Przeglądaj źródła

Fold server credentials from grpc to grpc_impl namespace

Karthik Ravi Shankar 6 lat temu
rodzic
commit
54171e276f

+ 1 - 0
BUILD

@@ -245,6 +245,7 @@ GRPCXX_PUBLIC_HDRS = [
     "include/grpcpp/security/auth_metadata_processor.h",
     "include/grpcpp/security/credentials.h",
     "include/grpcpp/security/server_credentials.h",
+    "include/grpcpp/security/server_credentials_impl.h",
     "include/grpcpp/server.h",
     "include/grpcpp/server_builder.h",
     "include/grpcpp/server_context.h",

+ 5 - 2
include/grpcpp/impl/codegen/server_interface.h

@@ -28,6 +28,10 @@
 #include <grpcpp/impl/codegen/rpc_service_method.h>
 #include <grpcpp/impl/codegen/server_context.h>
 
+namespace grpc_impl {
+
+class ServerCredentials;
+}
 namespace grpc {
 
 class AsyncGenericService;
@@ -35,7 +39,6 @@ class Channel;
 class GenericServerContext;
 class ServerCompletionQueue;
 class ServerContext;
-class ServerCredentials;
 class Service;
 
 extern CoreCodegenInterface* g_core_codegen_interface;
@@ -150,7 +153,7 @@ class ServerInterface : public internal::CallHook {
   ///
   /// \warning It's an error to call this method on an already started server.
   virtual int AddListeningPort(const grpc::string& addr,
-                               ServerCredentials* creds) = 0;
+                               grpc_impl::ServerCredentials* creds) = 0;
 
   /// Start the server.
   ///

+ 20 - 72
include/grpcpp/security/server_credentials.h

@@ -1,6 +1,6 @@
 /*
  *
- * Copyright 2015 gRPC authors.
+ * Copyright 2019 gRPC authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -19,87 +19,35 @@
 #ifndef GRPCPP_SECURITY_SERVER_CREDENTIALS_H
 #define GRPCPP_SECURITY_SERVER_CREDENTIALS_H
 
-#include <memory>
-#include <vector>
-
-#include <grpc/grpc_security_constants.h>
-#include <grpcpp/security/auth_metadata_processor.h>
-#include <grpcpp/support/config.h>
-
-struct grpc_server;
+#include <grpcpp/security/server_credentials_impl.h>
 
 namespace grpc {
-class Server;
-
-/// Wrapper around \a grpc_server_credentials, a way to authenticate a server.
-class ServerCredentials {
- public:
-  virtual ~ServerCredentials();
-
-  /// This method is not thread-safe and has to be called before the server is
-  /// started. The last call to this function wins.
-  virtual void SetAuthMetadataProcessor(
-      const std::shared_ptr<AuthMetadataProcessor>& processor) = 0;
-
- private:
-  friend class ::grpc::Server;
-
-  /// Tries to bind \a server to the given \a addr (eg, localhost:1234,
-  /// 192.168.1.1:31416, [::1]:27182, etc.)
-  ///
-  /// \return bound port number on sucess, 0 on failure.
-  // TODO(dgq): the "port" part seems to be a misnomer.
-  virtual int AddPortToServer(const grpc::string& addr,
-                              grpc_server* server) = 0;
-};
-
-/// Options to create ServerCredentials with SSL
-struct SslServerCredentialsOptions {
-  /// \warning Deprecated
-  SslServerCredentialsOptions()
-      : force_client_auth(false),
-        client_certificate_request(GRPC_SSL_DONT_REQUEST_CLIENT_CERTIFICATE) {}
-  SslServerCredentialsOptions(
-      grpc_ssl_client_certificate_request_type request_type)
-      : force_client_auth(false), client_certificate_request(request_type) {}
-
-  struct PemKeyCertPair {
-    grpc::string private_key;
-    grpc::string cert_chain;
-  };
-  grpc::string pem_root_certs;
-  std::vector<PemKeyCertPair> pem_key_cert_pairs;
-  /// \warning Deprecated
-  bool force_client_auth;
 
-  /// If both \a force_client_auth and \a client_certificate_request
-  /// fields are set, \a force_client_auth takes effect, i.e.
-  /// \a REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY
-  /// will be enforced.
-  grpc_ssl_client_certificate_request_type client_certificate_request;
-};
+typedef ::grpc_impl::ServerCredentials ServerCredentials;
+typedef ::grpc_impl::SslServerCredentialsOptions SslServerCredentialsOptions;
 
-/// Builds SSL ServerCredentials given SSL specific options
-std::shared_ptr<ServerCredentials> SslServerCredentials(
-    const SslServerCredentialsOptions& options);
+static inline std::shared_ptr<ServerCredentials> SslServerCredentials(
+    const SslServerCredentialsOptions& options) {
+  return ::grpc_impl::SslServerCredentials(options);
+}
 
-/// Builds insecure server credentials.
-std::shared_ptr<ServerCredentials> InsecureServerCredentials();
+static inline std::shared_ptr<ServerCredentials> InsecureServerCredentials() {
+  return ::grpc_impl::InsecureServerCredentials();
+}
 
 namespace experimental {
 
-/// Options to create ServerCredentials with ALTS
-struct AltsServerCredentialsOptions {
-  /// Add fields if needed.
-};
+typedef ::grpc_impl::experimental::AltsServerCredentialsOptions AltsServerCredentialsOptions;
 
-/// Builds ALTS ServerCredentials given ALTS specific options
-std::shared_ptr<ServerCredentials> AltsServerCredentials(
-    const AltsServerCredentialsOptions& options);
+static inline std::shared_ptr<ServerCredentials> AltsServerCredentials(
+    const AltsServerCredentialsOptions& options) {
+  return ::grpc_impl::experimental::AltsServerCredentials(options);
+}
 
-/// Builds Local ServerCredentials.
-std::shared_ptr<ServerCredentials> LocalServerCredentials(
-    grpc_local_connect_type type);
+static inline std::shared_ptr<ServerCredentials> LocalServerCredentials(
+    grpc_local_connect_type type) {
+  return ::grpc_impl::experimental::LocalServerCredentials(type);
+}
 
 }  // namespace experimental
 }  // namespace grpc

+ 110 - 0
include/grpcpp/security/server_credentials_impl.h

@@ -0,0 +1,110 @@
+/*
+ *
+ * Copyright 2015 gRPC authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+
+#ifndef GRPCPP_SECURITY_SERVER_CREDENTIALS_IMPL_H
+#define GRPCPP_SECURITY_SERVER_CREDENTIALS_IMPL_H
+
+#include <memory>
+#include <vector>
+
+#include <grpc/grpc_security_constants.h>
+#include <grpcpp/security/auth_metadata_processor.h>
+#include <grpcpp/support/config.h>
+
+struct grpc_server;
+
+namespace grpc {
+
+class Server;
+} // namespace grpc
+namespace grpc_impl {
+
+/// Wrapper around \a grpc_server_credentials, a way to authenticate a server.
+class ServerCredentials {
+ public:
+  virtual ~ServerCredentials();
+
+  /// This method is not thread-safe and has to be called before the server is
+  /// started. The last call to this function wins.
+  virtual void SetAuthMetadataProcessor(
+      const std::shared_ptr<grpc::AuthMetadataProcessor>& processor) = 0;
+
+ private:
+  friend class ::grpc::Server;
+
+  /// Tries to bind \a server to the given \a addr (eg, localhost:1234,
+  /// 192.168.1.1:31416, [::1]:27182, etc.)
+  ///
+  /// \return bound port number on sucess, 0 on failure.
+  // TODO(dgq): the "port" part seems to be a misnomer.
+  virtual int AddPortToServer(const grpc::string& addr,
+                              grpc_server* server) = 0;
+};
+
+/// Options to create ServerCredentials with SSL
+struct SslServerCredentialsOptions {
+  /// \warning Deprecated
+  SslServerCredentialsOptions()
+      : force_client_auth(false),
+        client_certificate_request(GRPC_SSL_DONT_REQUEST_CLIENT_CERTIFICATE) {}
+  SslServerCredentialsOptions(
+      grpc_ssl_client_certificate_request_type request_type)
+      : force_client_auth(false), client_certificate_request(request_type) {}
+
+  struct PemKeyCertPair {
+    grpc::string private_key;
+    grpc::string cert_chain;
+  };
+  grpc::string pem_root_certs;
+  std::vector<PemKeyCertPair> pem_key_cert_pairs;
+  /// \warning Deprecated
+  bool force_client_auth;
+
+  /// If both \a force_client_auth and \a client_certificate_request
+  /// fields are set, \a force_client_auth takes effect, i.e.
+  /// \a REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY
+  /// will be enforced.
+  grpc_ssl_client_certificate_request_type client_certificate_request;
+};
+
+/// Builds SSL ServerCredentials given SSL specific options
+std::shared_ptr<ServerCredentials> SslServerCredentials(
+    const SslServerCredentialsOptions& options);
+
+/// Builds insecure server credentials.
+std::shared_ptr<ServerCredentials> InsecureServerCredentials();
+
+namespace experimental {
+
+/// Options to create ServerCredentials with ALTS
+struct AltsServerCredentialsOptions {
+  /// Add fields if needed.
+};
+
+/// Builds ALTS ServerCredentials given ALTS specific options
+std::shared_ptr<ServerCredentials> AltsServerCredentials(
+    const AltsServerCredentialsOptions& options);
+
+/// Builds Local ServerCredentials.
+std::shared_ptr<ServerCredentials> LocalServerCredentials(
+    grpc_local_connect_type type);
+
+}  // namespace experimental
+}  // namespace grpc_impl
+
+#endif  // GRPCPP_SECURITY_SERVER_CREDENTIALS_IMPL_H

+ 7 - 4
include/grpcpp/server_builder.h

@@ -35,6 +35,10 @@
 
 struct grpc_resource_quota;
 
+namespace grpc_impl {
+
+class ServerCredentials;
+}
 namespace grpc {
 
 class AsyncGenericService;
@@ -42,7 +46,6 @@ class ResourceQuota;
 class CompletionQueue;
 class Server;
 class ServerCompletionQueue;
-class ServerCredentials;
 class Service;
 
 namespace testing {
@@ -94,7 +97,7 @@ class ServerBuilder {
   /// it is successfully bound by BuildAndStart(), 0 otherwise. AddListeningPort
   /// does not modify this pointer.
   ServerBuilder& AddListeningPort(const grpc::string& addr_uri,
-                                  std::shared_ptr<ServerCredentials> creds,
+                                  std::shared_ptr<grpc_impl::ServerCredentials> creds,
                                   int* selected_port = nullptr);
 
   /// Add a completion queue for handling asynchronous services.
@@ -247,7 +250,7 @@ class ServerBuilder {
   /// Experimental, to be deprecated
   struct Port {
     grpc::string addr;
-    std::shared_ptr<ServerCredentials> creds;
+    std::shared_ptr<grpc_impl::ServerCredentials> creds;
     int* selected_port;
   };
 
@@ -315,7 +318,7 @@ class ServerBuilder {
   /// List of completion queues added via \a AddCompletionQueue method.
   std::vector<ServerCompletionQueue*> cqs_;
 
-  std::shared_ptr<ServerCredentials> creds_;
+  std::shared_ptr<grpc_impl::ServerCredentials> creds_;
   std::vector<std::unique_ptr<ServerBuilderPlugin>> plugins_;
   grpc_resource_quota* resource_quota_;
   AsyncGenericService* generic_service_{nullptr};

+ 3 - 3
src/cpp/server/insecure_server_credentials.cc

@@ -21,7 +21,7 @@
 #include <grpc/grpc.h>
 #include <grpc/support/log.h>
 
-namespace grpc {
+namespace grpc_impl {
 namespace {
 class InsecureServerCredentialsImpl final : public ServerCredentials {
  public:
@@ -29,7 +29,7 @@ class InsecureServerCredentialsImpl final : public ServerCredentials {
     return grpc_server_add_insecure_http2_port(server, addr.c_str());
   }
   void SetAuthMetadataProcessor(
-      const std::shared_ptr<AuthMetadataProcessor>& processor) override {
+      const std::shared_ptr<grpc::AuthMetadataProcessor>& processor) override {
     (void)processor;
     GPR_ASSERT(0);  // Should not be called on InsecureServerCredentials.
   }
@@ -41,4 +41,4 @@ std::shared_ptr<ServerCredentials> InsecureServerCredentials() {
       new InsecureServerCredentialsImpl());
 }
 
-}  // namespace grpc
+}  // namespace grpc_impl

+ 9 - 5
src/cpp/server/secure_server_credentials.cc

@@ -93,17 +93,21 @@ void AuthMetadataProcessorAyncWrapper::InvokeProcessor(
      status.error_message().c_str());
 }
 
+} // namespace grpc
+
+namespace grpc_impl {
+
 int SecureServerCredentials::AddPortToServer(const grpc::string& addr,
                                              grpc_server* server) {
   return grpc_server_add_secure_http2_port(server, addr.c_str(), creds_);
 }
 
 void SecureServerCredentials::SetAuthMetadataProcessor(
-    const std::shared_ptr<AuthMetadataProcessor>& processor) {
-  auto* wrapper = new AuthMetadataProcessorAyncWrapper(processor);
+    const std::shared_ptr<grpc::AuthMetadataProcessor>& processor) {
+  auto* wrapper = new grpc::AuthMetadataProcessorAyncWrapper(processor);
   grpc_server_credentials_set_auth_metadata_processor(
-      creds_, {AuthMetadataProcessorAyncWrapper::Process,
-               AuthMetadataProcessorAyncWrapper::Destroy, wrapper});
+      creds_, {grpc::AuthMetadataProcessorAyncWrapper::Process,
+               grpc::AuthMetadataProcessorAyncWrapper::Destroy, wrapper});
 }
 
 std::shared_ptr<ServerCredentials> SslServerCredentials(
@@ -147,4 +151,4 @@ std::shared_ptr<ServerCredentials> LocalServerCredentials(
 }
 
 }  // namespace experimental
-}  // namespace grpc
+}  // namespace grpc_impl

+ 16 - 3
src/cpp/server/secure_server_credentials.h

@@ -27,8 +27,15 @@
 
 #include "src/cpp/server/thread_pool_interface.h"
 
+namespace grpc_impl {
+
+class SecureServerCredentials;
+} // namespace grpc_impl
+
 namespace grpc {
 
+typedef ::grpc_impl::SecureServerCredentials SecureServerCredentials;
+
 class AuthMetadataProcessorAyncWrapper final {
  public:
   static void Destroy(void* wrapper);
@@ -49,6 +56,10 @@ class AuthMetadataProcessorAyncWrapper final {
   std::shared_ptr<AuthMetadataProcessor> processor_;
 };
 
+} // namespace grpc
+
+namespace grpc_impl {
+
 class SecureServerCredentials final : public ServerCredentials {
  public:
   explicit SecureServerCredentials(grpc_server_credentials* creds)
@@ -60,13 +71,15 @@ class SecureServerCredentials final : public ServerCredentials {
   int AddPortToServer(const grpc::string& addr, grpc_server* server) override;
 
   void SetAuthMetadataProcessor(
-      const std::shared_ptr<AuthMetadataProcessor>& processor) override;
+      const std::shared_ptr<grpc::AuthMetadataProcessor>& processor) override;
 
  private:
   grpc_server_credentials* creds_;
-  std::unique_ptr<AuthMetadataProcessorAyncWrapper> processor_;
+  std::unique_ptr<grpc::AuthMetadataProcessorAyncWrapper> processor_;
 };
 
-}  // namespace grpc
+}  // namespace grpc_impl
+
+
 
 #endif  // GRPC_INTERNAL_CPP_SERVER_SECURE_SERVER_CREDENTIALS_H

+ 2 - 2
src/cpp/server/server_credentials.cc

@@ -16,9 +16,9 @@
  *
  */
 
-#include <grpcpp/security/server_credentials.h>
+#include <grpcpp/security/server_credentials_impl.h>
 
-namespace grpc {
+namespace grpc_impl {
 
 ServerCredentials::~ServerCredentials() {}
 

+ 1 - 1
test/cpp/util/grpc_tool_test.cc

@@ -246,7 +246,7 @@ class GrpcToolTest : public ::testing::Test {
       SslServerCredentialsOptions ssl_opts;
       ssl_opts.pem_root_certs = "";
       ssl_opts.pem_key_cert_pairs.push_back(pkcp);
-      creds = SslServerCredentials(ssl_opts);
+      creds = grpc::SslServerCredentials(ssl_opts);
     } else {
       creds = InsecureServerCredentials();
     }

+ 1 - 1
test/cpp/util/test_credentials_provider.cc

@@ -91,7 +91,7 @@ class DefaultCredentialsProvider : public CredentialsProvider {
       SslServerCredentialsOptions ssl_opts;
       ssl_opts.pem_root_certs = "";
       ssl_opts.pem_key_cert_pairs.push_back(pkcp);
-      return SslServerCredentials(ssl_opts);
+      return grpc::SslServerCredentials(ssl_opts);
     } else {
       std::unique_lock<std::mutex> lock(mu_);
       auto it(std::find(added_secure_type_names_.begin(),