• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright 2020 The gRPC Authors
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *     http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 package io.grpc.xds.internal.security.certprovider;
18 
19 import io.grpc.Internal;
20 import io.grpc.xds.internal.security.certprovider.CertificateProvider.Watcher;
21 
22 /**
23  * Provider of {@link CertificateProvider}s. Implemented by the implementer of the plugin. We may
24  * move this out of the internal package and make this an official API in the future.
25  */
26 @Internal
27 public interface CertificateProviderProvider {
28   /** Returns the unique name of the {@link CertificateProvider} plugin. */
getName()29   String getName();
30 
31   /**
32    * Creates a {@link CertificateProvider} plugin.
33    *
34    * @param config configuration needed by the Provider to create the CertificateProvider. A form of
35    *     JSON that the Provider understands e.g. a string or a key-value Map.
36    * @param watcher A {@link Watcher} to receive updates from the CertificateProvider
37    * @param notifyCertUpdates if true, the provider is required to call the watcher’s
38    *     updateCertificate method. Implies the Provider is capable of minting certificates. Used
39    *     by server-side and mTLS client-side. Note the Provider is always required  to call
40    *     updateTrustedRoots to provide trusted-root updates.
41    * @throws IllegalArgumentException in case of errors in processing config.
42    * @throws UnsupportedOperationException if the plugin is incapable of sending cert updates when
43    *     notifyCertUpdates is true.
44    */
createCertificateProvider( Object config, CertificateProvider.DistributorWatcher watcher, boolean notifyCertUpdates)45   CertificateProvider createCertificateProvider(
46       Object config, CertificateProvider.DistributorWatcher watcher, boolean notifyCertUpdates);
47 }
48