Chiebot-Mirror
/
grpc
mirror of https://github.com/grpc/grpc.git
8
0
Fork 0
Code Issues Projects Releases Wiki Activity

add a standalone client auth test

Browse Source
pull/11764/head
Alexander Polcyn 8 years ago
parent 7cc30c1155
commit 7cc83e0701
4 changed files with 171 additions and 4 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 137
      src/ruby/spec/client_auth_spec.rb
  2. 8
      src/ruby/spec/generic/rpc_server_spec.rb
  3. 16
      src/ruby/spec/testdata/client.key
  4. 14
      src/ruby/spec/testdata/client.pem

137
src/ruby/spec/client_auth_spec.rb
Unescape View File

@ -0,0 +1,137 @@
# Copyright 2015 gRPC authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
require 'grpc'
def create_channel_creds
test_root = File.join(File.dirname(__FILE__), 'testdata')
files = ['ca.pem', 'client.key', 'client.pem']
creds = files.map { |f| File.open(File.join(test_root, f)).read }
GRPC::Core::ChannelCredentials.new(creds[0], creds[1], creds[2])
end
def client_cert
test_root = File.join(File.dirname(__FILE__), 'testdata')
cert = File.open(File.join(test_root, 'client.pem')).read
fail unless cert.is_a?(String)
cert
end
def create_server_creds
test_root = File.join(File.dirname(__FILE__), 'testdata')
p "test root: #{test_root}"
files = ['ca.pem', 'server1.key', 'server1.pem']
creds = files.map { |f| File.open(File.join(test_root, f)).read }
GRPC::Core::ServerCredentials.new(
creds[0],
[{ private_key: creds[1], cert_chain: creds[2] }],
true) # force client auth
end
# A test message
class EchoMsg
def self.marshal(_o)
''
end
def self.unmarshal(_o)
EchoMsg.new
end
end
# a test service that checks the cert of its peer
class SslTestService
include GRPC::GenericService
rpc :an_rpc, EchoMsg, EchoMsg
rpc :a_client_streaming_rpc, stream(EchoMsg), EchoMsg
rpc :a_server_streaming_rpc, EchoMsg, stream(EchoMsg)
rpc :a_bidi_rpc, stream(EchoMsg), stream(EchoMsg)
def check_peer_cert(call)
error_msg = "want:\n#{client_cert}\n\ngot:\n#{call.peer_cert}"
fail(error_msg) unless call.peer_cert == client_cert
end
def an_rpc(req, call)
check_peer_cert(call)
req
end
def a_client_streaming_rpc(call)
check_peer_cert(call)
call.each_remote_read.each { |r| p r }
EchoMsg.new
end
def a_server_streaming_rpc(_, call)
check_peer_cert(call)
[EchoMsg.new, EchoMsg.new]
end
def a_bidi_rpc(requests, call)
check_peer_cert(call)
requests.each { |r| p r }
[EchoMsg.new, EchoMsg.new]
end
end
SslTestServiceStub = SslTestService.rpc_stub_class
describe 'client-server auth' do
RpcServer = GRPC::RpcServer
before(:all) do
server_opts = {
poll_period: 1
}
@srv = RpcServer.new(**server_opts)
port = @srv.add_http2_port('0.0.0.0:0', create_server_creds)
@srv.handle(SslTestService)
@srv_thd = Thread.new { @srv.run }
@srv.wait_till_running
client_opts = {
channel_args: {
GRPC::Core::Channel::SSL_TARGET => 'foo.test.google.fr'
}
}
@stub = SslTestServiceStub.new("localhost:#{port}",
create_channel_creds,
**client_opts)
end
after(:all) do
expect(@srv.stopped?).to be(false)
@srv.stop
@srv_thd.join
end
it 'client-server auth with unary RPCs' do
@stub.an_rpc(EchoMsg.new)
end
it 'client-server auth with client streaming RPCs' do
@stub.a_client_streaming_rpc([EchoMsg.new, EchoMsg.new])
end
it 'client-server auth with server streaming RPCs' do
responses = @stub.a_server_streaming_rpc(EchoMsg.new)
responses.each { |r| p r }
end
it 'client-server auth with bidi RPCs' do
responses = @stub.a_bidi_rpc([EchoMsg.new, EchoMsg.new])
responses.each { |r| p r }
end
end

8
src/ruby/spec/generic/rpc_server_spec.rb
Unescape View File

@ -123,13 +123,13 @@ class CheckCallAfterFinishedService
attr_reader :server_side_call attr_reader :server_side_call
def an_rpc(req, call) def an_rpc(req, call)
fail 'shouldnt reuse service' unless @call.nil? fail 'shouldnt reuse service' unless @server_side_call.nil?
@server_side_call = call @server_side_call = call
req req
end end
def a_client_streaming_rpc(call) def a_client_streaming_rpc(call)
fail 'shouldnt reuse service' unless @call.nil? fail 'shouldnt reuse service' unless @server_side_call.nil?
@server_side_call = call @server_side_call = call
# iterate through requests so call can complete # iterate through requests so call can complete
call.each_remote_read.each { |r| p r } call.each_remote_read.each { |r| p r }
@ -137,13 +137,13 @@ class CheckCallAfterFinishedService
end end
def a_server_streaming_rpc(_, call) def a_server_streaming_rpc(_, call)
fail 'shouldnt reuse service' unless @call.nil? fail 'shouldnt reuse service' unless @server_side_call.nil?
@server_side_call = call @server_side_call = call
[EchoMsg.new, EchoMsg.new] [EchoMsg.new, EchoMsg.new]
end end
def a_bidi_rpc(requests, call) def a_bidi_rpc(requests, call)
fail 'shouldnt reuse service' unless @call.nil? fail 'shouldnt reuse service' unless @server_side_call.nil?
@server_side_call = call @server_side_call = call
requests.each { |r| p r } requests.each { |r| p r }
[EchoMsg.new, EchoMsg.new] [EchoMsg.new, EchoMsg.new]

16
src/ruby/spec/testdata/client.key vendored
Unescape View File

@ -0,0 +1,16 @@
-----BEGIN PRIVATE KEY-----
MIICeQIBADANBgkqhkiG9w0BAQEFAASCAmMwggJfAgEAAoGBAOxUR9uhvhbeVUIM
s5WbH0px0mehl2+6sZpNjzvE2KimZpHzMJHukVH0Ffkvhs0b8+S5Ut9VNUAqd3IM
JCCAEGtRNoQhM1t9Yr2zAckSvbRacp+FL/Cj9eDmyo00KsVGaeefA4Dh4OW+ZhkT
NKcldXqkSuj1sEf244JZYuqZp6/tAgMBAAECgYEAi2NSVqpZMafE5YYUTcMGe6QS
k2jtpsqYgggI2RnLJ/2tNZwYI5pwP8QVSbnMaiF4gokD5hGdrNDfTnb2v+yIwYEH
0w8+oG7Z81KodsiZSIDJfTGsAZhVNwOz9y0VD8BBZZ1/274Zh52AUKLjZS/ZwIbS
W2ywya855dPnH/wj+0ECQQD9X8D920kByTNHhBG18biAEZ4pxs9f0OAG8333eVcI
w2lJDLsYDZrCB2ocgA3lUdozlzPC7YDYw8reg0tkiRY5AkEA7sdNzOeQsQRn7++5
0bP9DtT/iON1gbfxRzCfCfXdoOtfQWIzTePWtURt9X/5D9NofI0Rg5W2oGy/MLe5
/sXHVQJBAIup5XrJDkQywNZyAUU2ecn2bCWBFjwtqd+LBmuMciI9fOKsZtEKZrz/
U0lkeMRoSwvXE8wmGLjjrAbdfohrXFkCQQDZEx/LtIl6JINJQiswVe0tWr6k+ASP
1WXoTm+HYpoF/XUvv9LccNF1IazFj34hwRQwhx7w/V52Ieb+p0jUMYGxAkEAjDhd
9pBO1fKXWiXzi9ZKfoyTNcUq3eBSVKwPG2nItg5ycXengjT5sgcWDnciIzW7BIVI
JiqOszq9GWESErAatg==
-----END PRIVATE KEY-----

14
src/ruby/spec/testdata/client.pem vendored
Unescape View File

@ -0,0 +1,14 @@
-----BEGIN CERTIFICATE-----
MIICHzCCAYgCAQEwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCQVUxEzARBgNV
BAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0
ZDEPMA0GA1UEAwwGdGVzdGNhMB4XDTE0MDcxNzIzNTYwMloXDTI0MDcxNDIzNTYw
MlowWjELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM
GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDETMBEGA1UEAwwKdGVzdGNsaWVudDCB
nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA7FRH26G+Ft5VQgyzlZsfSnHSZ6GX
b7qxmk2PO8TYqKZmkfMwke6RUfQV+S+GzRvz5LlS31U1QCp3cgwkIIAQa1E2hCEz
W31ivbMByRK9tFpyn4Uv8KP14ObKjTQqxUZp558DgOHg5b5mGRM0pyV1eqRK6PWw
R/bjglli6pmnr+0CAwEAATANBgkqhkiG9w0BAQUFAAOBgQAStSm5PM7ubROiKK6/
T2FkKlhiTOx+Ryenm3Eio59emq+jXl+1nhPySX5G2PQzSR5vd1dIhwgZSR4Gyttk
tRZ57k/NI1brUW8joiEOMJA/Mr7H7asx7wIRYDE91Fs8GkKWd5LhoPAQj+qdG35C
OO+svdkmqH0KZo320ZUqdl2ooQ==
-----END CERTIFICATE-----
Write Preview
Loading…
Cancel
Save