Go to the documentation of this file.
19 #ifndef GRPCPP_SECURITY_CREDENTIALS_H
20 #define GRPCPP_SECURITY_CREDENTIALS_H
39 class CallCredentials;
40 class SecureCallCredentials;
41 class SecureChannelCredentials;
42 class ChannelCredentials;
45 const grpc::string& target,
46 const std::shared_ptr<grpc::ChannelCredentials>& creds,
49 namespace experimental {
51 const grpc::string& target,
52 const std::shared_ptr<grpc::ChannelCredentials>& creds,
55 std::unique_ptr<grpc::experimental::ClientInterceptorFactoryInterface>>
56 interceptor_creators);
59 "Use grpc::XdsCredentials instead. The experimental version will be "
60 "deleted after the 1.41 release.")
62 const
std::shared_ptr<ChannelCredentials>& fallback_creds);
67 const
std::shared_ptr<ChannelCredentials>& fallback_creds);
82 const std::shared_ptr<ChannelCredentials>& channel_creds,
83 const std::shared_ptr<CallCredentials>& call_creds);
90 const std::shared_ptr<ChannelCredentials>& fallback_creds);
92 virtual SecureChannelCredentials* AsSecureCredentials() = 0;
96 const grpc::string& target,
97 const std::shared_ptr<grpc::ChannelCredentials>& creds,
100 friend std::shared_ptr<grpc::Channel>
102 const grpc::string& target,
103 const std::shared_ptr<grpc::ChannelCredentials>& creds,
105 std::vector<std::unique_ptr<
107 interceptor_creators);
109 virtual std::shared_ptr<Channel> CreateChannelImpl(
114 virtual std::shared_ptr<Channel> CreateChannelWithInterceptors(
116 std::vector<std::unique_ptr<
125 virtual bool IsInsecure()
const {
return false; }
138 virtual bool ApplyToCall(
grpc_call* call) = 0;
140 return "CallCredentials did not provide a debug string";
145 const std::shared_ptr<ChannelCredentials>& channel_creds,
146 const std::shared_ptr<CallCredentials>& call_creds);
149 const std::shared_ptr<CallCredentials>& creds1,
150 const std::shared_ptr<CallCredentials>& creds2);
152 virtual SecureCallCredentials* AsSecureCredentials() = 0;
207 const grpc::string& json_key,
219 const grpc::string& json_refresh_token);
230 const grpc::string& access_token);
239 const grpc::string& authorization_token,
240 const grpc::string& authority_selector);
245 const std::shared_ptr<ChannelCredentials>& channel_creds,
246 const std::shared_ptr<CallCredentials>& call_creds);
250 const std::shared_ptr<CallCredentials>& creds1,
251 const std::shared_ptr<CallCredentials>& creds2);
266 virtual const char*
GetType()
const {
return ""; }
276 std::multimap<grpc::string, grpc::string>* metadata) = 0;
279 return "MetadataCredentialsPlugin did not provide a debug string";
284 std::unique_ptr<MetadataCredentialsPlugin> plugin);
290 const grpc::string& json_string,
const std::vector<grpc::string>& scopes);
292 namespace experimental {
323 std::unique_ptr<MetadataCredentialsPlugin> plugin,
349 #endif // GRPCPP_SECURITY_CREDENTIALS_H
std::shared_ptr< CallCredentials > StsCredentials(const StsCredentialsOptions &options)
Classes that require gRPC to be initialized should inherit from this class.
Definition: grpc_library.h:40
std::shared_ptr< ChannelCredentials > TlsCredentials(const TlsChannelCredentialsOptions &options)
Builds TLS Credentials given TLS options.
std::shared_ptr< ChannelCredentials > XdsCredentials(const std::shared_ptr< ChannelCredentials > &fallback_creds)
Builds XDS Credentials.
This class is a non owning reference to a string.
Definition: string_ref.h:43
grpc::Status StsCredentialsOptionsFromJson(const std::string &json_string, StsCredentialsOptions *options)
grpc::string pem_cert_chain
The buffer containing the PEM encoding of the client's certificate chain.
Definition: credentials.h:171
Options for creating STS Oauth Token Exchange credentials following the IETF draft https://tools....
Definition: credentials.h:299
grpc::string pem_private_key
The buffer containing the PEM encoding of the client's private key.
Definition: credentials.h:166
An Alarm posts the user-provided tag to its associated completion queue or invokes the user-provided ...
Definition: alarm.h:33
std::shared_ptr< ChannelCredentials > GoogleDefaultCredentials()
Builds credentials with reasonable defaults.
grpc::string pem_root_certs
The buffer containing the PEM encoding of the server root certificates.
Definition: credentials.h:162
std::shared_ptr< ChannelCredentials > AltsCredentials(const AltsCredentialsOptions &options)
Builds ALTS Credentials given ALTS specific options.
grpc::Status StsCredentialsOptionsFromEnv(StsCredentialsOptions *options)
Creates STS credentials options from the $STS_CREDENTIALS environment variable.
Options used to build SslCredentials.
Definition: credentials.h:156
std::shared_ptr< ChannelCredentials > SslCredentials(const SslCredentialsOptions &options)
Builds SSL Credentials given SSL specific options.
std::shared_ptr< CallCredentials > MetadataCredentialsFromPlugin(std::unique_ptr< MetadataCredentialsPlugin > plugin, grpc_security_level min_security_level)
grpc::string scope
Definition: credentials.h:303
virtual grpc::string DebugString()
Definition: credentials.h:139
grpc::string subject_token_path
Definition: credentials.h:305
Options for channel creation.
Definition: channel_arguments.h:39
grpc::string token_exchange_service_uri
Definition: credentials.h:300
std::shared_ptr< CallCredentials > ServiceAccountJWTAccessCredentials(const grpc::string &json_key, long token_lifetime_seconds=kMaxAuthTokenLifetimeSecs)
Builds Service Account JWT Access credentials.
Did it work? If it didn't, why?
Definition: status.h:33
Options used to build AltsCredentials.
Definition: credentials.h:327
A call credentials object encapsulates the state needed by a client to authenticate with a server for...
Definition: credentials.h:132
grpc::string subject_token_type
Definition: credentials.h:306
Definition: tls_credentials_options.h:125
grpc::string audience
Definition: credentials.h:302
struct grpc_call grpc_call
A Call represents an RPC.
Definition: grpc_types.h:69
grpc::string resource
Definition: credentials.h:301
Class encapsulating the Authentication Information.
Definition: auth_context.h:67
std::shared_ptr< ChannelCredentials > LocalCredentials(grpc_local_connect_type type)
Builds Local Credentials.
std::shared_ptr< CallCredentials > ExternalAccountCredentials(const grpc::string &json_string, const std::vector< grpc::string > &scopes)
Builds External Account credentials.
std::shared_ptr< CallCredentials > GoogleComputeEngineCredentials()
Builds credentials for use when running in GCE.
grpc::string actor_token_type
Definition: credentials.h:308
std::vector< grpc::string > target_service_accounts
service accounts of target endpoint that will be acceptable by the client.
Definition: credentials.h:331
grpc_security_level
Definition: grpc_security_constants.h:131
std::shared_ptr< ChannelCredentials > InsecureChannelCredentials()
Credentials for an unencrypted, unauthenticated channel.
std::shared_ptr< CallCredentials > GoogleRefreshTokenCredentials(const grpc::string &json_refresh_token)
Builds refresh token credentials.
grpc::string requested_token_type
Definition: credentials.h:304
Definition: client_interceptor.h:48
std::shared_ptr< Channel > CreateCustomChannelWithInterceptors(const grpc::string &target, const std::shared_ptr< ChannelCredentials > &creds, const ChannelArguments &args, std::vector< std::unique_ptr< experimental::ClientInterceptorFactoryInterface >> interceptor_creators)
Create a new custom Channel pointing to target with interceptors being invoked per call.
A channel credentials object encapsulates all the state needed by a client to authenticate with a ser...
Definition: credentials.h:75
Definition: async_unary_call.h:407
std::shared_ptr< Channel > CreateCustomChannel(const grpc::string &target, const std::shared_ptr< ChannelCredentials > &creds, const ChannelArguments &args)
Create a new custom Channel pointing to target.
std::shared_ptr< ChannelCredentials > CompositeChannelCredentials(const std::shared_ptr< ChannelCredentials > &channel_creds, const std::shared_ptr< CallCredentials > &call_creds)
Combines a channel credentials and a call credentials into a composite channel credentials.
std::shared_ptr< CallCredentials > CompositeCallCredentials(const std::shared_ptr< CallCredentials > &creds1, const std::shared_ptr< CallCredentials > &creds2)
Combines two call credentials objects into a composite call credentials.
constexpr long kMaxAuthTokenLifetimeSecs
Definition: credentials.h:199
std::shared_ptr< CallCredentials > AccessTokenCredentials(const grpc::string &access_token)
Builds access token credentials.
grpc::string actor_token_path
Definition: credentials.h:307
grpc_local_connect_type
Type of local connections for which local channel/server credentials will be applied.
Definition: grpc_security_constants.h:143
std::shared_ptr< CallCredentials > GoogleIAMCredentials(const grpc::string &authorization_token, const grpc::string &authority_selector)
Builds IAM credentials.