io.grpc.netty.shaded.io.grpc.netty.GrpcSslContexts Java Examples

The following examples show how to use io.grpc.netty.shaded.io.grpc.netty.GrpcSslContexts. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: ShadingTest.java    From grpc-nebula-java with Apache License 2.0 6 votes vote down vote up 
@Test
public void tcnative() throws Exception {
  server = NettyServerBuilder.forPort(0)
      .useTransportSecurity(TestUtils.loadCert("server1.pem"), TestUtils.loadCert("server1.key"))
      .addService(new SimpleServiceImpl())
      .build().start();
  channel = NettyChannelBuilder
      .forAddress("localhost", server.getPort())
      .sslContext(
          GrpcSslContexts.configure(SslContextBuilder.forClient(), SslProvider.OPENSSL)
              .trustManager(TestUtils.loadCert("ca.pem")).build())
      .overrideAuthority("foo.test.google.fr")
      .build();
  SimpleServiceBlockingStub stub = SimpleServiceGrpc.newBlockingStub(channel);
  assertThat(SimpleResponse.getDefaultInstance())
      .isEqualTo(stub.unaryRpc(SimpleRequest.getDefaultInstance()));
}
Example #2
Source File: DefaultPubSubSubscriberFactory.java    From flink with Apache License 2.0 6 votes vote down vote up 
@Override
public PubSubSubscriber getSubscriber(Credentials credentials) throws IOException {
	ManagedChannel channel = NettyChannelBuilder.forTarget(SubscriberStubSettings.getDefaultEndpoint())
												.negotiationType(NegotiationType.TLS)
												.sslContext(GrpcSslContexts.forClient().ciphers(null).build())
												.build();

	PullRequest pullRequest = PullRequest.newBuilder()
							.setMaxMessages(maxMessagesPerPull)
							.setReturnImmediately(false)
							.setSubscription(projectSubscriptionName)
							.build();
	SubscriberGrpc.SubscriberBlockingStub stub = SubscriberGrpc.newBlockingStub(channel)
						.withCallCredentials(MoreCallCredentials.from(credentials));
	return new BlockingGrpcPubSubSubscriber(projectSubscriptionName, channel, stub, pullRequest, retries, timeout);
}
Example #3
Source File: GrpcConfig.java    From benchmarks with Apache License 2.0 6 votes vote down vote up 
public static NettyServerBuilder getServerBuilder()
{
    final NettyServerBuilder serverBuilder =
        NettyServerBuilder.forAddress(new InetSocketAddress(getServerHost(), getServerPort()));
    if (getBoolean(TLS))
    {
        final Path certificatesDir = Configuration.certificatesDirectory();
        final SslContextBuilder sslClientContextBuilder = SslContextBuilder.forServer(
            certificatesDir.resolve("server.pem").toFile(), certificatesDir.resolve("server.key").toFile())
            .trustManager(certificatesDir.resolve("ca.pem").toFile())
            .clientAuth(ClientAuth.REQUIRE);
        GrpcSslContexts.configure(sslClientContextBuilder);

        try
        {
            serverBuilder.sslContext(sslClientContextBuilder.build());
        }
        catch (final SSLException ex)
        {
            LangUtil.rethrowUnchecked(ex);
        }
    }
    return serverBuilder;
}
Example #4
Source File: DefaultPubSubSubscriberFactory.java    From flink with Apache License 2.0 6 votes vote down vote up 
@Override
public PubSubSubscriber getSubscriber(Credentials credentials) throws IOException {
	ManagedChannel channel = NettyChannelBuilder.forTarget(SubscriberStubSettings.getDefaultEndpoint())
												.negotiationType(NegotiationType.TLS)
												.sslContext(GrpcSslContexts.forClient().ciphers(null).build())
												.build();

	PullRequest pullRequest = PullRequest.newBuilder()
							.setMaxMessages(maxMessagesPerPull)
							.setReturnImmediately(false)
							.setSubscription(projectSubscriptionName)
							.build();
	SubscriberGrpc.SubscriberBlockingStub stub = SubscriberGrpc.newBlockingStub(channel)
						.withCallCredentials(MoreCallCredentials.from(credentials));
	return new BlockingGrpcPubSubSubscriber(projectSubscriptionName, channel, stub, pullRequest, retries, timeout);
}
Example #5
Source File: ShadingTest.java    From grpc-java with Apache License 2.0 6 votes vote down vote up 
@Test
public void tcnative() throws Exception {
  server = NettyServerBuilder.forPort(0)
      .useTransportSecurity(TestUtils.loadCert("server1.pem"), TestUtils.loadCert("server1.key"))
      .addService(new SimpleServiceImpl())
      .build().start();
  channel = NettyChannelBuilder
      .forAddress("localhost", server.getPort())
      .sslContext(
          GrpcSslContexts.configure(SslContextBuilder.forClient(), SslProvider.OPENSSL)
              .trustManager(TestUtils.loadCert("ca.pem")).build())
      .overrideAuthority("foo.test.google.fr")
      .build();
  SimpleServiceBlockingStub stub = SimpleServiceGrpc.newBlockingStub(channel);
  assertThat(SimpleResponse.getDefaultInstance())
      .isEqualTo(stub.unaryRpc(SimpleRequest.getDefaultInstance()));
}
Example #6
Source File: GrpcExecutionFactory.java    From buck with Apache License 2.0 6 votes vote down vote up 
private static NettyChannelBuilder createSecureChannel(
    String host, int port, Optional<Path> certPath, Optional<Path> keyPath, Optional<Path> caPath)
    throws SSLException {

  SslContextBuilder contextBuilder = GrpcSslContexts.forClient();
  if (certPath.isPresent() && keyPath.isPresent()) {
    contextBuilder.keyManager(certPath.get().toFile(), keyPath.get().toFile());
  }
  if (caPath.isPresent()) {
    contextBuilder.trustManager(caPath.get().toFile());
  }

  return channelBuilder(host, port)
      .sslContext(contextBuilder.build())
      .negotiationType(NegotiationType.TLS);
}
Example #7
Source File: GrpcConfig.java    From flair-engine with Apache License 2.0 5 votes vote down vote up 
private SslContextBuilder getSslContextBuilder() {
    log.info("Grpc config: Configuring ssl cert {} key {} trust {}",
            grpcProperties.getTls().getCertChainFile(), grpcProperties.getTls().getPrivateKeyFile(), grpcProperties.getTls().getTrustCertCollectionFile());

    SslContextBuilder sslClientContextBuilder = SslContextBuilder.forServer(
            new File(grpcProperties.getTls().getCertChainFile()),
            new File(grpcProperties.getTls().getPrivateKeyFile())
    );

    if (grpcProperties.getTls().getTrustCertCollectionFile() != null) {
        sslClientContextBuilder.trustManager(new File(grpcProperties.getTls().getTrustCertCollectionFile()));
        sslClientContextBuilder.clientAuth(ClientAuth.REQUIRE);
    }
    return GrpcSslContexts.configure(sslClientContextBuilder, SslProvider.OPENSSL);
}
Example #8
Source File: ClientGrpcConfig.java    From flair-engine with Apache License 2.0 5 votes vote down vote up 
private static SslContext buildSslContext(String trustCertCollectionFilePath,
                                          String clientCertChainFilePath,
                                          String clientPrivateKeyFilePath) throws SSLException {
    SslContextBuilder builder = GrpcSslContexts.forClient();
    if (trustCertCollectionFilePath != null) {
        builder.trustManager(new File(trustCertCollectionFilePath));
    }
    if (clientCertChainFilePath != null && clientPrivateKeyFilePath != null) {
        builder.keyManager(new File(clientCertChainFilePath), new File(clientPrivateKeyFilePath));
    }
    return builder.build();
}
Example #9
Source File: BrokerServer.java    From gcp-token-broker with Apache License 2.0 5 votes vote down vote up 
private SslContextBuilder getSslContextBuilder() {
    String certChainFilePath = AppSettings.getInstance().getString(AppSettings.TLS_CERTIFICATE_PATH);
    String privateKeyFilePath = AppSettings.getInstance().getString(AppSettings.TLS_PRIVATE_KEY_PATH);
    SslContextBuilder sslClientContextBuilder = SslContextBuilder.forServer(
        new File(certChainFilePath),
        new File(privateKeyFilePath));
    return GrpcSslContexts.configure(
        sslClientContextBuilder,
        SslProvider.OPENSSL);
}
Example #10
Source File: GrpcConfig.java    From benchmarks with Apache License 2.0 5 votes vote down vote up 
public static ManagedChannel getServerChannel()
{
    final NettyChannelBuilder channelBuilder =
        NettyChannelBuilder.forAddress(getServerHost(), getServerPort());
    if (getBoolean(TLS))
    {
        final Path certificatesDir = Configuration.certificatesDirectory();
        final SslContextBuilder sslClientContextBuilder = GrpcSslContexts.forClient()
            .trustManager(certificatesDir.resolve("ca.pem").toFile())
            .keyManager(
            certificatesDir.resolve("client.pem").toFile(), certificatesDir.resolve("client.key").toFile());

        try
        {
            channelBuilder.sslContext(sslClientContextBuilder.build());
        }
        catch (final SSLException ex)
        {
            LangUtil.rethrowUnchecked(ex);
        }
    }
    else
    {
        channelBuilder.usePlaintext();
    }
    return channelBuilder.build();
}
Example #11
Source File: MetaStep.java    From metastore with Apache License 2.0 4 votes vote down vote up 
public MetaStep(String... args) throws IOException, ArgumentParserException {
  ArgumentParser parser = ArgumentParsers.newFor("metastep").build();

  Subparsers subparsers = parser.addSubparsers().help("sub-command help");

  Subparser submitParser = subparsers.addParser("publish").help("publish help");
  submitParser.setDefault("sub-command", "publish");
  submitParser.addArgument("--package_prefix").required(false);
  submitParser.addArgument("--package_name").required(false);
  submitParser.addArgument("--file_name").required(false);
  submitParser.addArgument("--descriptor_set").required(false);
  submitParser.addArgument("--profile").required(false);
  submitParser.addArgument("--workspace").required(false);
  submitParser.addArgument("--server").required(true);
  submitParser.addArgument("--registry").required(false);
  submitParser.addArgument("--tls").required(false);
  submitParser.addArgument("--tls_env").required(false);
  submitParser.addArgument("--source").required(false);
  submitParser.addArgument("--comment").required(true);
  submitParser.addArgument("--user").required(false);
  submitParser.addArgument("--email").required(false);
  submitParser.addArgument("--include").nargs("*").required(false);

  Subparser validateParser = subparsers.addParser("validate").help("validate help");
  validateParser.setDefault("sub-command", "validate");
  validateParser.addArgument("--package_prefix").required(false);
  validateParser.addArgument("--package_name").required(false);
  validateParser.addArgument("--file_name").required(false);
  validateParser.addArgument("--descriptor_set").required(false);
  validateParser.addArgument("--profile").required(false);
  validateParser.addArgument("--workspace").required(false);
  validateParser.addArgument("--server").required(true);
  validateParser.addArgument("--registry").required(false);
  validateParser.addArgument("--tls").required(false);
  validateParser.addArgument("--tls_env").required(false);
  validateParser.addArgument("--source").required(false);
  validateParser.addArgument("--include").nargs("*").required(false);
  res = parser.parseArgs(args);

  descriptorFile = File.createTempFile("descriptor", ".pb");

  String server = res.getString("server");
  String[] sp = server.split(":");
  String host = sp[0];
  int port = Integer.parseInt(sp[1]);

  String protoWorkspace = res.getString("workspace");
  if (protoWorkspace == null) {
    protoWorkspace = "/var/workspace";
  }
  workspace = new File(protoWorkspace);
  System.out.println("Workspace set to: " + workspace);

  protoIncludes = res.getList("include");
  if (protoIncludes == null) {
    protoIncludes = new ArrayList<>();
  }
  protoIncludes.add("/usr/include");

  if (res.get("source") != null) {
    includeSource = true;
  }

  String tlsFileName = res.getString("tls");
  if (tlsFileName == null) {
    String tlsEnv = res.getString("tls_env");
    if (tlsEnv != null) {
      File tlsFile = File.createTempFile("tls", ".pem");
      tlsFileName = tlsFile.getAbsolutePath();
      String tlsBase64 = System.getenv(tlsEnv);
      if (tlsBase64 == null) {
        throw new RuntimeException("No ENVIRONMENT_VARIABLE of name " + tlsEnv + " found.");
      }
      try (FileOutputStream writer = new FileOutputStream(tlsFile)) {
        writer.write(Base64.getDecoder().decode(tlsBase64));
      }
    }
  }

  NettyChannelBuilder channelBuilder = NettyChannelBuilder.forAddress(host, port);
  if (tlsFileName != null) {
    SslContext sslContext =
        GrpcSslContexts.forClient().trustManager(new File(tlsFileName)).build();

    channelBuilder.sslContext(sslContext).useTransportSecurity().build();
  } else {
    channelBuilder.usePlaintext();
  }
  schemaRegistry = RegistryGrpc.newBlockingStub(channelBuilder.build());
}