Resolve comments
diff --git a/include/grpc/grpc_security.h b/include/grpc/grpc_security.h
index 7a6aa66..0154d8a 100644
--- a/include/grpc/grpc_security.h
+++ b/include/grpc/grpc_security.h
@@ -243,8 +243,12 @@
/* Returns 1 if the peer is authenticated, 0 otherwise. */
int grpc_auth_context_peer_is_authenticated(const grpc_auth_context *ctx);
-/* Gets the auth context from the call. */
-const grpc_auth_context *grpc_call_auth_context(grpc_call *call);
+/* Gets the auth context from the call. Caller needs to call
+ grpc_auth_context_release on the returned context. */
+grpc_auth_context *grpc_call_auth_context(grpc_call *call);
+
+/* Releases the auth context returned from grpc_call_auth_context. */
+void grpc_auth_context_release(grpc_auth_context *context);
#ifdef __cplusplus
}
diff --git a/src/core/security/client_auth_filter.c b/src/core/security/client_auth_filter.c
index 16611ff..632a742 100644
--- a/src/core/security/client_auth_filter.c
+++ b/src/core/security/client_auth_filter.c
@@ -212,15 +212,9 @@
grpc_client_security_context_destroy;
}
sec_ctx = op->context[GRPC_CONTEXT_SECURITY].value;
- if (sec_ctx->auth_context == NULL) {
- sec_ctx->auth_context =
- GRPC_AUTH_CONTEXT_REF(chand->security_connector->base.auth_context,
- "client_auth_filter");
- } else {
- sec_ctx->auth_context->chained =
- GRPC_AUTH_CONTEXT_REF(chand->security_connector->base.auth_context,
- "client_auth_filter chained");
- }
+ GRPC_AUTH_CONTEXT_UNREF(sec_ctx->auth_context, "client auth filter");
+ sec_ctx->auth_context = GRPC_AUTH_CONTEXT_REF(
+ chand->security_connector->base.auth_context, "client_auth_filter");
}
if (op->bind_pollset) {
diff --git a/src/core/security/security_context.c b/src/core/security/security_context.c
index 4d56549..8ce7876 100644
--- a/src/core/security/security_context.c
+++ b/src/core/security/security_context.c
@@ -69,12 +69,20 @@
return GRPC_CALL_OK;
}
-const grpc_auth_context *grpc_call_auth_context(grpc_call *call) {
+grpc_auth_context *grpc_call_auth_context(grpc_call *call) {
void *sec_ctx = grpc_call_context_get(call, GRPC_CONTEXT_SECURITY);
if (sec_ctx == NULL) return NULL;
return grpc_call_is_client(call)
- ? ((grpc_client_security_context *)sec_ctx)->auth_context
- : ((grpc_server_security_context *)sec_ctx)->auth_context;
+ ? GRPC_AUTH_CONTEXT_REF(
+ ((grpc_client_security_context *)sec_ctx)->auth_context,
+ "grpc_call_auth_context client")
+ : GRPC_AUTH_CONTEXT_REF(
+ ((grpc_server_security_context *)sec_ctx)->auth_context,
+ "grpc_call_auth_context server");
+}
+
+void grpc_auth_context_release(grpc_auth_context *context) {
+ GRPC_AUTH_CONTEXT_UNREF(context, "grpc_auth_context_unref");
}
/* --- grpc_client_security_context --- */
diff --git a/src/cpp/common/secure_auth_context.cc b/src/cpp/common/secure_auth_context.cc
index d3606af..4513723 100644
--- a/src/cpp/common/secure_auth_context.cc
+++ b/src/cpp/common/secure_auth_context.cc
@@ -33,16 +33,13 @@
#include "src/cpp/common/secure_auth_context.h"
-#include "src/core/security/security_context.h"
+#include <grpc/grpc_security.h>
namespace grpc {
-SecureAuthContext::SecureAuthContext(grpc_auth_context* ctx)
- : ctx_(GRPC_AUTH_CONTEXT_REF(ctx, "SecureAuthContext")) {}
+SecureAuthContext::SecureAuthContext(grpc_auth_context* ctx) : ctx_(ctx) {}
-SecureAuthContext::~SecureAuthContext() {
- GRPC_AUTH_CONTEXT_UNREF(ctx_, "SecureAuthContext");
-}
+SecureAuthContext::~SecureAuthContext() { grpc_auth_context_release(ctx_); }
std::vector<grpc::string> SecureAuthContext::GetPeerIdentity() const {
if (!ctx_) {
diff --git a/test/cpp/common/secure_auth_context_test.cc b/test/cpp/common/secure_auth_context_test.cc
index e65a257..6f8fb8f 100644
--- a/test/cpp/common/secure_auth_context_test.cc
+++ b/test/cpp/common/secure_auth_context_test.cc
@@ -66,8 +66,6 @@
std::vector<grpc::string> bar = context.FindPropertyValues("foo");
EXPECT_EQ(1, bar.size());
EXPECT_EQ("bar", bar[0]);
-
- GRPC_AUTH_CONTEXT_UNREF(ctx, "SecureAuthContextTest");
}
} // namespace