1 /*
2  *
3  * Copyright 2018 gRPC authors.
4  *
5  * Licensed under the Apache License, Version 2.0 (the "License");
6  * you may not use this file except in compliance with the License.
7  * You may obtain a copy of the License at
8  *
9  *     http://www.apache.org/licenses/LICENSE-2.0
10  *
11  * Unless required by applicable law or agreed to in writing, software
12  * distributed under the License is distributed on an "AS IS" BASIS,
13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  * See the License for the specific language governing permissions and
15  * limitations under the License.
16  *
17  */
18 
19 #ifndef GRPC_CORE_LIB_SECURITY_CREDENTIALS_ALTS_ALTS_CREDENTIALS_H
20 #define GRPC_CORE_LIB_SECURITY_CREDENTIALS_ALTS_ALTS_CREDENTIALS_H
21 
22 #include <grpc/support/port_platform.h>
23 
24 #include <grpc/grpc_security.h>
25 
26 #include "src/core/lib/security/credentials/alts/grpc_alts_credentials_options.h"
27 #include "src/core/lib/security/credentials/credentials.h"
28 
29 /* Main struct for grpc ALTS channel credential. */
30 typedef struct grpc_alts_credentials {
31   grpc_channel_credentials base;
32   grpc_alts_credentials_options* options;
33   char* handshaker_service_url;
34 } grpc_alts_credentials;
35 
36 /* Main struct for grpc ALTS server credential. */
37 typedef struct grpc_alts_server_credentials {
38   grpc_server_credentials base;
39   grpc_alts_credentials_options* options;
40   char* handshaker_service_url;
41 } grpc_alts_server_credentials;
42 
43 /**
44  * This method creates an ALTS channel credential object with customized
45  * information provided by caller.
46  *
47  * - options: grpc ALTS credentials options instance for client.
48  * - handshaker_service_url: address of ALTS handshaker service in the format of
49  *   "host:port". If it's nullptr, the address of default metadata server will
50  *   be used.
51  * - enable_untrusted_alts: a boolean flag used to enable ALTS in untrusted
52  *   mode. This mode can be enabled when we are sure ALTS is running on GCP or
53  * for testing purpose.
54  *
55  * It returns nullptr if the flag is disabled AND ALTS is not running on GCP.
56  * Otherwise, it returns the created credential object.
57  */
58 
59 grpc_channel_credentials* grpc_alts_credentials_create_customized(
60     const grpc_alts_credentials_options* options,
61     const char* handshaker_service_url, bool enable_untrusted_alts);
62 
63 /**
64  * This method creates an ALTS server credential object with customized
65  * information provided by caller.
66  *
67  * - options: grpc ALTS credentials options instance for server.
68  * - handshaker_service_url: address of ALTS handshaker service in the format of
69  *   "host:port". If it's nullptr, the address of default metadata server will
70  *   be used.
71  * - enable_untrusted_alts: a boolean flag used to enable ALTS in untrusted
72  *   mode. This mode can be enabled when we are sure ALTS is running on GCP or
73  * for testing purpose.
74  *
75  * It returns nullptr if the flag is disabled and ALTS is not running on GCP.
76  * Otherwise, it returns the created credential object.
77  */
78 grpc_server_credentials* grpc_alts_server_credentials_create_customized(
79     const grpc_alts_credentials_options* options,
80     const char* handshaker_service_url, bool enable_untrusted_alts);
81 
82 #endif /* GRPC_CORE_LIB_SECURITY_CREDENTIALS_ALTS_ALTS_CREDENTIALS_H */
83