feat(storage): support AuthorityOption (#8462)

coryan · web-flow · commit d4f3ebf35ef9 · 2022-02-28T17:58:52.000Z
If present, use the `AuthorityOption` to configure the `Host: ` header
or the `.set_authority()` attribute in `grpc::ClientContext`. By
default, configure `AuthorityOption` to be `storage.googleapis.com`,
applications can override this when initializing the `storage::Client`.

There is already an issue open to add per-call `Options` that would
provide more fine-grained control of this field.
diff --git a/google/cloud/internal/rest_options.h b/google/cloud/internal/rest_options.h
@@ -32,7 +32,21 @@ struct UserIpOption {
   using Type = std::string;
 };
 
-/// Configure the REST endpoint for the GCS client library.
+/**
+ * Configure the REST endpoint for the GCS client library.
+ *
+ * This endpoint must include the URL scheme (`http` or `https`) and `authority`
+ * (host and port) used to access the GCS service, for example:
+ *    https://storage.googleapis.com
+ * When using emulators or testbench it can be of the form:
+ *    http://localhost:8080/my-gcs-emulator-path
+ *
+ * @note The `Host` header is based on the `authority` component of the URL.
+ *   Applications can override this default value using
+ *   `google::cloud::AuthorityOption`
+ *
+ * @see https://en.wikipedia.org/wiki/Uniform_Resource_Identifier#URLs_and_URNs
+ */
 struct RestEndpointOption {
   using Type = std::string;
 };
diff --git a/google/cloud/storage/internal/curl_client.cc b/google/cloud/storage/internal/curl_client.cc
@@ -110,9 +110,11 @@ std::string HostHeader(Options const& options, char const* service) {
   // header based on the URL. In most cases this is the correct value. The main
   // exception are applications using `VPC-SC`:
   //     https://cloud.google.com/vpc/docs/configure-private-google-access
-  // In those cases the application would target an URL like
+  // In those cases the application would target a URL like
   // `https://restricted.googleapis.com`, or `https://private.googleapis.com`,
   // or their own proxy, and need to provide the target's service host.
+  auto const& auth = options.get<AuthorityOption>();
+  if (!auth.empty()) return absl::StrCat("Host: ", auth);
   auto const& endpoint = options.get<RestEndpointOption>();
   if (absl::StrContains(endpoint, "googleapis.com")) {
     return absl::StrCat("Host: ", service, ".googleapis.com");
diff --git a/google/cloud/storage/internal/curl_client_test.cc b/google/cloud/storage/internal/curl_client_test.cc
@@ -101,38 +101,42 @@ class CurlClientTest : public ::testing::Test,
 TEST(CurlClientStandaloneFunctions, HostHeader) {
   struct Test {
     std::string endpoint;
+    std::string authority;
     std::string service;
     std::string expected;
   } cases[] = {
-      {"https://storage.googleapis.com", "storage",
+      {"https://storage.googleapis.com", "", "storage",
        "Host: storage.googleapis.com"},
-      {"https://storage.googleapis.com:443", "storage",
+      {"https://storage.googleapis.com", "auth", "storage", "Host: auth"},
+      {"https://storage.googleapis.com:443", "", "storage",
        "Host: storage.googleapis.com"},
-      {"https://restricted.googleapis.com", "storage",
+      {"https://restricted.googleapis.com", "", "storage",
        "Host: storage.googleapis.com"},
-      {"https://private.googleapis.com", "storage",
+      {"https://private.googleapis.com", "", "storage",
        "Host: storage.googleapis.com"},
-      {"https://restricted.googleapis.com", "iamcredentials",
+      {"https://restricted.googleapis.com", "", "iamcredentials",
        "Host: iamcredentials.googleapis.com"},
-      {"https://private.googleapis.com", "iamcredentials",
+      {"https://private.googleapis.com", "", "iamcredentials",
        "Host: iamcredentials.googleapis.com"},
-      {"http://localhost:8080", "", ""},
-      {"http://[::1]", "", ""},
-      {"http://[::1]/", "", ""},
-      {"http://[::1]/foo/bar", "", ""},
-      {"http://[::1]:8080/", "", ""},
-      {"http://[::1]:8080/foo/bar", "", ""},
-      {"http://localhost:8080", "", ""},
-      {"https://storage-download.127.0.0.1.nip.io/xmlapi/", "", ""},
-      {"https://gcs.127.0.0.1.nip.io/storage/v1/", "", ""},
-      {"https://gcs.127.0.0.1.nip.io:4443/upload/storage/v1/", "", ""},
-      {"https://gcs.127.0.0.1.nip.io:4443/upload/storage/v1/", "", ""},
+      {"http://localhost:8080", "", "", ""},
+      {"http://localhost:8080", "auth", "", "Host: auth"},
+      {"http://[::1]", "", "", ""},
+      {"http://[::1]/", "", "", ""},
+      {"http://[::1]/foo/bar", "", "", ""},
+      {"http://[::1]:8080/", "", "", ""},
+      {"http://[::1]:8080/foo/bar", "", "", ""},
+      {"http://localhost:8080", "", "", ""},
+      {"https://storage-download.127.0.0.1.nip.io/xmlapi/", "", "", ""},
+      {"https://gcs.127.0.0.1.nip.io/storage/v1/", "", "", ""},
+      {"https://gcs.127.0.0.1.nip.io:4443/upload/storage/v1/", "", "", ""},
+      {"https://gcs.127.0.0.1.nip.io:4443/upload/storage/v1/", "", "", ""},
   };
 
   for (auto const& test : cases) {
     SCOPED_TRACE("Testing for " + test.endpoint + ", " + test.service);
-    auto const actual = HostHeader(
-        Options{}.set<RestEndpointOption>(test.endpoint), test.service.c_str());
+    auto options = Options{}.set<RestEndpointOption>(test.endpoint);
+    if (!test.authority.empty()) options.set<AuthorityOption>(test.authority);
+    auto const actual = HostHeader(options, test.service.c_str());
     EXPECT_EQ(test.expected, actual);
   }
 }
diff --git a/google/cloud/storage/internal/grpc_client.cc b/google/cloud/storage/internal/grpc_client.cc
@@ -42,6 +42,7 @@ GOOGLE_CLOUD_CPP_INLINE_NAMESPACE_BEGIN
 namespace internal {
 
 using ::google::cloud::internal::MakeBackgroundThreadsFactory;
+using ::google::cloud::internal::OptionsSpan;
 
 int DefaultGrpcNumChannels() {
   auto constexpr kMinimumChannels = 4;
@@ -59,6 +60,9 @@ Options DefaultOptionsGrpc(Options options) {
   if (!options.has<EndpointOption>()) {
     options.set<EndpointOption>("storage.googleapis.com");
   }
+  if (!options.has<AuthorityOption>()) {
+    options.set<AuthorityOption>("storage.googleapis.com");
+  }
   using google::cloud::internal::GetEnv;
   auto env = GetEnv("CLOUD_STORAGE_GRPC_ENDPOINT");
   if (env.has_value()) options.set<EndpointOption>(*env);
@@ -110,6 +114,7 @@ std::unique_ptr<GrpcClient::WriteObjectStream> GrpcClient::CreateUploadWriter(
 
 StatusOr<ResumableUploadResponse> GrpcClient::QueryResumableUpload(
     QueryResumableUploadRequest const& request) {
+  OptionsSpan span(options_);
   grpc::ClientContext context;
   ApplyQueryParameters(context, request, "resource");
   auto const timeout = options_.get<TransferStallTimeoutOption>();
@@ -153,6 +158,7 @@ ClientOptions const& GrpcClient::client_options() const {
 
 StatusOr<ListBucketsResponse> GrpcClient::ListBuckets(
     ListBucketsRequest const& request) {
+  OptionsSpan span(options_);
   auto proto = GrpcBucketRequestParser::ToProto(request);
   grpc::ClientContext context;
   ApplyQueryParameters(context, request);
@@ -163,6 +169,7 @@ StatusOr<ListBucketsResponse> GrpcClient::ListBuckets(
 
 StatusOr<BucketMetadata> GrpcClient::CreateBucket(
     CreateBucketRequest const& request) {
+  OptionsSpan span(options_);
   auto proto = GrpcBucketRequestParser::ToProto(request);
   grpc::ClientContext context;
   ApplyQueryParameters(context, request);
@@ -173,6 +180,7 @@ StatusOr<BucketMetadata> GrpcClient::CreateBucket(
 
 StatusOr<BucketMetadata> GrpcClient::GetBucketMetadata(
     GetBucketMetadataRequest const& request) {
+  OptionsSpan span(options_);
   auto proto = GrpcBucketRequestParser::ToProto(request);
   grpc::ClientContext context;
   ApplyQueryParameters(context, request);
@@ -183,6 +191,7 @@ StatusOr<BucketMetadata> GrpcClient::GetBucketMetadata(
 
 StatusOr<EmptyResponse> GrpcClient::DeleteBucket(
     DeleteBucketRequest const& request) {
+  OptionsSpan span(options_);
   auto proto = GrpcBucketRequestParser::ToProto(request);
   grpc::ClientContext context;
   ApplyQueryParameters(context, request);
@@ -193,6 +202,7 @@ StatusOr<EmptyResponse> GrpcClient::DeleteBucket(
 
 StatusOr<BucketMetadata> GrpcClient::UpdateBucket(
     UpdateBucketRequest const& request) {
+  OptionsSpan span(options_);
   auto proto = GrpcBucketRequestParser::ToProto(request);
   grpc::ClientContext context;
   ApplyQueryParameters(context, request);
@@ -203,6 +213,7 @@ StatusOr<BucketMetadata> GrpcClient::UpdateBucket(
 
 StatusOr<BucketMetadata> GrpcClient::PatchBucket(
     PatchBucketRequest const& request) {
+  OptionsSpan span(options_);
   auto proto = GrpcBucketRequestParser::ToProto(request);
   if (!proto) return std::move(proto).status();
   grpc::ClientContext context;
@@ -217,6 +228,7 @@ StatusOr<BucketMetadata> GrpcClient::PatchBucket(
 
 StatusOr<IamPolicy> GrpcClient::GetBucketIamPolicy(
     GetBucketIamPolicyRequest const& request) {
+  OptionsSpan span(options_);
   auto proto = GrpcBucketRequestParser::ToProto(request);
   grpc::ClientContext context;
   ApplyQueryParameters(context, request);
@@ -234,6 +246,7 @@ StatusOr<IamPolicy> GrpcClient::GetBucketIamPolicy(
 
 StatusOr<NativeIamPolicy> GrpcClient::GetNativeBucketIamPolicy(
     GetBucketIamPolicyRequest const& request) {
+  OptionsSpan span(options_);
   auto proto = GrpcBucketRequestParser::ToProto(request);
   grpc::ClientContext context;
   ApplyQueryParameters(context, request);
@@ -247,6 +260,7 @@ StatusOr<NativeIamPolicy> GrpcClient::GetNativeBucketIamPolicy(
 
 StatusOr<IamPolicy> GrpcClient::SetBucketIamPolicy(
     SetBucketIamPolicyRequest const& request) {
+  OptionsSpan span(options_);
   auto proto = GrpcBucketRequestParser::ToProto(request);
   grpc::ClientContext context;
   ApplyQueryParameters(context, request);
@@ -264,6 +278,7 @@ StatusOr<IamPolicy> GrpcClient::SetBucketIamPolicy(
 
 StatusOr<NativeIamPolicy> GrpcClient::SetNativeBucketIamPolicy(
     SetNativeBucketIamPolicyRequest const& request) {
+  OptionsSpan span(options_);
   auto proto = GrpcBucketRequestParser::ToProto(request);
   grpc::ClientContext context;
   ApplyQueryParameters(context, request);
@@ -274,6 +289,7 @@ StatusOr<NativeIamPolicy> GrpcClient::SetNativeBucketIamPolicy(
 
 StatusOr<TestBucketIamPermissionsResponse> GrpcClient::TestBucketIamPermissions(
     TestBucketIamPermissionsRequest const& request) {
+  OptionsSpan span(options_);
   auto proto = GrpcBucketRequestParser::ToProto(request);
   grpc::ClientContext context;
   ApplyQueryParameters(context, request);
@@ -284,6 +300,7 @@ StatusOr<TestBucketIamPermissionsResponse> GrpcClient::TestBucketIamPermissions(
 
 StatusOr<BucketMetadata> GrpcClient::LockBucketRetentionPolicy(
     LockBucketRetentionPolicyRequest const& request) {
+  OptionsSpan span(options_);
   auto proto = GrpcBucketRequestParser::ToProto(request);
   grpc::ClientContext context;
   ApplyQueryParameters(context, request);
@@ -294,6 +311,7 @@ StatusOr<BucketMetadata> GrpcClient::LockBucketRetentionPolicy(
 
 StatusOr<ObjectMetadata> GrpcClient::InsertObjectMedia(
     InsertObjectMediaRequest const& request) {
+  OptionsSpan span(options_);
   auto r = GrpcObjectRequestParser::ToProto(request);
   if (!r) return std::move(r).status();
   auto proto_request = *r;
@@ -345,6 +363,7 @@ StatusOr<ObjectMetadata> GrpcClient::InsertObjectMedia(
 
 StatusOr<ObjectMetadata> GrpcClient::CopyObject(
     CopyObjectRequest const& request) {
+  OptionsSpan span(options_);
   auto proto = GrpcObjectRequestParser::ToProto(request);
   grpc::ClientContext context;
   ApplyQueryParameters(context, request, "resource");
@@ -360,6 +379,7 @@ StatusOr<ObjectMetadata> GrpcClient::CopyObject(
 
 StatusOr<ObjectMetadata> GrpcClient::GetObjectMetadata(
     GetObjectMetadataRequest const& request) {
+  OptionsSpan span(options_);
   auto proto = GrpcObjectRequestParser::ToProto(request);
   grpc::ClientContext context;
   ApplyQueryParameters(context, request);
@@ -370,6 +390,7 @@ StatusOr<ObjectMetadata> GrpcClient::GetObjectMetadata(
 
 StatusOr<std::unique_ptr<ObjectReadSource>> GrpcClient::ReadObject(
     ReadObjectRangeRequest const& request) {
+  OptionsSpan span(options_);
   // With the REST API this condition was detected by the server as an error,
   // generally we prefer the server to detect errors because its answers are
   // authoritative. In this case, the server cannot: with gRPC '0' is the same
@@ -396,6 +417,7 @@ StatusOr<std::unique_ptr<ObjectReadSource>> GrpcClient::ReadObject(
 
 StatusOr<ListObjectsResponse> GrpcClient::ListObjects(
     ListObjectsRequest const& request) {
+  OptionsSpan span(options_);
   auto proto = GrpcObjectRequestParser::ToProto(request);
   grpc::ClientContext context;
   ApplyQueryParameters(context, request);
@@ -406,6 +428,7 @@ StatusOr<ListObjectsResponse> GrpcClient::ListObjects(
 
 StatusOr<EmptyResponse> GrpcClient::DeleteObject(
     DeleteObjectRequest const& request) {
+  OptionsSpan span(options_);
   auto proto = GrpcObjectRequestParser::ToProto(request);
   grpc::ClientContext context;
   ApplyQueryParameters(context, request);
@@ -416,6 +439,7 @@ StatusOr<EmptyResponse> GrpcClient::DeleteObject(
 
 StatusOr<ObjectMetadata> GrpcClient::UpdateObject(
     UpdateObjectRequest const& request) {
+  OptionsSpan span(options_);
   auto proto = GrpcObjectRequestParser::ToProto(request);
   if (!proto) return std::move(proto).status();
   grpc::ClientContext context;
@@ -427,6 +451,7 @@ StatusOr<ObjectMetadata> GrpcClient::UpdateObject(
 
 StatusOr<ObjectMetadata> GrpcClient::PatchObject(
     PatchObjectRequest const& request) {
+  OptionsSpan span(options_);
   auto proto = GrpcObjectRequestParser::ToProto(request);
   if (!proto) return std::move(proto).status();
   grpc::ClientContext context;
@@ -438,6 +463,7 @@ StatusOr<ObjectMetadata> GrpcClient::PatchObject(
 
 StatusOr<ObjectMetadata> GrpcClient::ComposeObject(
     ComposeObjectRequest const& request) {
+  OptionsSpan span(options_);
   auto proto = GrpcObjectRequestParser::ToProto(request);
   if (!proto) return std::move(proto).status();
   grpc::ClientContext context;
@@ -449,6 +475,7 @@ StatusOr<ObjectMetadata> GrpcClient::ComposeObject(
 
 StatusOr<RewriteObjectResponse> GrpcClient::RewriteObject(
     RewriteObjectRequest const& request) {
+  OptionsSpan span(options_);
   auto proto = GrpcObjectRequestParser::ToProto(request);
   if (!proto) return std::move(proto).status();
   grpc::ClientContext context;
@@ -460,6 +487,7 @@ StatusOr<RewriteObjectResponse> GrpcClient::RewriteObject(
 
 StatusOr<std::unique_ptr<ResumableUploadSession>>
 GrpcClient::CreateResumableSession(ResumableUploadRequest const& request) {
+  OptionsSpan span(options_);
   auto session_id = request.GetOption<UseResumableUploadSession>().value_or("");
   if (!session_id.empty()) {
     return FullyRestoreResumableSession(request, session_id);
@@ -579,6 +607,7 @@ StatusOr<ObjectAccessControl> GrpcClient::PatchDefaultObjectAcl(
 
 StatusOr<ServiceAccount> GrpcClient::GetServiceAccount(
     GetProjectServiceAccountRequest const& request) {
+  OptionsSpan span(options_);
   auto proto = GrpcServiceAccountParser::ToProto(request);
   grpc::ClientContext context;
   ApplyQueryParameters(context, request);
diff --git a/google/cloud/storage/internal/grpc_client_test.cc b/google/cloud/storage/internal/grpc_client_test.cc
