From edd9e5a25726ce8df65e3622e7d083981fb0fcf1 Mon Sep 17 00:00:00 2001
From: Sanjay Pujare <sanjaypujare@users.noreply.github.com>
Date: Fri, 4 Oct 2019 10:29:42 -0700
Subject: [PATCH] define interface for the new TlsContextManager that will
 replace the SecretManager

---
 .../io/grpc/xds/sds/TlsContextManager.java    | 46 +++++++++++++++++++
 1 file changed, 46 insertions(+)
 create mode 100644 xds/src/main/java/io/grpc/xds/sds/TlsContextManager.java

diff --git a/xds/src/main/java/io/grpc/xds/sds/TlsContextManager.java b/xds/src/main/java/io/grpc/xds/sds/TlsContextManager.java
new file mode 100644
index 0000000000..713435c37f
--- /dev/null
+++ b/xds/src/main/java/io/grpc/xds/sds/TlsContextManager.java
@@ -0,0 +1,46 @@
+/*
+ * Copyright 2019 The gRPC Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.grpc.xds.sds;
+
+import io.envoyproxy.envoy.api.v2.auth.DownstreamTlsContext;
+import io.envoyproxy.envoy.api.v2.auth.UpstreamTlsContext;
+import io.grpc.Internal;
+import io.netty.handler.ssl.SslContext;
+
+/**
+ * Class to manage secrets used to create SSL contexts - this effectively manages SSL contexts
+ * (aka TlsContexts) based on inputs we get from xDS. This is used by gRPC-xds to access the
+ * SSL contexts/secrets and is not public API.
+ * TODO(sanjaypujare): flesh out the implementation and remove the old {@link SecretManager}
+ * once done.
+ */
+@Internal
+public class TlsContextManager {
+
+  public SecretProvider<SslContext> findOrCreateServerSslContextProvider(
+      DownstreamTlsContext downstreamTlsContext) {
+    // TODO(sanjaypujare): implement required SecrerProvider
+    return null;
+  }
+
+  public SecretProvider<SslContext> findOrCreateClientSslContextProvider(
+      UpstreamTlsContext upstreamTlsContext) {
+    // TODO(sanjaypujare): implement required SecrerProvider
+    return null;
+  }
+
+}