// // // Copyright 2019 gRPC authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. // // #ifndef GRPCPP_SECURITY_ALTS_UTIL_H #define GRPCPP_SECURITY_ALTS_UTIL_H #include #include #include #include #include struct grpc_gcp_AltsContext; namespace grpc { namespace experimental { // GetAltsContextFromAuthContext helps to get the AltsContext from AuthContext. // If ALTS is not the transport security protocol used to establish the // connection, this function will return nullptr. std::unique_ptr GetAltsContextFromAuthContext( const std::shared_ptr& auth_context); // This utility function performs ALTS client authorization check on server // side, i.e., checks if the client identity matches one of the expected service // accounts. It returns OK if client is authorized and an error otherwise. grpc::Status AltsClientAuthzCheck( const std::shared_ptr& auth_context, const std::vector& expected_service_accounts); } // namespace experimental } // namespace grpc #endif // GRPCPP_SECURITY_ALTS_UTIL_H