private async Task <ChannelCredentials> CreateCredentialsAsync()
{
var credentials = ChannelCredentials.Insecure;
if (options.UseTls.Value)
{
credentials = options.UseTestCa.Value ? TestCredentials.CreateSslCredentials() : new SslCredentials();
}
if (options.TestCase == "jwt_token_creds")
{
var googleCredential = await GoogleCredential.GetApplicationDefaultAsync();
Assert.IsTrue(googleCredential.IsCreateScopedRequired);
credentials = ChannelCredentials.Create(credentials, googleCredential.ToCallCredentials());
}
if (options.TestCase == "compute_engine_creds")
{
var googleCredential = await GoogleCredential.GetApplicationDefaultAsync();
Assert.IsFalse(googleCredential.IsCreateScopedRequired);
credentials = ChannelCredentials.Create(credentials, googleCredential.ToCallCredentials());
}
return(credentials);
}
public async Task MetadataCredentials_ComposedPerCall()
{
serviceImpl.StreamingOutputCallHandler = async(req, responseStream, context) =>
{
var firstAuth = context.RequestHeaders.Last((entry) => entry.Key == "first_authorization").Value;
Assert.AreEqual("FIRST_SECRET_TOKEN", firstAuth);
var secondAuth = context.RequestHeaders.First((entry) => entry.Key == "second_authorization").Value;
Assert.AreEqual("SECOND_SECRET_TOKEN", secondAuth);
await responseStream.WriteAsync(new StreamingOutputCallResponse());
};
channel = new Channel(Host, server.Ports.Single().BoundPort, TestCredentials.CreateSslCredentials(), options);
var client = new TestService.TestServiceClient(channel);
var first = CallCredentials.FromInterceptor(new AsyncAuthInterceptor((context, metadata) => {
metadata.Add("first_authorization", "FIRST_SECRET_TOKEN");
return(TaskUtils.CompletedTask);
}));
var second = CallCredentials.FromInterceptor(new AsyncAuthInterceptor((context, metadata) => {
metadata.Add("second_authorization", "SECOND_SECRET_TOKEN");
return(TaskUtils.CompletedTask);
}));
var call = client.StreamingOutputCall(new StreamingOutputCallRequest {
},
new CallOptions(credentials: CallCredentials.Compose(first, second)));
Assert.IsTrue(await call.ResponseStream.MoveNext());
Assert.IsFalse(await call.ResponseStream.MoveNext());
}
private static List <Channel> CreateChannels(int clientChannels, IEnumerable <string> serverTargets, SecurityParams securityParams)
{
GrpcPreconditions.CheckArgument(clientChannels > 0, "clientChannels needs to be at least 1.");
GrpcPreconditions.CheckArgument(serverTargets.Count() > 0, "at least one serverTarget needs to be specified.");
var credentials = securityParams != null?TestCredentials.CreateSslCredentials() : ChannelCredentials.Insecure;
List <ChannelOption> channelOptions = null;
if (securityParams != null && securityParams.ServerHostOverride != "")
{
channelOptions = new List <ChannelOption>
{
new ChannelOption(ChannelOptions.SslTargetNameOverride, securityParams.ServerHostOverride)
};
}
var result = new List <Channel>();
for (int i = 0; i < clientChannels; i++)
{
var target = serverTargets.ElementAt(i % serverTargets.Count());
var channel = new Channel(target, credentials, channelOptions);
result.Add(channel);
}
return(result);
}
public async Task MetadataCredentials_Composed()
{
var first = CallCredentials.FromInterceptor(new AsyncAuthInterceptor((context, metadata) => {
// Attempt to exercise the case where async callback is inlineable/synchronously-runnable.
metadata.Add("first_authorization", "FIRST_SECRET_TOKEN");
return(TaskUtils.CompletedTask);
}));
var second = CallCredentials.FromInterceptor(new AsyncAuthInterceptor((context, metadata) => {
metadata.Add("second_authorization", "SECOND_SECRET_TOKEN");
return(TaskUtils.CompletedTask);
}));
var third = CallCredentials.FromInterceptor(new AsyncAuthInterceptor((context, metadata) => {
metadata.Add("third_authorization", "THIRD_SECRET_TOKEN");
return(TaskUtils.CompletedTask);
}));
var channelCredentials = ChannelCredentials.Create(TestCredentials.CreateSslCredentials(),
CallCredentials.Compose(first, second, third));
channel = new Channel(Host, server.Ports.Single().BoundPort, channelCredentials, options);
var client = new TestService.TestServiceClient(channel);
var call = client.StreamingOutputCall(new StreamingOutputCallRequest {
});
Assert.IsTrue(await call.ResponseStream.MoveNext());
Assert.IsFalse(await call.ResponseStream.MoveNext());
}
public void MetadataCredentials_BothChannelAndPerCall()
{
serviceImpl.UnaryCallHandler = (req, context) =>
{
var firstAuth = context.RequestHeaders.First((entry) => entry.Key == "first_authorization").Value;
Assert.AreEqual("FIRST_SECRET_TOKEN", firstAuth);
var secondAuth = context.RequestHeaders.First((entry) => entry.Key == "second_authorization").Value;
Assert.AreEqual("SECOND_SECRET_TOKEN", secondAuth);
// both values of "duplicate_authorization" are sent
Assert.AreEqual("value1", context.RequestHeaders.First((entry) => entry.Key == "duplicate_authorization").Value);
Assert.AreEqual("value2", context.RequestHeaders.Last((entry) => entry.Key == "duplicate_authorization").Value);
return(Task.FromResult(new SimpleResponse()));
};
var channelCallCredentials = CallCredentials.FromInterceptor(new AsyncAuthInterceptor((context, metadata) => {
metadata.Add("first_authorization", "FIRST_SECRET_TOKEN");
metadata.Add("duplicate_authorization", "value1");
return(TaskUtils.CompletedTask);
}));
var perCallCredentials = CallCredentials.FromInterceptor(new AsyncAuthInterceptor((context, metadata) => {
metadata.Add("second_authorization", "SECOND_SECRET_TOKEN");
metadata.Add("duplicate_authorization", "value2");
return(TaskUtils.CompletedTask);
}));
var channelCredentials = ChannelCredentials.Create(TestCredentials.CreateSslCredentials(), channelCallCredentials);
channel = new Channel(Host, server.Ports.Single().BoundPort, channelCredentials, options);
client = new TestService.TestServiceClient(channel);
client.UnaryCall(new SimpleRequest {
}, new CallOptions(credentials: perCallCredentials));
}
public void MetadataCredentials_PerCall()
{
channel = new Channel(Host, server.Ports.Single().BoundPort, TestCredentials.CreateSslCredentials(), options);
client = new TestService.TestServiceClient(channel);
var callCredentials = CallCredentials.FromInterceptor(asyncAuthInterceptor);
client.UnaryCall(new SimpleRequest {
}, new CallOptions(credentials: callCredentials));
}
public void MetadataCredentials()
{
var channelCredentials = ChannelCredentials.Create(TestCredentials.CreateSslCredentials(),
CallCredentials.FromInterceptor(asyncAuthInterceptor));
channel = new Channel(Host, server.Ports.Single().BoundPort, channelCredentials, options);
client = new TestService.TestServiceClient(channel);
client.UnaryCall(new SimpleRequest {
});
}
public void MetadataCredentials_InterceptorLeavesMetadataEmpty()
{
var channelCredentials = ChannelCredentials.Create(TestCredentials.CreateSslCredentials(),
CallCredentials.FromInterceptor(new AsyncAuthInterceptor((context, metadata) => TaskUtils.CompletedTask)));
channel = new Channel(Host, server.Ports.Single().BoundPort, channelCredentials, options);
client = new TestService.TestServiceClient(channel);
var ex = Assert.Throws <RpcException>(() => client.UnaryCall(new SimpleRequest {
}));
// StatusCode.Unknown as the server-side handler throws an exception after not receiving the authorization header.
Assert.AreEqual(StatusCode.Unknown, ex.Status.StatusCode);
}
public void MetadataCredentials_InterceptorLeavesMetadataEmpty()
{
serviceImpl.UnaryCallHandler = (req, context) =>
{
var authHeaderCount = context.RequestHeaders.Count((entry) => entry.Key == "authorization");
Assert.AreEqual(0, authHeaderCount);
return(Task.FromResult(new SimpleResponse()));
};
var channelCredentials = ChannelCredentials.Create(TestCredentials.CreateSslCredentials(),
CallCredentials.FromInterceptor(new AsyncAuthInterceptor((context, metadata) => TaskUtils.CompletedTask)));
channel = new Channel(Host, server.Ports.Single().BoundPort, channelCredentials, options);
client = new TestService.TestServiceClient(channel);
client.UnaryCall(new SimpleRequest {
});
}
public void MetadataCredentials_InterceptorThrows()
{
var callCredentials = CallCredentials.FromInterceptor(new AsyncAuthInterceptor((context, metadata) =>
{
throw new Exception("Auth interceptor throws");
}));
var channelCredentials = ChannelCredentials.Create(TestCredentials.CreateSslCredentials(), callCredentials);
channel = new Channel(Host, server.Ports.Single().BoundPort, channelCredentials, options);
client = new TestService.TestServiceClient(channel);
var ex = Assert.Throws <RpcException>(() => client.UnaryCall(new SimpleRequest {
}));
Assert.AreEqual(StatusCode.Unauthenticated, ex.Status.StatusCode);
}
public void Init()
{
server = new Server
{
Services = { TestService.BindService(new TestServiceImpl()) },
Ports = { { Host, ServerPort.PickUnused, TestCredentials.CreateSslServerCredentials() } }
};
server.Start();
var options = new List <ChannelOption>
{
new ChannelOption(ChannelOptions.SslTargetNameOverride, TestCredentials.DefaultHostOverride)
};
int port = server.Ports.Single().BoundPort;
channel = new Channel(Host, port, TestCredentials.CreateSslCredentials(), options);
client = TestService.NewClient(channel);
}
public void Init()
{
// Disable SO_REUSEPORT to prevent https://github.com/grpc/grpc/issues/10755
server = new Server(new[] { new ChannelOption(ChannelOptions.SoReuseport, 0) })
{
Services = { TestService.BindService(new TestServiceImpl()) },
Ports = { { Host, ServerPort.PickUnused, TestCredentials.CreateSslServerCredentials() } }
};
server.Start();
var options = new List <ChannelOption>
{
new ChannelOption(ChannelOptions.SslTargetNameOverride, TestCredentials.DefaultHostOverride)
};
int port = server.Ports.Single().BoundPort;
channel = new Channel(Host, port, TestCredentials.CreateSslCredentials(), options);
client = new TestService.TestServiceClient(channel);
}
/// <summary>
/// Creates a started client runner.
/// </summary>
public static IClientRunner CreateStarted(ClientConfig config)
{
string target = config.ServerTargets.Single();
Grpc.Core.Utils.Preconditions.CheckArgument(config.LoadParams.LoadCase == LoadParams.LoadOneofCase.ClosedLoop);
var credentials = config.SecurityParams != null?TestCredentials.CreateSslCredentials() : ChannelCredentials.Insecure;
var channel = new Channel(target, credentials);
switch (config.RpcType)
{
case RpcType.UNARY:
return(new SyncUnaryClientRunner(channel,
config.PayloadConfig.SimpleParams.ReqSize,
config.HistogramParams));
case RpcType.STREAMING:
default:
throw new ArgumentException("Unsupported RpcType.");
}
}
public void MetadataCredentials_PerCall()
{
serviceImpl.UnaryCallHandler = (req, context) =>
{
var authToken = context.RequestHeaders.First((entry) => entry.Key == "authorization").Value;
Assert.AreEqual("SECRET_TOKEN", authToken);
return(Task.FromResult(new SimpleResponse()));
};
var asyncAuthInterceptor = new AsyncAuthInterceptor(async(context, metadata) =>
{
await Task.Delay(100).ConfigureAwait(false); // make sure the operation is asynchronous.
metadata.Add("authorization", "SECRET_TOKEN");
});
channel = new Channel(Host, server.Ports.Single().BoundPort, TestCredentials.CreateSslCredentials(), options);
client = new TestService.TestServiceClient(channel);
var callCredentials = CallCredentials.FromInterceptor(asyncAuthInterceptor);
client.UnaryCall(new SimpleRequest {
}, new CallOptions(credentials: callCredentials));
}
public async Task MetadataCredentials_ComposedPerCall()
{
channel = new Channel(Host, server.Ports.Single().BoundPort, TestCredentials.CreateSslCredentials(), options);
var client = new TestService.TestServiceClient(channel);
var first = CallCredentials.FromInterceptor(new AsyncAuthInterceptor((context, metadata) => {
metadata.Add("first_authorization", "FIRST_SECRET_TOKEN");
return(TaskUtils.CompletedTask);
}));
var second = CallCredentials.FromInterceptor(new AsyncAuthInterceptor((context, metadata) => {
metadata.Add("second_authorization", "SECOND_SECRET_TOKEN");
return(TaskUtils.CompletedTask);
}));
var third = CallCredentials.FromInterceptor(new AsyncAuthInterceptor((context, metadata) => {
metadata.Add("third_authorization", "THIRD_SECRET_TOKEN");
return(TaskUtils.CompletedTask);
}));
var call = client.StreamingOutputCall(new StreamingOutputCallRequest {
},
new CallOptions(credentials: CallCredentials.Compose(first, second, third)));
Assert.IsTrue(await call.ResponseStream.MoveNext());
Assert.IsFalse(await call.ResponseStream.MoveNext());
}
private async Task <ChannelCredentials> CreateCredentialsAsync()
{
var credentials = ChannelCredentials.Insecure;
if (options.UseTls.Value)
{
credentials = options.UseTestCa.Value ? TestCredentials.CreateSslCredentials() : new SslCredentials();
}
if (options.TestCase == "jwt_token_creds")
{
#if !NETCOREAPP1_0
var googleCredential = await GoogleCredential.GetApplicationDefaultAsync();
Assert.IsTrue(googleCredential.IsCreateScopedRequired);
credentials = ChannelCredentials.Create(credentials, googleCredential.ToCallCredentials());
#else
// TODO(jtattermusch): implement this
throw new NotImplementedException("Not supported on CoreCLR yet");
#endif
}
if (options.TestCase == "compute_engine_creds")
{
#if !NETCOREAPP1_0
var googleCredential = await GoogleCredential.GetApplicationDefaultAsync();
Assert.IsFalse(googleCredential.IsCreateScopedRequired);
credentials = ChannelCredentials.Create(credentials, googleCredential.ToCallCredentials());
#else
// TODO(jtattermusch): implement this
throw new NotImplementedException("Not supported on CoreCLR yet");
#endif
}
return(credentials);
}
