mirror of https://github.com/grpc/grpc-go.git
89 lines
2.9 KiB
Go
89 lines
2.9 KiB
Go
/*
|
|
*
|
|
* Copyright 2018 gRPC authors.
|
|
*
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
* you may not use this file except in compliance with the License.
|
|
* You may obtain a copy of the License at
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* See the License for the specific language governing permissions and
|
|
* limitations under the License.
|
|
*
|
|
*/
|
|
|
|
// This binary can only run on Google Cloud Platform (GCP).
|
|
package main
|
|
|
|
import (
|
|
"context"
|
|
"flag"
|
|
"net"
|
|
"strings"
|
|
|
|
"google.golang.org/grpc"
|
|
"google.golang.org/grpc/credentials/alts"
|
|
"google.golang.org/grpc/grpclog"
|
|
"google.golang.org/grpc/interop"
|
|
"google.golang.org/grpc/tap"
|
|
|
|
testgrpc "google.golang.org/grpc/interop/grpc_testing"
|
|
)
|
|
|
|
const (
|
|
udsAddrPrefix = "unix:"
|
|
)
|
|
|
|
var (
|
|
hsAddr = flag.String("alts_handshaker_service_address", "", "ALTS handshaker gRPC service address")
|
|
serverAddr = flag.String("server_address", ":8080", "The address on which the server is listening. Only two types of addresses are supported, 'host:port' and 'unix:/path'.")
|
|
|
|
logger = grpclog.Component("interop")
|
|
)
|
|
|
|
func main() {
|
|
flag.Parse()
|
|
|
|
// If the server address starts with `unix:`, then we have a UDS address.
|
|
network := "tcp"
|
|
address := *serverAddr
|
|
if strings.HasPrefix(address, udsAddrPrefix) {
|
|
network = "unix"
|
|
address = strings.TrimPrefix(address, udsAddrPrefix)
|
|
}
|
|
lis, err := net.Listen(network, address)
|
|
if err != nil {
|
|
logger.Fatalf("gRPC Server: failed to start the server at %v: %v", address, err)
|
|
}
|
|
opts := alts.DefaultServerOptions()
|
|
if *hsAddr != "" {
|
|
opts.HandshakerServiceAddress = *hsAddr
|
|
}
|
|
altsTC := alts.NewServerCreds(opts)
|
|
grpcServer := grpc.NewServer(grpc.Creds(altsTC), grpc.InTapHandle(authz))
|
|
testgrpc.RegisterTestServiceServer(grpcServer, interop.NewTestServer())
|
|
grpcServer.Serve(lis)
|
|
}
|
|
|
|
// authz shows how to access client information at the server side to perform
|
|
// application-layer authorization checks.
|
|
func authz(ctx context.Context, info *tap.Info) (context.Context, error) {
|
|
authInfo, err := alts.AuthInfoFromContext(ctx)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
// Access all alts.AuthInfo data:
|
|
logger.Infof("authInfo.ApplicationProtocol() = %v", authInfo.ApplicationProtocol())
|
|
logger.Infof("authInfo.RecordProtocol() = %v", authInfo.RecordProtocol())
|
|
logger.Infof("authInfo.SecurityLevel() = %v", authInfo.SecurityLevel())
|
|
logger.Infof("authInfo.PeerServiceAccount() = %v", authInfo.PeerServiceAccount())
|
|
logger.Infof("authInfo.LocalServiceAccount() = %v", authInfo.LocalServiceAccount())
|
|
logger.Infof("authInfo.PeerRPCVersions() = %v", authInfo.PeerRPCVersions())
|
|
logger.Infof("info.FullMethodName = %v", info.FullMethodName)
|
|
return ctx, nil
|
|
}
|