3 * Copyright 2015 gRPC authors.
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
19 #ifndef GRPC_CORE_LIB_SECURITY_CREDENTIALS_JWT_JSON_TOKEN_H
20 #define GRPC_CORE_LIB_SECURITY_CREDENTIALS_JWT_JSON_TOKEN_H
22 #include <grpc/support/port_platform.h>
24 #include "src/core/tsi/grpc_shadow_boringssl.h"
26 #include <grpc/slice.h>
27 #include <openssl/rsa.h>
29 #include "src/core/lib/json/json.h"
31 /* --- Constants. --- */
33 #define GRPC_JWT_OAUTH2_AUDIENCE "https://oauth2.googleapis.com/token"
35 /* --- auth_json_key parsing. --- */
45 /* Returns 1 if the object is valid, 0 otherwise. */
46 int grpc_auth_json_key_is_valid(const grpc_auth_json_key* json_key);
48 /* Creates a json_key object from string. Returns an invalid object if a parsing
49 error has been encountered. */
50 grpc_auth_json_key grpc_auth_json_key_create_from_string(
51 const char* json_string);
53 /* Creates a json_key object from parsed json. Returns an invalid object if a
54 parsing error has been encountered. */
55 grpc_auth_json_key grpc_auth_json_key_create_from_json(const grpc_json* json);
57 /* Destructs the object. */
58 void grpc_auth_json_key_destruct(grpc_auth_json_key* json_key);
60 /* --- json token encoding and signing. --- */
62 /* Caller is responsible for calling gpr_free on the returned value. May return
63 NULL on invalid input. The scope parameter may be NULL. */
64 char* grpc_jwt_encode_and_sign(const grpc_auth_json_key* json_key,
66 gpr_timespec token_lifetime, const char* scope);
68 /* Override encode_and_sign function for testing. */
69 typedef char* (*grpc_jwt_encode_and_sign_override)(
70 const grpc_auth_json_key* json_key, const char* audience,
71 gpr_timespec token_lifetime, const char* scope);
73 /* Set a custom encode_and_sign override for testing. */
74 void grpc_jwt_encode_and_sign_set_override(
75 grpc_jwt_encode_and_sign_override func);
77 #endif /* GRPC_CORE_LIB_SECURITY_CREDENTIALS_JWT_JSON_TOKEN_H */