grpc
/
grpc-go
mirror of https://github.com/grpc/grpc-go.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

credentials/alts: Add example of authz in ALTS (#2814)

This commit is contained in:
Cesar Ghali 2019-05-16 14:58:44 -07:00 committed by GitHub
parent 263405c7fe
commit 8655d473ad
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 21 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
interop/alts/server/server.go
View File

@ -20,6 +20,7 @@
package main
import (
"context"
"flag"
"net"
"strings"
@ -29,6 +30,7 @@ import (
"google.golang.org/grpc/grpclog"
"google.golang.org/grpc/interop"
testpb "google.golang.org/grpc/interop/grpc_testing"
"google.golang.org/grpc/tap"
)
const (
@ -59,7 +61,25 @@ func main() {
opts.HandshakerServiceAddress = *hsAddr
}
altsTC := alts.NewServerCreds(opts)
grpcServer := grpc.NewServer(grpc.Creds(altsTC))
grpcServer := grpc.NewServer(grpc.Creds(altsTC), grpc.InTapHandle(authz))
testpb.RegisterTestServiceServer(grpcServer, interop.NewTestServer())
grpcServer.Serve(lis)
}
// authz shows how to access client information at the server side to perform
// application-layer authorization checks.
func authz(ctx context.Context, info *tap.Info) (context.Context, error) {
authInfo, err := alts.AuthInfoFromContext(ctx)
if err != nil {
return nil, err
}
// Access all alts.AuthInfo data:
grpclog.Infof("authInfo.ApplicationProtocol() = %v", authInfo.ApplicationProtocol())
grpclog.Infof("authInfo.RecordProtocol() = %v", authInfo.RecordProtocol())
grpclog.Infof("authInfo.SecurityLevel() = %v", authInfo.SecurityLevel())
grpclog.Infof("authInfo.PeerServiceAccount() = %v", authInfo.PeerServiceAccount())
grpclog.Infof("authInfo.LocalServiceAccount() = %v", authInfo.LocalServiceAccount())
grpclog.Infof("authInfo.PeerRPCVersions() = %v", authInfo.PeerRPCVersions())
grpclog.Infof("info.FullMethodName = %v", info.FullMethodName)
return ctx, nil
}