Search in sources :

Example 1 with GrpcTlsDescriptor

use of io.helidon.grpc.core.GrpcTlsDescriptor in project helidon by oracle.

the class GrpcServerImpl method start.

// ---- GrpcServer interface --------------------------------------------
@Override
public CompletionStage<GrpcServer> start() {
    String sName = config.name();
    int port = config.port();
    boolean tls = false;
    GrpcTlsDescriptor tlsConfig = config.tlsConfig();
    SslContext sslContext = null;
    try {
        if (tlsConfig != null) {
            if (tlsConfig.isJdkSSL()) {
                SSLContext sslCtx = SSLContextBuilder.create(KeyConfig.pemBuilder().key(tlsConfig.tlsKey()).certChain(tlsConfig.tlsCert()).build()).build();
                sslContext = new JdkSslContext(sslCtx, false, ClientAuth.NONE);
            } else {
                sslContext = sslContextBuilder(tlsConfig).build();
            }
        }
        NettyServerBuilder builder = sslContext == null ? NettyServerBuilder.forPort(port) : NettyServerBuilder.forPort(port).sslContext(sslContext);
        HandlerRegistry handlerRegistry = this.handlerRegistry;
        server = configureNetty(builder).directExecutor().addService(healthService).addService(ProtoReflectionService.newInstance()).fallbackHandlerRegistry(handlerRegistry).build().start();
        inProcessServer = InProcessServerBuilder.forName(sName).addService(healthService).fallbackHandlerRegistry(handlerRegistry).build().start();
        LOGGER.log(Level.INFO, () -> format("gRPC server [%s]: listening on port %d (TLS=%s)", sName, server.getPort(), tls));
        Runtime.getRuntime().addShutdownHook(new Thread(this::shutdown));
        startFuture.complete(this);
    } catch (Throwable e) {
        e.printStackTrace();
        LOGGER.log(Level.SEVERE, format("gRPC server [%s]: failed to start on port %d (TLS=%s)", sName, port, tls), e);
        startFuture.completeExceptionally(e);
    }
    return startFuture;
}
Also used : MutableHandlerRegistry(io.grpc.util.MutableHandlerRegistry) HandlerRegistry(io.grpc.HandlerRegistry) JdkSslContext(io.netty.handler.ssl.JdkSslContext) NettyServerBuilder(io.grpc.netty.NettyServerBuilder) GrpcTlsDescriptor(io.helidon.grpc.core.GrpcTlsDescriptor) SSLContext(javax.net.ssl.SSLContext) JdkSslContext(io.netty.handler.ssl.JdkSslContext) SslContext(io.netty.handler.ssl.SslContext)

Example 2 with GrpcTlsDescriptor

use of io.helidon.grpc.core.GrpcTlsDescriptor in project helidon by oracle.

the class GrpcChannelsProviderTest method testDefaultPortSsl.

@Test
public void testDefaultPortSsl() {
    GrpcChannelDescriptor chCfg = grpcConfig.channels().get(DEFAULT_PORT_SSL_CFG);
    assertThat(chCfg.host(), equalTo("non_default_host.com"));
    assertThat(chCfg.port(), equalTo(1408));
    Resource keyResource = Resource.create(CLIENT_KEY);
    Resource certResource = Resource.create(CLIENT_CERT);
    Resource trustResource = Resource.create(CA_CERT);
    Optional<GrpcTlsDescriptor> descriptor = chCfg.tlsDescriptor();
    assertThat(descriptor.isPresent(), is(true));
    GrpcTlsDescriptor ssl = descriptor.get();
    assertThat(ssl, notNullValue());
    assertThat(ssl.isEnabled(), equalTo(true));
    assertThat(ssl.tlsKey(), is(notNullValue()));
    assertThat(ssl.tlsKey().location(), is(keyResource.location()));
    assertThat(ssl.tlsCert(), is(notNullValue()));
    assertThat(ssl.tlsCert().location(), endsWith(certResource.location()));
    assertThat(ssl.tlsCaCert(), is(notNullValue()));
    assertThat(ssl.tlsCaCert().location(), endsWith(trustResource.location()));
}
Also used : Resource(io.helidon.common.configurable.Resource) GrpcTlsDescriptor(io.helidon.grpc.core.GrpcTlsDescriptor) Test(org.junit.jupiter.api.Test)

Example 3 with GrpcTlsDescriptor

use of io.helidon.grpc.core.GrpcTlsDescriptor in project helidon by oracle.

the class GrpcChannelsProviderTest method testDefaultHostSslOneWay.

@Test
public void testDefaultHostSslOneWay() {
    GrpcChannelDescriptor chCfg = grpcConfig.channels().get(DEFAULT_HOST_SSL_ONE_WAY_CFG);
    assertThat(chCfg.host(), equalTo("localhost"));
    assertThat(chCfg.port(), equalTo(4096));
    Resource trustResource = Resource.create(CA_CERT);
    Optional<GrpcTlsDescriptor> descriptor = chCfg.tlsDescriptor();
    assertThat(descriptor.isPresent(), is(true));
    GrpcTlsDescriptor ssl = descriptor.get();
    assertThat(ssl, notNullValue());
    assertThat(ssl.isEnabled(), equalTo(true));
    assertThat(ssl.tlsKey(), nullValue());
    assertThat(ssl.tlsCert(), nullValue());
    assertThat(ssl.tlsCaCert(), is(notNullValue()));
    assertThat(ssl.tlsCaCert().location(), endsWith(trustResource.location()));
}
Also used : Resource(io.helidon.common.configurable.Resource) GrpcTlsDescriptor(io.helidon.grpc.core.GrpcTlsDescriptor) Test(org.junit.jupiter.api.Test)

Example 4 with GrpcTlsDescriptor

use of io.helidon.grpc.core.GrpcTlsDescriptor in project helidon by oracle.

the class GrpcChannelsProviderIT method startGrpcServer.

/**
 * Start a gRPC server listening on the specified port and with ssl enabled (if sslEnabled is true).
 *
 * @param nPort      The server port where the server will listen.
 * @param sslEnabled true if ssl enabled.
 * @param mutual     if true then 2 way (mutual) or just one way ssl.
 * @return A reference to a {@link io.helidon.grpc.server.GrpcServer}.
 */
private static GrpcServer startGrpcServer(int nPort, boolean sslEnabled, boolean mutual) throws Exception {
    Resource tlsCert = Resource.create(SERVER_CERT);
    Resource tlsKey = Resource.create(SERVER_KEY);
    Resource tlsCaCert = Resource.create(CA_CERT);
    GrpcTlsDescriptor sslConfig = null;
    String name = "grpc.server";
    if (!sslEnabled) {
        name = name + 1;
    } else if (mutual) {
        name = name + 2;
        sslConfig = GrpcTlsDescriptor.builder().jdkSSL(false).tlsCert(tlsCert).tlsKey(tlsKey).tlsCaCert(tlsCaCert).build();
    } else {
        name = name + 3;
        sslConfig = GrpcTlsDescriptor.builder().jdkSSL(false).tlsCert(tlsCert).tlsKey(tlsKey).build();
    }
    // Add the EchoService
    GrpcRouting routing = GrpcRouting.builder().register(new TreeMapService()).build();
    GrpcServerConfiguration.Builder bldr = GrpcServerConfiguration.builder().name(name).port(nPort);
    if (sslEnabled) {
        bldr.tlsConfig(sslConfig);
    }
    return GrpcServer.create(bldr.build(), routing).start().toCompletableFuture().get(10, TimeUnit.SECONDS);
}
Also used : GrpcServerConfiguration(io.helidon.grpc.server.GrpcServerConfiguration) TreeMapService(services.TreeMapService) Resource(io.helidon.common.configurable.Resource) GrpcTlsDescriptor(io.helidon.grpc.core.GrpcTlsDescriptor) GrpcRouting(io.helidon.grpc.server.GrpcRouting)

Example 5 with GrpcTlsDescriptor

use of io.helidon.grpc.core.GrpcTlsDescriptor in project helidon by oracle.

the class GrpcChannelsProviderTest method testChannelConfigurationWithSslConfig.

@Test
public void testChannelConfigurationWithSslConfig() {
    Resource certResource = mock(Resource.class);
    Resource keyResource = mock(Resource.class);
    Resource trustResource = mock(Resource.class);
    GrpcChannelDescriptor cfg = GrpcChannelDescriptor.builder().sslDescriptor(GrpcTlsDescriptor.builder().tlsCaCert(trustResource).tlsCert(certResource).tlsKey(keyResource).build()).build();
    assertThat(cfg.host(), equalTo("localhost"));
    assertThat(cfg.port(), equalTo(1408));
    Optional<GrpcTlsDescriptor> descriptor = cfg.tlsDescriptor();
    assertThat(descriptor.isPresent(), is(true));
    GrpcTlsDescriptor tlsDescriptor = descriptor.get();
    assertThat(tlsDescriptor.isEnabled(), is(true));
    assertThat(tlsDescriptor.tlsCaCert(), is(sameInstance(trustResource)));
    assertThat(tlsDescriptor.tlsCert(), is(sameInstance(certResource)));
    assertThat(tlsDescriptor.tlsKey(), is(sameInstance(keyResource)));
}
Also used : Resource(io.helidon.common.configurable.Resource) GrpcTlsDescriptor(io.helidon.grpc.core.GrpcTlsDescriptor) Test(org.junit.jupiter.api.Test)

Aggregations

GrpcTlsDescriptor (io.helidon.grpc.core.GrpcTlsDescriptor)6 Resource (io.helidon.common.configurable.Resource)5 Test (org.junit.jupiter.api.Test)3 HandlerRegistry (io.grpc.HandlerRegistry)1 StatusRuntimeException (io.grpc.StatusRuntimeException)1 NettyServerBuilder (io.grpc.netty.NettyServerBuilder)1 MutableHandlerRegistry (io.grpc.util.MutableHandlerRegistry)1 LogConfig (io.helidon.common.LogConfig)1 Config (io.helidon.config.Config)1 GrpcRouting (io.helidon.grpc.server.GrpcRouting)1 GrpcServerConfiguration (io.helidon.grpc.server.GrpcServerConfiguration)1 JdkSslContext (io.netty.handler.ssl.JdkSslContext)1 SslContext (io.netty.handler.ssl.SslContext)1 SSLContext (javax.net.ssl.SSLContext)1 EchoService (services.EchoService)1 TreeMapService (services.TreeMapService)1