• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  *
3  * Copyright 2018 gRPC authors.
4  *
5  * Licensed under the Apache License, Version 2.0 (the "License");
6  * you may not use this file except in compliance with the License.
7  * You may obtain a copy of the License at
8  *
9  *     http://www.apache.org/licenses/LICENSE-2.0
10  *
11  * Unless required by applicable law or agreed to in writing, software
12  * distributed under the License is distributed on an "AS IS" BASIS,
13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  * See the License for the specific language governing permissions and
15  * limitations under the License.
16  *
17  */
18 
19 #ifndef GRPC_CORE_LIB_SECURITY_CREDENTIALS_ALTS_ALTS_CREDENTIALS_H
20 #define GRPC_CORE_LIB_SECURITY_CREDENTIALS_ALTS_ALTS_CREDENTIALS_H
21 
22 #include <grpc/support/port_platform.h>
23 
24 #include <grpc/grpc_security.h>
25 
26 #include "src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h"
27 #include "src/core/lib/security/credentials/credentials.h"
28 
29 /* Main struct for grpc ALTS channel credential. */
30 class grpc_alts_credentials final : public grpc_channel_credentials {
31  public:
32   grpc_alts_credentials(const grpc_alts_credentials_options* options,
33                         const char* handshaker_service_url);
34   ~grpc_alts_credentials() override;
35 
36   grpc_core::RefCountedPtr<grpc_channel_security_connector>
37   create_security_connector(
38       grpc_core::RefCountedPtr<grpc_call_credentials> call_creds,
39       const char* target_name, const grpc_channel_args* args,
40       grpc_channel_args** new_args) override;
41 
options()42   const grpc_alts_credentials_options* options() const { return options_; }
mutable_options()43   grpc_alts_credentials_options* mutable_options() { return options_; }
handshaker_service_url()44   const char* handshaker_service_url() const { return handshaker_service_url_; }
45 
46  private:
47   grpc_alts_credentials_options* options_;
48   char* handshaker_service_url_;
49 };
50 
51 /* Main struct for grpc ALTS server credential. */
52 class grpc_alts_server_credentials final : public grpc_server_credentials {
53  public:
54   grpc_alts_server_credentials(const grpc_alts_credentials_options* options,
55                                const char* handshaker_service_url);
56   ~grpc_alts_server_credentials() override;
57 
58   grpc_core::RefCountedPtr<grpc_server_security_connector>
59   create_security_connector(const grpc_channel_args* /* args */) override;
60 
options()61   const grpc_alts_credentials_options* options() const { return options_; }
mutable_options()62   grpc_alts_credentials_options* mutable_options() { return options_; }
handshaker_service_url()63   const char* handshaker_service_url() const { return handshaker_service_url_; }
64 
65  private:
66   grpc_alts_credentials_options* options_;
67   char* handshaker_service_url_;
68 };
69 
70 /**
71  * This method creates an ALTS channel credential object with customized
72  * information provided by caller.
73  *
74  * - options: grpc ALTS credentials options instance for client.
75  * - handshaker_service_url: address of ALTS handshaker service in the format of
76  *   "host:port". If it's nullptr, the address of default metadata server will
77  *   be used.
78  * - enable_untrusted_alts: a boolean flag used to enable ALTS in untrusted
79  *   mode. This mode can be enabled when we are sure ALTS is running on GCP or
80  * for testing purpose.
81  *
82  * It returns nullptr if the flag is disabled AND ALTS is not running on GCP.
83  * Otherwise, it returns the created credential object.
84  */
85 
86 grpc_channel_credentials* grpc_alts_credentials_create_customized(
87     const grpc_alts_credentials_options* options,
88     const char* handshaker_service_url, bool enable_untrusted_alts);
89 
90 /**
91  * This method creates an ALTS server credential object with customized
92  * information provided by caller.
93  *
94  * - options: grpc ALTS credentials options instance for server.
95  * - handshaker_service_url: address of ALTS handshaker service in the format of
96  *   "host:port". If it's nullptr, the address of default metadata server will
97  *   be used.
98  * - enable_untrusted_alts: a boolean flag used to enable ALTS in untrusted
99  *   mode. This mode can be enabled when we are sure ALTS is running on GCP or
100  * for testing purpose.
101  *
102  * It returns nullptr if the flag is disabled and ALTS is not running on GCP.
103  * Otherwise, it returns the created credential object.
104  */
105 grpc_server_credentials* grpc_alts_server_credentials_create_customized(
106     const grpc_alts_credentials_options* options,
107     const char* handshaker_service_url, bool enable_untrusted_alts);
108 
109 #endif /* GRPC_CORE_LIB_SECURITY_CREDENTIALS_ALTS_ALTS_CREDENTIALS_H */
110