diff --git a/include/grpc++/credentials.h b/include/grpc++/credentials.h
index 71e1f00f15ababb88ee25ea803350841b8d66711..a1488add1e453e006cd283813507b6ac0c8c5921 100644
--- a/include/grpc++/credentials.h
+++ b/include/grpc++/credentials.h
@@ -94,17 +94,7 @@ std::shared_ptr<Credentials> SslCredentials(
const SslCredentialsOptions& options);
// Builds credentials for use when running in GCE
-std::shared_ptr<Credentials> ComputeEngineCredentials();
-
-// Builds service account credentials.
-// json_key is the JSON key string containing the client's private key.
-// scope is a space-delimited list of the requested permissions.
-// token_lifetime_seconds is the lifetime in seconds of each token acquired
-// through this service account credentials. It should be positive and should
-// not exceed grpc_max_auth_token_lifetime or will be cropped to this value.
-std::shared_ptr<Credentials> ServiceAccountCredentials(
- const grpc::string& json_key, const grpc::string& scope,
- long token_lifetime_seconds);
+std::shared_ptr<Credentials> GoogleComputeEngineCredentials();
// Builds Service Account JWT Access credentials.
// json_key is the JSON key string containing the client's private key.
@@ -117,7 +107,7 @@ std::shared_ptr<Credentials> ServiceAccountJWTAccessCredentials(
// Builds refresh token credentials.
// json_refresh_token is the JSON string containing the refresh token along
// with a client_id and client_secret.
-std::shared_ptr<Credentials> RefreshTokenCredentials(
+std::shared_ptr<Credentials> GoogleRefreshTokenCredentials(
const grpc::string& json_refresh_token);
// Builds access token credentials.
@@ -127,7 +117,7 @@ std::shared_ptr<Credentials> AccessTokenCredentials(
const grpc::string& access_token);
// Builds IAM credentials.
-std::shared_ptr<Credentials> IAMCredentials(
+std::shared_ptr<Credentials> GoogleIAMCredentials(
const grpc::string& authorization_token,
const grpc::string& authority_selector);
diff --git a/include/grpc/grpc_security.h b/include/grpc/grpc_security.h
index 0bc36c059c76bd2b3f5cde8cd3862ebc91c7eaa9..8647078233021153b507d3836dcb5e47ee379da6 100644
--- a/include/grpc/grpc_security.h
+++ b/include/grpc/grpc_security.h
@@ -97,26 +97,13 @@ grpc_credentials *grpc_composite_credentials_create(grpc_credentials *creds1,
grpc_credentials *creds2,
void *reserved);
-/* Creates a compute engine credentials object.
+/* Creates a compute engine credentials object for connecting to Google.
WARNING: Do NOT use this credentials to connect to a non-google service as
this could result in an oauth2 token leak. */
-grpc_credentials *grpc_compute_engine_credentials_create(void *reserved);
+grpc_credentials *grpc_google_compute_engine_credentials_create(void *reserved);
extern const gpr_timespec grpc_max_auth_token_lifetime;
-/* Creates a service account credentials object. May return NULL if the input is
- invalid.
- WARNING: Do NOT use this credentials to connect to a non-google service as
- this could result in an oauth2 token leak.
- - json_key is the JSON key string containing the client's private key.
- - scope is a space-delimited list of the requested permissions.
- - token_lifetime is the lifetime of each token acquired through this service
- account credentials. It should not exceed grpc_max_auth_token_lifetime
- or will be cropped to this value. */
-grpc_credentials *grpc_service_account_credentials_create(
- const char *json_key, const char *scope, gpr_timespec token_lifetime,
- void *reserved);
-
/* Creates a JWT credentials object. May return NULL if the input is invalid.
- json_key is the JSON key string containing the client's private key.
- token_lifetime is the lifetime of each Json Web Token (JWT) created with
@@ -125,13 +112,13 @@ grpc_credentials *grpc_service_account_credentials_create(
grpc_credentials *grpc_service_account_jwt_access_credentials_create(
const char *json_key, gpr_timespec token_lifetime, void *reserved);
-/* Creates an Oauth2 Refresh Token credentials object. May return NULL if the
- input is invalid.
+/* Creates an Oauth2 Refresh Token credentials object for connecting to Google.
+ May return NULL if the input is invalid.
WARNING: Do NOT use this credentials to connect to a non-google service as
this could result in an oauth2 token leak.
- json_refresh_token is the JSON string containing the refresh token itself
along with a client_id and client_secret. */
-grpc_credentials *grpc_refresh_token_credentials_create(
+grpc_credentials *grpc_google_refresh_token_credentials_create(
const char *json_refresh_token, void *reserved);
/* Creates an Oauth2 Access Token credentials with an access token that was
@@ -139,10 +126,10 @@ grpc_credentials *grpc_refresh_token_credentials_create(
grpc_credentials *grpc_access_token_credentials_create(
const char *access_token, void *reserved);
-/* Creates an IAM credentials object. */
-grpc_credentials *grpc_iam_credentials_create(const char *authorization_token,
- const char *authority_selector,
- void *reserved);
+/* Creates an IAM credentials object for connecting to Google. */
+grpc_credentials *grpc_google_iam_credentials_create(
+ const char *authorization_token, const char *authority_selector,
+ void *reserved);
/* --- Secure channel creation. --- */
diff --git a/src/core/security/credentials.c b/src/core/security/credentials.c
index 362d5f4b6ffb6f0c1c5aab3a6a7fe6f4db4f2cda..1c665f1edea5599220751f45d676182576eb2c7f 100644
--- a/src/core/security/credentials.c
+++ b/src/core/security/credentials.c
@@ -618,7 +618,7 @@ static void init_oauth2_token_fetcher(grpc_oauth2_token_fetcher_credentials *c,
grpc_httpcli_context_init(&c->httpcli_context);
}
-/* -- ComputeEngine credentials. -- */
+/* -- GoogleComputeEngine credentials. -- */
static grpc_credentials_vtable compute_engine_vtable = {
oauth2_token_fetcher_destroy, oauth2_token_fetcher_has_request_metadata,
@@ -640,7 +640,8 @@ static void compute_engine_fetch_oauth2(
metadata_req);
}
-grpc_credentials *grpc_compute_engine_credentials_create(void *reserved) {
+grpc_credentials *grpc_google_compute_engine_credentials_create(
+ void *reserved) {
grpc_oauth2_token_fetcher_credentials *c =
gpr_malloc(sizeof(grpc_oauth2_token_fetcher_credentials));
GPR_ASSERT(reserved == NULL);
@@ -649,81 +650,11 @@ grpc_credentials *grpc_compute_engine_credentials_create(void *reserved) {
return &c->base;
}
-/* -- ServiceAccount credentials. -- */
-
-static void service_account_destroy(grpc_credentials *creds) {
- grpc_service_account_credentials *c =
- (grpc_service_account_credentials *)creds;
- if (c->scope != NULL) gpr_free(c->scope);
- grpc_auth_json_key_destruct(&c->key);
- oauth2_token_fetcher_destroy(&c->base.base);
-}
-
-static grpc_credentials_vtable service_account_vtable = {
- service_account_destroy, oauth2_token_fetcher_has_request_metadata,
- oauth2_token_fetcher_has_request_metadata_only,
- oauth2_token_fetcher_get_request_metadata, NULL};
-
-static void service_account_fetch_oauth2(
- grpc_credentials_metadata_request *metadata_req,
- grpc_httpcli_context *httpcli_context, grpc_pollset *pollset,
- grpc_httpcli_response_cb response_cb, gpr_timespec deadline) {
- grpc_service_account_credentials *c =
- (grpc_service_account_credentials *)metadata_req->creds;
- grpc_httpcli_header header = {"Content-Type",
- "application/x-www-form-urlencoded"};
- grpc_httpcli_request request;
- char *body = NULL;
- char *jwt = grpc_jwt_encode_and_sign(&c->key, GRPC_JWT_OAUTH2_AUDIENCE,
- c->token_lifetime, c->scope);
- if (jwt == NULL) {
- grpc_httpcli_response response;
- memset(&response, 0, sizeof(grpc_httpcli_response));
- response.status = 400; /* Invalid request. */
- gpr_log(GPR_ERROR, "Could not create signed jwt.");
- /* Do not even send the request, just call the response callback. */
- response_cb(metadata_req, &response);
- return;
- }
- gpr_asprintf(&body, "%s%s", GRPC_SERVICE_ACCOUNT_POST_BODY_PREFIX, jwt);
- memset(&request, 0, sizeof(grpc_httpcli_request));
- request.host = GRPC_GOOGLE_OAUTH2_SERVICE_HOST;
- request.path = GRPC_GOOGLE_OAUTH2_SERVICE_TOKEN_PATH;
- request.hdr_count = 1;
- request.hdrs = &header;
- request.handshaker = &grpc_httpcli_ssl;
- grpc_httpcli_post(httpcli_context, pollset, &request, body, strlen(body),
- deadline, response_cb, metadata_req);
- gpr_free(body);
- gpr_free(jwt);
-}
-
-grpc_credentials *grpc_service_account_credentials_create(
- const char *json_key, const char *scope, gpr_timespec token_lifetime,
- void *reserved) {
- grpc_service_account_credentials *c;
- grpc_auth_json_key key = grpc_auth_json_key_create_from_string(json_key);
- GPR_ASSERT(reserved == NULL);
- if (scope == NULL || (strlen(scope) == 0) ||
- !grpc_auth_json_key_is_valid(&key)) {
- gpr_log(GPR_ERROR,
- "Invalid input for service account credentials creation");
- return NULL;
- }
- c = gpr_malloc(sizeof(grpc_service_account_credentials));
- memset(c, 0, sizeof(grpc_service_account_credentials));
- init_oauth2_token_fetcher(&c->base, service_account_fetch_oauth2);
- c->base.base.vtable = &service_account_vtable;
- c->scope = gpr_strdup(scope);
- c->key = key;
- c->token_lifetime = token_lifetime;
- return &c->base.base;
-}
-
-/* -- RefreshToken credentials. -- */
+/* -- GoogleRefreshToken credentials. -- */
static void refresh_token_destroy(grpc_credentials *creds) {
- grpc_refresh_token_credentials *c = (grpc_refresh_token_credentials *)creds;
+ grpc_google_refresh_token_credentials *c =
+ (grpc_google_refresh_token_credentials *)creds;
grpc_auth_refresh_token_destruct(&c->refresh_token);
oauth2_token_fetcher_destroy(&c->base.base);
}
@@ -737,8 +668,8 @@ static void refresh_token_fetch_oauth2(
grpc_credentials_metadata_request *metadata_req,
grpc_httpcli_context *httpcli_context, grpc_pollset *pollset,
grpc_httpcli_response_cb response_cb, gpr_timespec deadline) {
- grpc_refresh_token_credentials *c =
- (grpc_refresh_token_credentials *)metadata_req->creds;
+ grpc_google_refresh_token_credentials *c =
+ (grpc_google_refresh_token_credentials *)metadata_req->creds;
grpc_httpcli_header header = {"Content-Type",
"application/x-www-form-urlencoded"};
grpc_httpcli_request request;
@@ -757,22 +688,23 @@ static void refresh_token_fetch_oauth2(
gpr_free(body);
}
-grpc_credentials *grpc_refresh_token_credentials_create_from_auth_refresh_token(
+grpc_credentials *
+grpc_refresh_token_credentials_create_from_auth_refresh_token(
grpc_auth_refresh_token refresh_token) {
- grpc_refresh_token_credentials *c;
+ grpc_google_refresh_token_credentials *c;
if (!grpc_auth_refresh_token_is_valid(&refresh_token)) {
gpr_log(GPR_ERROR, "Invalid input for refresh token credentials creation");
return NULL;
}
- c = gpr_malloc(sizeof(grpc_refresh_token_credentials));
- memset(c, 0, sizeof(grpc_refresh_token_credentials));
+ c = gpr_malloc(sizeof(grpc_google_refresh_token_credentials));
+ memset(c, 0, sizeof(grpc_google_refresh_token_credentials));
init_oauth2_token_fetcher(&c->base, refresh_token_fetch_oauth2);
c->base.base.vtable = &refresh_token_vtable;
c->refresh_token = refresh_token;
return &c->base.base;
}
-grpc_credentials *grpc_refresh_token_credentials_create(
+grpc_credentials *grpc_google_refresh_token_credentials_create(
const char *json_refresh_token, void *reserved) {
GPR_ASSERT(reserved == NULL);
return grpc_refresh_token_credentials_create_from_auth_refresh_token(
@@ -1194,7 +1126,7 @@ grpc_credentials *grpc_credentials_contains_type(
/* -- IAM credentials. -- */
static void iam_destroy(grpc_credentials *creds) {
- grpc_iam_credentials *c = (grpc_iam_credentials *)creds;
+ grpc_google_iam_credentials *c = (grpc_google_iam_credentials *)creds;
grpc_credentials_md_store_unref(c->iam_md);
gpr_free(c);
}
@@ -1210,7 +1142,7 @@ static void iam_get_request_metadata(grpc_credentials *creds,
const char *service_url,
grpc_credentials_metadata_cb cb,
void *user_data) {
- grpc_iam_credentials *c = (grpc_iam_credentials *)creds;
+ grpc_google_iam_credentials *c = (grpc_google_iam_credentials *)creds;
cb(user_data, c->iam_md->entries, c->iam_md->num_entries,
GRPC_CREDENTIALS_OK);
}
@@ -1219,15 +1151,14 @@ static grpc_credentials_vtable iam_vtable = {
iam_destroy, iam_has_request_metadata, iam_has_request_metadata_only,
iam_get_request_metadata, NULL};
-grpc_credentials *grpc_iam_credentials_create(const char *token,
- const char *authority_selector,
- void *reserved) {
- grpc_iam_credentials *c;
+grpc_credentials *grpc_google_iam_credentials_create(
+ const char *token, const char *authority_selector, void *reserved) {
+ grpc_google_iam_credentials *c;
GPR_ASSERT(reserved == NULL);
GPR_ASSERT(token != NULL);
GPR_ASSERT(authority_selector != NULL);
- c = gpr_malloc(sizeof(grpc_iam_credentials));
- memset(c, 0, sizeof(grpc_iam_credentials));
+ c = gpr_malloc(sizeof(grpc_google_iam_credentials));
+ memset(c, 0, sizeof(grpc_google_iam_credentials));
c->base.type = GRPC_CREDENTIALS_TYPE_IAM;
c->base.vtable = &iam_vtable;
gpr_ref_init(&c->base.refcount, 1);
diff --git a/src/core/security/credentials.h b/src/core/security/credentials.h
index 29cd1ac87fcafde26c6345d8056bade0693ba9d3..d9bd53adc27667c6a213e914c079b40e6b590cd5 100644
--- a/src/core/security/credentials.h
+++ b/src/core/security/credentials.h
@@ -277,21 +277,12 @@ typedef struct {
grpc_fetch_oauth2_func fetch_func;
} grpc_oauth2_token_fetcher_credentials;
-/* -- ServiceAccount credentials. -- */
-
-typedef struct {
- grpc_oauth2_token_fetcher_credentials base;
- grpc_auth_json_key key;
- char *scope;
- gpr_timespec token_lifetime;
-} grpc_service_account_credentials;
-
-/* -- RefreshToken credentials. -- */
+/* -- GoogleRefreshToken credentials. -- */
typedef struct {
grpc_oauth2_token_fetcher_credentials base;
grpc_auth_refresh_token refresh_token;
-} grpc_refresh_token_credentials;
+} grpc_google_refresh_token_credentials;
/* -- Oauth2 Access Token credentials. -- */
@@ -308,12 +299,12 @@ typedef struct {
int is_async;
} grpc_md_only_test_credentials;
-/* -- IAM credentials. -- */
+/* -- GoogleIAM credentials. -- */
typedef struct {
grpc_credentials base;
grpc_credentials_md_store *iam_md;
-} grpc_iam_credentials;
+} grpc_google_iam_credentials;
/* -- Composite credentials. -- */
diff --git a/src/core/security/google_default_credentials.c b/src/core/security/google_default_credentials.c
index f9aa5187ce6fe3be7f017cb424163f99960d331f..874dd59e8468828f6ec4ed869b9ac3a343697458 100644
--- a/src/core/security/google_default_credentials.c
+++ b/src/core/security/google_default_credentials.c
@@ -194,7 +194,7 @@ grpc_credentials *grpc_google_default_credentials_create(void) {
int need_compute_engine_creds = is_stack_running_on_compute_engine();
compute_engine_detection_done = 1;
if (need_compute_engine_creds) {
- result = grpc_compute_engine_credentials_create(NULL);
+ result = grpc_google_compute_engine_credentials_create(NULL);
}
}
diff --git a/src/cpp/client/secure_credentials.cc b/src/cpp/client/secure_credentials.cc
index e0642469b492afc07f4be0889447d5a2ac58dcf2..2260f6d33ebd3a769e92b5b4a36396a9471d84b5 100644
--- a/src/cpp/client/secure_credentials.cc
+++ b/src/cpp/client/secure_credentials.cc
@@ -81,26 +81,10 @@ std::shared_ptr<Credentials> SslCredentials(
}
// Builds credentials for use when running in GCE
-std::shared_ptr<Credentials> ComputeEngineCredentials() {
+std::shared_ptr<Credentials> GoogleComputeEngineCredentials() {
GrpcLibrary init; // To call grpc_init().
- return WrapCredentials(grpc_compute_engine_credentials_create(nullptr));
-}
-
-// Builds service account credentials.
-std::shared_ptr<Credentials> ServiceAccountCredentials(
- const grpc::string& json_key, const grpc::string& scope,
- long token_lifetime_seconds) {
- GrpcLibrary init; // To call grpc_init().
- if (token_lifetime_seconds <= 0) {
- gpr_log(GPR_ERROR,
- "Trying to create ServiceAccountCredentials "
- "with non-positive lifetime");
- return WrapCredentials(nullptr);
- }
- gpr_timespec lifetime =
- gpr_time_from_seconds(token_lifetime_seconds, GPR_TIMESPAN);
- return WrapCredentials(grpc_service_account_credentials_create(
- json_key.c_str(), scope.c_str(), lifetime, nullptr));
+ return WrapCredentials(
+ grpc_google_compute_engine_credentials_create(nullptr));
}
// Builds JWT credentials.
@@ -119,10 +103,10 @@ std::shared_ptr<Credentials> ServiceAccountJWTAccessCredentials(
}
// Builds refresh token credentials.
-std::shared_ptr<Credentials> RefreshTokenCredentials(
+std::shared_ptr<Credentials> GoogleRefreshTokenCredentials(
const grpc::string& json_refresh_token) {
GrpcLibrary init; // To call grpc_init().
- return WrapCredentials(grpc_refresh_token_credentials_create(
+ return WrapCredentials(grpc_google_refresh_token_credentials_create(
json_refresh_token.c_str(), nullptr));
}
@@ -135,11 +119,11 @@ std::shared_ptr<Credentials> AccessTokenCredentials(
}
// Builds IAM credentials.
-std::shared_ptr<Credentials> IAMCredentials(
+std::shared_ptr<Credentials> GoogleIAMCredentials(
const grpc::string& authorization_token,
const grpc::string& authority_selector) {
GrpcLibrary init; // To call grpc_init().
- return WrapCredentials(grpc_iam_credentials_create(
+ return WrapCredentials(grpc_google_iam_credentials_create(
authorization_token.c_str(), authority_selector.c_str(), nullptr));
}
diff --git a/src/node/ext/credentials.cc b/src/node/ext/credentials.cc
index 85a823a1085e265a56b0be132bcc3eb6e295b1cc..c3b04dcea753edc986a2e7ed4700fe8fa6d279e2 100644
--- a/src/node/ext/credentials.cc
+++ b/src/node/ext/credentials.cc
@@ -186,7 +186,7 @@ NAN_METHOD(Credentials::CreateComposite) {
NAN_METHOD(Credentials::CreateGce) {
NanScope();
- grpc_credentials *creds = grpc_compute_engine_credentials_create(NULL);
+ grpc_credentials *creds = grpc_google_compute_engine_credentials_create(NULL);
if (creds == NULL) {
NanReturnNull();
}
@@ -204,7 +204,7 @@ NAN_METHOD(Credentials::CreateIam) {
NanUtf8String auth_token(args[0]);
NanUtf8String auth_selector(args[1]);
grpc_credentials *creds =
- grpc_iam_credentials_create(*auth_token, *auth_selector, NULL);
+ grpc_google_iam_credentials_create(*auth_token, *auth_selector, NULL);
if (creds == NULL) {
NanReturnNull();
}
diff --git a/src/php/ext/grpc/credentials.c b/src/php/ext/grpc/credentials.c
index 0eba6608bb55cd9258a3c1bd1fefe6bc11b1088f..8e3b7ff21241a51f874c8e24133863fbabf441cf 100644
--- a/src/php/ext/grpc/credentials.c
+++ b/src/php/ext/grpc/credentials.c
@@ -170,7 +170,7 @@ PHP_METHOD(Credentials, createComposite) {
* @return Credentials The new GCE credentials object
*/
PHP_METHOD(Credentials, createGce) {
- grpc_credentials *creds = grpc_compute_engine_credentials_create(NULL);
+ grpc_credentials *creds = grpc_google_compute_engine_credentials_create(NULL);
zval *creds_object = grpc_php_wrap_credentials(creds);
RETURN_DESTROY_ZVAL(creds_object);
}
diff --git a/src/python/grpcio/grpc/_adapter/_c/types/client_credentials.c b/src/python/grpcio/grpc/_adapter/_c/types/client_credentials.c
index 36fd207464b3f0d0d80baec3fdf67165706c935e..955479663191a5acd2c195a7dd78ee7409174c47 100644
--- a/src/python/grpcio/grpc/_adapter/_c/types/client_credentials.c
+++ b/src/python/grpcio/grpc/_adapter/_c/types/client_credentials.c
@@ -173,7 +173,7 @@ ClientCredentials *pygrpc_ClientCredentials_composite(
ClientCredentials *pygrpc_ClientCredentials_compute_engine(
PyTypeObject *type, PyObject *ignored) {
ClientCredentials *self = (ClientCredentials *)type->tp_alloc(type, 0);
- self->c_creds = grpc_compute_engine_credentials_create(NULL);
+ self->c_creds = grpc_google_compute_engine_credentials_create(NULL);
if (!self->c_creds) {
Py_DECREF(self);
PyErr_SetString(PyExc_RuntimeError,
@@ -183,29 +183,6 @@ ClientCredentials *pygrpc_ClientCredentials_compute_engine(
return self;
}
-ClientCredentials *pygrpc_ClientCredentials_service_account(
- PyTypeObject *type, PyObject *args, PyObject *kwargs) {
- ClientCredentials *self;
- const char *json_key;
- const char *scope;
- double lifetime;
- static char *keywords[] = {"json_key", "scope", "token_lifetime", NULL};
- if (!PyArg_ParseTupleAndKeywords(args, kwargs, "ssd:service_account", keywords,
- &json_key, &scope, &lifetime)) {
- return NULL;
- }
- self = (ClientCredentials *)type->tp_alloc(type, 0);
- self->c_creds = grpc_service_account_credentials_create(
- json_key, scope, pygrpc_cast_double_to_gpr_timespec(lifetime), NULL);
- if (!self->c_creds) {
- Py_DECREF(self);
- PyErr_SetString(PyExc_RuntimeError,
- "couldn't create service account credentials");
- return NULL;
- }
- return self;
-}
-
/* TODO: Rename this credentials to something like service_account_jwt_access */
ClientCredentials *pygrpc_ClientCredentials_jwt(
PyTypeObject *type, PyObject *args, PyObject *kwargs) {
@@ -239,7 +216,7 @@ ClientCredentials *pygrpc_ClientCredentials_refresh_token(
}
self = (ClientCredentials *)type->tp_alloc(type, 0);
self->c_creds =
- grpc_refresh_token_credentials_create(json_refresh_token, NULL);
+ grpc_google_refresh_token_credentials_create(json_refresh_token, NULL);
if (!self->c_creds) {
Py_DECREF(self);
PyErr_SetString(PyExc_RuntimeError,
@@ -260,8 +237,8 @@ ClientCredentials *pygrpc_ClientCredentials_iam(
return NULL;
}
self = (ClientCredentials *)type->tp_alloc(type, 0);
- self->c_creds = grpc_iam_credentials_create(authorization_token,
- authority_selector, NULL);
+ self->c_creds = grpc_google_iam_credentials_create(authorization_token,
+ authority_selector, NULL);
if (!self->c_creds) {
Py_DECREF(self);
PyErr_SetString(PyExc_RuntimeError, "couldn't create IAM credentials");
diff --git a/src/ruby/ext/grpc/rb_credentials.c b/src/ruby/ext/grpc/rb_credentials.c
index ac3804df6ff8954e4352d027030afda33efa0ce9..ae757f698666c9327d191b4c438908e9e4dc7c28 100644
--- a/src/ruby/ext/grpc/rb_credentials.c
+++ b/src/ruby/ext/grpc/rb_credentials.c
@@ -154,7 +154,7 @@ static VALUE grpc_rb_default_credentials_create(VALUE cls) {
Creates the default credential instances. */
static VALUE grpc_rb_compute_engine_credentials_create(VALUE cls) {
grpc_rb_credentials *wrapper = ALLOC(grpc_rb_credentials);
- wrapper->wrapped = grpc_compute_engine_credentials_create(NULL);
+ wrapper->wrapped = grpc_google_compute_engine_credentials_create(NULL);
if (wrapper->wrapped == NULL) {
rb_raise(rb_eRuntimeError,
"could not create composite engine credentials, not sure why");
diff --git a/test/core/end2end/tests/request_response_with_payload_and_call_creds.c b/test/core/end2end/tests/request_response_with_payload_and_call_creds.c
index 48dd0aa2cee294bc1c6aa691f48fed96038b71fe..75c5bba5bd16f3ef2eeb58e52601e620df4bd49d 100644
--- a/test/core/end2end/tests/request_response_with_payload_and_call_creds.c
+++ b/test/core/end2end/tests/request_response_with_payload_and_call_creds.c
@@ -190,7 +190,7 @@ static void request_response_with_payload_and_call_creds(
c = grpc_channel_create_call(f.client, NULL, GRPC_PROPAGATE_DEFAULTS, f.cq,
"/foo", "foo.test.google.fr", deadline, NULL);
GPR_ASSERT(c);
- creds = grpc_iam_credentials_create(iam_token, iam_selector, NULL);
+ creds = grpc_google_iam_credentials_create(iam_token, iam_selector, NULL);
GPR_ASSERT(creds != NULL);
GPR_ASSERT(grpc_call_set_credentials(c, creds) == GRPC_CALL_OK);
switch (mode) {
@@ -198,8 +198,8 @@ static void request_response_with_payload_and_call_creds(
break;
case OVERRIDE:
grpc_credentials_release(creds);
- creds = grpc_iam_credentials_create(overridden_iam_token,
- overridden_iam_selector, NULL);
+ creds = grpc_google_iam_credentials_create(overridden_iam_token,
+ overridden_iam_selector, NULL);
GPR_ASSERT(creds != NULL);
GPR_ASSERT(grpc_call_set_credentials(c, creds) == GRPC_CALL_OK);
break;
@@ -421,7 +421,7 @@ static void test_request_with_server_rejecting_client_creds(
"/foo", "foo.test.google.fr", deadline, NULL);
GPR_ASSERT(c);
- creds = grpc_iam_credentials_create(iam_token, iam_selector, NULL);
+ creds = grpc_google_iam_credentials_create(iam_token, iam_selector, NULL);
GPR_ASSERT(creds != NULL);
GPR_ASSERT(grpc_call_set_credentials(c, creds) == GRPC_CALL_OK);
grpc_credentials_release(creds);
diff --git a/test/core/security/credentials_test.c b/test/core/security/credentials_test.c
index 880fc5da1e18670854408c950405b05d749531b4..97ebaa0570806e9ca4db9d1775a5e3b7057f898b 100644
--- a/test/core/security/credentials_test.c
+++ b/test/core/security/credentials_test.c
@@ -50,8 +50,8 @@
#include <openssl/rsa.h>
-static const char test_iam_authorization_token[] = "blahblahblhahb";
-static const char test_iam_authority_selector[] = "respectmyauthoritah";
+static const char test_google_iam_authorization_token[] = "blahblahblhahb";
+static const char test_google_iam_authority_selector[] = "respectmyauthoritah";
static const char test_oauth2_bearer_token[] =
"Bearer blaaslkdjfaslkdfasdsfasf";
static const char test_root_cert[] = "I am the root!";
@@ -315,25 +315,29 @@ static void check_metadata(expected_md *expected, grpc_credentials_md *md_elems,
}
}
-static void check_iam_metadata(void *user_data, grpc_credentials_md *md_elems,
- size_t num_md, grpc_credentials_status status) {
+static void check_google_iam_metadata(void *user_data,
+ grpc_credentials_md *md_elems,
+ size_t num_md,
+ grpc_credentials_status status) {
grpc_credentials *c = (grpc_credentials *)user_data;
- expected_md emd[] = {
- {GRPC_IAM_AUTHORIZATION_TOKEN_METADATA_KEY, test_iam_authorization_token},
- {GRPC_IAM_AUTHORITY_SELECTOR_METADATA_KEY, test_iam_authority_selector}};
+ expected_md emd[] = {{GRPC_IAM_AUTHORIZATION_TOKEN_METADATA_KEY,
+ test_google_iam_authorization_token},
+ {GRPC_IAM_AUTHORITY_SELECTOR_METADATA_KEY,
+ test_google_iam_authority_selector}};
GPR_ASSERT(status == GRPC_CREDENTIALS_OK);
GPR_ASSERT(num_md == 2);
check_metadata(emd, md_elems, num_md);
grpc_credentials_unref(c);
}
-static void test_iam_creds(void) {
- grpc_credentials *creds = grpc_iam_credentials_create(
- test_iam_authorization_token, test_iam_authority_selector, NULL);
+static void test_google_iam_creds(void) {
+ grpc_credentials *creds = grpc_google_iam_credentials_create(
+ test_google_iam_authorization_token, test_google_iam_authority_selector,
+ NULL);
GPR_ASSERT(grpc_credentials_has_request_metadata(creds));
GPR_ASSERT(grpc_credentials_has_request_metadata_only(creds));
grpc_credentials_get_request_metadata(creds, NULL, test_service_url,
- check_iam_metadata, creds);
+ check_google_iam_metadata, creds);
}
static void check_access_token_metadata(void *user_data,
@@ -406,21 +410,23 @@ void test_ssl_fake_transport_security_composite_creds_failure(void) {
grpc_credentials_unref(fake_transport_security_creds);
}
-static void check_ssl_oauth2_iam_composite_metadata(
+static void check_ssl_oauth2_google_iam_composite_metadata(
void *user_data, grpc_credentials_md *md_elems, size_t num_md,
grpc_credentials_status status) {
grpc_credentials *c = (grpc_credentials *)user_data;
expected_md emd[] = {
{GRPC_AUTHORIZATION_METADATA_KEY, test_oauth2_bearer_token},
- {GRPC_IAM_AUTHORIZATION_TOKEN_METADATA_KEY, test_iam_authorization_token},
- {GRPC_IAM_AUTHORITY_SELECTOR_METADATA_KEY, test_iam_authority_selector}};
+ {GRPC_IAM_AUTHORIZATION_TOKEN_METADATA_KEY,
+ test_google_iam_authorization_token},
+ {GRPC_IAM_AUTHORITY_SELECTOR_METADATA_KEY,
+ test_google_iam_authority_selector}};
GPR_ASSERT(status == GRPC_CREDENTIALS_OK);
GPR_ASSERT(num_md == 3);
check_metadata(emd, md_elems, num_md);
grpc_credentials_unref(c);
}
-static void test_ssl_oauth2_iam_composite_creds(void) {
+static void test_ssl_oauth2_google_iam_composite_creds(void) {
grpc_credentials *ssl_creds =
grpc_ssl_credentials_create(test_root_cert, NULL, NULL);
const grpc_credentials_array *creds_array;
@@ -428,14 +434,15 @@ static void test_ssl_oauth2_iam_composite_creds(void) {
"Authorization", test_oauth2_bearer_token, 0);
grpc_credentials *aux_creds =
grpc_composite_credentials_create(ssl_creds, oauth2_creds, NULL);
- grpc_credentials *iam_creds = grpc_iam_credentials_create(
- test_iam_authorization_token, test_iam_authority_selector, NULL);
+ grpc_credentials *google_iam_creds = grpc_google_iam_credentials_create(
+ test_google_iam_authorization_token, test_google_iam_authority_selector,
+ NULL);
grpc_credentials *composite_creds =
- grpc_composite_credentials_create(aux_creds, iam_creds, NULL);
+ grpc_composite_credentials_create(aux_creds, google_iam_creds, NULL);
grpc_credentials_unref(ssl_creds);
grpc_credentials_unref(oauth2_creds);
grpc_credentials_unref(aux_creds);
- grpc_credentials_unref(iam_creds);
+ grpc_credentials_unref(google_iam_creds);
GPR_ASSERT(strcmp(composite_creds->type, GRPC_CREDENTIALS_TYPE_COMPOSITE) ==
0);
GPR_ASSERT(grpc_credentials_has_request_metadata(composite_creds));
@@ -448,9 +455,9 @@ static void test_ssl_oauth2_iam_composite_creds(void) {
GRPC_CREDENTIALS_TYPE_OAUTH2) == 0);
GPR_ASSERT(strcmp(creds_array->creds_array[2]->type,
GRPC_CREDENTIALS_TYPE_IAM) == 0);
- grpc_credentials_get_request_metadata(composite_creds, NULL, test_service_url,
- check_ssl_oauth2_iam_composite_metadata,
- composite_creds);
+ grpc_credentials_get_request_metadata(
+ composite_creds, NULL, test_service_url,
+ check_ssl_oauth2_google_iam_composite_metadata, composite_creds);
}
static void on_oauth2_creds_get_metadata_success(
@@ -524,7 +531,7 @@ static int httpcli_get_should_not_be_called(
static void test_compute_engine_creds_success(void) {
grpc_credentials *compute_engine_creds =
- grpc_compute_engine_credentials_create(NULL);
+ grpc_google_compute_engine_credentials_create(NULL);
GPR_ASSERT(grpc_credentials_has_request_metadata(compute_engine_creds));
GPR_ASSERT(grpc_credentials_has_request_metadata_only(compute_engine_creds));
@@ -548,7 +555,7 @@ static void test_compute_engine_creds_success(void) {
static void test_compute_engine_creds_failure(void) {
grpc_credentials *compute_engine_creds =
- grpc_compute_engine_credentials_create(NULL);
+ grpc_google_compute_engine_credentials_create(NULL);
grpc_httpcli_set_override(compute_engine_httpcli_get_failure_override,
httpcli_post_should_not_be_called);
GPR_ASSERT(grpc_credentials_has_request_metadata(compute_engine_creds));
@@ -605,7 +612,8 @@ static int refresh_token_httpcli_post_failure(
static void test_refresh_token_creds_success(void) {
grpc_credentials *refresh_token_creds =
- grpc_refresh_token_credentials_create(test_refresh_token_str, NULL);
+ grpc_google_refresh_token_credentials_create(test_refresh_token_str,
+ NULL);
GPR_ASSERT(grpc_credentials_has_request_metadata(refresh_token_creds));
GPR_ASSERT(grpc_credentials_has_request_metadata_only(refresh_token_creds));
@@ -629,7 +637,8 @@ static void test_refresh_token_creds_success(void) {
static void test_refresh_token_creds_failure(void) {
grpc_credentials *refresh_token_creds =
- grpc_refresh_token_credentials_create(test_refresh_token_str, NULL);
+ grpc_google_refresh_token_credentials_create(test_refresh_token_str,
+ NULL);
grpc_httpcli_set_override(httpcli_get_should_not_be_called,
refresh_token_httpcli_post_failure);
GPR_ASSERT(grpc_credentials_has_request_metadata(refresh_token_creds));
@@ -686,119 +695,6 @@ static char *encode_and_sign_jwt_should_not_be_called(
GPR_ASSERT("grpc_jwt_encode_and_sign should not be called" == NULL);
}
-static void validate_service_account_http_request(
- const grpc_httpcli_request *request, const char *body, size_t body_size) {
- /* The content of the assertion is tested extensively in json_token_test. */
- char *expected_body = NULL;
- GPR_ASSERT(body != NULL);
- GPR_ASSERT(body_size != 0);
- gpr_asprintf(&expected_body, "%s%s", GRPC_SERVICE_ACCOUNT_POST_BODY_PREFIX,
- test_signed_jwt);
- GPR_ASSERT(strlen(expected_body) == body_size);
- GPR_ASSERT(memcmp(expected_body, body, body_size) == 0);
- gpr_free(expected_body);
- GPR_ASSERT(request->handshaker == &grpc_httpcli_ssl);
- GPR_ASSERT(strcmp(request->host, GRPC_GOOGLE_OAUTH2_SERVICE_HOST) == 0);
- GPR_ASSERT(strcmp(request->path, GRPC_GOOGLE_OAUTH2_SERVICE_TOKEN_PATH) == 0);
- GPR_ASSERT(request->hdr_count == 1);
- GPR_ASSERT(strcmp(request->hdrs[0].key, "Content-Type") == 0);
- GPR_ASSERT(
- strcmp(request->hdrs[0].value, "application/x-www-form-urlencoded") == 0);
-}
-
-static int service_account_httpcli_post_success(
- const grpc_httpcli_request *request, const char *body, size_t body_size,
- gpr_timespec deadline, grpc_httpcli_response_cb on_response,
- void *user_data) {
- grpc_httpcli_response response =
- http_response(200, valid_oauth2_json_response);
- validate_service_account_http_request(request, body, body_size);
- on_response(user_data, &response);
- return 1;
-}
-
-static int service_account_httpcli_post_failure(
- const grpc_httpcli_request *request, const char *body, size_t body_size,
- gpr_timespec deadline, grpc_httpcli_response_cb on_response,
- void *user_data) {
- grpc_httpcli_response response = http_response(403, "Not Authorized.");
- validate_service_account_http_request(request, body, body_size);
- on_response(user_data, &response);
- return 1;
-}
-
-static void test_service_account_creds_success(void) {
- char *json_key_string = test_json_key_str();
- grpc_credentials *service_account_creds =
- grpc_service_account_credentials_create(json_key_string, test_scope,
- grpc_max_auth_token_lifetime, NULL);
- GPR_ASSERT(grpc_credentials_has_request_metadata(service_account_creds));
- GPR_ASSERT(grpc_credentials_has_request_metadata_only(service_account_creds));
-
- /* First request: http get should be called. */
- grpc_jwt_encode_and_sign_set_override(encode_and_sign_jwt_success);
- grpc_httpcli_set_override(httpcli_get_should_not_be_called,
- service_account_httpcli_post_success);
- grpc_credentials_get_request_metadata(
- service_account_creds, NULL, test_service_url,
- on_oauth2_creds_get_metadata_success, (void *)test_user_data);
-
- /* Second request: the cached token should be served directly. */
- grpc_jwt_encode_and_sign_set_override(
- encode_and_sign_jwt_should_not_be_called);
- grpc_httpcli_set_override(httpcli_get_should_not_be_called,
- httpcli_post_should_not_be_called);
- grpc_credentials_get_request_metadata(
- service_account_creds, NULL, test_service_url,
- on_oauth2_creds_get_metadata_success, (void *)test_user_data);
-
- gpr_free(json_key_string);
- grpc_credentials_unref(service_account_creds);
- grpc_jwt_encode_and_sign_set_override(NULL);
- grpc_httpcli_set_override(NULL, NULL);
-}
-
-static void test_service_account_creds_http_failure(void) {
- char *json_key_string = test_json_key_str();
- grpc_credentials *service_account_creds =
- grpc_service_account_credentials_create(
- json_key_string, test_scope, grpc_max_auth_token_lifetime, NULL);
- GPR_ASSERT(grpc_credentials_has_request_metadata(service_account_creds));
- GPR_ASSERT(grpc_credentials_has_request_metadata_only(service_account_creds));
-
- grpc_jwt_encode_and_sign_set_override(encode_and_sign_jwt_success);
- grpc_httpcli_set_override(httpcli_get_should_not_be_called,
- service_account_httpcli_post_failure);
- grpc_credentials_get_request_metadata(
- service_account_creds, NULL, test_service_url,
- on_oauth2_creds_get_metadata_failure, (void *)test_user_data);
-
- gpr_free(json_key_string);
- grpc_credentials_unref(service_account_creds);
- grpc_httpcli_set_override(NULL, NULL);
-}
-
-static void test_service_account_creds_signing_failure(void) {
- char *json_key_string = test_json_key_str();
- grpc_credentials *service_account_creds =
- grpc_service_account_credentials_create(
- json_key_string, test_scope, grpc_max_auth_token_lifetime, NULL);
- GPR_ASSERT(grpc_credentials_has_request_metadata(service_account_creds));
- GPR_ASSERT(grpc_credentials_has_request_metadata_only(service_account_creds));
-
- grpc_jwt_encode_and_sign_set_override(encode_and_sign_jwt_failure);
- grpc_httpcli_set_override(httpcli_get_should_not_be_called,
- httpcli_post_should_not_be_called);
- grpc_credentials_get_request_metadata(
- service_account_creds, NULL, test_service_url,
- on_oauth2_creds_get_metadata_failure, (void *)test_user_data);
-
- gpr_free(json_key_string);
- grpc_credentials_unref(service_account_creds);
- grpc_httpcli_set_override(NULL, NULL);
- grpc_jwt_encode_and_sign_set_override(NULL);
-}
-
static void on_jwt_creds_get_metadata_success(void *user_data,
grpc_credentials_md *md_elems,
size_t num_md,
@@ -922,14 +818,14 @@ static void test_google_default_creds_auth_key(void) {
}
static void test_google_default_creds_access_token(void) {
- grpc_refresh_token_credentials *refresh;
+ grpc_google_refresh_token_credentials *refresh;
grpc_credentials *creds;
grpc_flush_cached_google_default_credentials();
set_google_default_creds_env_var_with_file_contents(
"refresh_token_google_default_creds", test_refresh_token_str);
creds = grpc_google_default_credentials_create();
GPR_ASSERT(creds != NULL);
- refresh = (grpc_refresh_token_credentials *)composite_inner_creds(
+ refresh = (grpc_google_refresh_token_credentials *)composite_inner_creds(
creds, GRPC_CREDENTIALS_TYPE_OAUTH2);
GPR_ASSERT(strcmp(refresh->refresh_token.client_id,
"32555999999.apps.googleusercontent.com") == 0);
@@ -952,17 +848,14 @@ int main(int argc, char **argv) {
test_oauth2_token_fetcher_creds_parsing_missing_token();
test_oauth2_token_fetcher_creds_parsing_missing_token_type();
test_oauth2_token_fetcher_creds_parsing_missing_token_lifetime();
- test_iam_creds();
+ test_google_iam_creds();
test_access_token_creds();
test_ssl_oauth2_composite_creds();
- test_ssl_oauth2_iam_composite_creds();
+ test_ssl_oauth2_google_iam_composite_creds();
test_compute_engine_creds_success();
test_compute_engine_creds_failure();
test_refresh_token_creds_success();
test_refresh_token_creds_failure();
- test_service_account_creds_success();
- test_service_account_creds_http_failure();
- test_service_account_creds_signing_failure();
test_jwt_creds_success();
test_jwt_creds_signing_failure();
test_google_default_creds_auth_key();
diff --git a/test/core/security/fetch_oauth2.c b/test/core/security/fetch_oauth2.c
index 7354a9f8f77b14541f70b3b1345b70f7fe4d9a6c..764d8da9b607ca2fa5cf4469602e37cf1b6ac07f 100644
--- a/test/core/security/fetch_oauth2.c
+++ b/test/core/security/fetch_oauth2.c
@@ -46,19 +46,6 @@
#include "src/core/support/file.h"
#include "test/core/security/oauth2_utils.h"
-static grpc_credentials *create_service_account_creds(
- const char *json_key_file_path, const char *scope) {
- int success;
- gpr_slice json_key = gpr_load_file(json_key_file_path, 1, &success);
- if (!success) {
- gpr_log(GPR_ERROR, "Could not read file %s.", json_key_file_path);
- exit(1);
- }
- return grpc_service_account_credentials_create(
- (const char *)GPR_SLICE_START_PTR(json_key), scope,
- grpc_max_auth_token_lifetime, NULL);
-}
-
static grpc_credentials *create_refresh_token_creds(
const char *json_refresh_token_file_path) {
int success;
@@ -68,7 +55,7 @@ static grpc_credentials *create_refresh_token_creds(
gpr_log(GPR_ERROR, "Could not read file %s.", json_refresh_token_file_path);
exit(1);
}
- return grpc_refresh_token_credentials_create(
+ return grpc_google_refresh_token_credentials_create(
(const char *)GPR_SLICE_START_PTR(refresh_token), NULL);
}
@@ -80,18 +67,9 @@ int main(int argc, char **argv) {
int use_gce = 0;
char *scope = NULL;
gpr_cmdline *cl = gpr_cmdline_create("fetch_oauth2");
- gpr_cmdline_add_string(cl, "json_key",
- "File path of the json key. Mutually exclusive with "
- "--json_refresh_token.",
- &json_key_file_path);
gpr_cmdline_add_string(cl, "json_refresh_token",
- "File path of the json refresh token. Mutually "
- "exclusive with --json_key.",
+ "File path of the json refresh token.",
&json_refresh_token_file_path);
- gpr_cmdline_add_string(cl, "scope",
- "Space delimited permissions. Only used for "
- "--json_key, ignored otherwise.",
- &scope);
gpr_cmdline_add_flag(
cl, "gce",
"Get a token from the GCE metadata server (only works in GCE).",
@@ -112,7 +90,7 @@ int main(int argc, char **argv) {
"Ignoring json key and scope to get a token from the GCE "
"metadata server.");
}
- creds = grpc_compute_engine_credentials_create(NULL);
+ creds = grpc_google_compute_engine_credentials_create(NULL);
if (creds == NULL) {
gpr_log(GPR_ERROR, "Could not create gce credentials.");
exit(1);
@@ -127,23 +105,8 @@ int main(int argc, char **argv) {
exit(1);
}
} else {
- if (json_key_file_path == NULL) {
- gpr_log(GPR_ERROR, "Missing --json_key option.");
- exit(1);
- }
- if (scope == NULL) {
- gpr_log(GPR_ERROR, "Missing --scope option.");
- exit(1);
- }
-
- creds = create_service_account_creds(json_key_file_path, scope);
- if (creds == NULL) {
- gpr_log(GPR_ERROR,
- "Could not create service account creds. %s does probably not "
- "contain a valid json key.",
- json_key_file_path);
- exit(1);
- }
+ gpr_log(GPR_ERROR, "Missing --gce or --json_refresh_token option.");
+ exit(1);
}
GPR_ASSERT(creds != NULL);
diff --git a/test/cpp/client/credentials_test.cc b/test/cpp/client/credentials_test.cc
index 6fb24d71e5ac0da885f735f6317fa0466181b38f..18fcffe7cd1976e42b09e8964d13e47567b19988 100644
--- a/test/cpp/client/credentials_test.cc
+++ b/test/cpp/client/credentials_test.cc
@@ -45,8 +45,8 @@ class CredentialsTest : public ::testing::Test {
protected:
};
-TEST_F(CredentialsTest, InvalidServiceAccountCreds) {
- std::shared_ptr<Credentials> bad1 = ServiceAccountCredentials("", "", 1);
+TEST_F(CredentialsTest, InvalidGoogleRefreshToken) {
+ std::shared_ptr<Credentials> bad1 = GoogleRefreshTokenCredentials("");
EXPECT_EQ(static_cast<Credentials*>(nullptr), bad1.get());
}
diff --git a/test/cpp/end2end/end2end_test.cc b/test/cpp/end2end/end2end_test.cc
index 2728dce07e5646726367c1443eb3cbfac9b84125..b6f156a24ab49ab65354e7d3859cbcdc8a68f752 100644
--- a/test/cpp/end2end/end2end_test.cc
+++ b/test/cpp/end2end/end2end_test.cc
@@ -561,7 +561,7 @@ TEST_F(End2endTest, DiffPackageServices) {
// rpc and stream should fail on bad credentials.
TEST_F(End2endTest, BadCredentials) {
- std::shared_ptr<Credentials> bad_creds = ServiceAccountCredentials("", "", 1);
+ std::shared_ptr<Credentials> bad_creds = GoogleRefreshTokenCredentials("");
EXPECT_EQ(static_cast<Credentials*>(nullptr), bad_creds.get());
std::shared_ptr<Channel> channel =
CreateChannel(server_address_.str(), bad_creds, ChannelArguments());
@@ -741,7 +741,7 @@ TEST_F(End2endTest, SetPerCallCredentials) {
EchoResponse response;
ClientContext context;
std::shared_ptr<Credentials> creds =
- IAMCredentials("fake_token", "fake_selector");
+ GoogleIAMCredentials("fake_token", "fake_selector");
context.set_credentials(creds);
request.set_message("Hello");
request.mutable_param()->set_echo_metadata(true);
@@ -778,10 +778,10 @@ TEST_F(End2endTest, OverridePerCallCredentials) {
EchoResponse response;
ClientContext context;
std::shared_ptr<Credentials> creds1 =
- IAMCredentials("fake_token1", "fake_selector1");
+ GoogleIAMCredentials("fake_token1", "fake_selector1");
context.set_credentials(creds1);
std::shared_ptr<Credentials> creds2 =
- IAMCredentials("fake_token2", "fake_selector2");
+ GoogleIAMCredentials("fake_token2", "fake_selector2");
context.set_credentials(creds2);
request.set_message("Hello");
request.mutable_param()->set_echo_metadata(true);
diff --git a/test/cpp/interop/client_helper.cc b/test/cpp/interop/client_helper.cc
index abc14aeb983e1122a9347110881b6fe32aa379ff..7093463fa8ce5a4cf669860d8d6eb7af5775c1f4 100644
--- a/test/cpp/interop/client_helper.cc
+++ b/test/cpp/interop/client_helper.cc
@@ -64,16 +64,6 @@ DECLARE_string(oauth_scope);
namespace grpc {
namespace testing {
-namespace {
-std::shared_ptr<Credentials> CreateServiceAccountCredentials() {
- GPR_ASSERT(FLAGS_enable_ssl);
- grpc::string json_key = GetServiceAccountJsonKey();
- std::chrono::seconds token_lifetime = std::chrono::hours(1);
- return ServiceAccountCredentials(json_key, FLAGS_oauth_scope,
- token_lifetime.count());
-}
-} // namespace
-
grpc::string GetServiceAccountJsonKey() {
static grpc::string json_key;
if (json_key.empty()) {
@@ -86,7 +76,7 @@ grpc::string GetServiceAccountJsonKey() {
}
grpc::string GetOauth2AccessToken() {
- std::shared_ptr<Credentials> creds = CreateServiceAccountCredentials();
+ std::shared_ptr<Credentials> creds = GoogleComputeEngineCredentials();
SecureCredentials* secure_creds =
dynamic_cast<SecureCredentials*>(creds.get());
GPR_ASSERT(secure_creds != nullptr);
@@ -107,14 +97,10 @@ std::shared_ptr<Channel> CreateChannelForTestCase(
snprintf(host_port, host_port_buf_size, "%s:%d", FLAGS_server_host.c_str(),
FLAGS_server_port);
- if (test_case == "service_account_creds") {
- std::shared_ptr<Credentials> creds = CreateServiceAccountCredentials();
- return CreateTestChannel(host_port, FLAGS_server_host_override,
- FLAGS_enable_ssl, FLAGS_use_prod_roots, creds);
- } else if (test_case == "compute_engine_creds") {
+ if (test_case == "compute_engine_creds") {
std::shared_ptr<Credentials> creds;
GPR_ASSERT(FLAGS_enable_ssl);
- creds = ComputeEngineCredentials();
+ creds = GoogleComputeEngineCredentials();
return CreateTestChannel(host_port, FLAGS_server_host_override,
FLAGS_enable_ssl, FLAGS_use_prod_roots, creds);
} else if (test_case == "jwt_token_creds") {