3 // Copyright 2020 gRPC authors.
5 // Licensed under the Apache License, Version 2.0 (the "License");
6 // you may not use this file except in compliance with the License.
7 // You may obtain a copy of the License at
9 // http://www.apache.org/licenses/LICENSE-2.0
11 // Unless required by applicable law or agreed to in writing, software
12 // distributed under the License is distributed on an "AS IS" BASIS,
13 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 // See the License for the specific language governing permissions and
15 // limitations under the License.
19 #include <grpc/support/port_platform.h>
21 #include "src/core/ext/xds/file_watcher_certificate_provider_factory.h"
23 #include "absl/strings/str_format.h"
24 #include "absl/strings/str_join.h"
26 #include "src/core/lib/json/json_util.h"
32 const char* kFileWatcherPlugin = "file_watcher";
37 // FileWatcherCertificateProviderFactory::Config
40 const char* FileWatcherCertificateProviderFactory::Config::name() const {
41 return kFileWatcherPlugin;
44 std::string FileWatcherCertificateProviderFactory::Config::ToString() const {
45 std::vector<std::string> parts;
47 if (!identity_cert_file_.empty()) {
49 absl::StrFormat("certificate_file=\"%s\", ", identity_cert_file_));
51 if (!identity_cert_file_.empty()) {
53 absl::StrFormat("private_key_file=\"%s\", ", private_key_file_));
55 if (!identity_cert_file_.empty()) {
57 absl::StrFormat("ca_certificate_file=\"%s\", ", root_cert_file_));
60 absl::StrFormat("refresh_interval=%ldms}", refresh_interval_ms_));
61 return absl::StrJoin(parts, "");
64 RefCountedPtr<FileWatcherCertificateProviderFactory::Config>
65 FileWatcherCertificateProviderFactory::Config::Parse(const Json& config_json,
67 auto config = MakeRefCounted<FileWatcherCertificateProviderFactory::Config>();
68 if (config_json.type() != Json::Type::OBJECT) {
69 *error = GRPC_ERROR_CREATE_FROM_STATIC_STRING(
70 "error:config type should be OBJECT.");
73 std::vector<grpc_error*> error_list;
74 ParseJsonObjectField(config_json.object_value(), "certificate_file",
75 &config->identity_cert_file_, &error_list, false);
76 ParseJsonObjectField(config_json.object_value(), "private_key_file",
77 &config->private_key_file_, &error_list, false);
78 if (config->identity_cert_file_.empty() !=
79 config->private_key_file_.empty()) {
80 error_list.push_back(GRPC_ERROR_CREATE_FROM_STATIC_STRING(
81 "fields \"certificate_file\" and \"private_key_file\" must be both set "
84 ParseJsonObjectField(config_json.object_value(), "ca_certificate_file",
85 &config->root_cert_file_, &error_list, false);
86 if (config->identity_cert_file_.empty() && config->root_cert_file_.empty()) {
87 error_list.push_back(GRPC_ERROR_CREATE_FROM_STATIC_STRING(
88 "At least one of \"certificate_file\" and \"ca_certificate_file\" must "
91 if (!ParseJsonObjectFieldAsDuration(
92 config_json.object_value(), "refresh_interval",
93 &config->refresh_interval_ms_, &error_list, false)) {
94 config->refresh_interval_ms_ = 10 * 60 * 1000; // 10 minutes default
96 if (!error_list.empty()) {
97 *error = GRPC_ERROR_CREATE_FROM_VECTOR(
98 "Error parsing file watcher certificate provider config", &error_list);
105 // FileWatcherCertificateProviderFactory
108 const char* FileWatcherCertificateProviderFactory::name() const {
109 return kFileWatcherPlugin;
112 RefCountedPtr<CertificateProviderFactory::Config>
113 FileWatcherCertificateProviderFactory::CreateCertificateProviderConfig(
114 const Json& config_json, grpc_error** error) {
115 return FileWatcherCertificateProviderFactory::Config::Parse(config_json,
119 } // namespace grpc_core