credentials/alts: Update ALTS "New" APIs (#1921)
This commit is contained in:
Cesar Ghali
@ -91,6 +91,14 @@ type AuthInfo interface {
|
|||||||
PeerRPCVersions() *altspb.RpcProtocolVersions
|
PeerRPCVersions() *altspb.RpcProtocolVersions
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// ClientOptions contains the client-side options of an ALTS channel. These
|
||||||
|
// options will be passed to the underlying ALTS handshaker.
|
||||||
|
type ClientOptions struct {
|
||||||
|
// TargetServiceAccounts contains a list of expected target service
|
||||||
|
// accounts.
|
||||||
|
TargetServiceAccounts []string
|
||||||
|
}
|
||||||
|
|
||||||
// altsTC is the credentials required for authenticating a connection using ALTS.
|
// altsTC is the credentials required for authenticating a connection using ALTS.
|
||||||
// It implements credentials.TransportCredentials interface.
|
// It implements credentials.TransportCredentials interface.
|
||||||
type altsTC struct {
|
type altsTC struct {
|
||||||
@ -100,13 +108,13 @@ type altsTC struct {
|
|||||||
accounts []string
|
accounts []string
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewClient constructs a client-side ALTS TransportCredentials object.
|
// NewClientCreds constructs a client-side ALTS TransportCredentials object.
|
||||||
func NewClient(targetServiceAccounts []string) credentials.TransportCredentials {
|
func NewClientCreds(opts *ClientOptions) credentials.TransportCredentials {
|
||||||
return newALTS(core.ClientSide, targetServiceAccounts)
|
return newALTS(core.ClientSide, opts.TargetServiceAccounts)
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewServer constructs a server-side ALTS TransportCredentials object.
|
// NewServerCreds constructs a server-side ALTS TransportCredentials object.
|
||||||
func NewServer() credentials.TransportCredentials {
|
func NewServerCreds() credentials.TransportCredentials {
|
||||||
return newALTS(core.ServerSide, nil)
|
return newALTS(core.ServerSide, nil)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -27,8 +27,8 @@ import (
|
|||||||
|
|
||||||
func TestInfoServerName(t *testing.T) {
|
func TestInfoServerName(t *testing.T) {
|
||||||
// This is not testing any handshaker functionality, so it's fine to only
|
// This is not testing any handshaker functionality, so it's fine to only
|
||||||
// use NewServer and not NewClient.
|
// use NewServerCreds and not NewClientCreds.
|
||||||
alts := NewServer()
|
alts := NewServerCreds()
|
||||||
if got, want := alts.Info().ServerName, ""; got != want {
|
if got, want := alts.Info().ServerName, ""; got != want {
|
||||||
t.Fatalf("%v.Info().ServerName = %v, want %v", alts, got, want)
|
t.Fatalf("%v.Info().ServerName = %v, want %v", alts, got, want)
|
||||||
}
|
}
|
||||||
@ -37,8 +37,8 @@ func TestInfoServerName(t *testing.T) {
|
|||||||
func TestOverrideServerName(t *testing.T) {
|
func TestOverrideServerName(t *testing.T) {
|
||||||
wantServerName := "server.name"
|
wantServerName := "server.name"
|
||||||
// This is not testing any handshaker functionality, so it's fine to only
|
// This is not testing any handshaker functionality, so it's fine to only
|
||||||
// use NewServer and not NewClient.
|
// use NewServerCreds and not NewClientCreds.
|
||||||
c := NewServer()
|
c := NewServerCreds()
|
||||||
c.OverrideServerName(wantServerName)
|
c.OverrideServerName(wantServerName)
|
||||||
if got, want := c.Info().ServerName, wantServerName; got != want {
|
if got, want := c.Info().ServerName, wantServerName; got != want {
|
||||||
t.Fatalf("c.Info().ServerName = %v, want %v", got, want)
|
t.Fatalf("c.Info().ServerName = %v, want %v", got, want)
|
||||||
@ -48,8 +48,8 @@ func TestOverrideServerName(t *testing.T) {
|
|||||||
func TestClone(t *testing.T) {
|
func TestClone(t *testing.T) {
|
||||||
wantServerName := "server.name"
|
wantServerName := "server.name"
|
||||||
// This is not testing any handshaker functionality, so it's fine to only
|
// This is not testing any handshaker functionality, so it's fine to only
|
||||||
// use NewServer and not NewClient.
|
// use NewServerCreds and not NewClientCreds.
|
||||||
c := NewServer()
|
c := NewServerCreds()
|
||||||
c.OverrideServerName(wantServerName)
|
c.OverrideServerName(wantServerName)
|
||||||
cc := c.Clone()
|
cc := c.Clone()
|
||||||
if got, want := cc.Info().ServerName, wantServerName; got != want {
|
if got, want := cc.Info().ServerName, wantServerName; got != want {
|
||||||
@ -66,8 +66,8 @@ func TestClone(t *testing.T) {
|
|||||||
|
|
||||||
func TestInfo(t *testing.T) {
|
func TestInfo(t *testing.T) {
|
||||||
// This is not testing any handshaker functionality, so it's fine to only
|
// This is not testing any handshaker functionality, so it's fine to only
|
||||||
// use NewServer and not NewClient.
|
// use NewServerCreds and not NewClientCreds.
|
||||||
c := NewServer()
|
c := NewServerCreds()
|
||||||
info := c.Info()
|
info := c.Info()
|
||||||
if got, want := info.ProtocolVersion, ""; got != want {
|
if got, want := info.ProtocolVersion, ""; got != want {
|
||||||
t.Errorf("info.ProtocolVersion=%v, want %v", got, want)
|
t.Errorf("info.ProtocolVersion=%v, want %v", got, want)
|
||||||
|
|||||||
@ -41,7 +41,7 @@ var (
|
|||||||
func main() {
|
func main() {
|
||||||
flag.Parse()
|
flag.Parse()
|
||||||
|
|
||||||
altsTC := alts.NewClient(nil)
|
altsTC := alts.NewClientCreds(&alts.ClientOptions{})
|
||||||
// Block until the server is ready.
|
// Block until the server is ready.
|
||||||
conn, err := grpc.Dial(*serverAddr, grpc.WithTransportCredentials(altsTC), grpc.WithBlock())
|
conn, err := grpc.Dial(*serverAddr, grpc.WithTransportCredentials(altsTC), grpc.WithBlock())
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|||||||
@ -41,7 +41,7 @@ func main() {
|
|||||||
if err != nil {
|
if err != nil {
|
||||||
grpclog.Fatalf("gRPC Server: failed to start the server at %v: %v", *serverAddr, err)
|
grpclog.Fatalf("gRPC Server: failed to start the server at %v: %v", *serverAddr, err)
|
||||||
}
|
}
|
||||||
altsTC := alts.NewServer()
|
altsTC := alts.NewServerCreds()
|
||||||
grpcServer := grpc.NewServer(grpc.Creds(altsTC))
|
grpcServer := grpc.NewServer(grpc.Creds(altsTC))
|
||||||
testpb.RegisterTestServiceServer(grpcServer, interop.NewTestServer())
|
testpb.RegisterTestServiceServer(grpcServer, interop.NewTestServer())
|
||||||
grpcServer.Serve(lis)
|
grpcServer.Serve(lis)
|
||||||
|
|||||||
@ -110,7 +110,7 @@ func main() {
|
|||||||
opts = append(opts, grpc.WithPerRPCCredentials(oauth.NewOauthAccess(interop.GetToken(*serviceAccountKeyFile, *oauthScope))))
|
opts = append(opts, grpc.WithPerRPCCredentials(oauth.NewOauthAccess(interop.GetToken(*serviceAccountKeyFile, *oauthScope))))
|
||||||
}
|
}
|
||||||
} else if *useALTS {
|
} else if *useALTS {
|
||||||
altsTC := alts.NewClient(nil)
|
altsTC := alts.NewClientCreds(&alts.ClientOptions{})
|
||||||
opts = append(opts, grpc.WithTransportCredentials(altsTC))
|
opts = append(opts, grpc.WithTransportCredentials(altsTC))
|
||||||
} else {
|
} else {
|
||||||
opts = append(opts, grpc.WithInsecure())
|
opts = append(opts, grpc.WithInsecure())
|
||||||
|
|||||||
@ -64,7 +64,7 @@ func main() {
|
|||||||
}
|
}
|
||||||
opts = append(opts, grpc.Creds(creds))
|
opts = append(opts, grpc.Creds(creds))
|
||||||
} else if *useALTS {
|
} else if *useALTS {
|
||||||
altsTC := alts.NewServer()
|
altsTC := alts.NewServerCreds()
|
||||||
opts = append(opts, grpc.Creds(altsTC))
|
opts = append(opts, grpc.Creds(altsTC))
|
||||||
}
|
}
|
||||||
server := grpc.NewServer(opts...)
|
server := grpc.NewServer(opts...)
|
||||||
|
|||||||
Reference in New Issue
Block a user