Home | History | Annotate | Download | only in jwt 
      1 /*
      2  *
      3  * Copyright 2015 gRPC authors.
      4  *
      5  * Licensed under the Apache License, Version 2.0 (the "License");
      6  * you may not use this file except in compliance with the License.
      7  * You may obtain a copy of the License at
      8  *
      9  *     http://www.apache.org/licenses/LICENSE-2.0
     10  *
     11  * Unless required by applicable law or agreed to in writing, software
     12  * distributed under the License is distributed on an "AS IS" BASIS,
     13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     14  * See the License for the specific language governing permissions and
     15  * limitations under the License.
     16  *
     17  */
     18 
     19 #ifndef GRPC_CORE_LIB_SECURITY_CREDENTIALS_JWT_JSON_TOKEN_H
     20 #define GRPC_CORE_LIB_SECURITY_CREDENTIALS_JWT_JSON_TOKEN_H
     21 
     22 #include <grpc/support/port_platform.h>
     23 
     24 #include "src/core/tsi/grpc_shadow_boringssl.h"
     25 
     26 #include <grpc/slice.h>
     27 #include <openssl/rsa.h>
     28 
     29 #include "src/core/lib/json/json.h"
     30 
     31 /* --- Constants. --- */
     32 
     33 #define GRPC_JWT_OAUTH2_AUDIENCE "https://www.googleapis.com/oauth2/v3/token"
     34 
     35 /* --- auth_json_key parsing. --- */
     36 
     37 typedef struct {
     38   const char* type;
     39   char* private_key_id;
     40   char* client_id;
     41   char* client_email;
     42   RSA* private_key;
     43 } grpc_auth_json_key;
     44 
     45 /* Returns 1 if the object is valid, 0 otherwise. */
     46 int grpc_auth_json_key_is_valid(const grpc_auth_json_key* json_key);
     47 
     48 /* Creates a json_key object from string. Returns an invalid object if a parsing
     49    error has been encountered. */
     50 grpc_auth_json_key grpc_auth_json_key_create_from_string(
     51     const char* json_string);
     52 
     53 /* Creates a json_key object from parsed json. Returns an invalid object if a
     54    parsing error has been encountered. */
     55 grpc_auth_json_key grpc_auth_json_key_create_from_json(const grpc_json* json);
     56 
     57 /* Destructs the object. */
     58 void grpc_auth_json_key_destruct(grpc_auth_json_key* json_key);
     59 
     60 /* --- json token encoding and signing. --- */
     61 
     62 /* Caller is responsible for calling gpr_free on the returned value. May return
     63    NULL on invalid input. The scope parameter may be NULL. */
     64 char* grpc_jwt_encode_and_sign(const grpc_auth_json_key* json_key,
     65                                const char* audience,
     66                                gpr_timespec token_lifetime, const char* scope);
     67 
     68 /* Override encode_and_sign function for testing. */
     69 typedef char* (*grpc_jwt_encode_and_sign_override)(
     70     const grpc_auth_json_key* json_key, const char* audience,
     71     gpr_timespec token_lifetime, const char* scope);
     72 
     73 /* Set a custom encode_and_sign override for testing. */
     74 void grpc_jwt_encode_and_sign_set_override(
     75     grpc_jwt_encode_and_sign_override func);
     76 
     77 #endif /* GRPC_CORE_LIB_SECURITY_CREDENTIALS_JWT_JSON_TOKEN_H */
     78