Module: GRPC::Core::CallCredentialsHelper Private

Defined in:: src/ruby/lib/grpc/core/credentials_helper.rb

Overview

This module is part of a private API. You should avoid using this module if possible, as it may be removed or be changed in the future.

Utility methods for resolving and applying call credentials to metadata.

Constant Summary collapse

VALID_HEADER_KEY_PATTERN =

This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.

/\A[a-z0-9\-_.]+\z/

Class Method Summary collapse

.apply(credentials, metadata, ssl_target, channel_creds, method = nil) ⇒ Object private

Calls credentials.get_metadata and merges the result into metadata.
.merge_creds_metadata!(creds_metadata, metadata) ⇒ Object private

Merges creds_metadata into metadata, validating all keys.
.parse_method_info(ssl_target, method) ⇒ Object private

Parses an RPC method path into [service_url, method_name].
.resolve(channel_call_creds, call_credentials) ⇒ Object private

Composes channel and per-call credentials when both present, otherwise returns whichever is available.
.valid_header_key?(key) ⇒ Boolean private

Returns true if key is a valid gRPC metadata header key.

Class Method Details

.apply(credentials, metadata, ssl_target, channel_creds, method = nil) ⇒ `Object`

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Calls credentials.get_metadata and merges the result into metadata. No-op when credentials is nil or the channel is insecure. Raises GRPC::Unavailable on failure.

# File 'src/ruby/lib/grpc/core/credentials_helper.rb', line 66

def self.apply(credentials, metadata, ssl_target, channel_creds, method = nil)
  return unless credentials
  return if channel_creds == :this_channel_is_insecure
  service_url, method_name = parse_method_info(ssl_target, method)
  context = { service_url: service_url, jwt_aud_uri: service_url, method_name: method_name }
  begin
    merge_creds_metadata!(credentials.get_metadata(context), metadata)
  rescue GRPC::BadStatus
    raise
  rescue StandardError => e
    fail GRPC::Unavailable, "Call credentials failed: #{e.message}"
  end
end

.merge_creds_metadata!(creds_metadata, metadata) ⇒ `Object`

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Merges creds_metadata into metadata, validating all keys. Raises GRPC::Unavailable on invalid type or illegal header keys.

# File 'src/ruby/lib/grpc/core/credentials_helper.rb', line 49

def self.merge_creds_metadata!(creds_metadata, metadata)
  return if creds_metadata.nil?
  unless creds_metadata.is_a?(Hash)
    fail GRPC::Unavailable, "Call credentials must return Hash or nil, got #{creds_metadata.class}"
  end
  creds_metadata.each do |key, value|
    key_str = key.to_s
    unless valid_header_key?(key_str)
      fail GRPC::Unavailable, "Illegal metadata: '#{key_str}' is an invalid header key"
    end
    metadata[key_str] = value.is_a?(Array) ? value.map(&:to_s) : value.to_s
  end
end

.parse_method_info(ssl_target, method) ⇒ `Object`

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Parses an RPC method path into [service_url, method_name]. e.g. ‘/echo.EchoServer/Echo’ on ‘foo.test.google.fr’ gives [‘foo.test.google.fr/echo.EchoServer’, ‘Echo’].

# File 'src/ruby/lib/grpc/core/credentials_helper.rb', line 37

def self.parse_method_info(ssl_target, method)
  return ["https://#{ssl_target}", nil] if method.nil? || method.empty?
  last_slash = method.rindex('/')
  service_path = last_slash&.positive? ? method[0, last_slash] : ''
  [
    "https://#{ssl_target}#{service_path}",
    last_slash ? method[(last_slash + 1)..] : nil
  ]
end

.resolve(channel_call_creds, call_credentials) ⇒ `Object`

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Composes channel and per-call credentials when both present, otherwise returns whichever is available.

# File 'src/ruby/lib/grpc/core/credentials_helper.rb', line 24

def self.resolve(channel_call_creds, call_credentials)
  return channel_call_creds.compose(call_credentials) if channel_call_creds && call_credentials
  channel_call_creds || call_credentials
end

.valid_header_key?(key) ⇒ `Boolean`

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns true if key is a valid gRPC metadata header key.

Returns:

(Boolean)



30
31
32

# File 'src/ruby/lib/grpc/core/credentials_helper.rb', line 30

def self.valid_header_key?(key)
  !key.nil? && !key.empty? && VALID_HEADER_KEY_PATTERN.match?(key)
end