diff --git a/credentials/alts/alts.go b/credentials/alts/alts.go index e00461ff..f8850868 100644 --- a/credentials/alts/alts.go +++ b/credentials/alts/alts.go @@ -91,6 +91,14 @@ type AuthInfo interface { PeerRPCVersions() *altspb.RpcProtocolVersions } +// ClientOptions contains the client-side options of an ALTS channel. These +// options will be passed to the underlying ALTS handshaker. +type ClientOptions struct { + // TargetServiceAccounts contains a list of expected target service + // accounts. + TargetServiceAccounts []string +} + // altsTC is the credentials required for authenticating a connection using ALTS. // It implements credentials.TransportCredentials interface. type altsTC struct { @@ -100,13 +108,13 @@ type altsTC struct { accounts []string } -// NewClient constructs a client-side ALTS TransportCredentials object. -func NewClient(targetServiceAccounts []string) credentials.TransportCredentials { - return newALTS(core.ClientSide, targetServiceAccounts) +// NewClientCreds constructs a client-side ALTS TransportCredentials object. +func NewClientCreds(opts *ClientOptions) credentials.TransportCredentials { + return newALTS(core.ClientSide, opts.TargetServiceAccounts) } -// NewServer constructs a server-side ALTS TransportCredentials object. -func NewServer() credentials.TransportCredentials { +// NewServerCreds constructs a server-side ALTS TransportCredentials object. +func NewServerCreds() credentials.TransportCredentials { return newALTS(core.ServerSide, nil) } diff --git a/credentials/alts/alts_test.go b/credentials/alts/alts_test.go index 22c26bf1..4e953b2f 100644 --- a/credentials/alts/alts_test.go +++ b/credentials/alts/alts_test.go @@ -27,8 +27,8 @@ import ( func TestInfoServerName(t *testing.T) { // This is not testing any handshaker functionality, so it's fine to only - // use NewServer and not NewClient. - alts := NewServer() + // use NewServerCreds and not NewClientCreds. + alts := NewServerCreds() if got, want := alts.Info().ServerName, ""; got != want { t.Fatalf("%v.Info().ServerName = %v, want %v", alts, got, want) } @@ -37,8 +37,8 @@ func TestInfoServerName(t *testing.T) { func TestOverrideServerName(t *testing.T) { wantServerName := "server.name" // This is not testing any handshaker functionality, so it's fine to only - // use NewServer and not NewClient. - c := NewServer() + // use NewServerCreds and not NewClientCreds. + c := NewServerCreds() c.OverrideServerName(wantServerName) if got, want := c.Info().ServerName, wantServerName; got != want { t.Fatalf("c.Info().ServerName = %v, want %v", got, want) @@ -48,8 +48,8 @@ func TestOverrideServerName(t *testing.T) { func TestClone(t *testing.T) { wantServerName := "server.name" // This is not testing any handshaker functionality, so it's fine to only - // use NewServer and not NewClient. - c := NewServer() + // use NewServerCreds and not NewClientCreds. + c := NewServerCreds() c.OverrideServerName(wantServerName) cc := c.Clone() if got, want := cc.Info().ServerName, wantServerName; got != want { @@ -66,8 +66,8 @@ func TestClone(t *testing.T) { func TestInfo(t *testing.T) { // This is not testing any handshaker functionality, so it's fine to only - // use NewServer and not NewClient. - c := NewServer() + // use NewServerCreds and not NewClientCreds. + c := NewServerCreds() info := c.Info() if got, want := info.ProtocolVersion, ""; got != want { t.Errorf("info.ProtocolVersion=%v, want %v", got, want) diff --git a/interop/alts/client/client.go b/interop/alts/client/client.go index dd4d79a6..917586a4 100644 --- a/interop/alts/client/client.go +++ b/interop/alts/client/client.go @@ -41,7 +41,7 @@ var ( func main() { flag.Parse() - altsTC := alts.NewClient(nil) + altsTC := alts.NewClientCreds(&alts.ClientOptions{}) // Block until the server is ready. conn, err := grpc.Dial(*serverAddr, grpc.WithTransportCredentials(altsTC), grpc.WithBlock()) if err != nil { diff --git a/interop/alts/server/server.go b/interop/alts/server/server.go index 5e5f350c..57602eca 100644 --- a/interop/alts/server/server.go +++ b/interop/alts/server/server.go @@ -41,7 +41,7 @@ func main() { if err != nil { grpclog.Fatalf("gRPC Server: failed to start the server at %v: %v", *serverAddr, err) } - altsTC := alts.NewServer() + altsTC := alts.NewServerCreds() grpcServer := grpc.NewServer(grpc.Creds(altsTC)) testpb.RegisterTestServiceServer(grpcServer, interop.NewTestServer()) grpcServer.Serve(lis) diff --git a/interop/client/client.go b/interop/client/client.go index d9a8159c..6f3a0337 100644 --- a/interop/client/client.go +++ b/interop/client/client.go @@ -110,7 +110,7 @@ func main() { opts = append(opts, grpc.WithPerRPCCredentials(oauth.NewOauthAccess(interop.GetToken(*serviceAccountKeyFile, *oauthScope)))) } } else if *useALTS { - altsTC := alts.NewClient(nil) + altsTC := alts.NewClientCreds(&alts.ClientOptions{}) opts = append(opts, grpc.WithTransportCredentials(altsTC)) } else { opts = append(opts, grpc.WithInsecure()) diff --git a/interop/server/server.go b/interop/server/server.go index 9e5139ba..49d54e8e 100644 --- a/interop/server/server.go +++ b/interop/server/server.go @@ -64,7 +64,7 @@ func main() { } opts = append(opts, grpc.Creds(creds)) } else if *useALTS { - altsTC := alts.NewServer() + altsTC := alts.NewServerCreds() opts = append(opts, grpc.Creds(altsTC)) } server := grpc.NewServer(opts...)