This will be useful when talking to non-trusted load balancer (balancers
which are not able to impersonate real backends) as these balancers
should not receive bearer tokens.
As opposed to a flat directory, we now have the following structure:
- security
-context
- credentials
- composite
- fake
- google_default
- iam
- jwt
- oauth2
- plugin
- ssl
- transport
- util
We have not refactored the test code yet but this PR is already large
enough...
This extends the existing http parser to support requests as well as responses.
httpcli continues to exist and work as it has previously, though in the new
directory src/core/http (to reflect the fact the directory now contains code
relevant to parsing requests, which httpcli would not generally involve itself
in).
- Removing service_accounts credentials. These credentials just have
drawbacks compared to service_account_jwt_access credentials, notably
in terms for security.
- Renaming Google specific credentials with a Google prefix for C and
C++. This should be done as well for wrapped languages.
run_tests.py will start a server (if it's not running, or if the running
port server mismatches the 'current' one) that serves ports to use for
tests. The server is left running after run_tests.py finishes, so that
in environments such as Mac and Windows where tests run unshielded from
each other, we don't start jumping on already used ports.
- Right now it is a global function: would be better to have this per
(secure) port.
- Changed the interface of the auth_context slightly to make it more
friendly.
- Positive tests pass. Still need some work on error case (have a
negative case as well).
- Fixing cpp auth context tests so that they use the shiny new C API.