@ targets: - src/core/ext/transport/binder/wire_format/wire_reader_impl.h - src/core/ext/transport/binder/wire_format/wire_writer.h - src/cpp/client/create_channel_internal.h - - src/cpp/client/secure_credentials.h - src/cpp/common/channel_filter.h - - src/cpp/common/secure_auth_context.h - - src/cpp/common/tls_credentials_options_util.h - src/cpp/server/dynamic_thread_pool.h - src/cpp/server/external_connection_acceptor_impl.h - src/cpp/server/health/default_health_check_service.h - - src/cpp/server/secure_server_credentials.h - src/cpp/server/thread_pool_interface.h - src/cpp/thread_manager/thread_manager.h - test/core/transport/binder/mock_objects.h @@ -5586,8 +5544,7 @@ targets: - src/core/ext/transport/binder/client/endpoint_binder_pool.cc - src/core/ext/transport/binder/client/jni_utils.cc - src/core/ext/transport/binder/client/security_policy_setting.cc - - src/core/ext/transport/binder/security_policy/internal_only_security_policy.cc - - src/core/ext/transport/binder/security_policy/untrusted_security_policy.cc + - src/core/ext/transport/binder/security_policy/binder_security_policy.cc - src/core/ext/transport/binder/server/binder_server.cc - src/core/ext/transport/binder/server/binder_server_credentials.cc - src/core/ext/transport/binder/transport/binder_transport.cc @@ -5605,23 +5562,14 @@ targets: - src/cpp/client/create_channel_internal.cc - src/cpp/client/create_channel_posix.cc - src/cpp/client/credentials_cc.cc - - src/cpp/client/insecure_credentials.cc - - src/cpp/client/secure_credentials.cc - src/cpp/codegen/codegen_init.cc - src/cpp/common/alarm.cc - - src/cpp/common/auth_property_iterator.cc - src/cpp/common/channel_arguments.cc - src/cpp/common/channel_filter.cc - src/cpp/common/completion_queue_cc.cc - src/cpp/common/core_codegen.cc - src/cpp/common/resource_quota_cc.cc - src/cpp/common/rpc_method.cc - - src/cpp/common/secure_auth_context.cc - - src/cpp/common/secure_channel_arguments.cc - - src/cpp/common/secure_create_auth_context.cc - - src/cpp/common/tls_certificate_provider.cc - - src/cpp/common/tls_credentials_options.cc - - src/cpp/common/tls_credentials_options_util.cc - src/cpp/common/validate_service_config.cc - src/cpp/common/version_cc.cc - src/cpp/server/async_generic_service.cc @@ -5632,8 +5580,6 @@ targets: - src/cpp/server/health/default_health_check_service.cc - src/cpp/server/health/health_check_service.cc - src/cpp/server/health/health_check_service_server_builder_option.cc - - src/cpp/server/insecure_server_credentials.cc - - src/cpp/server/secure_server_credentials.cc - src/cpp/server/server_builder.cc - src/cpp/server/server_callback.cc - src/cpp/server/server_cc.cc @@ -5780,17 +5726,12 @@ targets: language: c++ headers: - src/core/ext/transport/binder/client/binder_connector.h - - src/core/ext/transport/binder/client/channel_create.h - src/core/ext/transport/binder/client/channel_create_impl.h - src/core/ext/transport/binder/client/connection_id_generator.h - src/core/ext/transport/binder/client/endpoint_binder_pool.h - src/core/ext/transport/binder/client/jni_utils.h - src/core/ext/transport/binder/client/security_policy_setting.h - - src/core/ext/transport/binder/security_policy/internal_only_security_policy.h - - src/core/ext/transport/binder/security_policy/security_policy.h - - src/core/ext/transport/binder/security_policy/untrusted_security_policy.h - src/core/ext/transport/binder/server/binder_server.h - - src/core/ext/transport/binder/server/binder_server_credentials.h - src/core/ext/transport/binder/transport/binder_stream.h - src/core/ext/transport/binder/transport/binder_transport.h - src/core/ext/transport/binder/utils/transport_stream_receiver.h @@ -5803,14 +5744,10 @@ targets: - src/core/ext/transport/binder/wire_format/wire_reader_impl.h - src/core/ext/transport/binder/wire_format/wire_writer.h - src/cpp/client/create_channel_internal.h - - src/cpp/client/secure_credentials.h - src/cpp/common/channel_filter.h - - src/cpp/common/secure_auth_context.h - - src/cpp/common/tls_credentials_options_util.h - src/cpp/server/dynamic_thread_pool.h - src/cpp/server/external_connection_acceptor_impl.h - src/cpp/server/health/default_health_check_service.h - - src/cpp/server/secure_server_credentials.h - src/cpp/server/thread_pool_interface.h - src/cpp/thread_manager/thread_manager.h - test/core/transport/binder/end2end/fake_binder.h @@ -5822,8 +5759,7 @@ targets: - src/core/ext/transport/binder/client/endpoint_binder_pool.cc - src/core/ext/transport/binder/client/jni_utils.cc - src/core/ext/transport/binder/client/security_policy_setting.cc - - src/core/ext/transport/binder/security_policy/internal_only_security_policy.cc - - src/core/ext/transport/binder/security_policy/untrusted_security_policy.cc + - src/core/ext/transport/binder/security_policy/binder_security_policy.cc - src/core/ext/transport/binder/server/binder_server.cc - src/core/ext/transport/binder/server/binder_server_credentials.cc - src/core/ext/transport/binder/transport/binder_transport.cc @@ -5841,23 +5777,14 @@ targets: - src/cpp/client/create_channel_internal.cc - src/cpp/client/create_channel_posix.cc - src/cpp/client/credentials_cc.cc - - src/cpp/client/insecure_credentials.cc - - src/cpp/client/secure_credentials.cc - src/cpp/codegen/codegen_init.cc - src/cpp/common/alarm.cc - - src/cpp/common/auth_property_iterator.cc - src/cpp/common/channel_arguments.cc - src/cpp/common/channel_filter.cc - src/cpp/common/completion_queue_cc.cc - src/cpp/common/core_codegen.cc - src/cpp/common/resource_quota_cc.cc - src/cpp/common/rpc_method.cc - - src/cpp/common/secure_auth_context.cc - - src/cpp/common/secure_channel_arguments.cc - - src/cpp/common/secure_create_auth_context.cc - - src/cpp/common/tls_certificate_provider.cc - - src/cpp/common/tls_credentials_options.cc - - src/cpp/common/tls_credentials_options_util.cc - src/cpp/common/validate_service_config.cc - src/cpp/common/version_cc.cc - src/cpp/server/async_generic_service.cc @@ -5868,8 +5795,6 @@ targets: - src/cpp/server/health/default_health_check_service.cc - src/cpp/server/health/health_check_service.cc - src/cpp/server/health/health_check_service_server_builder_option.cc - - src/cpp/server/insecure_server_credentials.cc - - src/cpp/server/secure_server_credentials.cc - src/cpp/server/server_builder.cc - src/cpp/server/server_callback.cc - src/cpp/server/server_cc.cc @@ -8169,17 +8094,12 @@ targets: language: c++ headers: - src/core/ext/transport/binder/client/binder_connector.h - - src/core/ext/transport/binder/client/channel_create.h - src/core/ext/transport/binder/client/channel_create_impl.h - src/core/ext/transport/binder/client/connection_id_generator.h - src/core/ext/transport/binder/client/endpoint_binder_pool.h - src/core/ext/transport/binder/client/jni_utils.h - src/core/ext/transport/binder/client/security_policy_setting.h - - src/core/ext/transport/binder/security_policy/internal_only_security_policy.h - - src/core/ext/transport/binder/security_policy/security_policy.h - - src/core/ext/transport/binder/security_policy/untrusted_security_policy.h - src/core/ext/transport/binder/server/binder_server.h - - src/core/ext/transport/binder/server/binder_server_credentials.h - src/core/ext/transport/binder/transport/binder_stream.h - src/core/ext/transport/binder/transport/binder_transport.h - src/core/ext/transport/binder/utils/transport_stream_receiver.h @@ -8192,14 +8112,10 @@ targets: - src/core/ext/transport/binder/wire_format/wire_reader_impl.h - src/core/ext/transport/binder/wire_format/wire_writer.h - src/cpp/client/create_channel_internal.h - - src/cpp/client/secure_credentials.h - src/cpp/common/channel_filter.h - - src/cpp/common/secure_auth_context.h - - src/cpp/common/tls_credentials_options_util.h - src/cpp/server/dynamic_thread_pool.h - src/cpp/server/external_connection_acceptor_impl.h - src/cpp/server/health/default_health_check_service.h - - src/cpp/server/secure_server_credentials.h - src/cpp/server/thread_pool_interface.h - src/cpp/thread_manager/thread_manager.h src: @@ -8210,8 +8126,7 @@ targets: - src/core/ext/transport/binder/client/endpoint_binder_pool.cc - src/core/ext/transport/binder/client/jni_utils.cc - src/core/ext/transport/binder/client/security_policy_setting.cc - - src/core/ext/transport/binder/security_policy/internal_only_security_policy.cc - - src/core/ext/transport/binder/security_policy/untrusted_security_policy.cc + - src/core/ext/transport/binder/security_policy/binder_security_policy.cc - src/core/ext/transport/binder/server/binder_server.cc - src/core/ext/transport/binder/server/binder_server_credentials.cc - src/core/ext/transport/binder/transport/binder_transport.cc @@ -8229,23 +8144,14 @@ targets: - src/cpp/client/create_channel_internal.cc - src/cpp/client/create_channel_posix.cc - src/cpp/client/credentials_cc.cc - - src/cpp/client/insecure_credentials.cc - - src/cpp/client/secure_credentials.cc - src/cpp/codegen/codegen_init.cc - src/cpp/common/alarm.cc - - src/cpp/common/auth_property_iterator.cc - src/cpp/common/channel_arguments.cc - src/cpp/common/channel_filter.cc - src/cpp/common/completion_queue_cc.cc - src/cpp/common/core_codegen.cc - src/cpp/common/resource_quota_cc.cc - src/cpp/common/rpc_method.cc - - src/cpp/common/secure_auth_context.cc - - src/cpp/common/secure_channel_arguments.cc - - src/cpp/common/secure_create_auth_context.cc - - src/cpp/common/tls_certificate_provider.cc - - src/cpp/common/tls_credentials_options.cc - - src/cpp/common/tls_credentials_options_util.cc - src/cpp/common/validate_service_config.cc - src/cpp/common/version_cc.cc - src/cpp/server/async_generic_service.cc @@ -8256,8 +8162,6 @@ targets: - src/cpp/server/health/default_health_check_service.cc - src/cpp/server/health/health_check_service.cc - src/cpp/server/health/health_check_service_server_builder_option.cc - - src/cpp/server/insecure_server_credentials.cc - - src/cpp/server/secure_server_credentials.cc - src/cpp/server/server_builder.cc - src/cpp/server/server_callback.cc - src/cpp/server/server_cc.cc @@ -8365,17 +8269,12 @@ targets: language: c++ headers: - src/core/ext/transport/binder/client/binder_connector.h - - src/core/ext/transport/binder/client/channel_create.h - src/core/ext/transport/binder/client/channel_create_impl.h - src/core/ext/transport/binder/client/connection_id_generator.h - src/core/ext/transport/binder/client/endpoint_binder_pool.h - src/core/ext/transport/binder/client/jni_utils.h - src/core/ext/transport/binder/client/security_policy_setting.h - - src/core/ext/transport/binder/security_policy/internal_only_security_policy.h - - src/core/ext/transport/binder/security_policy/security_policy.h - - src/core/ext/transport/binder/security_policy/untrusted_security_policy.h - src/core/ext/transport/binder/server/binder_server.h - - src/core/ext/transport/binder/server/binder_server_credentials.h - src/core/ext/transport/binder/transport/binder_stream.h - src/core/ext/transport/binder/transport/binder_transport.h - src/core/ext/transport/binder/utils/transport_stream_receiver.h @@ -8388,14 +8287,10 @@ targets: - src/core/ext/transport/binder/wire_format/wire_reader_impl.h - src/core/ext/transport/binder/wire_format/wire_writer.h - src/cpp/client/create_channel_internal.h - - src/cpp/client/secure_credentials.h - src/cpp/common/channel_filter.h - - src/cpp/common/secure_auth_context.h - - src/cpp/common/tls_credentials_options_util.h - src/cpp/server/dynamic_thread_pool.h - src/cpp/server/external_connection_acceptor_impl.h - src/cpp/server/health/default_health_check_service.h - - src/cpp/server/secure_server_credentials.h - src/cpp/server/thread_pool_interface.h - src/cpp/thread_manager/thread_manager.h - test/core/transport/binder/mock_objects.h @@ -8407,8 +8302,7 @@ targets: - src/core/ext/transport/binder/client/endpoint_binder_pool.cc - src/core/ext/transport/binder/client/jni_utils.cc - src/core/ext/transport/binder/client/security_policy_setting.cc - - src/core/ext/transport/binder/security_policy/internal_only_security_policy.cc - - src/core/ext/transport/binder/security_policy/untrusted_security_policy.cc + - src/core/ext/transport/binder/security_policy/binder_security_policy.cc - src/core/ext/transport/binder/server/binder_server.cc - src/core/ext/transport/binder/server/binder_server_credentials.cc - src/core/ext/transport/binder/transport/binder_transport.cc @@ -8426,23 +8320,14 @@ targets: - src/cpp/client/create_channel_internal.cc - src/cpp/client/create_channel_posix.cc - src/cpp/client/credentials_cc.cc - - src/cpp/client/insecure_credentials.cc - - src/cpp/client/secure_credentials.cc - src/cpp/codegen/codegen_init.cc - src/cpp/common/alarm.cc - - src/cpp/common/auth_property_iterator.cc - src/cpp/common/channel_arguments.cc - src/cpp/common/channel_filter.cc - src/cpp/common/completion_queue_cc.cc - src/cpp/common/core_codegen.cc - src/cpp/common/resource_quota_cc.cc - src/cpp/common/rpc_method.cc - - src/cpp/common/secure_auth_context.cc - - src/cpp/common/secure_channel_arguments.cc - - src/cpp/common/secure_create_auth_context.cc - - src/cpp/common/tls_certificate_provider.cc - - src/cpp/common/tls_credentials_options.cc - - src/cpp/common/tls_credentials_options_util.cc - src/cpp/common/validate_service_config.cc - src/cpp/common/version_cc.cc - src/cpp/server/async_generic_service.cc @@ -8453,8 +8338,6 @@ targets: - src/cpp/server/health/default_health_check_service.cc - src/cpp/server/health/health_check_service.cc - src/cpp/server/health/health_check_service_server_builder_option.cc - - src/cpp/server/insecure_server_credentials.cc - - src/cpp/server/secure_server_credentials.cc - src/cpp/server/server_builder.cc - src/cpp/server/server_callback.cc - src/cpp/server/server_cc.cc @@ -8477,17 +8360,12 @@ targets: language: c++ headers: - src/core/ext/transport/binder/client/binder_connector.h - - src/core/ext/transport/binder/client/channel_create.h - src/core/ext/transport/binder/client/channel_create_impl.h - src/core/ext/transport/binder/client/connection_id_generator.h - src/core/ext/transport/binder/client/endpoint_binder_pool.h - src/core/ext/transport/binder/client/jni_utils.h - src/core/ext/transport/binder/client/security_policy_setting.h - - src/core/ext/transport/binder/security_policy/internal_only_security_policy.h - - src/core/ext/transport/binder/security_policy/security_policy.h - - src/core/ext/transport/binder/security_policy/untrusted_security_policy.h - src/core/ext/transport/binder/server/binder_server.h - - src/core/ext/transport/binder/server/binder_server_credentials.h - src/core/ext/transport/binder/transport/binder_stream.h - src/core/ext/transport/binder/transport/binder_transport.h - src/core/ext/transport/binder/utils/transport_stream_receiver.h @@ -8500,14 +8378,10 @@ targets: - src/core/ext/transport/binder/wire_format/wire_reader_impl.h - src/core/ext/transport/binder/wire_format/wire_writer.h - src/cpp/client/create_channel_internal.h - - src/cpp/client/secure_credentials.h - src/cpp/common/channel_filter.h - - src/cpp/common/secure_auth_context.h - - src/cpp/common/tls_credentials_options_util.h - src/cpp/server/dynamic_thread_pool.h - src/cpp/server/external_connection_acceptor_impl.h - src/cpp/server/health/default_health_check_service.h - - src/cpp/server/secure_server_credentials.h - src/cpp/server/thread_pool_interface.h - src/cpp/thread_manager/thread_manager.h - test/core/transport/binder/mock_objects.h @@ -8519,8 +8393,7 @@ targets: - src/core/ext/transport/binder/client/endpoint_binder_pool.cc - src/core/ext/transport/binder/client/jni_utils.cc - src/core/ext/transport/binder/client/security_policy_setting.cc - - src/core/ext/transport/binder/security_policy/internal_only_security_policy.cc - - src/core/ext/transport/binder/security_policy/untrusted_security_policy.cc + - src/core/ext/transport/binder/security_policy/binder_security_policy.cc - src/core/ext/transport/binder/server/binder_server.cc - src/core/ext/transport/binder/server/binder_server_credentials.cc - src/core/ext/transport/binder/transport/binder_transport.cc @@ -8538,23 +8411,14 @@ targets: - src/cpp/client/create_channel_internal.cc - src/cpp/client/create_channel_posix.cc - src/cpp/client/credentials_cc.cc - - src/cpp/client/insecure_credentials.cc - - src/cpp/client/secure_credentials.cc - src/cpp/codegen/codegen_init.cc - src/cpp/common/alarm.cc - - src/cpp/common/auth_property_iterator.cc - src/cpp/common/channel_arguments.cc - src/cpp/common/channel_filter.cc - src/cpp/common/completion_queue_cc.cc - src/cpp/common/core_codegen.cc - src/cpp/common/resource_quota_cc.cc - src/cpp/common/rpc_method.cc - - src/cpp/common/secure_auth_context.cc - - src/cpp/common/secure_channel_arguments.cc - - src/cpp/common/secure_create_auth_context.cc - - src/cpp/common/tls_certificate_provider.cc - - src/cpp/common/tls_credentials_options.cc - - src/cpp/common/tls_credentials_options_util.cc - src/cpp/common/validate_service_config.cc - src/cpp/common/version_cc.cc - src/cpp/server/async_generic_service.cc @@ -8565,8 +8429,6 @@ targets: - src/cpp/server/health/default_health_check_service.cc - src/cpp/server/health/health_check_service.cc - src/cpp/server/health/health_check_service_server_builder_option.cc - - src/cpp/server/insecure_server_credentials.cc - - src/cpp/server/secure_server_credentials.cc - src/cpp/server/server_builder.cc - src/cpp/server/server_callback.cc - src/cpp/server/server_cc.cc diff --git a/examples/android/binder/java/io/grpc/binder/cpp/exampleclient/native.cc b/examples/android/binder/java/io/grpc/binder/cpp/exampleclient/native.cc index 435e541ee9d..2f0e7b91426 100644 --- a/examples/android/binder/java/io/grpc/binder/cpp/exampleclient/native.cc +++ b/examples/android/binder/java/io/grpc/binder/cpp/exampleclient/native.cc @@ -18,8 +18,8 @@ #include "examples/protos/helloworld.grpc.pb.h" #include "examples/protos/helloworld.pb.h" -#include "src/core/ext/transport/binder/client/channel_create.h" -#include "src/core/ext/transport/binder/security_policy/untrusted_security_policy.h" +#include +#include extern "C" JNIEXPORT jstring JNICALL Java_io_grpc_binder_cpp_exampleclient_ButtonPressHandler_native_1entry( diff --git a/examples/android/binder/java/io/grpc/binder/cpp/exampleserver/native.cc b/examples/android/binder/java/io/grpc/binder/cpp/exampleserver/native.cc index 2afe578b8bd..ef77d60a73b 100644 --- a/examples/android/binder/java/io/grpc/binder/cpp/exampleserver/native.cc +++ b/examples/android/binder/java/io/grpc/binder/cpp/exampleserver/native.cc @@ -23,10 +23,8 @@ #include "examples/protos/helloworld.pb.h" #include - -#include "src/core/ext/transport/binder/security_policy/untrusted_security_policy.h" -#include "src/core/ext/transport/binder/server/binder_server.h" -#include "src/core/ext/transport/binder/server/binder_server_credentials.h" +#include +#include namespace { class GreeterService : public helloworld::Greeter::Service { diff --git a/include/grpcpp/create_channel_binder.h b/include/grpcpp/create_channel_binder.h new file mode 100644 index 00000000000..a724e871fae --- /dev/null +++ b/include/grpcpp/create_channel_binder.h @@ -0,0 +1,77 @@ +// Copyright 2021 gRPC authors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +#ifndef GRPCPP_CREATE_CHANNEL_BINDER_H +#define GRPCPP_CREATE_CHANNEL_BINDER_H + +#include + +#ifdef GPR_ANDROID + +#include + +#include + +#include "absl/strings/string_view.h" + +#include +#include +#include + +namespace grpc { +namespace experimental { + +/// EXPERIMENTAL Create a new \a Channel based on binder transport. The package +/// name and class name will be used identify the specific application component +/// to connect to. +/// +/// \param jni_env Pointer to a JNIEnv structure +/// \param context The context that we will use to invoke \a bindService See +/// https://developer.android.com/reference/android/content/Context#bindService(android.content.Intent,%20android.content.ServiceConnection,%20int) +/// for detail. +/// \param package_name Package name of the component to be connected to +/// \param class_name Class name of the component to be connected to +/// \param security_policy Used for checking if remote component is allowed to +/// connect +std::shared_ptr CreateBinderChannel( + void* jni_env, jobject context, absl::string_view package_name, + absl::string_view class_name, + std::shared_ptr + security_policy); + +/// EXPERIMENTAL Create a new \a Channel based on binder transport. The package +/// name and class name will be used identify the specific application component +/// to connect to. +/// +/// \param jni_env Pointer to a JNIEnv structure +/// \param context The context that we will use to invoke \a bindService See +/// https://developer.android.com/reference/android/content/Context#bindService(android.content.Intent,%20android.content.ServiceConnection,%20int) +/// for detail. +/// \param package_name Package name of the component to be connected to +/// \param class_name Class name of the component to be connected to +/// \param security_policy Used for checking if remote component is allowed to +/// connect +/// \param args Options for channel creation. +std::shared_ptr CreateCustomBinderChannel( + void* jni_env_void, jobject application, absl::string_view package_name, + absl::string_view class_name, + std::shared_ptr security_policy, + const ChannelArguments& args); + +} // namespace experimental +} // namespace grpc + +#endif + +#endif // GRPCPP_CREATE_CHANNEL_BINDER_H diff --git a/src/core/ext/transport/binder/server/binder_server_credentials.h b/include/grpcpp/security/binder_credentials.h similarity index 58% rename from src/core/ext/transport/binder/server/binder_server_credentials.h rename to include/grpcpp/security/binder_credentials.h index 9e40562bb39..f511837ef2e 100644 --- a/src/core/ext/transport/binder/server/binder_server_credentials.h +++ b/include/grpcpp/security/binder_credentials.h @@ -12,23 +12,27 @@ // See the License for the specific language governing permissions and // limitations under the License. -#ifndef GRPC_CORE_EXT_TRANSPORT_BINDER_SERVER_BINDER_SERVER_CREDENTIALS_H -#define GRPC_CORE_EXT_TRANSPORT_BINDER_SERVER_BINDER_SERVER_CREDENTIALS_H +#ifndef GRPCPP_SECURITY_BINDER_CREDENTIALS_H +#define GRPCPP_SECURITY_BINDER_CREDENTIALS_H -#include +#include +#include #include -#include "src/core/ext/transport/binder/security_policy/security_policy.h" - namespace grpc { + +class ChannelCredentials; + namespace experimental { -/// Builds Binder ServerCredentials. +/// EXPERIMENTAL Builds Binder ServerCredentials. /// -/// Calling \a ServerBuilder::AddListeningPort() with Binder ServerCredentials -/// in a non-Android environment will make the subsequent call to -/// \a ServerBuilder::BuildAndStart() returns a null pointer. +/// This should be used along with `binder:` URI scheme. The path in the URI can +/// later be used to access the server's endpoint binder. +/// Note that calling \a ServerBuilder::AddListeningPort() with Binder +/// ServerCredentials in a non-supported environment will make the subsequent +/// call to \a ServerBuilder::BuildAndStart() return a null pointer. std::shared_ptr BinderServerCredentials( std::shared_ptr security_policy); @@ -36,4 +40,4 @@ std::shared_ptr BinderServerCredentials( } // namespace experimental } // namespace grpc -#endif // GRPC_CORE_EXT_TRANSPORT_BINDER_SERVER_BINDER_SERVER_CREDENTIALS_H +#endif // GRPCPP_SECURITY_BINDER_CREDENTIALS_H diff --git a/include/grpcpp/security/binder_security_policy.h b/include/grpcpp/security/binder_security_policy.h new file mode 100644 index 00000000000..9b825e759b1 --- /dev/null +++ b/include/grpcpp/security/binder_security_policy.h @@ -0,0 +1,58 @@ +// Copyright 2021 gRPC authors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +#ifndef GRPCPP_SECURITY_BINDER_SECURITY_POLICY_H +#define GRPCPP_SECURITY_BINDER_SECURITY_POLICY_H + +#include + +namespace grpc { +namespace experimental { +namespace binder { + +// EXPERIMENTAL Determinines if a connection is allowed to be +// established on Android. See https://source.android.com/security/app-sandbox +// for more info about UID. +class SecurityPolicy { + public: + virtual ~SecurityPolicy() = default; + // Returns true if the UID is authorized to connect. + // Must return the same value for the same inputs so callers can safely cache + // the result. + virtual bool IsAuthorized(int uid) = 0; +}; + +// EXPERIMENTAL Allows all connection. Anything on the Android device will be +// able to connect, use with caution! +class UntrustedSecurityPolicy : public SecurityPolicy { + public: + UntrustedSecurityPolicy(); + ~UntrustedSecurityPolicy() override; + bool IsAuthorized(int uid) override; +}; + +// EXPERIMENTAL Only allows the connections from processes with the same UID. In +// most cases this means "from the same APK". +class InternalOnlySecurityPolicy : public SecurityPolicy { + public: + InternalOnlySecurityPolicy(); + ~InternalOnlySecurityPolicy() override; + bool IsAuthorized(int uid) override; +}; + +} // namespace binder +} // namespace experimental +} // namespace grpc + +#endif // GRPCPP_SECURITY_BINDER_SECURITY_POLICY_H diff --git a/src/core/ext/transport/binder/client/binder_connector.cc b/src/core/ext/transport/binder/client/binder_connector.cc index f01c3f7722c..cd6f6653665 100644 --- a/src/core/ext/transport/binder/client/binder_connector.cc +++ b/src/core/ext/transport/binder/client/binder_connector.cc @@ -25,11 +25,12 @@ #include #include +#include + #include "src/core/ext/filters/client_channel/connector.h" #include "src/core/ext/filters/client_channel/subchannel.h" #include "src/core/ext/transport/binder/client/endpoint_binder_pool.h" #include "src/core/ext/transport/binder/client/security_policy_setting.h" -#include "src/core/ext/transport/binder/security_policy/untrusted_security_policy.h" #include "src/core/ext/transport/binder/transport/binder_transport.h" #include "src/core/ext/transport/binder/wire_format/binder.h" diff --git a/src/core/ext/transport/binder/client/channel_create.cc b/src/core/ext/transport/binder/client/channel_create.cc index 7280b1dac62..37fbdc0eaf3 100644 --- a/src/core/ext/transport/binder/client/channel_create.cc +++ b/src/core/ext/transport/binder/client/channel_create.cc @@ -14,7 +14,7 @@ #include -#include "src/core/ext/transport/binder/client/channel_create.h" +#include // The interface is only defined if GPR_ANDROID is defined, because some // arguments requires JNI. diff --git a/src/core/ext/transport/binder/client/channel_create.h b/src/core/ext/transport/binder/client/channel_create.h deleted file mode 100644 index 3ff873a372f..00000000000 --- a/src/core/ext/transport/binder/client/channel_create.h +++ /dev/null @@ -1,57 +0,0 @@ -// Copyright 2021 gRPC authors. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#ifndef GRPC_CORE_EXT_TRANSPORT_BINDER_CLIENT_CHANNEL_CREATE_H -#define GRPC_CORE_EXT_TRANSPORT_BINDER_CLIENT_CHANNEL_CREATE_H - -#include - -#include "src/core/ext/transport/binder/security_policy/security_policy.h" - -#ifdef GPR_ANDROID - -#include - -#include "absl/strings/string_view.h" - -#include -#include -#include - -namespace grpc { -namespace experimental { - -// Need to be invoked after BindToOnDeviceServerService -// Create a new Channel from server package name and service class name -std::shared_ptr CreateBinderChannel( - void* jni_env_void, jobject application, absl::string_view package_name, - absl::string_view class_name, - std::shared_ptr - security_policy); - -// Need to be invoked after BindToOnDeviceServerService -// Create a new Channel from server package name and service class name and with -// custom channel arguments. -std::shared_ptr CreateCustomBinderChannel( - void* jni_env_void, jobject application, absl::string_view package_name, - absl::string_view class_name, - std::shared_ptr security_policy, - const ChannelArguments& args); - -} // namespace experimental -} // namespace grpc - -#endif - -#endif // GRPC_CORE_EXT_TRANSPORT_BINDER_CLIENT_CHANNEL_CREATE_H diff --git a/src/core/ext/transport/binder/client/channel_create_impl.h b/src/core/ext/transport/binder/client/channel_create_impl.h index 5cd165e4703..d48fa228014 100644 --- a/src/core/ext/transport/binder/client/channel_create_impl.h +++ b/src/core/ext/transport/binder/client/channel_create_impl.h @@ -17,7 +17,8 @@ #include -#include "src/core/ext/transport/binder/security_policy/security_policy.h" +#include + #include "src/core/ext/transport/binder/wire_format/binder.h" #include "src/core/lib/channel/channel_args.h" diff --git a/src/core/ext/transport/binder/client/security_policy_setting.h b/src/core/ext/transport/binder/client/security_policy_setting.h index a35975de21c..d2516617a90 100644 --- a/src/core/ext/transport/binder/client/security_policy_setting.h +++ b/src/core/ext/transport/binder/client/security_policy_setting.h @@ -20,7 +20,8 @@ #include "absl/container/flat_hash_map.h" #include "absl/strings/string_view.h" -#include "src/core/ext/transport/binder/security_policy/security_policy.h" +#include + #include "src/core/lib/gprpp/sync.h" namespace grpc_binder { diff --git a/src/core/ext/transport/binder/security_policy/internal_only_security_policy.cc b/src/core/ext/transport/binder/security_policy/binder_security_policy.cc similarity index 75% rename from src/core/ext/transport/binder/security_policy/internal_only_security_policy.cc rename to src/core/ext/transport/binder/security_policy/binder_security_policy.cc index 91587599b2c..103153edc1b 100644 --- a/src/core/ext/transport/binder/security_policy/internal_only_security_policy.cc +++ b/src/core/ext/transport/binder/security_policy/binder_security_policy.cc @@ -14,26 +14,36 @@ #include -#include "src/core/ext/transport/binder/security_policy/internal_only_security_policy.h" +#include #ifdef GPR_ANDROID #include +#endif + namespace grpc { namespace experimental { namespace binder { +UntrustedSecurityPolicy::UntrustedSecurityPolicy() = default; + +UntrustedSecurityPolicy::~UntrustedSecurityPolicy() = default; + +bool UntrustedSecurityPolicy::IsAuthorized(int) { return true; }; + InternalOnlySecurityPolicy::InternalOnlySecurityPolicy() = default; InternalOnlySecurityPolicy::~InternalOnlySecurityPolicy() = default; +#ifdef GPR_ANDROID bool InternalOnlySecurityPolicy::IsAuthorized(int uid) { return static_cast(uid) == getuid(); -}; +} +#else +bool InternalOnlySecurityPolicy::IsAuthorized(int) { return false; } +#endif } // namespace binder } // namespace experimental } // namespace grpc - -#endif diff --git a/src/core/ext/transport/binder/security_policy/untrusted_security_policy.cc b/src/core/ext/transport/binder/security_policy/untrusted_security_policy.cc deleted file mode 100644 index 801b19b9d7d..00000000000 --- a/src/core/ext/transport/binder/security_policy/untrusted_security_policy.cc +++ /dev/null @@ -1,31 +0,0 @@ -// Copyright 2021 gRPC authors. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#include - -#include "src/core/ext/transport/binder/security_policy/untrusted_security_policy.h" - -namespace grpc { -namespace experimental { -namespace binder { - -UntrustedSecurityPolicy::UntrustedSecurityPolicy() = default; - -UntrustedSecurityPolicy::~UntrustedSecurityPolicy() = default; - -bool UntrustedSecurityPolicy::IsAuthorized(int) { return true; }; - -} // namespace binder -} // namespace experimental -} // namespace grpc diff --git a/src/core/ext/transport/binder/security_policy/untrusted_security_policy.h b/src/core/ext/transport/binder/security_policy/untrusted_security_policy.h deleted file mode 100644 index 12374480055..00000000000 --- a/src/core/ext/transport/binder/security_policy/untrusted_security_policy.h +++ /dev/null @@ -1,38 +0,0 @@ -// Copyright 2021 gRPC authors. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -#ifndef GRPC_CORE_EXT_TRANSPORT_BINDER_SECURITY_POLICY_UNTRUSTED_SECURITY_POLICY_H -#define GRPC_CORE_EXT_TRANSPORT_BINDER_SECURITY_POLICY_UNTRUSTED_SECURITY_POLICY_H - -#include - -#include "src/core/ext/transport/binder/security_policy/security_policy.h" - -namespace grpc { -namespace experimental { -namespace binder { - -// Allows all connection -class UntrustedSecurityPolicy : public SecurityPolicy { - public: - UntrustedSecurityPolicy(); - ~UntrustedSecurityPolicy() override; - bool IsAuthorized(int uid) override; -}; - -} // namespace binder -} // namespace experimental -} // namespace grpc - -#endif // GRPC_CORE_EXT_TRANSPORT_BINDER_SECURITY_POLICY_UNTRUSTED_SECURITY_POLICY_H diff --git a/src/core/ext/transport/binder/server/binder_server.h b/src/core/ext/transport/binder/server/binder_server.h index 302be71a19c..6fc1b889657 100644 --- a/src/core/ext/transport/binder/server/binder_server.h +++ b/src/core/ext/transport/binder/server/binder_server.h @@ -22,7 +22,8 @@ #include "absl/container/flat_hash_map.h" #include "absl/status/status.h" -#include "src/core/ext/transport/binder/security_policy/security_policy.h" +#include + #include "src/core/ext/transport/binder/transport/binder_transport.h" #include "src/core/ext/transport/binder/wire_format/binder.h" #include "src/core/lib/iomgr/exec_ctx.h" diff --git a/src/core/ext/transport/binder/server/binder_server_credentials.cc b/src/core/ext/transport/binder/server/binder_server_credentials.cc index d585a555efb..530e5738bcd 100644 --- a/src/core/ext/transport/binder/server/binder_server_credentials.cc +++ b/src/core/ext/transport/binder/server/binder_server_credentials.cc @@ -14,9 +14,9 @@ #include +#include #include -#include "src/core/ext/transport/binder/security_policy/security_policy.h" #include "src/core/ext/transport/binder/server/binder_server.h" #include "src/core/ext/transport/binder/wire_format/binder_android.h" diff --git a/src/core/ext/transport/binder/transport/binder_transport.h b/src/core/ext/transport/binder/transport/binder_transport.h index 406839300df..8cad2d5d40b 100644 --- a/src/core/ext/transport/binder/transport/binder_transport.h +++ b/src/core/ext/transport/binder/transport/binder_transport.h @@ -25,8 +25,8 @@ #include "absl/container/flat_hash_map.h" #include +#include -#include "src/core/ext/transport/binder/security_policy/security_policy.h" #include "src/core/ext/transport/binder/utils/transport_stream_receiver.h" #include "src/core/ext/transport/binder/wire_format/binder.h" #include "src/core/ext/transport/binder/wire_format/wire_reader.h" diff --git a/src/core/ext/transport/binder/wire_format/wire_reader_impl.h b/src/core/ext/transport/binder/wire_format/wire_reader_impl.h index 59b9ef3ef1b..24043ac1881 100644 --- a/src/core/ext/transport/binder/wire_format/wire_reader_impl.h +++ b/src/core/ext/transport/binder/wire_format/wire_reader_impl.h @@ -23,7 +23,8 @@ #include "absl/container/flat_hash_map.h" #include "absl/synchronization/notification.h" -#include "src/core/ext/transport/binder/security_policy/security_policy.h" +#include + #include "src/core/ext/transport/binder/utils/transport_stream_receiver.h" #include "src/core/ext/transport/binder/wire_format/binder.h" #include "src/core/ext/transport/binder/wire_format/wire_reader.h" diff --git a/test/core/transport/binder/binder_transport_test.cc b/test/core/transport/binder/binder_transport_test.cc index 74c6b0901ba..73ef4ca2037 100644 --- a/test/core/transport/binder/binder_transport_test.cc +++ b/test/core/transport/binder/binder_transport_test.cc @@ -29,8 +29,8 @@ #include "absl/synchronization/notification.h" #include +#include -#include "src/core/ext/transport/binder/security_policy/untrusted_security_policy.h" #include "src/core/ext/transport/binder/transport/binder_stream.h" #include "test/core/transport/binder/mock_objects.h" #include "test/core/util/test_config.h" diff --git a/test/core/transport/binder/end2end/binder_server_test.cc b/test/core/transport/binder/end2end/binder_server_test.cc index 52383928951..e1d930e68de 100644 --- a/test/core/transport/binder/end2end/binder_server_test.cc +++ b/test/core/transport/binder/end2end/binder_server_test.cc @@ -24,11 +24,11 @@ #include #include +#include +#include #include "src/core/ext/transport/binder/client/channel_create_impl.h" -#include "src/core/ext/transport/binder/security_policy/untrusted_security_policy.h" #include "src/core/ext/transport/binder/server/binder_server.h" -#include "src/core/ext/transport/binder/server/binder_server_credentials.h" #include "test/core/transport/binder/end2end/fake_binder.h" #include "test/core/util/test_config.h" #include "test/cpp/end2end/test_service_impl.h" diff --git a/test/core/transport/binder/end2end/testing_channel_create.cc b/test/core/transport/binder/end2end/testing_channel_create.cc index 14ab6ab9770..bbf5732c12c 100644 --- a/test/core/transport/binder/end2end/testing_channel_create.cc +++ b/test/core/transport/binder/end2end/testing_channel_create.cc @@ -16,7 +16,8 @@ #include -#include "src/core/ext/transport/binder/security_policy/untrusted_security_policy.h" +#include + #include "src/core/ext/transport/binder/transport/binder_transport.h" #include "src/core/ext/transport/binder/wire_format/wire_reader_impl.h" #include "src/core/lib/channel/channel_args.h" diff --git a/test/core/transport/binder/wire_reader_test.cc b/test/core/transport/binder/wire_reader_test.cc index 5d48d036aa3..cc6f7398628 100644 --- a/test/core/transport/binder/wire_reader_test.cc +++ b/test/core/transport/binder/wire_reader_test.cc @@ -18,6 +18,7 @@ // top-level metadata. The following tests verify that the interactions between // WireReaderImpl and both the output (readable) parcel and the transport stream // receiver are correct in all possible situations. + #include #include #include @@ -27,7 +28,8 @@ #include "absl/memory/memory.h" -#include "src/core/ext/transport/binder/security_policy/untrusted_security_policy.h" +#include + #include "src/core/ext/transport/binder/wire_format/wire_reader_impl.h" #include "test/core/transport/binder/mock_objects.h" #include "test/core/util/test_config.h"