| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137 | /* * * Copyright 2015, Google Inc. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are * met: * *     * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. *     * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following disclaimer * in the documentation and/or other materials provided with the * distribution. *     * Neither the name of Google Inc. nor the names of its * contributors may be used to endorse or promote products derived from * this software without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */#ifndef GRPCXX_CREDENTIALS_H#define GRPCXX_CREDENTIALS_H#include <chrono>#include <memory>#include <grpc++/config.h>namespace grpc {class ChannelArguments;class ChannelInterface;class SecureCredentials;class Credentials { public:  virtual ~Credentials(); protected:  friend std::unique_ptr<Credentials> CompositeCredentials(      const std::unique_ptr<Credentials>& creds1,      const std::unique_ptr<Credentials>& creds2);  virtual SecureCredentials* AsSecureCredentials() = 0; private:  friend std::shared_ptr<ChannelInterface> CreateChannel(      const grpc::string& target, const std::unique_ptr<Credentials>& creds,      const ChannelArguments& args);  virtual std::shared_ptr<ChannelInterface> CreateChannel(      const grpc::string& target, const ChannelArguments& args) = 0;};// Options used to build SslCredentials// pem_roots_cert is the buffer containing the PEM encoding of the server root// certificates. If this parameter is empty, the default roots will be used.// pem_private_key is the buffer containing the PEM encoding of the client's// private key. This parameter can be empty if the client does not have a// private key.// pem_cert_chain is the buffer containing the PEM encoding of the client's// certificate chain. This parameter can be empty if the client does not have// a certificate chain.struct SslCredentialsOptions {  grpc::string pem_root_certs;  grpc::string pem_private_key;  grpc::string pem_cert_chain;};// Factories for building different types of Credentials// The functions may return empty unique_ptr when credentials cannot be created.// If a Credentials pointer is returned, it can still be invalid when used to// create a channel. A lame channel will be created then and all rpcs will// fail on it.// Builds credentials with reasonable defaults.std::unique_ptr<Credentials> GoogleDefaultCredentials();// Builds SSL Credentials given SSL specific optionsstd::unique_ptr<Credentials> SslCredentials(    const SslCredentialsOptions& options);// Builds credentials for use when running in GCEstd::unique_ptr<Credentials> ComputeEngineCredentials();// Builds service account credentials.// json_key is the JSON key string containing the client's private key.// scope is a space-delimited list of the requested permissions.// token_lifetime is the lifetime of each token acquired through this service// account credentials. It should be positive and should not exceed// grpc_max_auth_token_lifetime or will be cropped to this value.std::unique_ptr<Credentials> ServiceAccountCredentials(    const grpc::string& json_key, const grpc::string& scope,    std::chrono::seconds token_lifetime);// Builds JWT credentials.// json_key is the JSON key string containing the client's private key.// token_lifetime is the lifetime of each Json Web Token (JWT) created with// this credentials.  It should not exceed grpc_max_auth_token_lifetime or// will be cropped to this value.std::unique_ptr<Credentials> JWTCredentials(    const grpc::string& json_key, std::chrono::seconds token_lifetime);// Builds refresh token credentials.// json_refresh_token is the JSON string containing the refresh token along// with a client_id and client_secret.std::unique_ptr<Credentials> RefreshTokenCredentials(    const grpc::string& json_refresh_token);// Builds IAM credentials.std::unique_ptr<Credentials> IAMCredentials(    const grpc::string& authorization_token,    const grpc::string& authority_selector);// Combines two credentials objects into a composite credentialsstd::unique_ptr<Credentials> CompositeCredentials(    const std::unique_ptr<Credentials>& creds1,    const std::unique_ptr<Credentials>& creds2);// Credentials for an unencrypted, unauthenticated channelstd::unique_ptr<Credentials> InsecureCredentials();}  // namespace grpc#endif  // GRPCXX_CREDENTIALS_H
 |