Examples with FilterChainMatchingHandler io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler used on opensource projects

Search in sources :

Example 16 with FilterChainMatchingHandler

use of io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler in project grpc-java by grpc.

the class FilterChainMatchingProtocolNegotiatorsTest method sourcePrefixRange_2Matchers_expectException.

@Test
public void sourcePrefixRange_2Matchers_expectException() throws UnknownHostException {
    ChannelHandler next = new ChannelInboundHandlerAdapter() {

        @Override
        public void userEventTriggered(ChannelHandlerContext ctx, Object evt) {
            ProtocolNegotiationEvent e = (ProtocolNegotiationEvent) evt;
            sslSet.set(InternalProtocolNegotiationEvent.getAttributes(e).get(ATTR_SERVER_SSL_CONTEXT_PROVIDER_SUPPLIER));
        }
    };
    when(mockDelegate.newHandler(grpcHandler)).thenReturn(next);
    EnvoyServerProtoData.DownstreamTlsContext tlsContext1 = CommonTlsContextTestsUtil.buildTestInternalDownstreamTlsContext("CERT1", "VA1");
    EnvoyServerProtoData.FilterChainMatch filterChainMatch1 = EnvoyServerProtoData.FilterChainMatch.create(0, ImmutableList.of(), ImmutableList.of(), ImmutableList.of(EnvoyServerProtoData.CidrRange.create("10.4.2.0", 24), EnvoyServerProtoData.CidrRange.create("192.168.10.2", 32)), EnvoyServerProtoData.ConnectionSourceType.ANY, ImmutableList.of(), ImmutableList.of(), "");
    EnvoyServerProtoData.FilterChain filterChain1 = EnvoyServerProtoData.FilterChain.create("filter-chain-foo", filterChainMatch1, HTTP_CONNECTION_MANAGER, tlsContext1, tlsContextManager);
    EnvoyServerProtoData.DownstreamTlsContext tlsContext2 = CommonTlsContextTestsUtil.buildTestInternalDownstreamTlsContext("CERT2", "VA2");
    EnvoyServerProtoData.FilterChainMatch filterChainMatch2 = EnvoyServerProtoData.FilterChainMatch.create(0, ImmutableList.of(), ImmutableList.of(), ImmutableList.of(EnvoyServerProtoData.CidrRange.create("10.4.2.0", 24)), EnvoyServerProtoData.ConnectionSourceType.ANY, ImmutableList.of(), ImmutableList.of(), "");
    EnvoyServerProtoData.FilterChain filterChain2 = EnvoyServerProtoData.FilterChain.create("filter-chain-bar", filterChainMatch2, HTTP_CONNECTION_MANAGER, tlsContext2, tlsContextManager);
    EnvoyServerProtoData.FilterChain defaultFilterChain = EnvoyServerProtoData.FilterChain.create("filter-chain-baz", DEFAULT_FILTER_CHAIN_MATCH, HTTP_CONNECTION_MANAGER, null, null);
    selectorManager.updateSelector(new FilterChainSelector(ImmutableMap.of(filterChain1, noopConfig, filterChain2, noopConfig), defaultFilterChain.sslContextProviderSupplier(), noopConfig));
    FilterChainMatchingHandler filterChainMatchingHandler = new FilterChainMatchingHandler(grpcHandler, selectorManager, mockDelegate);
    setupChannel(LOCAL_IP, REMOTE_IP, 15000, filterChainMatchingHandler);
    pipeline.fireUserEventTriggered(event);
    channel.runPendingTasks();
    try {
        channel.checkException();
        fail("expect exception!");
    } catch (IllegalStateException ise) {
        assertThat(ise).hasMessageThat().isEqualTo("Found more than one matching filter chains. This " + "should not be possible as ClientXdsClient validated the chains for uniqueness.");
        assertThat(sslSet.isDone()).isFalse();
        channelHandlerCtx = pipeline.context(filterChainMatchingHandler);
        assertThat(channelHandlerCtx).isNotNull();
    }
}
Also used : ProtocolNegotiationEvent(io.grpc.netty.ProtocolNegotiationEvent) InternalProtocolNegotiationEvent(io.grpc.netty.InternalProtocolNegotiationEvent) FilterChainSelector(io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler.FilterChainSelector) FilterChainMatchingHandler(io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler) DownstreamTlsContext(io.grpc.xds.EnvoyServerProtoData.DownstreamTlsContext) ChannelHandlerContext(io.netty.channel.ChannelHandlerContext) ChannelHandler(io.netty.channel.ChannelHandler) FilterChain(io.grpc.xds.EnvoyServerProtoData.FilterChain) ChannelInboundHandlerAdapter(io.netty.channel.ChannelInboundHandlerAdapter) Test(org.junit.Test)

Example 17 with FilterChainMatchingHandler

use of io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler in project grpc-java by grpc.

the class FilterChainMatchingProtocolNegotiatorsTest method sourceTypeMismatch_returnDefaultFilterChain.

@Test
public void sourceTypeMismatch_returnDefaultFilterChain() throws Exception {
    EnvoyServerProtoData.DownstreamTlsContext tlsContextMismatch = CommonTlsContextTestsUtil.buildTestInternalDownstreamTlsContext("CERT1", "VA1");
    EnvoyServerProtoData.FilterChainMatch filterChainMatchWithMismatch = EnvoyServerProtoData.FilterChainMatch.create(0, ImmutableList.of(), ImmutableList.of(), ImmutableList.of(), EnvoyServerProtoData.ConnectionSourceType.SAME_IP_OR_LOOPBACK, ImmutableList.of(), ImmutableList.of(), "");
    EnvoyServerProtoData.FilterChain filterChainWithMismatch = EnvoyServerProtoData.FilterChain.create("filter-chain-foo", filterChainMatchWithMismatch, HTTP_CONNECTION_MANAGER, tlsContextMismatch, tlsContextManager);
    EnvoyServerProtoData.DownstreamTlsContext tlsContextForDefaultFilterChain = CommonTlsContextTestsUtil.buildTestInternalDownstreamTlsContext("CERT2", "VA2");
    EnvoyServerProtoData.FilterChain defaultFilterChain = EnvoyServerProtoData.FilterChain.create("filter-chain-bar", DEFAULT_FILTER_CHAIN_MATCH, HTTP_CONNECTION_MANAGER, tlsContextForDefaultFilterChain, tlsContextManager);
    selectorManager.updateSelector(new FilterChainSelector(ImmutableMap.of(filterChainWithMismatch, randomConfig("no-match")), defaultFilterChain.sslContextProviderSupplier(), noopConfig));
    FilterChainMatchingHandler filterChainMatchingHandler = new FilterChainMatchingHandler(grpcHandler, selectorManager, mockDelegate);
    ChannelHandler next = captureAttrHandler(sslSet, routingSettable);
    when(mockDelegate.newHandler(grpcHandler)).thenReturn(next);
    setupChannel(LOCAL_IP, REMOTE_IP, 15000, filterChainMatchingHandler);
    pipeline.fireUserEventTriggered(event);
    channel.runPendingTasks();
    assertThat(sslSet.get()).isEqualTo(defaultFilterChain.sslContextProviderSupplier());
    assertThat(routingSettable.get()).isEqualTo(noopConfig);
    assertThat(sslSet.get().getTlsContext()).isSameInstanceAs(tlsContextForDefaultFilterChain);
}
Also used : FilterChainSelector(io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler.FilterChainSelector) FilterChainMatchingHandler(io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler) DownstreamTlsContext(io.grpc.xds.EnvoyServerProtoData.DownstreamTlsContext) ChannelHandler(io.netty.channel.ChannelHandler) FilterChain(io.grpc.xds.EnvoyServerProtoData.FilterChain) Test(org.junit.Test)

Example 18 with FilterChainMatchingHandler

use of io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler in project grpc-java by grpc.

the class FilterChainMatchingProtocolNegotiatorsTest method singleFilterChainWithAlpn.

@Test
public void singleFilterChainWithAlpn() throws Exception {
    EnvoyServerProtoData.FilterChainMatch filterChainMatch = EnvoyServerProtoData.FilterChainMatch.create(0, ImmutableList.of(), ImmutableList.of("managed-mtls"), ImmutableList.of(), EnvoyServerProtoData.ConnectionSourceType.ANY, ImmutableList.of(), ImmutableList.of(), "");
    EnvoyServerProtoData.DownstreamTlsContext tlsContext = CommonTlsContextTestsUtil.buildTestInternalDownstreamTlsContext("CERT1", "VA1");
    EnvoyServerProtoData.FilterChain filterChain = EnvoyServerProtoData.FilterChain.create("filter-chain-foo", filterChainMatch, HTTP_CONNECTION_MANAGER, tlsContext, tlsContextManager);
    EnvoyServerProtoData.DownstreamTlsContext defaultTlsContext = CommonTlsContextTestsUtil.buildTestInternalDownstreamTlsContext("CERT2", "VA2");
    EnvoyServerProtoData.FilterChain defaultFilterChain = EnvoyServerProtoData.FilterChain.create("filter-chain-bar", DEFAULT_FILTER_CHAIN_MATCH, HTTP_CONNECTION_MANAGER, defaultTlsContext, tlsContextManager);
    selectorManager.updateSelector(new FilterChainSelector(ImmutableMap.of(filterChain, randomConfig("no-match")), defaultFilterChain.sslContextProviderSupplier(), noopConfig));
    FilterChainMatchingHandler filterChainMatchingHandler = new FilterChainMatchingHandler(grpcHandler, selectorManager, mockDelegate);
    ChannelHandler next = captureAttrHandler(sslSet, routingSettable);
    when(mockDelegate.newHandler(grpcHandler)).thenReturn(next);
    setupChannel(LOCAL_IP, REMOTE_IP, 15000, filterChainMatchingHandler);
    pipeline.fireUserEventTriggered(event);
    channel.runPendingTasks();
    assertThat(sslSet.get()).isEqualTo(defaultFilterChain.sslContextProviderSupplier());
    assertThat(routingSettable.get()).isEqualTo(noopConfig);
    assertThat(sslSet.get().getTlsContext()).isSameInstanceAs(defaultTlsContext);
}
Also used : FilterChainSelector(io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler.FilterChainSelector) FilterChainMatchingHandler(io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler) DownstreamTlsContext(io.grpc.xds.EnvoyServerProtoData.DownstreamTlsContext) ChannelHandler(io.netty.channel.ChannelHandler) FilterChain(io.grpc.xds.EnvoyServerProtoData.FilterChain) Test(org.junit.Test)

Example 19 with FilterChainMatchingHandler

use of io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler in project grpc-java by grpc.

the class FilterChainMatchingProtocolNegotiatorsTest method destPrefixRange_emptyListLessSpecific.

@Test
public void destPrefixRange_emptyListLessSpecific() throws Exception {
    EnvoyServerProtoData.DownstreamTlsContext tlsContextLessSpecific = CommonTlsContextTestsUtil.buildTestInternalDownstreamTlsContext("CERT1", "VA1");
    EnvoyServerProtoData.FilterChainMatch filterChainMatchLessSpecific = EnvoyServerProtoData.FilterChainMatch.create(0, ImmutableList.of(), ImmutableList.of(), ImmutableList.of(), EnvoyServerProtoData.ConnectionSourceType.ANY, ImmutableList.of(), ImmutableList.of(), "");
    EnvoyServerProtoData.FilterChain filterChainLessSpecific = EnvoyServerProtoData.FilterChain.create("filter-chain-foo", filterChainMatchLessSpecific, HTTP_CONNECTION_MANAGER, tlsContextLessSpecific, tlsContextManager);
    EnvoyServerProtoData.DownstreamTlsContext tlsContextMoreSpecific = CommonTlsContextTestsUtil.buildTestInternalDownstreamTlsContext("CERT2", "VA2");
    EnvoyServerProtoData.FilterChainMatch filterChainMatchMoreSpecific = EnvoyServerProtoData.FilterChainMatch.create(0, ImmutableList.of(EnvoyServerProtoData.CidrRange.create("8.0.0.0", 5)), ImmutableList.of(), ImmutableList.of(), EnvoyServerProtoData.ConnectionSourceType.ANY, ImmutableList.of(), ImmutableList.of(), "");
    EnvoyServerProtoData.FilterChain filterChainMoreSpecific = EnvoyServerProtoData.FilterChain.create("filter-chain-bar", filterChainMatchMoreSpecific, HTTP_CONNECTION_MANAGER, tlsContextMoreSpecific, tlsContextManager);
    EnvoyServerProtoData.FilterChain defaultFilterChain = EnvoyServerProtoData.FilterChain.create("filter-chain-baz", DEFAULT_FILTER_CHAIN_MATCH, HTTP_CONNECTION_MANAGER, null, tlsContextManager);
    selectorManager.updateSelector(new FilterChainSelector(ImmutableMap.of(filterChainLessSpecific, randomConfig("no-match"), filterChainMoreSpecific, noopConfig), defaultFilterChain.sslContextProviderSupplier(), randomConfig("default")));
    FilterChainMatchingHandler filterChainMatchingHandler = new FilterChainMatchingHandler(grpcHandler, selectorManager, mockDelegate);
    ChannelHandler next = captureAttrHandler(sslSet, routingSettable);
    when(mockDelegate.newHandler(grpcHandler)).thenReturn(next);
    setupChannel(LOCAL_IP, REMOTE_IP, 15000, filterChainMatchingHandler);
    pipeline.fireUserEventTriggered(event);
    channel.runPendingTasks();
    assertThat(sslSet.get()).isEqualTo(filterChainMoreSpecific.sslContextProviderSupplier());
    assertThat(routingSettable.get()).isEqualTo(noopConfig);
    assertThat(sslSet.get().getTlsContext()).isSameInstanceAs(tlsContextMoreSpecific);
}
Also used : FilterChainSelector(io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler.FilterChainSelector) FilterChainMatchingHandler(io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler) DownstreamTlsContext(io.grpc.xds.EnvoyServerProtoData.DownstreamTlsContext) ChannelHandler(io.netty.channel.ChannelHandler) FilterChain(io.grpc.xds.EnvoyServerProtoData.FilterChain) Test(org.junit.Test)

Example 20 with FilterChainMatchingHandler

use of io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler in project grpc-java by grpc.

the class FilterChainMatchingProtocolNegotiatorsTest method destPrefixRangeMismatch_returnDefaultFilterChain.

@Test
public void destPrefixRangeMismatch_returnDefaultFilterChain() throws Exception {
    EnvoyServerProtoData.DownstreamTlsContext tlsContextMismatch = CommonTlsContextTestsUtil.buildTestInternalDownstreamTlsContext("CERT1", "VA1");
    // 10.2.2.0/24 doesn't match LOCAL_IP
    EnvoyServerProtoData.FilterChainMatch filterChainMatchWithMismatch = EnvoyServerProtoData.FilterChainMatch.create(0, ImmutableList.of(EnvoyServerProtoData.CidrRange.create("10.2.2.0", 24)), ImmutableList.of(), ImmutableList.of(), EnvoyServerProtoData.ConnectionSourceType.ANY, ImmutableList.of(), ImmutableList.of(), "");
    EnvoyServerProtoData.FilterChain filterChainWithMismatch = EnvoyServerProtoData.FilterChain.create("filter-chain-foo", filterChainMatchWithMismatch, HTTP_CONNECTION_MANAGER, tlsContextMismatch, tlsContextManager);
    EnvoyServerProtoData.DownstreamTlsContext tlsContextForDefaultFilterChain = CommonTlsContextTestsUtil.buildTestInternalDownstreamTlsContext("CERT2", "VA2");
    EnvoyServerProtoData.FilterChain defaultFilterChain = EnvoyServerProtoData.FilterChain.create("filter-chain-bar", DEFAULT_FILTER_CHAIN_MATCH, HTTP_CONNECTION_MANAGER, tlsContextForDefaultFilterChain, tlsContextManager);
    selectorManager.updateSelector(new FilterChainSelector(ImmutableMap.of(filterChainWithMismatch, randomConfig("no-match")), defaultFilterChain.sslContextProviderSupplier(), noopConfig));
    FilterChainMatchingHandler filterChainMatchingHandler = new FilterChainMatchingHandler(grpcHandler, selectorManager, mockDelegate);
    ChannelHandler next = captureAttrHandler(sslSet, routingSettable);
    when(mockDelegate.newHandler(grpcHandler)).thenReturn(next);
    setupChannel(LOCAL_IP, REMOTE_IP, 15000, filterChainMatchingHandler);
    pipeline.fireUserEventTriggered(event);
    channel.runPendingTasks();
    assertThat(sslSet.isDone()).isTrue();
    assertThat(sslSet.get()).isEqualTo(defaultFilterChain.sslContextProviderSupplier());
    assertThat(routingSettable.get()).isEqualTo(noopConfig);
    assertThat(sslSet.get().getTlsContext()).isSameInstanceAs(tlsContextForDefaultFilterChain);
}
Also used : FilterChainSelector(io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler.FilterChainSelector) FilterChainMatchingHandler(io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler) DownstreamTlsContext(io.grpc.xds.EnvoyServerProtoData.DownstreamTlsContext) ChannelHandler(io.netty.channel.ChannelHandler) FilterChain(io.grpc.xds.EnvoyServerProtoData.FilterChain) Test(org.junit.Test)

Aggregations

FilterChainMatchingHandler (io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler)21 FilterChainSelector (io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler.FilterChainSelector)20 ChannelHandler (io.netty.channel.ChannelHandler)20 Test (org.junit.Test)20 DownstreamTlsContext (io.grpc.xds.EnvoyServerProtoData.DownstreamTlsContext)17 FilterChain (io.grpc.xds.EnvoyServerProtoData.FilterChain)17 ServerRoutingConfig (io.grpc.xds.XdsServerWrapper.ServerRoutingConfig)4 HashMap (java.util.HashMap)4 AtomicReference (java.util.concurrent.atomic.AtomicReference)4 ChannelHandlerContext (io.netty.channel.ChannelHandlerContext)3 ChannelInboundHandlerAdapter (io.netty.channel.ChannelInboundHandlerAdapter)3 InternalProtocolNegotiationEvent (io.grpc.netty.InternalProtocolNegotiationEvent)2 ProtocolNegotiationEvent (io.grpc.netty.ProtocolNegotiationEvent)2 SslContextProviderSupplier (io.grpc.xds.internal.sds.SslContextProviderSupplier)2 GrpcHttp2ConnectionHandler (io.grpc.netty.GrpcHttp2ConnectionHandler)1 ProtocolNegotiator (io.grpc.netty.InternalProtocolNegotiator.ProtocolNegotiator)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial