19 #ifndef GRPCPP_SECURITY_CREDENTIALS_H
20 #define GRPCPP_SECURITY_CREDENTIALS_H
39 class CallCredentials;
40 class SecureCallCredentials;
41 class SecureChannelCredentials;
42 class ChannelCredentials;
45 const grpc::string& target,
46 const std::shared_ptr<grpc::ChannelCredentials>& creds,
49 namespace experimental {
51 const grpc::string& target,
52 const std::shared_ptr<grpc::ChannelCredentials>& creds,
55 std::unique_ptr<grpc::experimental::ClientInterceptorFactoryInterface>>
56 interceptor_creators);
60 const std::shared_ptr<ChannelCredentials>& fallback_creds);
76 const std::shared_ptr<ChannelCredentials>& channel_creds,
77 const std::shared_ptr<CallCredentials>& call_creds);
84 const std::shared_ptr<ChannelCredentials>& fallback_creds);
90 const grpc::string& target,
91 const std::shared_ptr<grpc::ChannelCredentials>& creds,
94 friend std::shared_ptr<grpc::Channel>
96 const grpc::string& target,
97 const std::shared_ptr<grpc::ChannelCredentials>& creds,
99 std::vector<std::unique_ptr<
101 interceptor_creators);
103 virtual std::shared_ptr<Channel> CreateChannelImpl(
108 virtual std::shared_ptr<Channel> CreateChannelWithInterceptors(
110 std::vector<std::unique_ptr<
119 virtual bool IsInsecure()
const {
return false; }
134 return "CallCredentials did not provide a debug string";
139 const std::shared_ptr<ChannelCredentials>& channel_creds,
140 const std::shared_ptr<CallCredentials>& call_creds);
143 const std::shared_ptr<CallCredentials>& creds1,
144 const std::shared_ptr<CallCredentials>& creds2);
201 const grpc::string& json_key,
213 const grpc::string& json_refresh_token);
224 const grpc::string& access_token);
233 const grpc::string& authorization_token,
234 const grpc::string& authority_selector);
239 const std::shared_ptr<ChannelCredentials>& channel_creds,
240 const std::shared_ptr<CallCredentials>& call_creds);
244 const std::shared_ptr<CallCredentials>& creds1,
245 const std::shared_ptr<CallCredentials>& creds2);
260 virtual const char*
GetType()
const {
return ""; }
270 std::multimap<grpc::string, grpc::string>* metadata) = 0;
273 return "MetadataCredentialsPlugin did not provide a debug string";
278 std::unique_ptr<MetadataCredentialsPlugin> plugin);
284 const grpc::string& json_string,
const std::vector<grpc::string>& scopes);
286 namespace experimental {
317 std::unique_ptr<MetadataCredentialsPlugin> plugin,
Class encapsulating the Authentication Information.
Definition: auth_context.h:65
A call credentials object encapsulates the state needed by a client to authenticate with a server for...
Definition: credentials.h:126
friend std::shared_ptr< CallCredentials > CompositeCallCredentials(const std::shared_ptr< CallCredentials > &creds1, const std::shared_ptr< CallCredentials > &creds2)
Combines two call credentials objects into a composite call credentials.
virtual SecureCallCredentials * AsSecureCredentials()=0
virtual grpc::string DebugString()
Definition: credentials.h:133
virtual bool ApplyToCall(grpc_call *call)=0
Apply this instance's credentials to call.
friend std::shared_ptr< ChannelCredentials > CompositeChannelCredentials(const std::shared_ptr< ChannelCredentials > &channel_creds, const std::shared_ptr< CallCredentials > &call_creds)
Combines a channel credentials and a call credentials into a composite channel credentials.
~CallCredentials() override
Options for channel creation.
Definition: channel_arguments.h:39
A channel credentials object encapsulates all the state needed by a client to authenticate with a ser...
Definition: credentials.h:69
friend std::shared_ptr< grpc::Channel > CreateCustomChannel(const grpc::string &target, const std::shared_ptr< grpc::ChannelCredentials > &creds, const grpc::ChannelArguments &args)
~ChannelCredentials() override
friend std::shared_ptr< ChannelCredentials > CompositeChannelCredentials(const std::shared_ptr< ChannelCredentials > &channel_creds, const std::shared_ptr< CallCredentials > &call_creds)
Combines a channel credentials and a call credentials into a composite channel credentials.
virtual SecureChannelCredentials * AsSecureCredentials()=0
Classes that require gRPC to be initialized should inherit from this class.
Definition: grpc_library.h:38
Did it work? If it didn't, why?
Definition: status.h:31
Definition: client_interceptor.h:46
Definition: tls_credentials_options.h:208
This class is a non owning reference to a string.
Definition: string_ref.h:41
grpc_local_connect_type
Type of local connections for which local channel/server credentials will be applied.
Definition: grpc_security_constants.h:155
grpc_security_level
Definition: grpc_security_constants.h:129
struct grpc_call grpc_call
A Call represents an RPC.
Definition: grpc_types.h:70
std::shared_ptr< CallCredentials > StsCredentials(const StsCredentialsOptions &options)
grpc::Status StsCredentialsOptionsFromEnv(StsCredentialsOptions *options)
Creates STS credentials options from the $STS_CREDENTIALS environment variable.
std::shared_ptr< CallCredentials > MetadataCredentialsFromPlugin(std::unique_ptr< MetadataCredentialsPlugin > plugin, grpc_security_level min_security_level)
grpc::Status StsCredentialsOptionsFromJson(const std::string &json_string, StsCredentialsOptions *options)
std::shared_ptr< ChannelCredentials > LocalCredentials(grpc_local_connect_type type)
Builds Local Credentials.
std::shared_ptr< ChannelCredentials > XdsCredentials(const std::shared_ptr< ChannelCredentials > &fallback_creds)
Builds XDS Credentials.
std::shared_ptr< ChannelCredentials > AltsCredentials(const AltsCredentialsOptions &options)
Builds ALTS Credentials given ALTS specific options.
std::shared_ptr< Channel > CreateCustomChannelWithInterceptors(const grpc::string &target, const std::shared_ptr< ChannelCredentials > &creds, const ChannelArguments &args, std::vector< std::unique_ptr< experimental::ClientInterceptorFactoryInterface >> interceptor_creators)
Create a new custom Channel pointing to target with interceptors being invoked per call.
std::shared_ptr< ChannelCredentials > TlsCredentials(const TlsChannelCredentialsOptions &options)
Builds TLS Credentials given TLS options.
An Alarm posts the user-provided tag to its associated completion queue or invokes the user-provided ...
Definition: alarm.h:33
std::shared_ptr< ChannelCredentials > CompositeChannelCredentials(const std::shared_ptr< ChannelCredentials > &channel_creds, const std::shared_ptr< CallCredentials > &call_creds)
Combines a channel credentials and a call credentials into a composite channel credentials.
std::shared_ptr< CallCredentials > ExternalAccountCredentials(const grpc::string &json_string, const std::vector< grpc::string > &scopes)
Builds External Account credentials.
std::shared_ptr< Channel > CreateCustomChannel(const grpc::string &target, const std::shared_ptr< ChannelCredentials > &creds, const ChannelArguments &args)
Create a new custom Channel pointing to target.
std::shared_ptr< ChannelCredentials > GoogleDefaultCredentials()
Builds credentials with reasonable defaults.
std::shared_ptr< ChannelCredentials > InsecureChannelCredentials()
Credentials for an unencrypted, unauthenticated channel.
std::shared_ptr< CallCredentials > MetadataCredentialsFromPlugin(std::unique_ptr< MetadataCredentialsPlugin > plugin)
std::shared_ptr< ChannelCredentials > SslCredentials(const SslCredentialsOptions &options)
Builds SSL Credentials given SSL specific options.
std::shared_ptr< CallCredentials > ServiceAccountJWTAccessCredentials(const grpc::string &json_key, long token_lifetime_seconds=kMaxAuthTokenLifetimeSecs)
Builds Service Account JWT Access credentials.
std::shared_ptr< CallCredentials > GoogleRefreshTokenCredentials(const grpc::string &json_refresh_token)
Builds refresh token credentials.
constexpr long kMaxAuthTokenLifetimeSecs
Definition: credentials.h:193
std::shared_ptr< CallCredentials > GoogleIAMCredentials(const grpc::string &authorization_token, const grpc::string &authority_selector)
Builds IAM credentials.
std::shared_ptr< CallCredentials > AccessTokenCredentials(const grpc::string &access_token)
Builds access token credentials.
std::shared_ptr< CallCredentials > GoogleComputeEngineCredentials()
Builds credentials for use when running in GCE.
std::shared_ptr< CallCredentials > CompositeCallCredentials(const std::shared_ptr< CallCredentials > &creds1, const std::shared_ptr< CallCredentials > &creds2)
Combines two call credentials objects into a composite call credentials.
Options used to build SslCredentials.
Definition: credentials.h:150
grpc::string pem_cert_chain
The buffer containing the PEM encoding of the client's certificate chain.
Definition: credentials.h:165
grpc::string pem_root_certs
The buffer containing the PEM encoding of the server root certificates.
Definition: credentials.h:156
grpc::string pem_private_key
The buffer containing the PEM encoding of the client's private key.
Definition: credentials.h:160
Options used to build AltsCredentials.
Definition: credentials.h:321
std::vector< grpc::string > target_service_accounts
service accounts of target endpoint that will be acceptable by the client.
Definition: credentials.h:325
Options for creating STS Oauth Token Exchange credentials following the IETF draft https://tools....
Definition: credentials.h:293
grpc::string scope
Definition: credentials.h:297
grpc::string token_exchange_service_uri
Definition: credentials.h:294
grpc::string actor_token_path
Definition: credentials.h:301
grpc::string subject_token_path
Definition: credentials.h:299
grpc::string actor_token_type
Definition: credentials.h:302
grpc::string audience
Definition: credentials.h:296
grpc::string resource
Definition: credentials.h:295
grpc::string requested_token_type
Definition: credentials.h:298
grpc::string subject_token_type
Definition: credentials.h:300