From c1d97fbe9452e278e94f57173b13761399a3fc38 Mon Sep 17 00:00:00 2001 From: Patrice Chalin Date: Mon, 23 Nov 2020 16:04:31 -0500 Subject: [PATCH] Go-specific ALTS authentication page from template (#537) - Contributes to #527 - Also included are minor tweaks to the C++-ALTS page --- content/docs/guides/auth/ALTS.md | 54 +++-------------------------- content/docs/languages/cpp/alts.md | 3 +- content/docs/languages/go/_index.md | 5 +-- content/docs/languages/go/alts.md | 52 +++++++++++++++++++++++++++ 4 files changed, 61 insertions(+), 53 deletions(-) create mode 100644 content/docs/languages/go/alts.md diff --git a/content/docs/guides/auth/ALTS.md b/content/docs/guides/auth/ALTS.md index 9c0fdfa..e22f7dd 100644 --- a/content/docs/guides/auth/ALTS.md +++ b/content/docs/guides/auth/ALTS.md @@ -27,7 +27,10 @@ protocol with few lines of code. gRPC ALTS is supported in C++, Java, Go, and Python. Details are covered in this page, or in the following language-specific -page: [C++ ALTS]({{< relref "docs/languages/cpp/alts" >}}). +pages: + +- [ALTS in C++]({{< relref "docs/languages/cpp/alts" >}}) +- [ALTS in Go]({{< relref "docs/languages/go/alts" >}}) Note that ALTS is fully functional if the application runs on [Google Cloud Platform](https://cloud.google.com). ALTS could be run on any @@ -49,18 +52,6 @@ ManagedChannel managedChannel = AltsChannelBuilder.forTarget(serverAddress).build(); ``` -#### Go - -```go -import ( - "google.golang.org/grpc" - "google.golang.org/grpc/credentials/alts" -) - -altsTC := alts.NewClientCreds(alts.DefaultClientOptions()) -conn, err := grpc.Dial(serverAddr, grpc.WithTransportCredentials(altsTC)) -``` - #### Python ```python @@ -87,18 +78,6 @@ Server server = AltsServerBuilder.forPort() ``` -#### Go - -```go -import ( - "google.golang.org/grpc" - "google.golang.org/grpc/credentials/alts" -) - -altsTC := alts.NewServerCreds(alts.DefaultServerOptions()) -server := grpc.NewServer(grpc.Creds(altsTC)) -``` - #### Python ```python @@ -130,20 +109,6 @@ ManagedChannel channel = .build(); ``` -#### Go - -```go -import ( - "google.golang.org/grpc" - "google.golang.org/grpc/credentials/alts" -) - -clientOpts := alts.DefaultClientOptions() -clientOpts.TargetServiceAccounts = []string{expectedServerSA} -altsTC := alts.NewClientCreds(clientOpts) -conn, err := grpc.Dial(serverAddr, grpc.WithTransportCredentials(altsTC)) -``` - ### Client Authorization On a successful connection, the peer information (e.g., client’s service @@ -165,14 +130,3 @@ ServerCall call; Status status = AuthorizationUtil.clientAuthorizationCheck( call, Lists.newArrayList("foo@iam.gserviceaccount.com")); ``` - -#### Go - -```go -import ( - "google.golang.org/grpc" - "google.golang.org/grpc/credentials/alts" -) - -err := alts.ClientAuthorizationCheck(ctx, []string{"foo@iam.gserviceaccount.com"}) -``` diff --git a/content/docs/languages/cpp/alts.md b/content/docs/languages/cpp/alts.md index 116a9ae..eca6f74 100644 --- a/content/docs/languages/cpp/alts.md +++ b/content/docs/languages/cpp/alts.md @@ -1,10 +1,11 @@ --- -title: ALTS authentication +title: ALTS authentication in C++ short: ALTS layout: auth_alts description: > An overview of gRPC authentication in C++ using Application Layer Transport Security (ALTS). +weight: 75 spelling: cSpell:ignore Authz creds grpcpp code: client_credentials: | diff --git a/content/docs/languages/go/_index.md b/content/docs/languages/go/_index.md index bf49f38..9fe3caf 100644 --- a/content/docs/languages/go/_index.md +++ b/content/docs/languages/go/_index.md @@ -4,9 +4,9 @@ layout: prog_lang_home api_path: https://pkg.go.dev/google.golang.org/grpc content: - learn_more: - - "[Examples]($src_repo_url/tree/master/examples)" + - "[ALTS authentication](alts/)" - "[Additional docs]($src_repo_url/tree/master/Documentation)" - - "[Installation]($src_repo_url#installation)" + - "[Examples]($src_repo_url/tree/master/examples)" - "[FAQ]($src_repo_url#faq)" - reference: - "[API](api/)" @@ -14,6 +14,7 @@ content: - other: - $src_repo_link - "[Performance benchmark](https://performance-dot-grpc-testing.appspot.com/explore?dashboard=5652536396611584&widget=490377658&container=1286539696)" + - "[Installation]($src_repo_url#installation)" spelling: cSpell:ignore Isberner Klerk Malte youtube --- diff --git a/content/docs/languages/go/alts.md b/content/docs/languages/go/alts.md new file mode 100644 index 0000000..07e25f6 --- /dev/null +++ b/content/docs/languages/go/alts.md @@ -0,0 +1,52 @@ +--- +title: ALTS authentication in Go +short: ALTS +layout: auth_alts +description: > + An overview of gRPC authentication in Go using Application Layer Transport + Security (ALTS). +weight: 75 +spelling: cSpell:ignore creds +code: + client_credentials: | + ```go + import ( + "google.golang.org/grpc" + "google.golang.org/grpc/credentials/alts" + ) + + altsTC := alts.NewClientCreds(alts.DefaultClientOptions()) + conn, err := grpc.Dial(serverAddr, grpc.WithTransportCredentials(altsTC)) + ``` + server_credentials: | + ```go + import ( + "google.golang.org/grpc" + "google.golang.org/grpc/credentials/alts" + ) + + altsTC := alts.NewServerCreds(alts.DefaultServerOptions()) + server := grpc.NewServer(grpc.Creds(altsTC)) + ``` + server_authorization: | + ```go + import ( + "google.golang.org/grpc" + "google.golang.org/grpc/credentials/alts" + ) + + clientOpts := alts.DefaultClientOptions() + clientOpts.TargetServiceAccounts = []string{expectedServerSA} + altsTC := alts.NewClientCreds(clientOpts) + conn, err := grpc.Dial(serverAddr, grpc.WithTransportCredentials(altsTC)) + ``` + client_authorization: | + ```go + import ( + "google.golang.org/grpc" + "google.golang.org/grpc/credentials/alts" + ) + + err := alts.ClientAuthorizationCheck(ctx, []string{"foo@iam.gserviceaccount.com"}) + ``` +---