1 // Copyright 2021 gRPC authors.
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 //     http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14 
15 #include <memory>
16 #include <string>
17 
18 #include <grpc/grpc_security.h>
19 #include <grpc/status.h>
20 #include <grpc/support/alloc.h>
21 #include <grpcpp/security/authorization_policy_provider.h>
22 #include <grpcpp/support/status.h>
23 
24 namespace grpc {
25 namespace experimental {
26 
27 std::shared_ptr<StaticDataAuthorizationPolicyProvider>
Create(const std::string & authz_policy,grpc::Status * status)28 StaticDataAuthorizationPolicyProvider::Create(const std::string& authz_policy,
29                                               grpc::Status* status) {
30   grpc_status_code code = GRPC_STATUS_OK;
31   const char* error_details;
32   grpc_authorization_policy_provider* provider =
33       grpc_authorization_policy_provider_static_data_create(
34           authz_policy.c_str(), &code, &error_details);
35   if (code != GRPC_STATUS_OK) {
36     *status = grpc::Status(static_cast<grpc::StatusCode>(code), error_details);
37     gpr_free(const_cast<char*>(error_details));
38     return nullptr;
39   }
40   *status = grpc::Status();
41   return std::make_shared<StaticDataAuthorizationPolicyProvider>(provider);
42 }
43 
44 StaticDataAuthorizationPolicyProvider::
~StaticDataAuthorizationPolicyProvider()45     ~StaticDataAuthorizationPolicyProvider() {
46   grpc_authorization_policy_provider_release(c_provider_);
47 }
48 
49 std::shared_ptr<FileWatcherAuthorizationPolicyProvider>
Create(const std::string & authz_policy_path,unsigned int refresh_interval_sec,grpc::Status * status)50 FileWatcherAuthorizationPolicyProvider::Create(
51     const std::string& authz_policy_path, unsigned int refresh_interval_sec,
52     grpc::Status* status) {
53   grpc_status_code code = GRPC_STATUS_OK;
54   const char* error_details;
55   grpc_authorization_policy_provider* provider =
56       grpc_authorization_policy_provider_file_watcher_create(
57           authz_policy_path.c_str(), refresh_interval_sec, &code,
58           &error_details);
59   if (code != GRPC_STATUS_OK) {
60     *status = grpc::Status(static_cast<grpc::StatusCode>(code), error_details);
61     gpr_free(const_cast<char*>(error_details));
62     return nullptr;
63   }
64   return std::make_shared<FileWatcherAuthorizationPolicyProvider>(provider);
65 }
66 
67 FileWatcherAuthorizationPolicyProvider::
~FileWatcherAuthorizationPolicyProvider()68     ~FileWatcherAuthorizationPolicyProvider() {
69   grpc_authorization_policy_provider_release(c_provider_);
70 }
71 
72 }  // namespace experimental
73 }  // namespace grpc
74