GRPC C++  1.39.1
oauth2_credentials.h
Go to the documentation of this file.
1 /*
2  *
3  * Copyright 2016 gRPC authors.
4  *
5  * Licensed under the Apache License, Version 2.0 (the "License");
6  * you may not use this file except in compliance with the License.
7  * You may obtain a copy of the License at
8  *
9  * http://www.apache.org/licenses/LICENSE-2.0
10  *
11  * Unless required by applicable law or agreed to in writing, software
12  * distributed under the License is distributed on an "AS IS" BASIS,
13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  * See the License for the specific language governing permissions and
15  * limitations under the License.
16  *
17  */
18 
19 #ifndef GRPC_CORE_LIB_SECURITY_CREDENTIALS_OAUTH2_OAUTH2_CREDENTIALS_H
20 #define GRPC_CORE_LIB_SECURITY_CREDENTIALS_OAUTH2_OAUTH2_CREDENTIALS_H
21 
23 
24 #include <string>
25 
26 #include <grpc/grpc_security.h>
27 #include "src/core/lib/json/json.h"
30 
31 // Constants.
32 #define GRPC_STS_POST_MINIMAL_BODY_FORMAT_STRING \
33  "grant_type=urn:ietf:params:oauth:grant-type:token-exchange&subject_token=%" \
34  "s&subject_token_type=%s"
35 
36 // auth_refresh_token parsing.
38  const char* type;
39  char* client_id;
42 };
45  const grpc_auth_refresh_token* refresh_token);
46 
50  const char* json_string);
51 
55  const grpc_core::Json& json);
56 
59 
60 // -- Oauth2 Token Fetcher credentials --
61 //
62 // This object is a base for credentials that need to acquire an oauth2 token
63 // from an http service.
64 
70 };
71 
73  public:
76 
80  grpc_closure* on_request_metadata,
81  grpc_error_handle* error) override;
82 
84  grpc_error_handle error) override;
85 
88  std::string debug_string() override;
89 
90  protected:
92  grpc_httpcli_context* httpcli_context,
94  grpc_millis deadline) = 0;
95 
96  private:
97  gpr_mu mu_;
98  grpc_mdelem access_token_md_ = GRPC_MDNULL;
99  gpr_timespec token_expiration_;
100  bool token_fetch_pending_ = false;
101  grpc_oauth2_pending_get_request_metadata* pending_requests_ = nullptr;
102  grpc_httpcli_context httpcli_context_;
103  grpc_polling_entity pollent_;
104 };
105 
106 // Google refresh token credentials.
109  public:
113 
115  return refresh_token_;
116  }
117 
118  std::string debug_string() override;
119 
120  protected:
122  grpc_httpcli_context* httpcli_context,
124  grpc_millis deadline) override;
125 
126  private:
127  grpc_auth_refresh_token refresh_token_;
128  grpc_closure http_post_cb_closure_;
129 };
130 
131 // Access token credentials.
133  public:
134  explicit grpc_access_token_credentials(const char* access_token);
136 
140  grpc_closure* on_request_metadata,
141  grpc_error_handle* error) override;
142 
144  grpc_error_handle error) override;
145 
146  std::string debug_string() override;
147 
148  private:
149  grpc_mdelem access_token_md_;
150 };
151 
152 // Private constructor for refresh token credentials from an already parsed
153 // refresh token. Takes ownership of the refresh token.
157 
158 // Exposed for testing only.
161  const struct grpc_http_response* response, grpc_mdelem* token_md,
162  grpc_millis* token_lifetime);
163 
164 namespace grpc_core {
165 // Exposed for testing only. This function validates the options, ensuring that
166 // the required fields are set, and outputs the parsed URL of the STS token
167 // exchanged service.
168 absl::StatusOr<URI> ValidateStsCredentialsOptions(
169  const grpc_sts_credentials_options* options);
170 } // namespace grpc_core
171 
172 #endif /* GRPC_CORE_LIB_SECURITY_CREDENTIALS_OAUTH2_OAUTH2_CREDENTIALS_H */
Definition: oauth2_credentials.h:132
std::string debug_string() override
Definition: oauth2_credentials.cc:742
~grpc_access_token_credentials() override
Definition: oauth2_credentials.cc:716
grpc_access_token_credentials(const char *access_token)
Definition: oauth2_credentials.cc:733
void cancel_get_request_metadata(grpc_credentials_mdelem_array *md_array, grpc_error_handle error) override
Definition: oauth2_credentials.cc:728
bool get_request_metadata(grpc_polling_entity *pollent, grpc_auth_metadata_context context, grpc_credentials_mdelem_array *md_array, grpc_closure *on_request_metadata, grpc_error_handle *error) override
Definition: oauth2_credentials.cc:720
Definition: json.h:38
Definition: oauth2_credentials.h:108
std::string debug_string() override
Definition: oauth2_credentials.cc:483
void fetch_oauth2(grpc_credentials_metadata_request *req, grpc_httpcli_context *httpcli_context, grpc_polling_entity *pollent, grpc_iomgr_cb_func cb, grpc_millis deadline) override
Definition: oauth2_credentials.cc:438
~grpc_google_refresh_token_credentials() override
Definition: oauth2_credentials.cc:434
const grpc_auth_refresh_token & refresh_token() const
Definition: oauth2_credentials.h:114
grpc_google_refresh_token_credentials(grpc_auth_refresh_token refresh_token)
Definition: oauth2_credentials.cc:468
Definition: oauth2_credentials.h:72
void on_http_response(grpc_credentials_metadata_request *r, grpc_error_handle error)
Definition: oauth2_credentials.cc:234
virtual void fetch_oauth2(grpc_credentials_metadata_request *req, grpc_httpcli_context *httpcli_context, grpc_polling_entity *pollent, grpc_iomgr_cb_func cb, grpc_millis deadline)=0
void cancel_get_request_metadata(grpc_credentials_mdelem_array *md_array, grpc_error_handle error) override
Definition: oauth2_credentials.cc:328
std::string debug_string() override
Definition: oauth2_credentials.cc:364
grpc_oauth2_token_fetcher_credentials()
Definition: oauth2_credentials.cc:355
bool get_request_metadata(grpc_polling_entity *pollent, grpc_auth_metadata_context context, grpc_credentials_mdelem_array *md_array, grpc_closure *on_request_metadata, grpc_error_handle *error) override
Definition: oauth2_credentials.cc:278
~grpc_oauth2_token_fetcher_credentials() override
Definition: oauth2_credentials.cc:129
void(* grpc_iomgr_cb_func)(void *arg, grpc_error_handle error)
gRPC Callback definition.
Definition: closure.h:53
int64_t grpc_millis
Definition: exec_ctx.h:37
pthread_mutex_t gpr_mu
Definition: sync_posix.h:45
grpc_error_handle error
Definition: lame_client.cc:54
#define GRPC_MDNULL
Definition: metadata.h:403
Round Robin Policy.
Definition: backend_metric.cc:26
absl::StatusOr< URI > ValidateStsCredentialsOptions(const grpc_sts_credentials_options *options)
Definition: oauth2_credentials.cc:658
void grpc_auth_refresh_token_destruct(grpc_auth_refresh_token *refresh_token)
Destructs the object.
Definition: oauth2_credentials.cc:107
grpc_auth_refresh_token grpc_auth_refresh_token_create_from_json(const grpc_core::Json &json)
Creates a refresh token object from parsed json.
Definition: oauth2_credentials.cc:59
grpc_credentials_status grpc_oauth2_token_fetcher_credentials_parse_server_response(const struct grpc_http_response *response, grpc_mdelem *token_md, grpc_millis *token_lifetime)
int grpc_auth_refresh_token_is_valid(const grpc_auth_refresh_token *refresh_token)
Returns 1 if the object is valid, 0 otherwise.
Definition: oauth2_credentials.cc:53
grpc_auth_refresh_token grpc_auth_refresh_token_create_from_string(const char *json_string)
Creates a refresh token object from string.
Definition: oauth2_credentials.cc:95
grpc_core::RefCountedPtr< grpc_call_credentials > grpc_refresh_token_credentials_create_from_auth_refresh_token(grpc_auth_refresh_token token)
Definition: oauth2_credentials.cc:473
grpc_credentials_status
Definition: credentials.h:43
Analogous to struct timespec.
Definition: gpr_types.h:47
Context that can be used by metadata credentials plugin in order to create auth related metadata.
Definition: grpc_security.h:402
Definition: oauth2_credentials.h:37
char * refresh_token
Definition: oauth2_credentials.h:41
char * client_id
Definition: oauth2_credentials.h:39
const char * type
Definition: oauth2_credentials.h:38
char * client_secret
Definition: oauth2_credentials.h:40
Definition: credentials.h:173
A closure over a grpc_iomgr_cb_func.
Definition: closure.h:56
Definition: credentials.h:153
Definition: credentials.h:263
Definition: error_internal.h:41
Definition: parser.h:71
Definition: httpcli.h:40
Definition: metadata.h:98
Definition: oauth2_credentials.h:65
grpc_closure * on_request_metadata
Definition: oauth2_credentials.h:67
grpc_credentials_mdelem_array * md_array
Definition: oauth2_credentials.h:66
struct grpc_oauth2_pending_get_request_metadata * next
Definition: oauth2_credentials.h:69
grpc_polling_entity * pollent
Definition: oauth2_credentials.h:68
Definition: polling_entity.h:37
Options for creating STS Oauth Token Exchange credentials following the IETF draft https://tools....
Definition: grpc_security.h:366