diff options
author | John Mckay <adenosine3p@gmail.com> | 2019-11-24 03:45:32 +0300 |
---|---|---|
committer | John Mckay <adenosine3p@gmail.com> | 2019-11-30 07:10:04 +0300 |
commit | f046c74aba68ed21b0855587bd54843dae29ff8e (patch) | |
tree | d36972363368f6e62f7d411d152975ba43203a73 /src/murmur/MurmurGRPCImpl.h | |
parent | fbdf2f1211064838392b25caf2b7d507af4f9098 (diff) |
Client authentication for gRPC
This adds client authentication using TLS certificates when it is
enabled in gRPC. This just the basic feature right now. You either have
access or you do not.
Access is granted by putting the certificate digests of the authorized
users into the murmur.ini file.
Diffstat (limited to 'src/murmur/MurmurGRPCImpl.h')
-rw-r--r-- | src/murmur/MurmurGRPCImpl.h | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/src/murmur/MurmurGRPCImpl.h b/src/murmur/MurmurGRPCImpl.h index 3592a62f2..a3074e9c9 100644 --- a/src/murmur/MurmurGRPCImpl.h +++ b/src/murmur/MurmurGRPCImpl.h @@ -22,8 +22,10 @@ #include <atomic> #include <QMultiHash> +#include <QSet> #include <grpc++/grpc++.h> +#include <grpc++/security/auth_context.h> class RPCCall; @@ -37,6 +39,15 @@ namespace MurmurRPC { } } +class MurmurRPCAuthenticator : public ::grpc_impl::AuthMetadataProcessor { + public: + MurmurRPCAuthenticator(); + grpc::Status Process(const InputMetadata&, ::grpc::AuthContext*, OutputMetadata*, OutputMetadata*); + bool IsBlocking() const; + protected: + QSet<QByteArray> m_gRPCUsers; +}; + class MurmurRPCImpl : public QThread { Q_OBJECT; std::unique_ptr<grpc::Server> m_server; |