Go to the documentation of this file.
19 #ifndef GRPCPP_SECURITY_CREDENTIALS_H
20 #define GRPCPP_SECURITY_CREDENTIALS_H
39 class CallCredentials;
40 class SecureCallCredentials;
41 class SecureChannelCredentials;
42 class ChannelCredentials;
45 const grpc::string& target,
46 const std::shared_ptr<grpc::ChannelCredentials>& creds,
49 namespace experimental {
51 const grpc::string& target,
52 const std::shared_ptr<grpc::ChannelCredentials>& creds,
55 std::unique_ptr<grpc::experimental::ClientInterceptorFactoryInterface>>
56 interceptor_creators);
61 const std::shared_ptr<ChannelCredentials>& fallback_creds);
73 const std::shared_ptr<ChannelCredentials>& channel_creds,
74 const std::shared_ptr<CallCredentials>& call_creds);
81 const std::shared_ptr<ChannelCredentials>& fallback_creds);
87 const grpc::string& target,
88 const std::shared_ptr<grpc::ChannelCredentials>& creds,
91 friend std::shared_ptr<grpc::Channel>
93 const grpc::string& target,
94 const std::shared_ptr<grpc::ChannelCredentials>& creds,
96 std::vector<std::unique_ptr<
98 interceptor_creators);
100 virtual std::shared_ptr<Channel> CreateChannelImpl(
105 virtual std::shared_ptr<Channel> CreateChannelWithInterceptors(
107 std::vector<std::unique_ptr<
116 virtual bool IsInsecure()
const {
return false; }
128 return "CallCredentials did not provide a debug string";
133 const std::shared_ptr<ChannelCredentials>& channel_creds,
134 const std::shared_ptr<CallCredentials>& call_creds);
137 const std::shared_ptr<CallCredentials>& creds1,
138 const std::shared_ptr<CallCredentials>& creds2);
195 const grpc::string& json_key,
207 const grpc::string& json_refresh_token);
218 const grpc::string& access_token);
227 const grpc::string& authorization_token,
228 const grpc::string& authority_selector);
233 const std::shared_ptr<ChannelCredentials>& channel_creds,
234 const std::shared_ptr<CallCredentials>& call_creds);
238 const std::shared_ptr<CallCredentials>& creds1,
239 const std::shared_ptr<CallCredentials>& creds2);
254 virtual const char*
GetType()
const {
return ""; }
264 std::multimap<grpc::string, grpc::string>* metadata) = 0;
267 return "MetadataCredentialsPlugin did not provide a debug string";
272 std::unique_ptr<MetadataCredentialsPlugin> plugin);
278 const grpc::string& json_string,
const std::vector<grpc::string>& scopes);
280 namespace experimental {
311 std::unique_ptr<MetadataCredentialsPlugin> plugin,
337 #endif // GRPCPP_SECURITY_CREDENTIALS_H
std::shared_ptr< CallCredentials > StsCredentials(const StsCredentialsOptions &options)
std::shared_ptr< ChannelCredentials > TlsCredentials(const TlsChannelCredentialsOptions &options)
Builds TLS Credentials given TLS options.
std::shared_ptr< ChannelCredentials > XdsCredentials(const std::shared_ptr< ChannelCredentials > &fallback_creds)
Builds XDS Credentials.
This class is a non owning reference to a string.
Definition: string_ref.h:41
grpc::Status StsCredentialsOptionsFromJson(const std::string &json_string, StsCredentialsOptions *options)
grpc::string pem_cert_chain
The buffer containing the PEM encoding of the client's certificate chain.
Definition: credentials.h:159
Options for creating STS Oauth Token Exchange credentials following the IETF draft https://tools....
Definition: credentials.h:287
grpc::string pem_private_key
The buffer containing the PEM encoding of the client's private key.
Definition: credentials.h:154
An Alarm posts the user-provided tag to its associated completion queue or invokes the user-provided ...
Definition: alarm.h:33
friend std::shared_ptr< ChannelCredentials > CompositeChannelCredentials(const std::shared_ptr< ChannelCredentials > &channel_creds, const std::shared_ptr< CallCredentials > &call_creds)
Combines a channel credentials and a call credentials into a composite channel credentials.
std::shared_ptr< ChannelCredentials > GoogleDefaultCredentials()
Builds credentials with reasonable defaults.
grpc::string pem_root_certs
The buffer containing the PEM encoding of the server root certificates.
Definition: credentials.h:150
virtual SecureChannelCredentials * AsSecureCredentials()=0
std::shared_ptr< ChannelCredentials > AltsCredentials(const AltsCredentialsOptions &options)
Builds ALTS Credentials given ALTS specific options.
grpc::Status StsCredentialsOptionsFromEnv(StsCredentialsOptions *options)
Creates STS credentials options from the $STS_CREDENTIALS environment variable.
friend std::shared_ptr< ChannelCredentials > CompositeChannelCredentials(const std::shared_ptr< ChannelCredentials > &channel_creds, const std::shared_ptr< CallCredentials > &call_creds)
Combines a channel credentials and a call credentials into a composite channel credentials.
Options used to build SslCredentials.
Definition: credentials.h:144
std::shared_ptr< ChannelCredentials > SslCredentials(const SslCredentialsOptions &options)
Builds SSL Credentials given SSL specific options.
std::shared_ptr< CallCredentials > MetadataCredentialsFromPlugin(std::unique_ptr< MetadataCredentialsPlugin > plugin, grpc_security_level min_security_level)
grpc::string scope
Definition: credentials.h:291
friend std::shared_ptr< CallCredentials > CompositeCallCredentials(const std::shared_ptr< CallCredentials > &creds1, const std::shared_ptr< CallCredentials > &creds2)
Combines two call credentials objects into a composite call credentials.
virtual grpc::string DebugString()
Definition: credentials.h:127
grpc::string subject_token_path
Definition: credentials.h:293
Options for channel creation.
Definition: channel_arguments.h:39
grpc::string token_exchange_service_uri
Definition: credentials.h:288
std::shared_ptr< CallCredentials > ServiceAccountJWTAccessCredentials(const grpc::string &json_key, long token_lifetime_seconds=kMaxAuthTokenLifetimeSecs)
Builds Service Account JWT Access credentials.
Did it work? If it didn't, why?
Definition: status.h:35
Options used to build AltsCredentials.
Definition: credentials.h:315
A call credentials object encapsulates the state needed by a client to authenticate with a server for...
Definition: credentials.h:123
grpc::string subject_token_type
Definition: credentials.h:294
virtual SecureCallCredentials * AsSecureCredentials()=0
Definition: tls_credentials_options.h:151
std::shared_ptr< CallCredentials > MetadataCredentialsFromPlugin(std::unique_ptr< MetadataCredentialsPlugin > plugin)
grpc::string audience
Definition: credentials.h:290
struct grpc_call grpc_call
A Call represents an RPC.
Definition: grpc_types.h:70
grpc::string resource
Definition: credentials.h:289
Class encapsulating the Authentication Information.
Definition: auth_context.h:70
std::shared_ptr< ChannelCredentials > LocalCredentials(grpc_local_connect_type type)
Builds Local Credentials.
Classes that require gRPC to be initialized should inherit from this class.
Definition: grpc_library.h:32
std::shared_ptr< CallCredentials > ExternalAccountCredentials(const grpc::string &json_string, const std::vector< grpc::string > &scopes)
Builds External Account credentials.
std::shared_ptr< CallCredentials > GoogleComputeEngineCredentials()
Builds credentials for use when running in GCE.
grpc::string actor_token_type
Definition: credentials.h:296
std::vector< grpc::string > target_service_accounts
service accounts of target endpoint that will be acceptable by the client.
Definition: credentials.h:319
grpc_security_level
Definition: grpc_security_constants.h:131
std::shared_ptr< ChannelCredentials > InsecureChannelCredentials()
Credentials for an unencrypted, unauthenticated channel.
std::shared_ptr< CallCredentials > GoogleRefreshTokenCredentials(const grpc::string &json_refresh_token)
Builds refresh token credentials.
grpc::string requested_token_type
Definition: credentials.h:292
Definition: client_interceptor.h:47
std::shared_ptr< Channel > CreateCustomChannelWithInterceptors(const grpc::string &target, const std::shared_ptr< ChannelCredentials > &creds, const ChannelArguments &args, std::vector< std::unique_ptr< experimental::ClientInterceptorFactoryInterface >> interceptor_creators)
Create a new custom Channel pointing to target with interceptors being invoked per call.
A channel credentials object encapsulates all the state needed by a client to authenticate with a ser...
Definition: credentials.h:69
friend std::shared_ptr< grpc::Channel > CreateCustomChannel(const grpc::string &target, const std::shared_ptr< grpc::ChannelCredentials > &creds, const grpc::ChannelArguments &args)
std::shared_ptr< Channel > CreateCustomChannel(const grpc::string &target, const std::shared_ptr< ChannelCredentials > &creds, const ChannelArguments &args)
Create a new custom Channel pointing to target.
virtual bool ApplyToCall(grpc_call *call)=0
Apply this instance's credentials to call.
std::shared_ptr< ChannelCredentials > CompositeChannelCredentials(const std::shared_ptr< ChannelCredentials > &channel_creds, const std::shared_ptr< CallCredentials > &call_creds)
Combines a channel credentials and a call credentials into a composite channel credentials.
std::shared_ptr< CallCredentials > CompositeCallCredentials(const std::shared_ptr< CallCredentials > &creds1, const std::shared_ptr< CallCredentials > &creds2)
Combines two call credentials objects into a composite call credentials.
constexpr long kMaxAuthTokenLifetimeSecs
Definition: credentials.h:187
std::shared_ptr< CallCredentials > AccessTokenCredentials(const grpc::string &access_token)
Builds access token credentials.
grpc::string actor_token_path
Definition: credentials.h:295
grpc_local_connect_type
Type of local connections for which local channel/server credentials will be applied.
Definition: grpc_security_constants.h:143
std::shared_ptr< CallCredentials > GoogleIAMCredentials(const grpc::string &authorization_token, const grpc::string &authority_selector)
Builds IAM credentials.