Examples with ChannelCredentials io.grpc.ChannelCredentials used on opensource projects

Search in sources :

Example 26 with ChannelCredentials

use of io.grpc.ChannelCredentials in project grpc-java by grpc.

the class ProtocolNegotiatorsTest method from_tls_clientAuthRequire_noClientCert.

@Test
public void from_tls_clientAuthRequire_noClientCert() throws Exception {
    ServerCredentials serverCreds = TlsServerCredentials.newBuilder().keyManager(server1Cert, server1Key).trustManager(caCert).clientAuth(TlsServerCredentials.ClientAuth.REQUIRE).build();
    ChannelCredentials channelCreds = TlsChannelCredentials.newBuilder().trustManager(caCert).build();
    Status status = expectFailedHandshake(channelCreds, serverCreds);
    assertEquals(Status.Code.UNAVAILABLE, status.getCode());
    StatusException sre = status.asException();
    // because of netty/netty#11604 we need to check for both TLSv1.2 and v1.3 behaviors
    if (sre.getCause() instanceof SSLHandshakeException) {
        assertThat(sre).hasCauseThat().isInstanceOf(SSLHandshakeException.class);
        assertThat(sre).hasCauseThat().hasMessageThat().contains("SSLV3_ALERT_HANDSHAKE_FAILURE");
    } else {
        // Client cert verification is after handshake in TLSv1.3
        assertThat(sre).hasCauseThat().hasCauseThat().isInstanceOf(SSLException.class);
        assertThat(sre).hasCauseThat().hasMessageThat().contains("CERTIFICATE_REQUIRED");
    }
}
Also used : Status(io.grpc.Status) StatusException(io.grpc.StatusException) InsecureServerCredentials(io.grpc.InsecureServerCredentials) TlsServerCredentials(io.grpc.TlsServerCredentials) ChoiceServerCredentials(io.grpc.ChoiceServerCredentials) ServerCredentials(io.grpc.ServerCredentials) ChoiceChannelCredentials(io.grpc.ChoiceChannelCredentials) TlsChannelCredentials(io.grpc.TlsChannelCredentials) InsecureChannelCredentials(io.grpc.InsecureChannelCredentials) ChannelCredentials(io.grpc.ChannelCredentials) CompositeChannelCredentials(io.grpc.CompositeChannelCredentials) SSLHandshakeException(javax.net.ssl.SSLHandshakeException) Test(org.junit.Test)

Example 27 with ChannelCredentials

use of io.grpc.ChannelCredentials in project grpc-java by grpc.

the class ProtocolNegotiatorsTest method from_tls_managers.

@Test
public void from_tls_managers() throws Exception {
    SelfSignedCertificate cert = new SelfSignedCertificate(TestUtils.TEST_SERVER_HOST);
    KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
    keyStore.load(null);
    keyStore.setKeyEntry("mykey", cert.key(), new char[0], new Certificate[] { cert.cert() });
    KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
    keyManagerFactory.init(keyStore, new char[0]);
    KeyStore certStore = KeyStore.getInstance(KeyStore.getDefaultType());
    certStore.load(null);
    certStore.setCertificateEntry("mycert", cert.cert());
    TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
    trustManagerFactory.init(certStore);
    ServerCredentials serverCreds = TlsServerCredentials.newBuilder().keyManager(keyManagerFactory.getKeyManagers()).trustManager(trustManagerFactory.getTrustManagers()).clientAuth(TlsServerCredentials.ClientAuth.REQUIRE).build();
    ChannelCredentials channelCreds = TlsChannelCredentials.newBuilder().keyManager(keyManagerFactory.getKeyManagers()).trustManager(trustManagerFactory.getTrustManagers()).build();
    InternalChannelz.Tls tls = expectSuccessfulHandshake(channelCreds, serverCreds);
    assertThat(((X509Certificate) tls.remoteCert).getSubjectX500Principal().getName()).isEqualTo("CN=" + TestUtils.TEST_SERVER_HOST);
    cert.delete();
}
Also used : SelfSignedCertificate(io.netty.handler.ssl.util.SelfSignedCertificate) InsecureServerCredentials(io.grpc.InsecureServerCredentials) TlsServerCredentials(io.grpc.TlsServerCredentials) ChoiceServerCredentials(io.grpc.ChoiceServerCredentials) ServerCredentials(io.grpc.ServerCredentials) ChoiceChannelCredentials(io.grpc.ChoiceChannelCredentials) TlsChannelCredentials(io.grpc.TlsChannelCredentials) InsecureChannelCredentials(io.grpc.InsecureChannelCredentials) ChannelCredentials(io.grpc.ChannelCredentials) CompositeChannelCredentials(io.grpc.CompositeChannelCredentials) InternalChannelz(io.grpc.InternalChannelz) TrustManagerFactory(javax.net.ssl.TrustManagerFactory) KeyStore(java.security.KeyStore) KeyManagerFactory(javax.net.ssl.KeyManagerFactory) Test(org.junit.Test)

Example 28 with ChannelCredentials

use of io.grpc.ChannelCredentials in project grpc-java by grpc.

the class ProtocolNegotiatorsTest method from_tls_clientAuthRequire_clientCert.

@Test
public void from_tls_clientAuthRequire_clientCert() throws Exception {
    ServerCredentials serverCreds = TlsServerCredentials.newBuilder().keyManager(server1Cert, server1Key).trustManager(caCert).clientAuth(TlsServerCredentials.ClientAuth.REQUIRE).build();
    ChannelCredentials channelCreds = TlsChannelCredentials.newBuilder().keyManager(server1Cert, server1Key).trustManager(caCert).build();
    InternalChannelz.Tls tls = expectSuccessfulHandshake(channelCreds, serverCreds);
    assertThat(((X509Certificate) tls.remoteCert).getSubjectX500Principal().getName()).contains("CN=*.test.google.com");
}
Also used : InsecureServerCredentials(io.grpc.InsecureServerCredentials) TlsServerCredentials(io.grpc.TlsServerCredentials) ChoiceServerCredentials(io.grpc.ChoiceServerCredentials) ServerCredentials(io.grpc.ServerCredentials) ChoiceChannelCredentials(io.grpc.ChoiceChannelCredentials) TlsChannelCredentials(io.grpc.TlsChannelCredentials) InsecureChannelCredentials(io.grpc.InsecureChannelCredentials) ChannelCredentials(io.grpc.ChannelCredentials) CompositeChannelCredentials(io.grpc.CompositeChannelCredentials) InternalChannelz(io.grpc.InternalChannelz) Test(org.junit.Test)

Example 29 with ChannelCredentials

use of io.grpc.ChannelCredentials in project grpc-java by grpc.

the class ProtocolNegotiatorsTest method fromClient_unknown.

@Test
public void fromClient_unknown() {
    ProtocolNegotiators.FromChannelCredentialsResult result = ProtocolNegotiators.from(new ChannelCredentials() {

        @Override
        public ChannelCredentials withoutBearerTokens() {
            throw new UnsupportedOperationException();
        }
    });
    assertThat(result.error).isNotNull();
    assertThat(result.callCredentials).isNull();
    assertThat(result.negotiator).isNull();
}
Also used : ChoiceChannelCredentials(io.grpc.ChoiceChannelCredentials) TlsChannelCredentials(io.grpc.TlsChannelCredentials) InsecureChannelCredentials(io.grpc.InsecureChannelCredentials) ChannelCredentials(io.grpc.ChannelCredentials) CompositeChannelCredentials(io.grpc.CompositeChannelCredentials) Test(org.junit.Test)

Example 30 with ChannelCredentials

use of io.grpc.ChannelCredentials in project grpc-java by grpc.

the class ProtocolNegotiatorsTest method from_tls_clientAuthOptional_clientCert.

@Test
public void from_tls_clientAuthOptional_clientCert() throws Exception {
    ServerCredentials serverCreds = TlsServerCredentials.newBuilder().keyManager(server1Cert, server1Key).trustManager(caCert).clientAuth(TlsServerCredentials.ClientAuth.OPTIONAL).build();
    ChannelCredentials channelCreds = TlsChannelCredentials.newBuilder().keyManager(server1Cert, server1Key).trustManager(caCert).build();
    InternalChannelz.Tls tls = expectSuccessfulHandshake(channelCreds, serverCreds);
    assertThat(((X509Certificate) tls.remoteCert).getSubjectX500Principal().getName()).contains("CN=*.test.google.com");
}
Also used : InsecureServerCredentials(io.grpc.InsecureServerCredentials) TlsServerCredentials(io.grpc.TlsServerCredentials) ChoiceServerCredentials(io.grpc.ChoiceServerCredentials) ServerCredentials(io.grpc.ServerCredentials) ChoiceChannelCredentials(io.grpc.ChoiceChannelCredentials) TlsChannelCredentials(io.grpc.TlsChannelCredentials) InsecureChannelCredentials(io.grpc.InsecureChannelCredentials) ChannelCredentials(io.grpc.ChannelCredentials) CompositeChannelCredentials(io.grpc.CompositeChannelCredentials) InternalChannelz(io.grpc.InternalChannelz) Test(org.junit.Test)

Aggregations

ChannelCredentials (io.grpc.ChannelCredentials)35 TlsChannelCredentials (io.grpc.TlsChannelCredentials)28 Test (org.junit.Test)24 InsecureChannelCredentials (io.grpc.InsecureChannelCredentials)22 CompositeChannelCredentials (io.grpc.CompositeChannelCredentials)18 ChoiceChannelCredentials (io.grpc.ChoiceChannelCredentials)16 ServerCredentials (io.grpc.ServerCredentials)14 TlsServerCredentials (io.grpc.TlsServerCredentials)14 InsecureServerCredentials (io.grpc.InsecureServerCredentials)8 ChoiceServerCredentials (io.grpc.ChoiceServerCredentials)7 InternalChannelz (io.grpc.InternalChannelz)6 StatusRuntimeException (io.grpc.StatusRuntimeException)6 SimpleServiceGrpc (io.grpc.testing.protobuf.SimpleServiceGrpc)6 AdvancedTlsX509KeyManager (io.grpc.util.AdvancedTlsX509KeyManager)5 AdvancedTlsX509TrustManager (io.grpc.util.AdvancedTlsX509TrustManager)5 SelfSignedCertificate (io.netty.handler.ssl.util.SelfSignedCertificate)3 KeyStore (java.security.KeyStore)3 KeyManagerFactory (javax.net.ssl.KeyManagerFactory)3 SSLContext (javax.net.ssl.SSLContext)3 ManagedChannel (io.grpc.ManagedChannel)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial