use of io.helidon.grpc.core.GrpcTlsDescriptor in project helidon by oracle.
the class GrpcServerImpl method start.
// ---- GrpcServer interface --------------------------------------------
@Override
public CompletionStage<GrpcServer> start() {
String sName = config.name();
int port = config.port();
boolean tls = false;
GrpcTlsDescriptor tlsConfig = config.tlsConfig();
SslContext sslContext = null;
try {
if (tlsConfig != null) {
if (tlsConfig.isJdkSSL()) {
SSLContext sslCtx = SSLContextBuilder.create(KeyConfig.pemBuilder().key(tlsConfig.tlsKey()).certChain(tlsConfig.tlsCert()).build()).build();
sslContext = new JdkSslContext(sslCtx, false, ClientAuth.NONE);
} else {
sslContext = sslContextBuilder(tlsConfig).build();
}
}
NettyServerBuilder builder = sslContext == null ? NettyServerBuilder.forPort(port) : NettyServerBuilder.forPort(port).sslContext(sslContext);
HandlerRegistry handlerRegistry = this.handlerRegistry;
server = configureNetty(builder).directExecutor().addService(healthService).addService(ProtoReflectionService.newInstance()).fallbackHandlerRegistry(handlerRegistry).build().start();
inProcessServer = InProcessServerBuilder.forName(sName).addService(healthService).fallbackHandlerRegistry(handlerRegistry).build().start();
LOGGER.log(Level.INFO, () -> format("gRPC server [%s]: listening on port %d (TLS=%s)", sName, server.getPort(), tls));
Runtime.getRuntime().addShutdownHook(new Thread(this::shutdown));
startFuture.complete(this);
} catch (Throwable e) {
e.printStackTrace();
LOGGER.log(Level.SEVERE, format("gRPC server [%s]: failed to start on port %d (TLS=%s)", sName, port, tls), e);
startFuture.completeExceptionally(e);
}
return startFuture;
}
use of io.helidon.grpc.core.GrpcTlsDescriptor in project helidon by oracle.
the class GrpcChannelsProviderTest method testDefaultPortSsl.
@Test
public void testDefaultPortSsl() {
GrpcChannelDescriptor chCfg = grpcConfig.channels().get(DEFAULT_PORT_SSL_CFG);
assertThat(chCfg.host(), equalTo("non_default_host.com"));
assertThat(chCfg.port(), equalTo(1408));
Resource keyResource = Resource.create(CLIENT_KEY);
Resource certResource = Resource.create(CLIENT_CERT);
Resource trustResource = Resource.create(CA_CERT);
Optional<GrpcTlsDescriptor> descriptor = chCfg.tlsDescriptor();
assertThat(descriptor.isPresent(), is(true));
GrpcTlsDescriptor ssl = descriptor.get();
assertThat(ssl, notNullValue());
assertThat(ssl.isEnabled(), equalTo(true));
assertThat(ssl.tlsKey(), is(notNullValue()));
assertThat(ssl.tlsKey().location(), is(keyResource.location()));
assertThat(ssl.tlsCert(), is(notNullValue()));
assertThat(ssl.tlsCert().location(), endsWith(certResource.location()));
assertThat(ssl.tlsCaCert(), is(notNullValue()));
assertThat(ssl.tlsCaCert().location(), endsWith(trustResource.location()));
}
use of io.helidon.grpc.core.GrpcTlsDescriptor in project helidon by oracle.
the class GrpcChannelsProviderTest method testDefaultHostSslOneWay.
@Test
public void testDefaultHostSslOneWay() {
GrpcChannelDescriptor chCfg = grpcConfig.channels().get(DEFAULT_HOST_SSL_ONE_WAY_CFG);
assertThat(chCfg.host(), equalTo("localhost"));
assertThat(chCfg.port(), equalTo(4096));
Resource trustResource = Resource.create(CA_CERT);
Optional<GrpcTlsDescriptor> descriptor = chCfg.tlsDescriptor();
assertThat(descriptor.isPresent(), is(true));
GrpcTlsDescriptor ssl = descriptor.get();
assertThat(ssl, notNullValue());
assertThat(ssl.isEnabled(), equalTo(true));
assertThat(ssl.tlsKey(), nullValue());
assertThat(ssl.tlsCert(), nullValue());
assertThat(ssl.tlsCaCert(), is(notNullValue()));
assertThat(ssl.tlsCaCert().location(), endsWith(trustResource.location()));
}
use of io.helidon.grpc.core.GrpcTlsDescriptor in project helidon by oracle.
the class GrpcChannelsProviderIT method startGrpcServer.
/**
* Start a gRPC server listening on the specified port and with ssl enabled (if sslEnabled is true).
*
* @param nPort The server port where the server will listen.
* @param sslEnabled true if ssl enabled.
* @param mutual if true then 2 way (mutual) or just one way ssl.
* @return A reference to a {@link io.helidon.grpc.server.GrpcServer}.
*/
private static GrpcServer startGrpcServer(int nPort, boolean sslEnabled, boolean mutual) throws Exception {
Resource tlsCert = Resource.create(SERVER_CERT);
Resource tlsKey = Resource.create(SERVER_KEY);
Resource tlsCaCert = Resource.create(CA_CERT);
GrpcTlsDescriptor sslConfig = null;
String name = "grpc.server";
if (!sslEnabled) {
name = name + 1;
} else if (mutual) {
name = name + 2;
sslConfig = GrpcTlsDescriptor.builder().jdkSSL(false).tlsCert(tlsCert).tlsKey(tlsKey).tlsCaCert(tlsCaCert).build();
} else {
name = name + 3;
sslConfig = GrpcTlsDescriptor.builder().jdkSSL(false).tlsCert(tlsCert).tlsKey(tlsKey).build();
}
// Add the EchoService
GrpcRouting routing = GrpcRouting.builder().register(new TreeMapService()).build();
GrpcServerConfiguration.Builder bldr = GrpcServerConfiguration.builder().name(name).port(nPort);
if (sslEnabled) {
bldr.tlsConfig(sslConfig);
}
return GrpcServer.create(bldr.build(), routing).start().toCompletableFuture().get(10, TimeUnit.SECONDS);
}
use of io.helidon.grpc.core.GrpcTlsDescriptor in project helidon by oracle.
the class GrpcChannelsProviderTest method testChannelConfigurationWithSslConfig.
@Test
public void testChannelConfigurationWithSslConfig() {
Resource certResource = mock(Resource.class);
Resource keyResource = mock(Resource.class);
Resource trustResource = mock(Resource.class);
GrpcChannelDescriptor cfg = GrpcChannelDescriptor.builder().sslDescriptor(GrpcTlsDescriptor.builder().tlsCaCert(trustResource).tlsCert(certResource).tlsKey(keyResource).build()).build();
assertThat(cfg.host(), equalTo("localhost"));
assertThat(cfg.port(), equalTo(1408));
Optional<GrpcTlsDescriptor> descriptor = cfg.tlsDescriptor();
assertThat(descriptor.isPresent(), is(true));
GrpcTlsDescriptor tlsDescriptor = descriptor.get();
assertThat(tlsDescriptor.isEnabled(), is(true));
assertThat(tlsDescriptor.tlsCaCert(), is(sameInstance(trustResource)));
assertThat(tlsDescriptor.tlsCert(), is(sameInstance(certResource)));
assertThat(tlsDescriptor.tlsKey(), is(sameInstance(keyResource)));
}
Aggregations