From 309c8e65f4dc9fcf2a8a355f8dfed03d1061a0cf Mon Sep 17 00:00:00 2001 From: Taras Galkovskyi Date: Thu, 9 Apr 2020 21:39:08 +0000 Subject: [PATCH] declare alts support for python interop client/server --- .../grpcio_tests/tests/interop/client.py | 39 +++++++++++-------- .../grpcio_tests/tests/interop/server.py | 11 ++++++ .../grpcio_tests/tests_aio/interop/client.py | 2 +- .../grpcio_tests/tests_aio/interop/server.py | 8 ++-- tools/run_tests/run_interop_tests.py | 4 +- 5 files changed, 42 insertions(+), 22 deletions(-) diff --git a/src/python/grpcio_tests/tests/interop/client.py b/src/python/grpcio_tests/tests/interop/client.py index 71b2fecef18..6537413dbdd 100644 --- a/src/python/grpcio_tests/tests/interop/client.py +++ b/src/python/grpcio_tests/tests/interop/client.py @@ -43,6 +43,10 @@ def parse_interop_client_args(): default=False, type=resources.parse_bool, help='require a secure connection') + parser.add_argument('--use_alts', + default=False, + type=resources.parse_bool, + help='require an ALTS secure connection') parser.add_argument('--use_test_ca', default=False, type=resources.parse_bool, @@ -85,22 +89,25 @@ def _create_call_credentials(args): def get_secure_channel_parameters(args): call_credentials = _create_call_credentials(args) - if args.use_test_ca: - root_certificates = resources.test_root_certificates() - else: - root_certificates = None # will load default roots. - - channel_credentials = grpc.ssl_channel_credentials(root_certificates) - if call_credentials is not None: - channel_credentials = grpc.composite_channel_credentials( - channel_credentials, call_credentials) - channel_opts = None - if args.server_host_override: - channel_opts = (( - 'grpc.ssl_target_name_override', - args.server_host_override, - ),) + if args.use_tls: + if args.use_test_ca: + root_certificates = resources.test_root_certificates() + else: + root_certificates = None # will load default roots. + + channel_credentials = grpc.ssl_channel_credentials(root_certificates) + if call_credentials is not None: + channel_credentials = grpc.composite_channel_credentials( + channel_credentials, call_credentials) + + if args.server_host_override: + channel_opts = (( + 'grpc.ssl_target_name_override', + args.server_host_override, + ),) + else args.use_alts: + channel_credentials = grpc.alts_channel_credentials() return channel_credentials, channel_opts @@ -108,7 +115,7 @@ def get_secure_channel_parameters(args): def _create_channel(args): target = '{}:{}'.format(args.server_host, args.server_port) - if args.use_tls: + if args.use_tls or args.use_alts: channel_credentials, options = get_secure_channel_parameters(args) return grpc.secure_channel(target, channel_credentials, options) else: diff --git a/src/python/grpcio_tests/tests/interop/server.py b/src/python/grpcio_tests/tests/interop/server.py index 0a0061f5b1c..852b13c7b94 100644 --- a/src/python/grpcio_tests/tests/interop/server.py +++ b/src/python/grpcio_tests/tests/interop/server.py @@ -38,6 +38,10 @@ def parse_interop_server_arguments(): default=False, type=resources.parse_bool, help='require a secure connection') + parser.add_argument('--use_alts', + default=False, + type=resources.parse_bool, + help='require an ALTS connection') return parser.parse_args() @@ -47,6 +51,10 @@ def get_server_credentials(): return grpc.ssl_server_credentials(((private_key, certificate_chain),)) +def get_alts_server_credentials(): + return grpc.alts_server_credentials() + + def serve(): args = parse_interop_server_arguments() @@ -56,6 +64,9 @@ def serve(): if args.use_tls: credentials = get_server_credentials() server.add_secure_port('[::]:{}'.format(args.port), credentials) + elif args.use_alts: + credentials = get_alts_server_credentials() + server.add_secure_port('[::]:{}'.format(args.port), credentials) else: server.add_insecure_port('[::]:{}'.format(args.port)) diff --git a/src/python/grpcio_tests/tests_aio/interop/client.py b/src/python/grpcio_tests/tests_aio/interop/client.py index 89793f94054..7731f3bd6eb 100644 --- a/src/python/grpcio_tests/tests_aio/interop/client.py +++ b/src/python/grpcio_tests/tests_aio/interop/client.py @@ -30,7 +30,7 @@ _LOGGER.setLevel(logging.DEBUG) def _create_channel(args): target = f'{args.server_host}:{args.server_port}' - if args.use_tls: + if args.use_tls or args.use_alts: channel_credentials, options = interop_client_lib.get_secure_channel_parameters( args) return aio.secure_channel(target, channel_credentials, options) diff --git a/src/python/grpcio_tests/tests_aio/interop/server.py b/src/python/grpcio_tests/tests_aio/interop/server.py index 06a6c51d13a..ae5ee95769e 100644 --- a/src/python/grpcio_tests/tests_aio/interop/server.py +++ b/src/python/grpcio_tests/tests_aio/interop/server.py @@ -30,9 +30,11 @@ _LOGGER.setLevel(logging.DEBUG) async def serve(): args = interop_server_lib.parse_interop_server_arguments() - if args.use_tls: - credentials = interop_server_lib.get_server_credentials() - + if args.use_tls or args.use_alts: + if args.use_tls: + credentials = interop_server_lib.get_server_credentials() + else: + credentials = interop_server_lib.get_alts_server_credentials() address, server = await _test_server.start_test_server( port=args.port, secure=True, server_credentials=credentials) else: diff --git a/tools/run_tests/run_interop_tests.py b/tools/run_tests/run_interop_tests.py index d183c5b4b47..63920f78f31 100755 --- a/tools/run_tests/run_interop_tests.py +++ b/tools/run_tests/run_interop_tests.py @@ -786,9 +786,9 @@ _LANGUAGES_WITH_HTTP2_CLIENTS_FOR_HTTP2_SERVER_TEST_CASES = [ 'java', 'go', 'python', 'c++' ] -_LANGUAGES_FOR_ALTS_TEST_CASES = ['java', 'go', 'c++'] +_LANGUAGES_FOR_ALTS_TEST_CASES = ['java', 'go', 'c++', 'python'] -_SERVERS_FOR_ALTS_TEST_CASES = ['java', 'go', 'c++'] +_SERVERS_FOR_ALTS_TEST_CASES = ['java', 'go', 'c++', 'python'] _TRANSPORT_SECURITY_OPTIONS = ['tls', 'alts', 'insecure']