use of io.grpc.CallCredentials in project grpc-java by grpc.
the class ComputeEngineChannelCredentials method create.
/**
* Creates credentials for Google Compute Engine. This class sets up a secure channel using ALTS
* if applicable and using TLS as fallback.
*/
public static ChannelCredentials create() {
ChannelCredentials nettyCredentials = InternalNettyChannelCredentials.create(createClientFactory());
CallCredentials callCredentials;
if (InternalCheckGcpEnvironment.isOnGcp()) {
callCredentials = MoreCallCredentials.from(ComputeEngineCredentials.create());
} else {
callCredentials = new FailingCallCredentials(Status.INTERNAL.withDescription("Compute Engine Credentials can only be used on Google Cloud Platform"));
}
return CompositeChannelCredentials.create(nettyCredentials, callCredentials);
}
use of io.grpc.CallCredentials in project google-cloud-java by GoogleCloudPlatform.
the class Subscriber method startPollingConnections.
private void startPollingConnections() throws IOException {
synchronized (pollingSubscriberConnections) {
Credentials credentials = credentialsProvider.getCredentials();
CallCredentials callCredentials = credentials == null ? null : MoreCallCredentials.from(credentials);
for (int i = 0; i < numChannels; i++) {
SubscriberFutureStub stub = SubscriberGrpc.newFutureStub(channels.get(i));
if (callCredentials != null) {
stub = stub.withCallCredentials(callCredentials);
}
pollingSubscriberConnections.add(new PollingSubscriberConnection(cachedSubscriptionNameString, receiver, ackExpirationPadding, maxAckExtensionPeriod, ackLatencyDistribution, stub, flowController, flowControlSettings.getMaxOutstandingElementCount(), executor, alarmsExecutor, clock));
}
startConnections(pollingSubscriberConnections, new Listener() {
@Override
public void failed(State from, Throwable failure) {
// If a connection failed is because of a fatal error, we should fail the
// whole subscriber.
stopAllPollingConnections();
try {
notifyFailed(failure);
} catch (IllegalStateException e) {
if (isRunning()) {
throw e;
}
// It could happen that we are shutting down while some channels fail.
}
}
});
}
}
use of io.grpc.CallCredentials in project etcd-java by IBM.
the class EtcdClient method refreshCredentials.
private CallCredentials refreshCredentials() {
return new CallCredentials() {
// TODO volatile TBD
private Metadata tokenHeader;
private final long authTime = System.currentTimeMillis();
private final ListenableFuture<Metadata> futureTokenHeader = Futures.transform(authenticate(), (Function<AuthenticateResponse, Metadata>) ar -> tokenHeader = tokenHeader(ar));
@Override
public void applyRequestMetadata(MethodDescriptor<?, ?> method, Attributes attrs, Executor appExecutor, MetadataApplier applier) {
Metadata tokHeader = tokenHeader;
if (tokHeader != null)
applier.apply(tokHeader);
else
futureTokenHeader.addListener(() -> {
try {
applier.apply(futureTokenHeader.get());
} catch (ExecutionException | InterruptedException ee) {
// (IE won't be thrown)
Status failStatus = Status.fromThrowable(ee.getCause());
Code code = failStatus != null ? failStatus.getCode() : null;
if (code != Code.INVALID_ARGUMENT && (System.currentTimeMillis() - authTime) > 15_000L) {
// this will force another auth attempt
failStatus = Status.UNAUTHENTICATED.withDescription("re-attempt re-auth");
}
applier.fail(failStatus);
}
}, directExecutor());
}
// @Override
public void thisUsesUnstableApi() {
}
};
}
use of io.grpc.CallCredentials in project beam by apache.
the class GrpcWindmillServer method initializeWindmillService.
private synchronized void initializeWindmillService(Set<HostAndPort> endpoints) throws IOException {
LOG.info("Initializing Streaming Engine GRPC client for endpoints: {}", endpoints);
this.stubList.clear();
this.syncStubList.clear();
this.endpoints = ImmutableSet.<HostAndPort>copyOf(endpoints);
for (HostAndPort endpoint : this.endpoints) {
if ("localhost".equals(endpoint.getHost())) {
initializeLocalHost(endpoint.getPort());
} else {
CallCredentials creds = MoreCallCredentials.from(new VendoredCredentialsAdapter(options.getGcpCredential()));
this.stubList.add(CloudWindmillServiceV1Alpha1Grpc.newStub(remoteChannel(endpoint)).withCallCredentials(creds));
this.syncStubList.add(CloudWindmillServiceV1Alpha1Grpc.newBlockingStub(remoteChannel(endpoint)).withCallCredentials(creds));
}
}
}
use of io.grpc.CallCredentials in project grpc-java by grpc.
the class GoogleAuthLibraryCallCredentialsTest method googleCredential_privacyAndIntegrityAllowed.
@Test
public void googleCredential_privacyAndIntegrityAllowed() {
final AccessToken token = new AccessToken("allyourbase", new Date(Long.MAX_VALUE));
final Credentials credentials = GoogleCredentials.create(token);
GoogleAuthLibraryCallCredentials callCredentials = new GoogleAuthLibraryCallCredentials(credentials);
callCredentials.applyRequestMetadata(new RequestInfoImpl(SecurityLevel.PRIVACY_AND_INTEGRITY), executor, applier);
runPendingRunnables();
verify(applier).apply(headersCaptor.capture());
Metadata headers = headersCaptor.getValue();
Iterable<String> authorization = headers.getAll(AUTHORIZATION);
assertArrayEquals(new String[] { "Bearer allyourbase" }, Iterables.toArray(authorization, String.class));
}
Aggregations