Examples with DownstreamTlsContext io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext used on opensource projects

Search in sources :

Example 1 with DownstreamTlsContext

use of io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext in project grpc-java by grpc.

the class ClientXdsClientDataTest method validateDownstreamTlsContext_noCommonTlsContext.

@Test
public void validateDownstreamTlsContext_noCommonTlsContext() throws ResourceInvalidException {
    DownstreamTlsContext downstreamTlsContext = DownstreamTlsContext.getDefaultInstance();
    thrown.expect(ResourceInvalidException.class);
    thrown.expectMessage("common-tls-context is required in downstream-tls-context");
    ClientXdsClient.validateDownstreamTlsContext(downstreamTlsContext, null);
}
Also used : DownstreamTlsContext(io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext) Test(org.junit.Test)

Example 2 with DownstreamTlsContext

use of io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext in project grpc-java by grpc.

the class ClientXdsClientDataTest method validateDownstreamTlsContext_hasOcspStaplePolicy.

@Test
@SuppressWarnings("deprecation")
public void validateDownstreamTlsContext_hasOcspStaplePolicy() throws ResourceInvalidException {
    CommonTlsContext commonTlsContext = CommonTlsContext.newBuilder().setCombinedValidationContext(CommonTlsContext.CombinedCertificateValidationContext.newBuilder().setValidationContextCertificateProviderInstance(CommonTlsContext.CertificateProviderInstance.getDefaultInstance())).setTlsCertificateCertificateProviderInstance(CommonTlsContext.CertificateProviderInstance.getDefaultInstance()).build();
    DownstreamTlsContext downstreamTlsContext = DownstreamTlsContext.newBuilder().setCommonTlsContext(commonTlsContext).setOcspStaplePolicy(DownstreamTlsContext.OcspStaplePolicy.STRICT_STAPLING).build();
    thrown.expect(ResourceInvalidException.class);
    thrown.expectMessage("downstream-tls-context with ocsp_staple_policy value STRICT_STAPLING is not supported");
    ClientXdsClient.validateDownstreamTlsContext(downstreamTlsContext, ImmutableSet.of(""));
}
Also used : DownstreamTlsContext(io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext) CommonTlsContext(io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext) Test(org.junit.Test)

Example 3 with DownstreamTlsContext

use of io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext in project grpc-java by grpc.

the class TlsContextManagerImpl method findOrCreateServerSslContextProvider.

@Override
public SslContextProvider findOrCreateServerSslContextProvider(DownstreamTlsContext downstreamTlsContext) {
    checkNotNull(downstreamTlsContext, "downstreamTlsContext");
    CommonTlsContext.Builder builder = downstreamTlsContext.getCommonTlsContext().toBuilder();
    downstreamTlsContext = new DownstreamTlsContext(builder.build(), downstreamTlsContext.isRequireClientCertificate());
    return mapForServers.get(downstreamTlsContext);
}
Also used : DownstreamTlsContext(io.grpc.xds.EnvoyServerProtoData.DownstreamTlsContext) CommonTlsContext(io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext)

Example 4 with DownstreamTlsContext

use of io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext in project grpc-java by grpc.

the class ServerSslContextProviderFactoryTest method createNewCertProviderServerSslContextProvider_withSans.

@Test
public void createNewCertProviderServerSslContextProvider_withSans() throws XdsInitializationException {
    final CertificateProvider.DistributorWatcher[] watcherCaptor = new CertificateProvider.DistributorWatcher[2];
    createAndRegisterProviderProvider(certificateProviderRegistry, watcherCaptor, "testca", 0);
    createAndRegisterProviderProvider(certificateProviderRegistry, watcherCaptor, "file_watcher", 1);
    CertificateValidationContext staticCertValidationContext = CertificateValidationContext.newBuilder().addAllMatchSubjectAltNames(ImmutableSet.of(StringMatcher.newBuilder().setExact("foo").build(), StringMatcher.newBuilder().setExact("bar").build())).build();
    DownstreamTlsContext downstreamTlsContext = CommonTlsContextTestsUtil.buildNewDownstreamTlsContextForCertProviderInstance("gcp_id", "cert-default", "file_provider", "root-default", /* alpnProtocols= */
    null, staticCertValidationContext, /* requireClientCert= */
    true);
    Bootstrapper.BootstrapInfo bootstrapInfo = CommonBootstrapperTestUtils.getTestBootstrapInfo();
    serverSslContextProviderFactory = new ServerSslContextProviderFactory(bootstrapInfo, certProviderServerSslContextProviderFactory);
    SslContextProvider sslContextProvider = serverSslContextProviderFactory.create(downstreamTlsContext);
    assertThat(sslContextProvider).isInstanceOf(CertProviderServerSslContextProvider.class);
    verifyWatcher(sslContextProvider, watcherCaptor[0]);
    verifyWatcher(sslContextProvider, watcherCaptor[1]);
}
Also used : Bootstrapper(io.grpc.xds.Bootstrapper) DownstreamTlsContext(io.grpc.xds.EnvoyServerProtoData.DownstreamTlsContext) CertProviderServerSslContextProvider(io.grpc.xds.internal.certprovider.CertProviderServerSslContextProvider) CertificateValidationContext(io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext) Test(org.junit.Test)

Example 5 with DownstreamTlsContext

use of io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext in project grpc-java by grpc.

the class ServerSslContextProviderFactoryTest method bothPresent_expectCertProviderServerSslContextProvider.

@Test
public void bothPresent_expectCertProviderServerSslContextProvider() throws XdsInitializationException {
    final CertificateProvider.DistributorWatcher[] watcherCaptor = new CertificateProvider.DistributorWatcher[1];
    createAndRegisterProviderProvider(certificateProviderRegistry, watcherCaptor, "testca", 0);
    DownstreamTlsContext downstreamTlsContext = CommonTlsContextTestsUtil.buildDownstreamTlsContextForCertProviderInstance("gcp_id", "cert-default", "gcp_id", "root-default", /* alpnProtocols= */
    null, /* staticCertValidationContext= */
    null, /* requireClientCert= */
    true);
    CommonTlsContext.Builder builder = downstreamTlsContext.getCommonTlsContext().toBuilder();
    builder = ClientSslContextProviderFactoryTest.addFilenames(builder, "foo.pem", "foo.key", "root.pem");
    downstreamTlsContext = new EnvoyServerProtoData.DownstreamTlsContext(builder.build(), downstreamTlsContext.isRequireClientCertificate());
    Bootstrapper.BootstrapInfo bootstrapInfo = CommonBootstrapperTestUtils.getTestBootstrapInfo();
    serverSslContextProviderFactory = new ServerSslContextProviderFactory(bootstrapInfo, certProviderServerSslContextProviderFactory);
    SslContextProvider sslContextProvider = serverSslContextProviderFactory.create(downstreamTlsContext);
    assertThat(sslContextProvider).isInstanceOf(CertProviderServerSslContextProvider.class);
    verifyWatcher(sslContextProvider, watcherCaptor[0]);
}
Also used : Bootstrapper(io.grpc.xds.Bootstrapper) DownstreamTlsContext(io.grpc.xds.EnvoyServerProtoData.DownstreamTlsContext) DownstreamTlsContext(io.grpc.xds.EnvoyServerProtoData.DownstreamTlsContext) CertProviderServerSslContextProvider(io.grpc.xds.internal.certprovider.CertProviderServerSslContextProvider) CommonTlsContext(io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext) EnvoyServerProtoData(io.grpc.xds.EnvoyServerProtoData) Test(org.junit.Test)

Aggregations

Test (org.junit.Test)6 CommonTlsContext (io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CommonTlsContext)4 DownstreamTlsContext (io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.DownstreamTlsContext)4 DownstreamTlsContext (io.grpc.xds.EnvoyServerProtoData.DownstreamTlsContext)4 Bootstrapper (io.grpc.xds.Bootstrapper)3 CertProviderServerSslContextProvider (io.grpc.xds.internal.certprovider.CertProviderServerSslContextProvider)3 CertificateValidationContext (io.envoyproxy.envoy.extensions.transport_sockets.tls.v3.CertificateValidationContext)2 VisibleForTesting (com.google.common.annotations.VisibleForTesting)1 Any (com.google.protobuf.Any)1 InvalidProtocolBufferException (com.google.protobuf.InvalidProtocolBufferException)1 HttpConnectionManager (io.envoyproxy.envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager)1 EnvoyServerProtoData (io.grpc.xds.EnvoyServerProtoData)1 FilterChainMatch (io.grpc.xds.EnvoyServerProtoData.FilterChainMatch)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial