grpc_security.h File Reference

#include <stdbool.h>
#include <grpc/grpc.h>
#include <grpc/grpc_security_constants.h>
#include <grpc/status.h>
#include <grpc/support/port_platform.h>

Go to the source code of this file.

Data Structures
struct	grpc_auth_property_iterator
struct	grpc_auth_property
	value, if not NULL, is guaranteed to be NULL terminated. More...

Typedefs
typedef struct grpc_auth_context	grpc_auth_context
	— Authentication Context. More...
typedef struct grpc_auth_property_iterator	grpc_auth_property_iterator
typedef struct grpc_auth_property	grpc_auth_property
	value, if not NULL, is guaranteed to be NULL terminated. More...
typedef struct grpc_authorization_policy_provider	grpc_authorization_policy_provider
	EXPERIMENTAL - Subject to change. More...

Functions
const GRPCAPI grpc_auth_property *	grpc_auth_property_iterator_next (grpc_auth_property_iterator *it)
	Returns NULL when the iterator is at the end. More...
GRPCAPI grpc_auth_property_iterator	grpc_auth_context_property_iterator (const grpc_auth_context *ctx)
	Iterates over the auth context. More...
GRPCAPI grpc_auth_property_iterator	grpc_auth_context_peer_identity (const grpc_auth_context *ctx)
	Gets the peer identity. More...
GRPCAPI grpc_auth_property_iterator	grpc_auth_context_find_properties_by_name (const grpc_auth_context *ctx, const char *name)
	Finds a property in the context. More...
const GRPCAPI char *	grpc_auth_context_peer_identity_property_name (const grpc_auth_context *ctx)
	Gets the name of the property that indicates the peer identity. More...
GRPCAPI int	grpc_auth_context_peer_is_authenticated (const grpc_auth_context *ctx)
	Returns 1 if the peer is authenticated, 0 otherwise. More...
GRPCAPI grpc_auth_context *	grpc_call_auth_context (grpc_call *call)
	Gets the auth context from the call. More...
GRPCAPI void	grpc_auth_context_release (grpc_auth_context *context)
	Releases the auth context returned from grpc_call_auth_context. More...
GRPCAPI void	grpc_auth_context_add_property (grpc_auth_context *ctx, const char *name, const char *value, size_t value_length)
	– The following auth context methods should only be called by a server metadata More...
GRPCAPI void	grpc_auth_context_add_cstring_property (grpc_auth_context *ctx, const char *name, const char *value)
	Add a C string property. More...
GRPCAPI int	grpc_auth_context_set_peer_identity_property_name (grpc_auth_context *ctx, const char *name)
	Sets the property name. More...
GRPCAPI grpc_authorization_policy_provider *	grpc_authorization_policy_provider_static_data_create (const char *authz_policy, grpc_status_code *code, const char **error_details)
	EXPERIMENTAL - Subject to change. More...
GRPCAPI grpc_authorization_policy_provider *	grpc_authorization_policy_provider_file_watcher_create (const char *authz_policy_path, unsigned int refresh_interval_sec, grpc_status_code *code, const char **error_details)
	EXPERIMENTAL - Subject to change. More...
GRPCAPI void	grpc_authorization_policy_provider_release (grpc_authorization_policy_provider *provider)
	EXPERIMENTAL - Subject to change. More...

Typedef Documentation

grpc_auth_context

typedef struct grpc_auth_context grpc_auth_context

— Authentication Context.

—

grpc_auth_property

typedef struct grpc_auth_property grpc_auth_property

value, if not NULL, is guaranteed to be NULL terminated.

grpc_auth_property_iterator

typedef struct grpc_auth_property_iterator grpc_auth_property_iterator

grpc_authorization_policy_provider

typedef struct grpc_authorization_policy_provider grpc_authorization_policy_provider

EXPERIMENTAL - Subject to change.

An opaque type that is responsible for providing authorization policies to gRPC.

Function Documentation

grpc_auth_context_add_cstring_property()

GRPCAPI void grpc_auth_context_add_cstring_property	(	grpc_auth_context *	ctx,
		const char *	name,
		const char *	value
	)

Add a C string property.

grpc_auth_context_add_property()

GRPCAPI void grpc_auth_context_add_property	(	grpc_auth_context *	ctx,
		const char *	name,
		const char *	value,
		size_t	value_length
	)

– The following auth context methods should only be called by a server metadata

processor to set properties extracted from auth metadata.

Add a property.

grpc_auth_context_find_properties_by_name()

GRPCAPI grpc_auth_property_iterator grpc_auth_context_find_properties_by_name	(	const grpc_auth_context *	ctx,
		const char *	name
	)

Finds a property in the context.

May return an empty iterator (first _next will return NULL) if no property with this name was found in the context.

grpc_auth_context_peer_identity()

GRPCAPI grpc_auth_property_iterator grpc_auth_context_peer_identity

(

const grpc_auth_context *

ctx

)

Gets the peer identity.

Returns an empty iterator (first _next will return NULL) if the peer is not authenticated.

grpc_auth_context_peer_identity_property_name()

const GRPCAPI char* grpc_auth_context_peer_identity_property_name

(

const grpc_auth_context *

ctx

)

Gets the name of the property that indicates the peer identity.

Will return NULL if the peer is not authenticated.

grpc_auth_context_peer_is_authenticated()

GRPCAPI int grpc_auth_context_peer_is_authenticated

(

const grpc_auth_context *

ctx

)

Returns 1 if the peer is authenticated, 0 otherwise.

grpc_auth_context_property_iterator()

GRPCAPI grpc_auth_property_iterator grpc_auth_context_property_iterator

(

const grpc_auth_context *

ctx

)

Iterates over the auth context.

grpc_auth_context_release()

GRPCAPI void grpc_auth_context_release

(

grpc_auth_context *

context

)

Releases the auth context returned from grpc_call_auth_context.

grpc_auth_context_set_peer_identity_property_name()

GRPCAPI int grpc_auth_context_set_peer_identity_property_name	(	grpc_auth_context *	ctx,
		const char *	name
	)

Sets the property name.

Returns 1 if successful or 0 in case of failure (which means that no property with this name exists).

grpc_auth_property_iterator_next()

const GRPCAPI grpc_auth_property* grpc_auth_property_iterator_next

(

grpc_auth_property_iterator *

it

)

Returns NULL when the iterator is at the end.

grpc_authorization_policy_provider_file_watcher_create()

GRPCAPI grpc_authorization_policy_provider* grpc_authorization_policy_provider_file_watcher_create	(	const char *	authz_policy_path,
		unsigned int	refresh_interval_sec,
		grpc_status_code *	code,
		const char **	error_details
	)

EXPERIMENTAL - Subject to change.

Creates a grpc_authorization_policy_provider by watching for gRPC authorization policy changes in filesystem.

• authz_policy is the file path of gRPC authorization policy.
• refresh_interval_sec is the amount of time the internal thread would wait before checking for file updates.
• code is the error status code on failure. On success, it equals GRPC_STATUS_OK.
• error_details contains details about the error if any. If the initialization is successful, it will be null. Caller must use gpr_free to destroy this string.

grpc_authorization_policy_provider_release()

GRPCAPI void grpc_authorization_policy_provider_release

(

grpc_authorization_policy_provider *

provider

)

EXPERIMENTAL - Subject to change.

Releases grpc_authorization_policy_provider object. The creator of grpc_authorization_policy_provider is responsible for its release.

grpc_authorization_policy_provider_static_data_create()

GRPCAPI grpc_authorization_policy_provider* grpc_authorization_policy_provider_static_data_create	(	const char *	authz_policy,
		grpc_status_code *	code,
		const char **	error_details
	)

EXPERIMENTAL - Subject to change.

Creates a grpc_authorization_policy_provider using gRPC authorization policy from static string.

• authz_policy is the input gRPC authorization policy.
• code is the error status code on failure. On success, it equals GRPC_STATUS_OK.
• error_details contains details about the error if any. If the initialization is successful, it will be null. Caller must use gpr_free to destroy this string.

grpc_call_auth_context()

GRPCAPI grpc_auth_context* grpc_call_auth_context

(

grpc_call *

call

)

Gets the auth context from the call.

Caller needs to call grpc_auth_context_release on the returned context.