Chiebot-Mirror
/
grpc
8
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
The C based gRPC (C++, Python, Ruby, Objective-C, PHP, C#) https://grpc.io/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
55443 Commits
300 Branches
385 Tags
1.4 GiB
 
 
 
 
 
 
Tag: Branch: Tree: 1b87cfece9
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '1b87cfece9'
${ noResults }
grpc/include/grpc/grpc_security.h

158 lines
5.6 KiB
Raw Blame History

/*
*
* Copyright 2015 gRPC authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
#ifndef GRPC_GRPC_SECURITY_H
#define GRPC_GRPC_SECURITY_H
#include <stdbool.h>
#include <grpc/grpc.h>
#include <grpc/grpc_security_constants.h>
#include <grpc/status.h>
#include <grpc/support/port_platform.h>
#ifdef __cplusplus
extern "C" {
#endif
/** --- Authentication Context. --- */
typedef struct grpc_auth_context grpc_auth_context;
typedef struct grpc_auth_property_iterator {
const grpc_auth_context* ctx;
size_t index;
const char* name;
} grpc_auth_property_iterator;
/** value, if not NULL, is guaranteed to be NULL terminated. */
typedef struct grpc_auth_property {
char* name;
char* value;
size_t value_length;
} grpc_auth_property;
/** Returns NULL when the iterator is at the end. */
GRPCAPI const grpc_auth_property* grpc_auth_property_iterator_next(
grpc_auth_property_iterator* it);
/** Iterates over the auth context. */
GRPCAPI grpc_auth_property_iterator
grpc_auth_context_property_iterator(const grpc_auth_context* ctx);
/** Gets the peer identity. Returns an empty iterator (first _next will return
NULL) if the peer is not authenticated. */
GRPCAPI grpc_auth_property_iterator
grpc_auth_context_peer_identity(const grpc_auth_context* ctx);
/** Finds a property in the context. May return an empty iterator (first _next
will return NULL) if no property with this name was found in the context. */
GRPCAPI grpc_auth_property_iterator grpc_auth_context_find_properties_by_name(
const grpc_auth_context* ctx, const char* name);
/** Gets the name of the property that indicates the peer identity. Will return
NULL if the peer is not authenticated. */
GRPCAPI const char* grpc_auth_context_peer_identity_property_name(
const grpc_auth_context* ctx);
/** Returns 1 if the peer is authenticated, 0 otherwise. */
GRPCAPI int grpc_auth_context_peer_is_authenticated(
const grpc_auth_context* ctx);
/** Gets the auth context from the call. Caller needs to call
grpc_auth_context_release on the returned context. */
GRPCAPI grpc_auth_context* grpc_call_auth_context(grpc_call* call);
/** Releases the auth context returned from grpc_call_auth_context. */
GRPCAPI void grpc_auth_context_release(grpc_auth_context* context);
/** --
The following auth context methods should only be called by a server metadata
processor to set properties extracted from auth metadata.
-- */
/** Add a property. */
GRPCAPI void grpc_auth_context_add_property(grpc_auth_context* ctx,
const char* name, const char* value,
size_t value_length);
/** Add a C string property. */
GRPCAPI void grpc_auth_context_add_cstring_property(grpc_auth_context* ctx,
const char* name,
const char* value);
/** Sets the property name. Returns 1 if successful or 0 in case of failure
(which means that no property with this name exists). */
GRPCAPI int grpc_auth_context_set_peer_identity_property_name(
grpc_auth_context* ctx, const char* name);
/**
* EXPERIMENTAL - Subject to change.
* An opaque type that is responsible for providing authorization policies to
* gRPC.
*/
typedef struct grpc_authorization_policy_provider
grpc_authorization_policy_provider;
/**
* EXPERIMENTAL - Subject to change.
* Creates a grpc_authorization_policy_provider using gRPC authorization policy
* from static string.
* - authz_policy is the input gRPC authorization policy.
* - code is the error status code on failure. On success, it equals
* GRPC_STATUS_OK.
* - error_details contains details about the error if any. If the
* initialization is successful, it will be null. Caller must use gpr_free to
* destroy this string.
*/
GRPCAPI grpc_authorization_policy_provider*
grpc_authorization_policy_provider_static_data_create(
const char* authz_policy, grpc_status_code* code,
const char** error_details);
/**
* EXPERIMENTAL - Subject to change.
* Creates a grpc_authorization_policy_provider by watching for gRPC
* authorization policy changes in filesystem.
* - authz_policy is the file path of gRPC authorization policy.
* - refresh_interval_sec is the amount of time the internal thread would wait
* before checking for file updates.
* - code is the error status code on failure. On success, it equals
* GRPC_STATUS_OK.
* - error_details contains details about the error if any. If the
* initialization is successful, it will be null. Caller must use gpr_free to
* destroy this string.
*/
GRPCAPI grpc_authorization_policy_provider*
grpc_authorization_policy_provider_file_watcher_create(
const char* authz_policy_path, unsigned int refresh_interval_sec,
grpc_status_code* code, const char** error_details);
/**
* EXPERIMENTAL - Subject to change.
* Releases grpc_authorization_policy_provider object. The creator of
* grpc_authorization_policy_provider is responsible for its release.
*/
GRPCAPI void grpc_authorization_policy_provider_release(
grpc_authorization_policy_provider* provider);
#ifdef __cplusplus
}
#endif
#endif /* GRPC_GRPC_SECURITY_H */