|
- /*
- *
- * Copyright 2018 gRPC authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- */
-
- // Package authinfo provide authentication information returned by handshakers.
- package authinfo
-
- import (
- "google.golang.org/grpc/credentials"
- altspb "google.golang.org/grpc/credentials/alts/internal/proto/grpc_gcp"
- )
-
- var _ credentials.AuthInfo = (*altsAuthInfo)(nil)
-
- // altsAuthInfo exposes security information from the ALTS handshake to the
- // application. altsAuthInfo is immutable and implements credentials.AuthInfo.
- type altsAuthInfo struct {
- p *altspb.AltsContext
- }
-
- // New returns a new altsAuthInfo object given handshaker results.
- func New(result *altspb.HandshakerResult) credentials.AuthInfo {
- return newAuthInfo(result)
- }
-
- func newAuthInfo(result *altspb.HandshakerResult) *altsAuthInfo {
- return &altsAuthInfo{
- p: &altspb.AltsContext{
- ApplicationProtocol: result.GetApplicationProtocol(),
- RecordProtocol: result.GetRecordProtocol(),
- // TODO: assign security level from result.
- SecurityLevel: altspb.SecurityLevel_INTEGRITY_AND_PRIVACY,
- PeerServiceAccount: result.GetPeerIdentity().GetServiceAccount(),
- LocalServiceAccount: result.GetLocalIdentity().GetServiceAccount(),
- PeerRpcVersions: result.GetPeerRpcVersions(),
- },
- }
- }
-
- // AuthType identifies the context as providing ALTS authentication information.
- func (s *altsAuthInfo) AuthType() string {
- return "alts"
- }
-
- // ApplicationProtocol returns the context's application protocol.
- func (s *altsAuthInfo) ApplicationProtocol() string {
- return s.p.GetApplicationProtocol()
- }
-
- // RecordProtocol returns the context's record protocol.
- func (s *altsAuthInfo) RecordProtocol() string {
- return s.p.GetRecordProtocol()
- }
-
- // SecurityLevel returns the context's security level.
- func (s *altsAuthInfo) SecurityLevel() altspb.SecurityLevel {
- return s.p.GetSecurityLevel()
- }
-
- // PeerServiceAccount returns the context's peer service account.
- func (s *altsAuthInfo) PeerServiceAccount() string {
- return s.p.GetPeerServiceAccount()
- }
-
- // LocalServiceAccount returns the context's local service account.
- func (s *altsAuthInfo) LocalServiceAccount() string {
- return s.p.GetLocalServiceAccount()
- }
-
- // PeerRPCVersions returns the context's peer RPC versions.
- func (s *altsAuthInfo) PeerRPCVersions() *altspb.RpcProtocolVersions {
- return s.p.GetPeerRpcVersions()
- }
|