src/core/ext/xds/file_watcher_certificate_provider_factory.cc - platform/external/grpc-grpc - Git at Google

 //
 //
 // Copyright 2020 gRPC authors.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 //     http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
 //
 //

 #include <grpc/support/port_platform.h>

 #include "src/core/ext/xds/file_watcher_certificate_provider_factory.h"

 #include <algorithm>
 #include <initializer_list>
 #include <map>
 #include <memory>
 #include <vector>

 #include "absl/strings/str_format.h"
 #include "absl/strings/str_join.h"

 #include <grpc/support/log.h>
 #include <grpc/support/time.h>

 #include "src/core/lib/config/core_configuration.h"
 #include "src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h"

 namespace grpc_core {

 namespace {

 constexpr absl::string_view kFileWatcherPlugin = "file_watcher";

 }  // namespace

 //
 // FileWatcherCertificateProviderFactory::Config
 //

 absl::string_view FileWatcherCertificateProviderFactory::Config::name() const {
   return kFileWatcherPlugin;
 }

 std::string FileWatcherCertificateProviderFactory::Config::ToString() const {
   std::vector<std::string> parts;
   parts.push_back("{");
   if (!identity_cert_file_.empty()) {
     parts.push_back(
         absl::StrFormat("certificate_file=\"%s\", ", identity_cert_file_));
   }
   if (!identity_cert_file_.empty()) {
     parts.push_back(
         absl::StrFormat("private_key_file=\"%s\", ", private_key_file_));
   }
   if (!identity_cert_file_.empty()) {
     parts.push_back(
         absl::StrFormat("ca_certificate_file=\"%s\", ", root_cert_file_));
   }
   parts.push_back(
       absl::StrFormat("refresh_interval=%ldms}", refresh_interval_.millis()));
   return absl::StrJoin(parts, "");
 }

 const JsonLoaderInterface*
 FileWatcherCertificateProviderFactory::Config::JsonLoader(const JsonArgs&) {
   static const auto* loader =
       JsonObjectLoader<Config>()
           .OptionalField("certificate_file", &Config::identity_cert_file_)
           .OptionalField("private_key_file", &Config::private_key_file_)
           .OptionalField("ca_certificate_file", &Config::root_cert_file_)
           .OptionalField("refresh_interval", &Config::refresh_interval_)
           .Finish();
   return loader;
 }

 void FileWatcherCertificateProviderFactory::Config::JsonPostLoad(
     const Json& json, const JsonArgs& /*args*/, ValidationErrors* errors) {
   if ((json.object().find("certificate_file") == json.object().end()) !=
       (json.object().find("private_key_file") == json.object().end())) {
     errors->AddError(
         "fields \"certificate_file\" and \"private_key_file\" must be both set "
         "or both unset");
   }
   if ((json.object().find("certificate_file") == json.object().end()) &&
       (json.object().find("ca_certificate_file") == json.object().end())) {
     errors->AddError(
         "at least one of \"certificate_file\" and \"ca_certificate_file\" must "
         "be specified");
   }
 }

 //
 // FileWatcherCertificateProviderFactory
 //

 absl::string_view FileWatcherCertificateProviderFactory::name() const {
   return kFileWatcherPlugin;
 }

 RefCountedPtr<CertificateProviderFactory::Config>
 FileWatcherCertificateProviderFactory::CreateCertificateProviderConfig(
     const Json& config_json, const JsonArgs& args, ValidationErrors* errors) {
   return LoadFromJson<RefCountedPtr<Config>>(config_json, args, errors);
 }

 RefCountedPtr<grpc_tls_certificate_provider>
 FileWatcherCertificateProviderFactory::CreateCertificateProvider(
     RefCountedPtr<CertificateProviderFactory::Config> config) {
   if (config->name() != name()) {
     gpr_log(GPR_ERROR, "Wrong config type Actual:%s vs Expected:%s",
             std::string(config->name()).c_str(), std::string(name()).c_str());
     return nullptr;
   }
   auto* file_watcher_config =
       static_cast<FileWatcherCertificateProviderFactory::Config*>(config.get());
   return MakeRefCounted<FileWatcherCertificateProvider>(
       file_watcher_config->private_key_file(),
       file_watcher_config->identity_cert_file(),
       file_watcher_config->root_cert_file(),
       file_watcher_config->refresh_interval().millis() / GPR_MS_PER_SEC);
 }

 void RegisterFileWatcherCertificateProvider(
     CoreConfiguration::Builder* builder) {
   builder->certificate_provider_registry()->RegisterCertificateProviderFactory(
       std::make_unique<FileWatcherCertificateProviderFactory>());
 }

 }  // namespace grpc_core
	//
	//
	// Copyright 2020 gRPC authors.
	//
	// Licensed under the Apache License, Version 2.0 (the "License");
	// you may not use this file except in compliance with the License.
	// You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing, software
	// distributed under the License is distributed on an "AS IS" BASIS,
	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	// See the License for the specific language governing permissions and
	// limitations under the License.
	//
	//

	#include <grpc/support/port_platform.h>

	#include "src/core/ext/xds/file_watcher_certificate_provider_factory.h"

	#include <algorithm>
	#include <initializer_list>
	#include <map>
	#include <memory>
	#include <vector>

	#include "absl/strings/str_format.h"
	#include "absl/strings/str_join.h"

	#include <grpc/support/log.h>
	#include <grpc/support/time.h>

	#include "src/core/lib/config/core_configuration.h"
	#include "src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h"

	namespace grpc_core {

	namespace {

	constexpr absl::string_view kFileWatcherPlugin = "file_watcher";

	} // namespace

	//
	// FileWatcherCertificateProviderFactory::Config
	//

	absl::string_view FileWatcherCertificateProviderFactory::Config::name() const {
	return kFileWatcherPlugin;
	}

	std::string FileWatcherCertificateProviderFactory::Config::ToString() const {
	std::vector<std::string> parts;
	parts.push_back("{");
	if (!identity_cert_file_.empty()) {
	parts.push_back(
	absl::StrFormat("certificate_file=\"%s\", ", identity_cert_file_));
	}
	if (!identity_cert_file_.empty()) {
	parts.push_back(
	absl::StrFormat("private_key_file=\"%s\", ", private_key_file_));
	}
	if (!identity_cert_file_.empty()) {
	parts.push_back(
	absl::StrFormat("ca_certificate_file=\"%s\", ", root_cert_file_));
	}
	parts.push_back(
	absl::StrFormat("refresh_interval=%ldms}", refresh_interval_.millis()));
	return absl::StrJoin(parts, "");
	}

	const JsonLoaderInterface*
	FileWatcherCertificateProviderFactory::Config::JsonLoader(const JsonArgs&) {
	static const auto* loader =
	JsonObjectLoader<Config>()
	.OptionalField("certificate_file", &Config::identity_cert_file_)
	.OptionalField("private_key_file", &Config::private_key_file_)
	.OptionalField("ca_certificate_file", &Config::root_cert_file_)
	.OptionalField("refresh_interval", &Config::refresh_interval_)
	.Finish();
	return loader;
	}

	void FileWatcherCertificateProviderFactory::Config::JsonPostLoad(
	const Json& json, const JsonArgs& /args/, ValidationErrors* errors) {
	if ((json.object().find("certificate_file") == json.object().end()) !=
	(json.object().find("private_key_file") == json.object().end())) {
	errors->AddError(
	"fields \"certificate_file\" and \"private_key_file\" must be both set "
	"or both unset");
	}
	if ((json.object().find("certificate_file") == json.object().end()) &&
	(json.object().find("ca_certificate_file") == json.object().end())) {
	errors->AddError(
	"at least one of \"certificate_file\" and \"ca_certificate_file\" must "
	"be specified");
	}
	}

	//
	// FileWatcherCertificateProviderFactory
	//

	absl::string_view FileWatcherCertificateProviderFactory::name() const {
	return kFileWatcherPlugin;
	}

	RefCountedPtr<CertificateProviderFactory::Config>
	FileWatcherCertificateProviderFactory::CreateCertificateProviderConfig(
	const Json& config_json, const JsonArgs& args, ValidationErrors* errors) {
	return LoadFromJson<RefCountedPtr<Config>>(config_json, args, errors);
	}

	RefCountedPtr<grpc_tls_certificate_provider>
	FileWatcherCertificateProviderFactory::CreateCertificateProvider(
	RefCountedPtr<CertificateProviderFactory::Config> config) {
	if (config->name() != name()) {
	gpr_log(GPR_ERROR, "Wrong config type Actual:%s vs Expected:%s",
	std::string(config->name()).c_str(), std::string(name()).c_str());
	return nullptr;
	}
	auto* file_watcher_config =
	static_cast<FileWatcherCertificateProviderFactory::Config*>(config.get());
	return MakeRefCounted<FileWatcherCertificateProvider>(
	file_watcher_config->private_key_file(),
	file_watcher_config->identity_cert_file(),
	file_watcher_config->root_cert_file(),
	file_watcher_config->refresh_interval().millis() / GPR_MS_PER_SEC);
	}

	void RegisterFileWatcherCertificateProvider(
	CoreConfiguration::Builder* builder) {
	builder->certificate_provider_registry()->RegisterCertificateProviderFactory(
	std::make_unique<FileWatcherCertificateProviderFactory>());
	}

	} // namespace grpc_core