3 * Copyright 2015 gRPC authors.
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
19 #include <grpc/support/port_platform.h>
21 #include "src/core/lib/security/credentials/credentials.h"
26 #include "src/core/lib/channel/channel_args.h"
27 #include "src/core/lib/gpr/string.h"
28 #include "src/core/lib/http/httpcli.h"
29 #include "src/core/lib/http/parser.h"
30 #include "src/core/lib/iomgr/executor.h"
31 #include "src/core/lib/json/json.h"
32 #include "src/core/lib/surface/api_trace.h"
34 #include <grpc/support/alloc.h>
35 #include <grpc/support/log.h>
36 #include <grpc/support/string_util.h>
37 #include <grpc/support/sync.h>
38 #include <grpc/support/time.h>
42 void grpc_channel_credentials_release(grpc_channel_credentials* creds) {
43 GRPC_API_TRACE("grpc_channel_credentials_release(creds=%p)", 1, (creds));
44 grpc_core::ExecCtx exec_ctx;
45 if (creds) creds->Unref();
48 static grpc_core::Map<grpc_core::UniquePtr<char>,
49 grpc_core::RefCountedPtr<grpc_channel_credentials>,
50 grpc_core::StringLess>* g_grpc_control_plane_creds;
51 static gpr_mu g_control_plane_creds_mu;
53 static void do_control_plane_creds_init() {
54 gpr_mu_init(&g_control_plane_creds_mu);
55 GPR_ASSERT(g_grpc_control_plane_creds == nullptr);
56 g_grpc_control_plane_creds = grpc_core::New<
57 grpc_core::Map<grpc_core::UniquePtr<char>,
58 grpc_core::RefCountedPtr<grpc_channel_credentials>,
59 grpc_core::StringLess>>();
62 void grpc_control_plane_credentials_init() {
63 static gpr_once once_init_control_plane_creds = GPR_ONCE_INIT;
64 gpr_once_init(&once_init_control_plane_creds, do_control_plane_creds_init);
67 void grpc_test_only_control_plane_credentials_destroy() {
68 grpc_core::Delete(g_grpc_control_plane_creds);
69 g_grpc_control_plane_creds = nullptr;
70 gpr_mu_destroy(&g_control_plane_creds_mu);
73 void grpc_test_only_control_plane_credentials_force_init() {
74 if (g_grpc_control_plane_creds == nullptr) {
75 do_control_plane_creds_init();
79 bool grpc_channel_credentials_attach_credentials(
80 grpc_channel_credentials* credentials, const char* authority,
81 grpc_channel_credentials* control_plane_creds) {
82 grpc_core::ExecCtx exec_ctx;
83 return credentials->attach_credentials(authority, control_plane_creds->Ref());
86 bool grpc_control_plane_credentials_register(
87 const char* authority, grpc_channel_credentials* control_plane_creds) {
88 grpc_core::ExecCtx exec_ctx;
90 grpc_core::MutexLock lock(&g_control_plane_creds_mu);
91 auto key = grpc_core::UniquePtr<char>(gpr_strdup(authority));
92 if (g_grpc_control_plane_creds->find(key) !=
93 g_grpc_control_plane_creds->end()) {
96 (*g_grpc_control_plane_creds)[std::move(key)] = control_plane_creds->Ref();
101 bool grpc_channel_credentials::attach_credentials(
102 const char* authority,
103 grpc_core::RefCountedPtr<grpc_channel_credentials> control_plane_creds) {
104 auto key = grpc_core::UniquePtr<char>(gpr_strdup(authority));
105 if (local_control_plane_creds_.find(key) !=
106 local_control_plane_creds_.end()) {
109 local_control_plane_creds_[std::move(key)] = std::move(control_plane_creds);
113 grpc_core::RefCountedPtr<grpc_channel_credentials>
114 grpc_channel_credentials::get_control_plane_credentials(const char* authority) {
116 auto key = grpc_core::UniquePtr<char>(gpr_strdup(authority));
117 auto local_lookup = local_control_plane_creds_.find(key);
118 if (local_lookup != local_control_plane_creds_.end()) {
119 return local_lookup->second;
122 grpc_core::MutexLock lock(&g_control_plane_creds_mu);
123 auto global_lookup = g_grpc_control_plane_creds->find(key);
124 if (global_lookup != g_grpc_control_plane_creds->end()) {
125 return global_lookup->second;
129 return duplicate_without_call_credentials();
132 void grpc_call_credentials_release(grpc_call_credentials* creds) {
133 GRPC_API_TRACE("grpc_call_credentials_release(creds=%p)", 1, (creds));
134 grpc_core::ExecCtx exec_ctx;
135 if (creds) creds->Unref();
138 static void credentials_pointer_arg_destroy(void* p) {
139 static_cast<grpc_channel_credentials*>(p)->Unref();
142 static void* credentials_pointer_arg_copy(void* p) {
143 return static_cast<grpc_channel_credentials*>(p)->Ref().release();
146 static int credentials_pointer_cmp(void* a, void* b) { return GPR_ICMP(a, b); }
148 static const grpc_arg_pointer_vtable credentials_pointer_vtable = {
149 credentials_pointer_arg_copy, credentials_pointer_arg_destroy,
150 credentials_pointer_cmp};
152 grpc_arg grpc_channel_credentials_to_arg(
153 grpc_channel_credentials* credentials) {
154 return grpc_channel_arg_pointer_create((char*)GRPC_ARG_CHANNEL_CREDENTIALS,
156 &credentials_pointer_vtable);
159 grpc_channel_credentials* grpc_channel_credentials_from_arg(
160 const grpc_arg* arg) {
161 if (strcmp(arg->key, GRPC_ARG_CHANNEL_CREDENTIALS)) return nullptr;
162 if (arg->type != GRPC_ARG_POINTER) {
163 gpr_log(GPR_ERROR, "Invalid type %d for arg %s", arg->type,
164 GRPC_ARG_CHANNEL_CREDENTIALS);
167 return static_cast<grpc_channel_credentials*>(arg->value.pointer.p);
170 grpc_channel_credentials* grpc_channel_credentials_find_in_args(
171 const grpc_channel_args* args) {
173 if (args == nullptr) return nullptr;
174 for (i = 0; i < args->num_args; i++) {
175 grpc_channel_credentials* credentials =
176 grpc_channel_credentials_from_arg(&args->args[i]);
177 if (credentials != nullptr) return credentials;
182 void grpc_server_credentials_release(grpc_server_credentials* creds) {
183 GRPC_API_TRACE("grpc_server_credentials_release(creds=%p)", 1, (creds));
184 grpc_core::ExecCtx exec_ctx;
185 if (creds) creds->Unref();
188 void grpc_server_credentials::set_auth_metadata_processor(
189 const grpc_auth_metadata_processor& processor) {
191 "grpc_server_credentials_set_auth_metadata_processor("
193 "processor=grpc_auth_metadata_processor { process: %p, state: %p })",
194 3, (this, (void*)(intptr_t)processor.process, processor.state));
196 processor_ = processor;
199 void grpc_server_credentials_set_auth_metadata_processor(
200 grpc_server_credentials* creds, grpc_auth_metadata_processor processor) {
201 GPR_DEBUG_ASSERT(creds != nullptr);
202 creds->set_auth_metadata_processor(processor);
205 static void server_credentials_pointer_arg_destroy(void* p) {
206 static_cast<grpc_server_credentials*>(p)->Unref();
209 static void* server_credentials_pointer_arg_copy(void* p) {
210 return static_cast<grpc_server_credentials*>(p)->Ref().release();
213 static int server_credentials_pointer_cmp(void* a, void* b) {
214 return GPR_ICMP(a, b);
217 static const grpc_arg_pointer_vtable cred_ptr_vtable = {
218 server_credentials_pointer_arg_copy, server_credentials_pointer_arg_destroy,
219 server_credentials_pointer_cmp};
221 grpc_arg grpc_server_credentials_to_arg(grpc_server_credentials* p) {
222 return grpc_channel_arg_pointer_create((char*)GRPC_SERVER_CREDENTIALS_ARG, p,
226 grpc_server_credentials* grpc_server_credentials_from_arg(const grpc_arg* arg) {
227 if (strcmp(arg->key, GRPC_SERVER_CREDENTIALS_ARG) != 0) return nullptr;
228 if (arg->type != GRPC_ARG_POINTER) {
229 gpr_log(GPR_ERROR, "Invalid type %d for arg %s", arg->type,
230 GRPC_SERVER_CREDENTIALS_ARG);
233 return static_cast<grpc_server_credentials*>(arg->value.pointer.p);
236 grpc_server_credentials* grpc_find_server_credentials_in_args(
237 const grpc_channel_args* args) {
239 if (args == nullptr) return nullptr;
240 for (i = 0; i < args->num_args; i++) {
241 grpc_server_credentials* p =
242 grpc_server_credentials_from_arg(&args->args[i]);
243 if (p != nullptr) return p;