• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 //
2 //
3 // Copyright 2018 gRPC authors.
4 //
5 // Licensed under the Apache License, Version 2.0 (the "License");
6 // you may not use this file except in compliance with the License.
7 // You may obtain a copy of the License at
8 //
9 //     http://www.apache.org/licenses/LICENSE-2.0
10 //
11 // Unless required by applicable law or agreed to in writing, software
12 // distributed under the License is distributed on an "AS IS" BASIS,
13 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 // See the License for the specific language governing permissions and
15 // limitations under the License.
16 //
17 //
18 
19 #ifndef GRPC_SRC_CORE_LIB_SECURITY_CREDENTIALS_ALTS_ALTS_CREDENTIALS_H
20 #define GRPC_SRC_CORE_LIB_SECURITY_CREDENTIALS_ALTS_ALTS_CREDENTIALS_H
21 
22 #include <grpc/credentials.h>
23 #include <grpc/grpc.h>
24 #include <grpc/grpc_security.h>
25 #include <grpc/support/port_platform.h>
26 
27 #include "src/core/lib/channel/channel_args.h"
28 #include "src/core/lib/security/credentials/credentials.h"
29 #include "src/core/lib/security/security_connector/security_connector.h"
30 #include "src/core/util/ref_counted_ptr.h"
31 #include "src/core/util/unique_type_name.h"
32 #include "src/core/util/useful.h"
33 
34 // Main struct for grpc ALTS channel credential.
35 class grpc_alts_credentials final : public grpc_channel_credentials {
36  public:
37   grpc_alts_credentials(const grpc_alts_credentials_options* options,
38                         const char* handshaker_service_url);
39   ~grpc_alts_credentials() override;
40 
41   grpc_core::RefCountedPtr<grpc_channel_security_connector>
42   create_security_connector(
43       grpc_core::RefCountedPtr<grpc_call_credentials> call_creds,
44       const char* target_name, grpc_core::ChannelArgs* args) override;
45 
46   static grpc_core::UniqueTypeName Type();
47 
type()48   grpc_core::UniqueTypeName type() const override { return Type(); }
49 
options()50   const grpc_alts_credentials_options* options() const { return options_; }
mutable_options()51   grpc_alts_credentials_options* mutable_options() { return options_; }
handshaker_service_url()52   const char* handshaker_service_url() const { return handshaker_service_url_; }
53 
54  private:
cmp_impl(const grpc_channel_credentials * other)55   int cmp_impl(const grpc_channel_credentials* other) const override {
56     // TODO(yashykt): Check if we can do something better here
57     return grpc_core::QsortCompare(
58         static_cast<const grpc_channel_credentials*>(this), other);
59   }
60 
61   grpc_alts_credentials_options* options_;
62   char* handshaker_service_url_;
63 };
64 
65 // Main struct for grpc ALTS server credential.
66 class grpc_alts_server_credentials final : public grpc_server_credentials {
67  public:
68   grpc_alts_server_credentials(const grpc_alts_credentials_options* options,
69                                const char* handshaker_service_url);
70   ~grpc_alts_server_credentials() override;
71 
72   grpc_core::RefCountedPtr<grpc_server_security_connector>
73   create_security_connector(const grpc_core::ChannelArgs& /* args */) override;
74 
75   static grpc_core::UniqueTypeName Type();
76 
type()77   grpc_core::UniqueTypeName type() const override { return Type(); }
78 
options()79   const grpc_alts_credentials_options* options() const { return options_; }
mutable_options()80   grpc_alts_credentials_options* mutable_options() { return options_; }
handshaker_service_url()81   const char* handshaker_service_url() const { return handshaker_service_url_; }
82 
83  private:
84   grpc_alts_credentials_options* options_;
85   char* handshaker_service_url_;
86 };
87 
88 ///
89 /// This method creates an ALTS channel credential object with customized
90 /// information provided by caller.
91 ///
92 ///- options: grpc ALTS credentials options instance for client.
93 ///- handshaker_service_url: address of ALTS handshaker service in the format of
94 ///  "host:port". If it's nullptr, the address of default metadata server will
95 ///  be used.
96 ///- enable_untrusted_alts: a boolean flag used to enable ALTS in untrusted
97 ///  mode. This mode can be enabled when we are sure ALTS is running on GCP or
98 /// for testing purpose.
99 ///
100 /// It returns nullptr if the flag is disabled AND ALTS is not running on GCP.
101 /// Otherwise, it returns the created credential object.
102 ///
103 
104 grpc_channel_credentials* grpc_alts_credentials_create_customized(
105     const grpc_alts_credentials_options* options,
106     const char* handshaker_service_url, bool enable_untrusted_alts);
107 
108 ///
109 /// This method creates an ALTS server credential object with customized
110 /// information provided by caller.
111 ///
112 ///- options: grpc ALTS credentials options instance for server.
113 ///- handshaker_service_url: address of ALTS handshaker service in the format of
114 ///  "host:port". If it's nullptr, the address of default metadata server will
115 ///  be used.
116 ///- enable_untrusted_alts: a boolean flag used to enable ALTS in untrusted
117 ///  mode. This mode can be enabled when we are sure ALTS is running on GCP or
118 /// for testing purpose.
119 ///
120 /// It returns nullptr if the flag is disabled and ALTS is not running on GCP.
121 /// Otherwise, it returns the created credential object.
122 ///
123 grpc_server_credentials* grpc_alts_server_credentials_create_customized(
124     const grpc_alts_credentials_options* options,
125     const char* handshaker_service_url, bool enable_untrusted_alts);
126 
127 #endif  // GRPC_SRC_CORE_LIB_SECURITY_CREDENTIALS_ALTS_ALTS_CREDENTIALS_H
128