Example 1 with CallCredentials
use of io.grpc.CallCredentials in project grpc-java by grpc.
the class ComputeEngineChannelCredentials method create.
/**
* Creates credentials for Google Compute Engine. This class sets up a secure channel using ALTS
* if applicable and using TLS as fallback.
*/
public static ChannelCredentials create() {
ChannelCredentials nettyCredentials = InternalNettyChannelCredentials.create(createClientFactory());
CallCredentials callCredentials;
if (InternalCheckGcpEnvironment.isOnGcp()) {
callCredentials = MoreCallCredentials.from(ComputeEngineCredentials.create());
} else {
callCredentials = new FailingCallCredentials(Status.INTERNAL.withDescription("Compute Engine Credentials can only be used on Google Cloud Platform"));
}
return CompositeChannelCredentials.create(nettyCredentials, callCredentials);
}
Also used :
ChannelCredentials(io.grpc.ChannelCredentials)
InternalNettyChannelCredentials(io.grpc.netty.InternalNettyChannelCredentials)
CompositeChannelCredentials(io.grpc.CompositeChannelCredentials)
CallCredentials(io.grpc.CallCredentials)
MoreCallCredentials(io.grpc.auth.MoreCallCredentials)
Example 2 with CallCredentials
use of io.grpc.CallCredentials in project google-cloud-java by GoogleCloudPlatform.
the class Subscriber method startPollingConnections.
private void startPollingConnections() throws IOException {
synchronized (pollingSubscriberConnections) {
Credentials credentials = credentialsProvider.getCredentials();
CallCredentials callCredentials = credentials == null ? null : MoreCallCredentials.from(credentials);
for (int i = 0; i < numChannels; i++) {
SubscriberFutureStub stub = SubscriberGrpc.newFutureStub(channels.get(i));
if (callCredentials != null) {
stub = stub.withCallCredentials(callCredentials);
}
pollingSubscriberConnections.add(new PollingSubscriberConnection(cachedSubscriptionNameString, receiver, ackExpirationPadding, maxAckExtensionPeriod, ackLatencyDistribution, stub, flowController, flowControlSettings.getMaxOutstandingElementCount(), executor, alarmsExecutor, clock));
}
startConnections(pollingSubscriberConnections, new Listener() {
@Override
public void failed(State from, Throwable failure) {
// If a connection failed is because of a fatal error, we should fail the
// whole subscriber.
stopAllPollingConnections();
try {
notifyFailed(failure);
} catch (IllegalStateException e) {
if (isRunning()) {
throw e;
}
// It could happen that we are shutting down while some channels fail.
}
}
});
}
}
Also used :
CallCredentials(io.grpc.CallCredentials)
MoreCallCredentials(io.grpc.auth.MoreCallCredentials)
GoogleCredentials(com.google.auth.oauth2.GoogleCredentials)
Credentials(com.google.auth.Credentials)
CallCredentials(io.grpc.CallCredentials)
MoreCallCredentials(io.grpc.auth.MoreCallCredentials)
SubscriberFutureStub(com.google.pubsub.v1.SubscriberGrpc.SubscriberFutureStub)
Example 3 with CallCredentials
use of io.grpc.CallCredentials in project etcd-java by IBM.
the class EtcdClient method refreshCredentials.
private CallCredentials refreshCredentials() {
return new CallCredentials() {
// TODO volatile TBD
private Metadata tokenHeader;
private final long authTime = System.currentTimeMillis();
private final ListenableFuture<Metadata> futureTokenHeader = Futures.transform(authenticate(), (Function<AuthenticateResponse, Metadata>) ar -> tokenHeader = tokenHeader(ar));
@Override
public void applyRequestMetadata(MethodDescriptor<?, ?> method, Attributes attrs, Executor appExecutor, MetadataApplier applier) {
Metadata tokHeader = tokenHeader;
if (tokHeader != null)
applier.apply(tokHeader);
else
futureTokenHeader.addListener(() -> {
try {
applier.apply(futureTokenHeader.get());
} catch (ExecutionException | InterruptedException ee) {
// (IE won't be thrown)
Status failStatus = Status.fromThrowable(ee.getCause());
Code code = failStatus != null ? failStatus.getCode() : null;
if (code != Code.INVALID_ARGUMENT && (System.currentTimeMillis() - authTime) > 15_000L) {
// this will force another auth attempt
failStatus = Status.UNAUTHENTICATED.withDescription("re-attempt re-auth");
}
applier.fail(failStatus);
}
}, directExecutor());
}
// @Override
public void thisUsesUnstableApi() {
}
};
}
Also used :
Status(io.grpc.Status)
Function(com.google.common.base.Function)
ScheduledThreadPoolExecutor(java.util.concurrent.ScheduledThreadPoolExecutor)
MoreExecutors.directExecutor(com.google.common.util.concurrent.MoreExecutors.directExecutor)
Executor(java.util.concurrent.Executor)
Metadata(io.grpc.Metadata)
Attributes(io.grpc.Attributes)
ListenableFuture(com.google.common.util.concurrent.ListenableFuture)
MethodDescriptor(io.grpc.MethodDescriptor)
Code(io.grpc.Status.Code)
CallCredentials(io.grpc.CallCredentials)
Example 4 with CallCredentials
use of io.grpc.CallCredentials in project beam by apache.
the class GrpcWindmillServer method initializeWindmillService.
private synchronized void initializeWindmillService(Set<HostAndPort> endpoints) throws IOException {
LOG.info("Initializing Streaming Engine GRPC client for endpoints: {}", endpoints);
this.stubList.clear();
this.syncStubList.clear();
this.endpoints = ImmutableSet.<HostAndPort>copyOf(endpoints);
for (HostAndPort endpoint : this.endpoints) {
if ("localhost".equals(endpoint.getHost())) {
initializeLocalHost(endpoint.getPort());
} else {
CallCredentials creds = MoreCallCredentials.from(new VendoredCredentialsAdapter(options.getGcpCredential()));
this.stubList.add(CloudWindmillServiceV1Alpha1Grpc.newStub(remoteChannel(endpoint)).withCallCredentials(creds));
this.syncStubList.add(CloudWindmillServiceV1Alpha1Grpc.newBlockingStub(remoteChannel(endpoint)).withCallCredentials(creds));
}
}
}
Also used :
HostAndPort(org.apache.beam.vendor.guava.v26_0_jre.com.google.common.net.HostAndPort)
MoreCallCredentials(org.apache.beam.vendor.grpc.v1p43p2.io.grpc.auth.MoreCallCredentials)
CallCredentials(org.apache.beam.vendor.grpc.v1p43p2.io.grpc.CallCredentials)
Example 5 with CallCredentials
use of io.grpc.CallCredentials in project grpc-java by grpc.
the class GoogleAuthLibraryCallCredentialsTest method googleCredential_privacyAndIntegrityAllowed.
@Test
public void googleCredential_privacyAndIntegrityAllowed() {
final AccessToken token = new AccessToken("allyourbase", new Date(Long.MAX_VALUE));
final Credentials credentials = GoogleCredentials.create(token);
GoogleAuthLibraryCallCredentials callCredentials = new GoogleAuthLibraryCallCredentials(credentials);
callCredentials.applyRequestMetadata(new RequestInfoImpl(SecurityLevel.PRIVACY_AND_INTEGRITY), executor, applier);
runPendingRunnables();
verify(applier).apply(headersCaptor.capture());
Metadata headers = headersCaptor.getValue();
Iterable<String> authorization = headers.getAll(AUTHORIZATION);
assertArrayEquals(new String[] { "Bearer allyourbase" }, Iterables.toArray(authorization, String.class));
}
Also used :
AccessToken(com.google.auth.oauth2.AccessToken)
Metadata(io.grpc.Metadata)
Date(java.util.Date)
Credentials(com.google.auth.Credentials)
CallCredentials(io.grpc.CallCredentials)
OAuth2Credentials(com.google.auth.oauth2.OAuth2Credentials)
GoogleCredentials(com.google.auth.oauth2.GoogleCredentials)
ServiceAccountCredentials(com.google.auth.oauth2.ServiceAccountCredentials)
Test(org.junit.Test)
Aggregations
CallCredentials (io.grpc.CallCredentials)9
Test (org.junit.Test)4
Credentials (com.google.auth.Credentials)3
GoogleCredentials (com.google.auth.oauth2.GoogleCredentials)3
AccessToken (com.google.auth.oauth2.AccessToken)2
OAuth2Credentials (com.google.auth.oauth2.OAuth2Credentials)2
ServiceAccountCredentials (com.google.auth.oauth2.ServiceAccountCredentials)2
Metadata (io.grpc.Metadata)2
Status (io.grpc.Status)2
MoreCallCredentials (io.grpc.auth.MoreCallCredentials)2
Date (java.util.Date)2
Function (com.google.common.base.Function)1
ListenableFuture (com.google.common.util.concurrent.ListenableFuture)1
MoreExecutors.directExecutor (com.google.common.util.concurrent.MoreExecutors.directExecutor)1
SubscriberFutureStub (com.google.pubsub.v1.SubscriberGrpc.SubscriberFutureStub)1
Attributes (io.grpc.Attributes)1
ChannelCredentials (io.grpc.ChannelCredentials)1
CompositeChannelCredentials (io.grpc.CompositeChannelCredentials)1
ManagedChannel (io.grpc.ManagedChannel)1
MethodDescriptor (io.grpc.MethodDescriptor)1
