Examples with FilterChainMatchingHandler io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler used on opensource projects

Search in sources :

Example 11 with FilterChainMatchingHandler

use of io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler in project grpc-java by grpc.

the class FilterChainMatchingProtocolNegotiatorsTest method destPrefixRangeIpv6_moreSpecificWins.

@Test
public void destPrefixRangeIpv6_moreSpecificWins() throws Exception {
    EnvoyServerProtoData.DownstreamTlsContext tlsContextLessSpecific = CommonTlsContextTestsUtil.buildTestInternalDownstreamTlsContext("CERT1", "VA1");
    EnvoyServerProtoData.FilterChainMatch filterChainMatchLessSpecific = EnvoyServerProtoData.FilterChainMatch.create(0, ImmutableList.of(EnvoyServerProtoData.CidrRange.create("FE80:0:0:0:0:0:0:0", 60)), ImmutableList.of(), ImmutableList.of(), EnvoyServerProtoData.ConnectionSourceType.ANY, ImmutableList.of(), ImmutableList.of(), "");
    EnvoyServerProtoData.FilterChain filterChainLessSpecific = EnvoyServerProtoData.FilterChain.create("filter-chain-foo", filterChainMatchLessSpecific, HTTP_CONNECTION_MANAGER, tlsContextLessSpecific, tlsContextManager);
    EnvoyServerProtoData.DownstreamTlsContext tlsContextMoreSpecific = CommonTlsContextTestsUtil.buildTestInternalDownstreamTlsContext("CERT2", "VA2");
    EnvoyServerProtoData.FilterChainMatch filterChainMatchMoreSpecific = EnvoyServerProtoData.FilterChainMatch.create(0, ImmutableList.of(EnvoyServerProtoData.CidrRange.create("FE80:0000:0000:0000:0202:0:0:0", 80)), ImmutableList.of(), ImmutableList.of(), EnvoyServerProtoData.ConnectionSourceType.ANY, ImmutableList.of(), ImmutableList.of(), "");
    EnvoyServerProtoData.FilterChain filterChainMoreSpecific = EnvoyServerProtoData.FilterChain.create("filter-chain-bar", filterChainMatchMoreSpecific, HTTP_CONNECTION_MANAGER, tlsContextMoreSpecific, tlsContextManager);
    EnvoyServerProtoData.FilterChain defaultFilterChain = EnvoyServerProtoData.FilterChain.create("filter-chain-baz", DEFAULT_FILTER_CHAIN_MATCH, HTTP_CONNECTION_MANAGER, null, tlsContextManager);
    selectorManager.updateSelector(new FilterChainSelector(ImmutableMap.of(filterChainLessSpecific, randomConfig("no-match"), filterChainMoreSpecific, noopConfig), defaultFilterChain.sslContextProviderSupplier(), randomConfig("default")));
    FilterChainMatchingHandler filterChainMatchingHandler = new FilterChainMatchingHandler(grpcHandler, selectorManager, mockDelegate);
    ChannelHandler next = captureAttrHandler(sslSet, routingSettable);
    when(mockDelegate.newHandler(grpcHandler)).thenReturn(next);
    setupChannel("FE80:0000:0000:0000:0202:B3FF:FE1E:8329", "2001:DB8::8:800:200C:417A", 15000, filterChainMatchingHandler);
    pipeline.fireUserEventTriggered(event);
    channel.runPendingTasks();
    assertThat(sslSet.get()).isEqualTo(filterChainMoreSpecific.sslContextProviderSupplier());
    assertThat(routingSettable.get()).isEqualTo(noopConfig);
    assertThat(sslSet.get().getTlsContext()).isSameInstanceAs(tlsContextMoreSpecific);
}
Also used : FilterChainSelector(io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler.FilterChainSelector) FilterChainMatchingHandler(io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler) DownstreamTlsContext(io.grpc.xds.EnvoyServerProtoData.DownstreamTlsContext) ChannelHandler(io.netty.channel.ChannelHandler) FilterChain(io.grpc.xds.EnvoyServerProtoData.FilterChain) Test(org.junit.Test)

Example 12 with FilterChainMatchingHandler

use of io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler in project grpc-java by grpc.

the class XdsClientWrapperForServerSdsTestMisc method getSslContextProviderSupplier.

private SslContextProviderSupplier getSslContextProviderSupplier(FilterChainSelector selector) throws Exception {
    final SettableFuture<SslContextProviderSupplier> sslSet = SettableFuture.create();
    ChannelHandler next = new ChannelInboundHandlerAdapter() {

        @Override
        public void userEventTriggered(ChannelHandlerContext ctx, Object evt) {
            ProtocolNegotiationEvent e = (ProtocolNegotiationEvent) evt;
            sslSet.set(InternalProtocolNegotiationEvent.getAttributes(e).get(ATTR_SERVER_SSL_CONTEXT_PROVIDER_SUPPLIER));
            ctx.pipeline().remove(this);
        }
    };
    ProtocolNegotiator mockDelegate = mock(ProtocolNegotiator.class);
    GrpcHttp2ConnectionHandler grpcHandler = FakeGrpcHttp2ConnectionHandler.newHandler();
    when(mockDelegate.newHandler(grpcHandler)).thenReturn(next);
    FilterChainSelectorManager manager = new FilterChainSelectorManager();
    manager.updateSelector(selector);
    FilterChainMatchingHandler filterChainMatchingHandler = new FilterChainMatchingHandler(grpcHandler, manager, mockDelegate);
    pipeline.addLast(filterChainMatchingHandler);
    ProtocolNegotiationEvent event = InternalProtocolNegotiationEvent.getDefault();
    pipeline.fireUserEventTriggered(event);
    channel.runPendingTasks();
    sslSet.set(InternalProtocolNegotiationEvent.getAttributes(event).get(ATTR_SERVER_SSL_CONTEXT_PROVIDER_SUPPLIER));
    return sslSet.get();
}
Also used : ProtocolNegotiationEvent(io.grpc.netty.ProtocolNegotiationEvent) InternalProtocolNegotiationEvent(io.grpc.netty.InternalProtocolNegotiationEvent) ProtocolNegotiator(io.grpc.netty.InternalProtocolNegotiator.ProtocolNegotiator) FilterChainMatchingHandler(io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler) ChannelHandlerContext(io.netty.channel.ChannelHandlerContext) ChannelHandler(io.netty.channel.ChannelHandler) GrpcHttp2ConnectionHandler(io.grpc.netty.GrpcHttp2ConnectionHandler) SslContextProviderSupplier(io.grpc.xds.internal.sds.SslContextProviderSupplier) ChannelInboundHandlerAdapter(io.netty.channel.ChannelInboundHandlerAdapter)

Example 13 with FilterChainMatchingHandler

use of io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler in project grpc-java by grpc.

the class FilterChainMatchingProtocolNegotiatorsTest method dest0LengthPrefixRange.

@Test
public void dest0LengthPrefixRange() throws Exception {
    EnvoyServerProtoData.DownstreamTlsContext tlsContext0Length = CommonTlsContextTestsUtil.buildTestInternalDownstreamTlsContext("CERT1", "VA1");
    // 10.2.2.0/24 doesn't match LOCAL_IP
    EnvoyServerProtoData.FilterChainMatch filterChainMatch0Length = EnvoyServerProtoData.FilterChainMatch.create(0, ImmutableList.of(EnvoyServerProtoData.CidrRange.create("10.2.2.0", 0)), ImmutableList.of(), ImmutableList.of(), EnvoyServerProtoData.ConnectionSourceType.ANY, ImmutableList.of(), ImmutableList.of(), "");
    EnvoyServerProtoData.FilterChain filterChain0Length = EnvoyServerProtoData.FilterChain.create("filter-chain-foo", filterChainMatch0Length, HTTP_CONNECTION_MANAGER, tlsContext0Length, tlsContextManager);
    EnvoyServerProtoData.DownstreamTlsContext tlsContextForDefaultFilterChain = CommonTlsContextTestsUtil.buildTestInternalDownstreamTlsContext("CERT2", "VA2");
    EnvoyServerProtoData.FilterChain defaultFilterChain = EnvoyServerProtoData.FilterChain.create("filter-chain-bar", DEFAULT_FILTER_CHAIN_MATCH, HTTP_CONNECTION_MANAGER, tlsContextForDefaultFilterChain, tlsContextManager);
    selectorManager.updateSelector(new FilterChainSelector(ImmutableMap.of(filterChain0Length, noopConfig), defaultFilterChain.sslContextProviderSupplier(), new AtomicReference<ServerRoutingConfig>()));
    FilterChainMatchingHandler filterChainMatchingHandler = new FilterChainMatchingHandler(grpcHandler, selectorManager, mockDelegate);
    ChannelHandler next = captureAttrHandler(sslSet, routingSettable);
    when(mockDelegate.newHandler(grpcHandler)).thenReturn(next);
    setupChannel(LOCAL_IP, REMOTE_IP, 15000, filterChainMatchingHandler);
    pipeline.fireUserEventTriggered(event);
    channel.runPendingTasks();
    assertThat(sslSet.get()).isEqualTo(filterChain0Length.sslContextProviderSupplier());
    assertThat(routingSettable.get()).isEqualTo(noopConfig);
    assertThat(sslSet.get().getTlsContext()).isSameInstanceAs(tlsContext0Length);
}
Also used : FilterChainSelector(io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler.FilterChainSelector) FilterChainMatchingHandler(io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler) DownstreamTlsContext(io.grpc.xds.EnvoyServerProtoData.DownstreamTlsContext) AtomicReference(java.util.concurrent.atomic.AtomicReference) ChannelHandler(io.netty.channel.ChannelHandler) FilterChain(io.grpc.xds.EnvoyServerProtoData.FilterChain) Test(org.junit.Test)

Example 14 with FilterChainMatchingHandler

use of io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler in project grpc-java by grpc.

the class FilterChainMatchingProtocolNegotiatorsTest method singleFilterChainWithoutAlpn.

@Test
public void singleFilterChainWithoutAlpn() throws Exception {
    EnvoyServerProtoData.FilterChainMatch filterChainMatch = EnvoyServerProtoData.FilterChainMatch.create(0, ImmutableList.of(), ImmutableList.of(), ImmutableList.of(), EnvoyServerProtoData.ConnectionSourceType.ANY, ImmutableList.of(), ImmutableList.of(), "");
    EnvoyServerProtoData.DownstreamTlsContext tlsContext = CommonTlsContextTestsUtil.buildTestInternalDownstreamTlsContext("CERT1", "VA1");
    EnvoyServerProtoData.FilterChain filterChain = EnvoyServerProtoData.FilterChain.create("filter-chain-foo", filterChainMatch, HTTP_CONNECTION_MANAGER, tlsContext, tlsContextManager);
    selectorManager.updateSelector(new FilterChainSelector(ImmutableMap.of(filterChain, noopConfig), null, new AtomicReference<ServerRoutingConfig>()));
    FilterChainMatchingHandler filterChainMatchingHandler = new FilterChainMatchingHandler(grpcHandler, selectorManager, mockDelegate);
    ChannelHandler next = captureAttrHandler(sslSet, routingSettable);
    when(mockDelegate.newHandler(grpcHandler)).thenReturn(next);
    setupChannel(LOCAL_IP, REMOTE_IP, 15000, filterChainMatchingHandler);
    pipeline.fireUserEventTriggered(event);
    channel.runPendingTasks();
    assertThat(sslSet.isDone()).isTrue();
    assertThat(sslSet.get()).isEqualTo(filterChain.sslContextProviderSupplier());
    assertThat(routingSettable.get()).isEqualTo(noopConfig);
    assertThat(sslSet.get().getTlsContext()).isSameInstanceAs(tlsContext);
}
Also used : FilterChainSelector(io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler.FilterChainSelector) FilterChainMatchingHandler(io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler) DownstreamTlsContext(io.grpc.xds.EnvoyServerProtoData.DownstreamTlsContext) AtomicReference(java.util.concurrent.atomic.AtomicReference) ChannelHandler(io.netty.channel.ChannelHandler) FilterChain(io.grpc.xds.EnvoyServerProtoData.FilterChain) Test(org.junit.Test)

Example 15 with FilterChainMatchingHandler

use of io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler in project grpc-java by grpc.

the class FilterChainMatchingProtocolNegotiatorsTest method filterChainMatch_unsupportedMatchers.

@Test
@SuppressWarnings("deprecation")
public void filterChainMatch_unsupportedMatchers() throws Exception {
    EnvoyServerProtoData.DownstreamTlsContext tlsContext1 = CommonTlsContextTestsUtil.buildTestInternalDownstreamTlsContext("CERT1", "ROOTCA");
    EnvoyServerProtoData.DownstreamTlsContext tlsContext2 = CommonTlsContextTestsUtil.buildTestInternalDownstreamTlsContext("CERT2", "ROOTCA");
    EnvoyServerProtoData.DownstreamTlsContext tlsContext3 = CommonTlsContextTestsUtil.buildTestInternalDownstreamTlsContext("CERT3", "ROOTCA");
    EnvoyServerProtoData.FilterChainMatch filterChainMatch1 = EnvoyServerProtoData.FilterChainMatch.create(0, /* destinationPort */
    ImmutableList.of(EnvoyServerProtoData.CidrRange.create("10.1.0.0", 16)), /* prefixRange */
    ImmutableList.of("managed-mtls", "h2"), /* applicationProtocol */
    ImmutableList.of(), /* sourcePrefixRanges */
    EnvoyServerProtoData.ConnectionSourceType.ANY, /* sourceType */
    ImmutableList.of(), /* sourcePorts */
    ImmutableList.of("server1", "server2"), /* serverNames */
    "tls");
    EnvoyServerProtoData.FilterChainMatch filterChainMatch2 = EnvoyServerProtoData.FilterChainMatch.create(0, /* destinationPort */
    ImmutableList.of(EnvoyServerProtoData.CidrRange.create("10.0.0.0", 8)), /* prefixRange */
    ImmutableList.of(), /* applicationProtocol */
    ImmutableList.of(), /* sourcePrefixRanges */
    EnvoyServerProtoData.ConnectionSourceType.ANY, /* sourceType */
    ImmutableList.of(), /* sourcePorts */
    ImmutableList.of(), /* serverNames */
    "");
    EnvoyServerProtoData.FilterChainMatch defaultFilterChainMatch = EnvoyServerProtoData.FilterChainMatch.create(0, /* destinationPort */
    ImmutableList.of(), /* prefixRange */
    ImmutableList.of(), /* applicationProtocol */
    ImmutableList.of(), /* sourcePrefixRanges */
    EnvoyServerProtoData.ConnectionSourceType.ANY, /* sourceType */
    ImmutableList.of(), /* sourcePorts */
    ImmutableList.of(), /* serverNames */
    "");
    EnvoyServerProtoData.FilterChain filterChain1 = EnvoyServerProtoData.FilterChain.create("filter-chain-foo", filterChainMatch1, HTTP_CONNECTION_MANAGER, tlsContext1, mock(TlsContextManager.class));
    EnvoyServerProtoData.FilterChain filterChain2 = EnvoyServerProtoData.FilterChain.create("filter-chain-bar", filterChainMatch2, HTTP_CONNECTION_MANAGER, tlsContext2, mock(TlsContextManager.class));
    EnvoyServerProtoData.FilterChain defaultFilterChain = EnvoyServerProtoData.FilterChain.create("filter-chain-baz", defaultFilterChainMatch, HTTP_CONNECTION_MANAGER, tlsContext3, mock(TlsContextManager.class));
    selectorManager.updateSelector(new FilterChainSelector(ImmutableMap.of(filterChain1, randomConfig("1"), filterChain2, randomConfig("2")), defaultFilterChain.sslContextProviderSupplier(), noopConfig));
    FilterChainMatchingHandler filterChainMatchingHandler = new FilterChainMatchingHandler(grpcHandler, selectorManager, mockDelegate);
    ChannelHandler next = captureAttrHandler(sslSet, routingSettable);
    when(mockDelegate.newHandler(grpcHandler)).thenReturn(next);
    setupChannel(LOCAL_IP, REMOTE_IP, 15000, filterChainMatchingHandler);
    pipeline.fireUserEventTriggered(event);
    channel.runPendingTasks();
    assertThat(sslSet.get()).isEqualTo(defaultFilterChain.sslContextProviderSupplier());
    assertThat(routingSettable.get()).isEqualTo(noopConfig);
    assertThat(sslSet.get().getTlsContext().getCommonTlsContext().getTlsCertificateCertificateProviderInstance().getCertificateName()).isEqualTo("CERT3");
}
Also used : FilterChainSelector(io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler.FilterChainSelector) FilterChainMatchingHandler(io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler) DownstreamTlsContext(io.grpc.xds.EnvoyServerProtoData.DownstreamTlsContext) ChannelHandler(io.netty.channel.ChannelHandler) FilterChain(io.grpc.xds.EnvoyServerProtoData.FilterChain) Test(org.junit.Test)

Aggregations

FilterChainMatchingHandler (io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler)21 FilterChainSelector (io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler.FilterChainSelector)20 ChannelHandler (io.netty.channel.ChannelHandler)20 Test (org.junit.Test)20 DownstreamTlsContext (io.grpc.xds.EnvoyServerProtoData.DownstreamTlsContext)17 FilterChain (io.grpc.xds.EnvoyServerProtoData.FilterChain)17 ServerRoutingConfig (io.grpc.xds.XdsServerWrapper.ServerRoutingConfig)4 HashMap (java.util.HashMap)4 AtomicReference (java.util.concurrent.atomic.AtomicReference)4 ChannelHandlerContext (io.netty.channel.ChannelHandlerContext)3 ChannelInboundHandlerAdapter (io.netty.channel.ChannelInboundHandlerAdapter)3 InternalProtocolNegotiationEvent (io.grpc.netty.InternalProtocolNegotiationEvent)2 ProtocolNegotiationEvent (io.grpc.netty.ProtocolNegotiationEvent)2 SslContextProviderSupplier (io.grpc.xds.internal.sds.SslContextProviderSupplier)2 GrpcHttp2ConnectionHandler (io.grpc.netty.GrpcHttp2ConnectionHandler)1 ProtocolNegotiator (io.grpc.netty.InternalProtocolNegotiator.ProtocolNegotiator)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial