-
Notifications
You must be signed in to change notification settings - Fork 791
/
Copy pathDefaultChannelCredentialsConfigurator.cs
74 lines (60 loc) · 2.98 KB
/
DefaultChannelCredentialsConfigurator.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
#region Copyright notice and license
// Copyright 2019 The gRPC Authors
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#endregion
using System.Globalization;
using Grpc.Core;
namespace Grpc.Net.Client.Internal;
internal sealed class DefaultChannelCredentialsConfigurator : ChannelCredentialsConfiguratorBase
{
private readonly bool _allowInsecureChannelCallCredentials;
public DefaultChannelCredentialsConfigurator(bool allowInsecureChannelCallCredentials)
{
_allowInsecureChannelCallCredentials = allowInsecureChannelCallCredentials;
}
public bool? IsSecure { get; private set; }
public List<CallCredentials>? CallCredentials { get; private set; }
public override void SetCompositeCredentials(object state, ChannelCredentials channelCredentials, CallCredentials callCredentials)
{
channelCredentials.InternalPopulateConfiguration(this, state);
if (!(IsSecure ?? false) && !_allowInsecureChannelCallCredentials)
{
throw new InvalidOperationException($"CallCredentials can't be composed with {channelCredentials.GetType().Name}. " +
$"CallCredentials must be used with secure channel credentials like SslCredentials or by enabling " +
$"{nameof(GrpcChannelOptions)}.{nameof(GrpcChannelOptions.UnsafeUseInsecureChannelCallCredentials)} on the channel.");
}
if (callCredentials != null)
{
if (CallCredentials == null)
{
CallCredentials = new List<CallCredentials>();
}
CallCredentials.Add(callCredentials);
}
}
public override void SetInsecureCredentials(object state) => IsSecure = false;
public override void SetSslCredentials(object state, string? rootCertificates, KeyCertificatePair? keyCertificatePair, VerifyPeerCallback? verifyPeerCallback)
{
if (!string.IsNullOrEmpty(rootCertificates) ||
keyCertificatePair != null ||
verifyPeerCallback != null)
{
throw new InvalidOperationException(
$"{nameof(SslCredentials)} with non-null arguments is not supported by {nameof(GrpcChannel)}. " +
$"{nameof(GrpcChannel)} uses HttpClient to make gRPC calls and HttpClient automatically loads root certificates from the operating system certificate store. " +
$"Client certificates should be configured on HttpClient. See https://aka.ms/aspnet/grpc/certauth for details.");
}
IsSecure = true;
}
}