// // // Copyright 2015 gRPC authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. // // #include <grpc/support/port_platform.h> #include "src/core/lib/security/credentials/google_default/google_default_credentials.h" #include <string.h> #include <memory> #include <string> #include "absl/status/statusor.h" #include "absl/strings/match.h" #include "absl/strings/string_view.h" #include "absl/types/optional.h" #include <grpc/grpc_security.h> // IWYU pragma: keep #include <grpc/grpc_security_constants.h> #include <grpc/slice.h> #include <grpc/support/alloc.h> #include <grpc/support/log.h> #include <grpc/support/sync.h> #include "src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h" #include "src/core/ext/filters/client_channel/lb_policy/xds/xds_channel_args.h" #include "src/core/lib/channel/channel_args.h" #include "src/core/lib/debug/trace.h" #include "src/core/lib/gprpp/env.h" #include "src/core/lib/gprpp/orphanable.h" #include "src/core/lib/gprpp/ref_counted_ptr.h" #include "src/core/lib/gprpp/status_helper.h" #include "src/core/lib/gprpp/sync.h" #include "src/core/lib/gprpp/time.h" #include "src/core/lib/http/httpcli.h" #include "src/core/lib/http/parser.h" #include "src/core/lib/iomgr/closure.h" #include "src/core/lib/iomgr/error.h" #include "src/core/lib/iomgr/exec_ctx.h" #include "src/core/lib/iomgr/iomgr_fwd.h" #include "src/core/lib/iomgr/load_file.h" #include "src/core/lib/iomgr/polling_entity.h" #include "src/core/lib/iomgr/pollset.h" #include "src/core/lib/json/json.h" #include "src/core/lib/security/credentials/alts/check_gcp_environment.h" #include "src/core/lib/security/credentials/credentials.h" #include "src/core/lib/security/credentials/external/external_account_credentials.h" #include "src/core/lib/security/credentials/jwt/json_token.h" #include "src/core/lib/security/credentials/jwt/jwt_credentials.h" #include "src/core/lib/security/credentials/oauth2/oauth2_credentials.h" #include "src/core/lib/slice/slice.h" #include "src/core/lib/slice/slice_internal.h" #include "src/core/lib/surface/api_trace.h" #include "src/core/lib/transport/error_utils.h" #include "src/core/lib/uri/uri_parser.h" Json; // -- Constants. -- #define GRPC_COMPUTE_ENGINE_DETECTION_HOST … #define GRPC_GOOGLE_CREDENTIAL_CREATION_ERROR … // -- Default credentials. -- // A sticky bit that will be set only if the result of metadata server detection // is positive. We do not set the bit if the result is negative. Because it // means the detection is done via network test that is unreliable and the // unreliable result should not be referred by successive calls. static int g_metadata_server_available = …; static grpc_core::Mutex* g_state_mu; // Protect a metadata_server_detector instance that can be modified by more than // one gRPC threads static gpr_mu* g_polling_mu; static gpr_once g_once = …; static grpc_core::internal::grpc_gce_tenancy_checker g_gce_tenancy_checker = …; static void init_default_credentials(void) { … } struct metadata_server_detector { … }; namespace { bool IsXdsNonCfeCluster(absl::optional<absl::string_view> xds_cluster) { … } } // namespace grpc_core::RefCountedPtr<grpc_channel_security_connector> grpc_google_default_channel_credentials::create_security_connector( grpc_core::RefCountedPtr<grpc_call_credentials> call_creds, const char* target, grpc_core::ChannelArgs* args) { … } grpc_core::ChannelArgs grpc_google_default_channel_credentials::update_arguments( grpc_core::ChannelArgs args) { … } grpc_core::UniqueTypeName grpc_google_default_channel_credentials::type() const { … } static void on_metadata_server_detection_http_response( void* user_data, grpc_error_handle error) { … } static void destroy_pollset(void* p, grpc_error_handle /*e*/) { … } static int is_metadata_server_reachable() { … } // Takes ownership of creds_path if not NULL. static grpc_error_handle create_default_creds_from_path( const std::string& creds_path, grpc_core::RefCountedPtr<grpc_call_credentials>* creds) { … } static void update_tenancy() { … } static bool metadata_server_available() { … } static grpc_core::RefCountedPtr<grpc_call_credentials> make_default_call_creds( grpc_error_handle* error) { … } grpc_channel_credentials* grpc_google_default_credentials_create( grpc_call_credentials* call_credentials) { … } namespace grpc_core { namespace internal { void set_gce_tenancy_checker_for_testing(grpc_gce_tenancy_checker checker) { … } void grpc_flush_cached_google_default_credentials(void) { … } } // namespace internal } // namespace grpc_core // -- Well known credentials path. -- static grpc_well_known_credentials_path_getter creds_path_getter = …; std::string grpc_get_well_known_google_credentials_file_path(void) { … } void grpc_override_well_known_credentials_path_getter( grpc_well_known_credentials_path_getter getter) { … }
Codebase Browser
chromium