#include <grpc/support/port_platform.h>#include "src/core/lib/security/credentials/google_default/google_default_credentials.h"#include <string.h>#include <map>#include <memory>#include <string>#include "absl/status/statusor.h"#include "absl/strings/match.h"#include "absl/strings/string_view.h"#include "absl/strings/strip.h"#include <grpc/grpc_security.h>#include <grpc/grpc_security_constants.h>#include <grpc/slice.h>#include <grpc/support/alloc.h>#include <grpc/support/log.h>#include <grpc/support/sync.h>#include "src/core/ext/filters/client_channel/lb_policy/grpclb/grpclb.h"#include "src/core/ext/filters/client_channel/lb_policy/xds/xds_channel_args.h"#include "src/core/lib/channel/channel_args.h"#include "src/core/lib/debug/trace.h"#include "src/core/lib/gpr/env.h"#include "src/core/lib/gprpp/host_port.h"#include "src/core/lib/gprpp/ref_counted_ptr.h"#include "src/core/lib/gprpp/sync.h"#include "src/core/lib/gprpp/time.h"#include "src/core/lib/http/httpcli.h"#include "src/core/lib/http/parser.h"#include "src/core/lib/iomgr/closure.h"#include "src/core/lib/iomgr/error.h"#include "src/core/lib/iomgr/exec_ctx.h"#include "src/core/lib/iomgr/load_file.h"#include "src/core/lib/iomgr/polling_entity.h"#include "src/core/lib/iomgr/pollset.h"#include "src/core/lib/json/json.h"#include "src/core/lib/security/credentials/alts/check_gcp_environment.h"#include "src/core/lib/security/credentials/credentials.h"#include "src/core/lib/security/credentials/external/external_account_credentials.h"#include "src/core/lib/security/credentials/jwt/json_token.h"#include "src/core/lib/security/credentials/jwt/jwt_credentials.h"#include "src/core/lib/security/credentials/oauth2/oauth2_credentials.h"#include "src/core/lib/slice/slice_internal.h"#include "src/core/lib/slice/slice_refcount.h"#include "src/core/lib/surface/api_trace.h"#include "src/core/lib/uri/uri_parser.h"
Go to the source code of this file.
Classes | |
| struct | metadata_server_detector |
Namespaces | |
| grpc_core | |
| grpc_core::internal | |
Macros | |
| #define | GRPC_COMPUTE_ENGINE_DETECTION_HOST "metadata.google.internal." |
| #define | GRPC_GOOGLE_CREDENTIAL_CREATION_ERROR "Failed to create Google credentials" |
Variables | |
| static grpc_well_known_credentials_path_getter | creds_path_getter = nullptr |
| static grpc_core::internal::grpc_gce_tenancy_checker | g_gce_tenancy_checker |
| static int | g_metadata_server_available = 0 |
| static gpr_once | g_once = GPR_ONCE_INIT |
| static gpr_mu * | g_polling_mu |
| static grpc_core::Mutex * | g_state_mu |
Macro Definition Documentation
◆ GRPC_COMPUTE_ENGINE_DETECTION_HOST
| #define GRPC_COMPUTE_ENGINE_DETECTION_HOST "metadata.google.internal." |
Definition at line 74 of file google_default_credentials.cc.
◆ GRPC_GOOGLE_CREDENTIAL_CREATION_ERROR
| #define GRPC_GOOGLE_CREDENTIAL_CREATION_ERROR "Failed to create Google credentials" |
Definition at line 75 of file google_default_credentials.cc.
Function Documentation
◆ create_default_creds_from_path()
|
static |
Definition at line 305 of file google_default_credentials.cc.
◆ destroy_pollset()
|
static |
Definition at line 199 of file google_default_credentials.cc.
◆ grpc_get_well_known_google_credentials_file_path()
| std::string grpc_get_well_known_google_credentials_file_path | ( | void | ) |
Definition at line 489 of file google_default_credentials.cc.
◆ grpc_google_default_credentials_create()
| grpc_channel_credentials* grpc_google_default_credentials_create | ( | grpc_call_credentials * | call_credentials | ) |
Creates default credentials to connect to a google gRPC service. WARNING: Do NOT use this credentials to connect to a non-google service as this could result in an oauth2 token leak. The security level of the resulting connection is GRPC_PRIVACY_AND_INTEGRITY.
If specified, the supplied call credentials object will be attached to the returned channel credentials object. The call_credentials object must remain valid throughout the lifetime of the returned grpc_channel_credentials object. It is expected that the call credentials object was generated according to the Application Default Credentials mechanism and asserts the identity of the default service account of the machine. Supplying any other sort of call credential will result in undefined behavior, up to and including the sudden and unexpected failure of RPCs.
If nullptr is supplied, the returned channel credentials object will use a call credentials object based on the Application Default Credentials mechanism.
Definition at line 429 of file google_default_credentials.cc.
◆ grpc_override_well_known_credentials_path_getter()
| void grpc_override_well_known_credentials_path_getter | ( | grpc_well_known_credentials_path_getter | getter | ) |
Definition at line 494 of file google_default_credentials.cc.
◆ init_default_credentials()
|
static |
Definition at line 93 of file google_default_credentials.cc.
◆ is_metadata_server_reachable()
|
static |
Definition at line 203 of file google_default_credentials.cc.
◆ make_default_call_creds()
|
static |
Definition at line 392 of file google_default_credentials.cc.
◆ metadata_server_available()
|
static |
Definition at line 387 of file google_default_credentials.cc.
◆ on_metadata_server_detection_http_response()
|
static |
Definition at line 172 of file google_default_credentials.cc.
◆ update_tenancy()
|
static |
Definition at line 371 of file google_default_credentials.cc.
Variable Documentation
◆ creds_path_getter
|
static |
Definition at line 487 of file google_default_credentials.cc.
◆ g_gce_tenancy_checker
|
static |
Definition at line 90 of file google_default_credentials.cc.
◆ g_metadata_server_available
|
static |
Definition at line 84 of file google_default_credentials.cc.
◆ g_once
|
static |
Definition at line 89 of file google_default_credentials.cc.
◆ g_polling_mu
|
static |
Definition at line 88 of file google_default_credentials.cc.
◆ g_state_mu
|
static |
Definition at line 85 of file google_default_credentials.cc.