grpc
/
grpc-java
mirror of https://github.com/grpc/grpc-java.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

rls: use channel creds to create resolvingOobChannel

This commit is contained in:
ZHANG Dapeng 2021-01-29 09:29:39 -08:00 committed by GitHub
parent 9437783838
commit 9bb9fef6b0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 38 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
rls/src/main/java/io/grpc/rls/CachingRlsLbClient.java
View File

@ -139,8 +139,13 @@ final class CachingRlsLbClient {
timeProvider); timeProvider);
RlsRequestFactory requestFactory = new RlsRequestFactory(lbPolicyConfig.getRouteLookupConfig()); RlsRequestFactory requestFactory = new RlsRequestFactory(lbPolicyConfig.getRouteLookupConfig());
rlsPicker = new RlsPicker(requestFactory); rlsPicker = new RlsPicker(requestFactory);
ManagedChannelBuilder<?> rlsChannelBuilder = // It is safe to use helper.getUnsafeChannelCredentials() because the client authenticates the
helper.createResolvingOobChannelBuilder(rlsConfig.getLookupService()); // RLS server using the same authority as the backends, even though the RLS servers addresses
// will be looked up differently than the backends; overrideAuthority(helper.getAuthority()) is
// called to impose the authority security restrictions.
ManagedChannelBuilder<?> rlsChannelBuilder = helper.createResolvingOobChannelBuilder(
rlsConfig.getLookupService(), helper.getUnsafeChannelCredentials());
rlsChannelBuilder.overrideAuthority(helper.getAuthority());
logger = helper.getChannelLogger(); logger = helper.getChannelLogger();
if (enableOobChannelDirectPath) { if (enableOobChannelDirectPath) {
logger.log( logger.log(

17
rls/src/test/java/io/grpc/rls/CachingRlsLbClientTest.java
View File

@ -34,6 +34,7 @@ import com.google.common.collect.ImmutableMap;
import com.google.common.util.concurrent.SettableFuture; import com.google.common.util.concurrent.SettableFuture;
import io.grpc.Attributes; import io.grpc.Attributes;
import io.grpc.CallOptions; import io.grpc.CallOptions;
import io.grpc.ChannelCredentials;
import io.grpc.ChannelLogger; import io.grpc.ChannelLogger;
import io.grpc.ConnectivityState; import io.grpc.ConnectivityState;
import io.grpc.EquivalentAddressGroup; import io.grpc.EquivalentAddressGroup;
@ -536,7 +537,8 @@ public class CachingRlsLbClientTest {
private final class FakeHelper extends Helper { private final class FakeHelper extends Helper {
@Override @Override
public ManagedChannelBuilder<?> createResolvingOobChannelBuilder(String target) { public ManagedChannelBuilder<?> createResolvingOobChannelBuilder(
String target, ChannelCredentials creds) {
try { try {
grpcCleanupRule.register( grpcCleanupRule.register(
InProcessServerBuilder.forName(target) InProcessServerBuilder.forName(target)
@ -579,7 +581,18 @@ public class CachingRlsLbClientTest {
@Override @Override
public String getAuthority() { public String getAuthority() {
throw new UnsupportedOperationException(); return DEFAULT_TARGET;
}
@Override
public ChannelCredentials getUnsafeChannelCredentials() {
// In test we don't do any authentication.
return new ChannelCredentials() {
@Override
public ChannelCredentials withoutBearerTokens() {
return this;
}
};
} }
@Override @Override

18
rls/src/test/java/io/grpc/rls/RlsLoadBalancerTest.java
View File

@ -32,6 +32,7 @@ import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableMap; import com.google.common.collect.ImmutableMap;
import io.grpc.Attributes; import io.grpc.Attributes;
import io.grpc.CallOptions; import io.grpc.CallOptions;
import io.grpc.ChannelCredentials;
import io.grpc.ChannelLogger; import io.grpc.ChannelLogger;
import io.grpc.ConnectivityState; import io.grpc.ConnectivityState;
import io.grpc.ConnectivityStateInfo; import io.grpc.ConnectivityStateInfo;
@ -376,7 +377,7 @@ public class RlsLoadBalancerTest {
.setAddresses(ImmutableList.of(new EquivalentAddressGroup(mock(SocketAddress.class)))) .setAddresses(ImmutableList.of(new EquivalentAddressGroup(mock(SocketAddress.class))))
.setLoadBalancingPolicyConfig(parsedConfigOrError.getConfig()) .setLoadBalancingPolicyConfig(parsedConfigOrError.getConfig())
.build()); .build());
verify(helper).createResolvingOobChannelBuilder(anyString()); verify(helper).createResolvingOobChannelBuilder(anyString(), any(ChannelCredentials.class));
} }
@SuppressWarnings("unchecked") @SuppressWarnings("unchecked")
@ -429,7 +430,8 @@ public class RlsLoadBalancerTest {
} }
@Override @Override
public ManagedChannelBuilder<?> createResolvingOobChannelBuilder(String target) { public ManagedChannelBuilder<?> createResolvingOobChannelBuilder(
String target, ChannelCredentials creds) {
try { try {
grpcCleanupRule.register( grpcCleanupRule.register(
InProcessServerBuilder.forName(target) InProcessServerBuilder.forName(target)
@ -475,6 +477,18 @@ public class RlsLoadBalancerTest {
return "fake-bigtable.googleapis.com"; return "fake-bigtable.googleapis.com";
} }
@Override
public ChannelCredentials getUnsafeChannelCredentials() {
// In test we don't do any authentication.
return new ChannelCredentials() {
@Override
public ChannelCredentials withoutBearerTokens() {
return this;
}
};
}
@Override @Override
public ScheduledExecutorService getScheduledExecutorService() { public ScheduledExecutorService getScheduledExecutorService() {
return fakeScheduledExecutorService; return fakeScheduledExecutorService;