From 5db1ae34b4a0fd8e0b81ecfc4e1eac5da2c6bba4 Mon Sep 17 00:00:00 2001 From: Lidi Zheng Date: Thu, 15 Aug 2019 20:13:39 -0700 Subject: [PATCH 01/11] Expose local credentials on Python layer --- .../grpc/_cython/_cygrpc/credentials.pxd.pxi | 5 ++ .../grpc/_cython/_cygrpc/credentials.pyx.pxi | 22 +++++++ .../grpcio/grpc/_cython/_cygrpc/grpc.pxi | 12 ++++ src/python/grpcio/grpc/_local_credentials.py | 57 +++++++++++++++++ src/python/grpcio_tests/tests/tests.json | 1 + .../grpcio_tests/tests/unit/BUILD.bazel | 1 + .../tests/unit/_local_credentials_test.py | 64 +++++++++++++++++++ 7 files changed, 162 insertions(+) create mode 100644 src/python/grpcio/grpc/_local_credentials.py create mode 100644 src/python/grpcio_tests/tests/unit/_local_credentials_test.py diff --git a/src/python/grpcio/grpc/_cython/_cygrpc/credentials.pxd.pxi b/src/python/grpcio/grpc/_cython/_cygrpc/credentials.pxd.pxi index 05892b37324..ec647378a99 100644 --- a/src/python/grpcio/grpc/_cython/_cygrpc/credentials.pxd.pxi +++ b/src/python/grpcio/grpc/_cython/_cygrpc/credentials.pxd.pxi @@ -97,3 +97,8 @@ cdef class ServerCredentials: cdef object cert_config_fetcher # whether C-core has asked for the initial_cert_config cdef bint initial_cert_config_fetched + + +cdef class LocalChannelCredentials(ChannelCredentials): + + cdef readonly object _local_connect_type diff --git a/src/python/grpcio/grpc/_cython/_cygrpc/credentials.pyx.pxi b/src/python/grpcio/grpc/_cython/_cygrpc/credentials.pyx.pxi index 2ec1c0bc427..ac88bbe7afc 100644 --- a/src/python/grpcio/grpc/_cython/_cygrpc/credentials.pyx.pxi +++ b/src/python/grpcio/grpc/_cython/_cygrpc/credentials.pyx.pxi @@ -328,3 +328,25 @@ cdef grpc_ssl_certificate_config_reload_status _server_cert_config_fetcher_wrapp cert_config.c_ssl_pem_key_cert_pairs_count) return GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_NEW + +class LocalConnectType: + uds = UDS + local_tcp = LOCAL_TCP + +cdef class LocalChannelCredentials(ChannelCredentials): + + def __cinit__(self, grpc_local_connect_type local_connect_type): + self._local_connect_type = local_connect_type + + cdef grpc_channel_credentials *c(self) except *: + cdef grpc_local_connect_type local_connect_type + local_connect_type = self._local_connect_type + return grpc_local_credentials_create(local_connect_type) + +def channel_credentials_local(grpc_local_connect_type local_connect_type): + return LocalChannelCredentials(local_connect_type) + +def server_credentials_local(grpc_local_connect_type local_connect_type): + cdef ServerCredentials credentials = ServerCredentials() + credentials.c_credentials = grpc_local_server_credentials_create(local_connect_type) + return credentials diff --git a/src/python/grpcio/grpc/_cython/_cygrpc/grpc.pxi b/src/python/grpcio/grpc/_cython/_cygrpc/grpc.pxi index a674c34bb23..4bfb42026aa 100644 --- a/src/python/grpcio/grpc/_cython/_cygrpc/grpc.pxi +++ b/src/python/grpcio/grpc/_cython/_cygrpc/grpc.pxi @@ -584,6 +584,12 @@ cdef extern from "grpc/grpc_security.h": void grpc_auth_context_release(grpc_auth_context *context) + grpc_channel_credentials *grpc_local_credentials_create( + grpc_local_connect_type type) + grpc_server_credentials *grpc_local_server_credentials_create( + grpc_local_connect_type type) + + cdef extern from "grpc/compression.h": ctypedef enum grpc_compression_algorithm: @@ -624,3 +630,9 @@ cdef extern from "grpc/impl/codegen/compression_types.h": const char *_GRPC_COMPRESSION_REQUEST_ALGORITHM_MD_KEY \ "GRPC_COMPRESSION_REQUEST_ALGORITHM_MD_KEY" + + +cdef extern from "grpc/grpc_security_constants.h": + ctypedef enum grpc_local_connect_type: + UDS + LOCAL_TCP diff --git a/src/python/grpcio/grpc/_local_credentials.py b/src/python/grpcio/grpc/_local_credentials.py new file mode 100644 index 00000000000..326820dee39 --- /dev/null +++ b/src/python/grpcio/grpc/_local_credentials.py @@ -0,0 +1,57 @@ + +# Copyright 2019 The gRPC authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""gRPC's local credential API.""" + +import enum +import grpc +from grpc._cython import cygrpc + + +@enum.unique +class LocalConnectType(enum.Enum): + """Type of local connections for which local channel/server credentials will be applied. + + Attributes: + UDS: Unix domain socket connections + LOCAL_TCP: Local TCP connections. + """ + UDS = cygrpc.LocalConnectType.uds + LOCAL_TCP = cygrpc.LocalConnectType.local_tcp + + +def local_channel_credentials(local_connect_type=LocalConnectType.LOCAL_TCP): + """Creates a local ChannelCredentials used for local connections. + + Args: + local_connect_type: Local connection type (either UDS or LOCAL_TCP) + + Returns: + A ChannelCredentials for use with a local Channel + """ + return grpc.ChannelCredentials( + cygrpc.channel_credentials_local(local_connect_type.value)) + + +def local_server_credentials(local_connect_type=LocalConnectType.LOCAL_TCP): + """Creates a local ServerCredentials used for local connections. + + Args: + local_connect_type: Local connection type (either UDS or LOCAL_TCP) + + Returns: + A ServerCredentials for use with a local Server + """ + return grpc.ServerCredentials( + cygrpc.server_credentials_local(local_connect_type.value)) diff --git a/src/python/grpcio_tests/tests/tests.json b/src/python/grpcio_tests/tests/tests.json index ab70943e5ed..c636ee5d4e3 100644 --- a/src/python/grpcio_tests/tests/tests.json +++ b/src/python/grpcio_tests/tests/tests.json @@ -53,6 +53,7 @@ "unit._interceptor_test.InterceptorTest", "unit._invalid_metadata_test.InvalidMetadataTest", "unit._invocation_defects_test.InvocationDefectsTest", + "unit._local_credentials_test.LocalCredentialsTest", "unit._logging_test.LoggingTest", "unit._metadata_code_details_test.MetadataCodeDetailsTest", "unit._metadata_flags_test.MetadataFlagsTest", diff --git a/src/python/grpcio_tests/tests/unit/BUILD.bazel b/src/python/grpcio_tests/tests/unit/BUILD.bazel index aede11e325f..baa8a4a3e6b 100644 --- a/src/python/grpcio_tests/tests/unit/BUILD.bazel +++ b/src/python/grpcio_tests/tests/unit/BUILD.bazel @@ -19,6 +19,7 @@ GRPCIO_TESTS_UNIT = [ "_interceptor_test.py", "_invalid_metadata_test.py", "_invocation_defects_test.py", + "_local_crednetials_test.py", "_logging_test.py", "_metadata_code_details_test.py", "_metadata_test.py", diff --git a/src/python/grpcio_tests/tests/unit/_local_credentials_test.py b/src/python/grpcio_tests/tests/unit/_local_credentials_test.py new file mode 100644 index 00000000000..838d8129e8c --- /dev/null +++ b/src/python/grpcio_tests/tests/unit/_local_credentials_test.py @@ -0,0 +1,64 @@ +# Copyright 2019 The gRPC authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +"""Test of RPCs made using local credentials.""" + +import unittest +from concurrent.futures import ThreadPoolExecutor +import grpc +from grpc import local_credentials + + +class _GenericHandler(grpc.GenericRpcHandler): + + def service(self, handler_call_details): + return grpc.unary_unary_rpc_method_handler( + lambda request, unused_context: request) + + +class LocalCredentialsTest(unittest.TestCase): + + def _create_server(self): + server = grpc.server(ThreadPoolExecutor()) + server.add_generic_rpc_handlers((_GenericHandler(),)) + return server + + def test_local_tcp(self): + server_addr = '[::1]:{}' + channel_creds = local_credentials.local_channel_credentials( + local_credentials.LocalConnectType.LOCAL_TCP) + server_creds = local_credentials.local_server_credentials( + local_credentials.LocalConnectType.LOCAL_TCP) + server = self._create_server() + port = server.add_secure_port(server_addr.format(0), server_creds) + server.start() + channel = grpc.secure_channel(server_addr.format(port), channel_creds) + self.assertEqual(b'abc', channel.unary_unary('/test/method')(b'abc')) + server.stop(None) + + def test_uds(self): + server_addr = 'unix:/tmp/grpc_fullstack_test' + channel_creds = local_credentials.local_channel_credentials( + local_credentials.LocalConnectType.UDS) + server_creds = local_credentials.local_server_credentials( + local_credentials.LocalConnectType.UDS) + server = self._create_server() + server.add_secure_port(server_addr, server_creds) + server.start() + channel = grpc.secure_channel(server_addr, channel_creds) + self.assertEqual(b'abc', channel.unary_unary('/test/method')(b'abc')) + server.stop(None) + + +if __name__ == '__main__': + unittest.main() From f681fe89af7ba140d0e3e02eeaa9efa03e2332d2 Mon Sep 17 00:00:00 2001 From: Lidi Zheng Date: Thu, 15 Aug 2019 20:16:01 -0700 Subject: [PATCH 02/11] Make yapf happy --- src/python/grpcio/grpc/_local_credentials.py | 1 - 1 file changed, 1 deletion(-) diff --git a/src/python/grpcio/grpc/_local_credentials.py b/src/python/grpcio/grpc/_local_credentials.py index 326820dee39..8d46fa3d3ae 100644 --- a/src/python/grpcio/grpc/_local_credentials.py +++ b/src/python/grpcio/grpc/_local_credentials.py @@ -1,4 +1,3 @@ - # Copyright 2019 The gRPC authors # # Licensed under the Apache License, Version 2.0 (the "License"); From 0d203d39b821ad80d3ddf828e8395b0f9a40350e Mon Sep 17 00:00:00 2001 From: Lidi Zheng Date: Fri, 16 Aug 2019 11:17:35 -0700 Subject: [PATCH 03/11] Adopt reviewers' advice --- src/python/grpcio/grpc/__init__.py | 42 ++++++++++++++ .../grpc/_cython/_cygrpc/credentials.pxd.pxi | 2 +- src/python/grpcio/grpc/_local_credentials.py | 56 ------------------- .../grpcio_tests/tests/unit/BUILD.bazel | 2 +- .../tests/unit/_local_credentials_test.py | 19 +++---- 5 files changed, 53 insertions(+), 68 deletions(-) delete mode 100644 src/python/grpcio/grpc/_local_credentials.py diff --git a/src/python/grpcio/grpc/__init__.py b/src/python/grpcio/grpc/__init__.py index 7dae90c89e8..f96ca270dc0 100644 --- a/src/python/grpcio/grpc/__init__.py +++ b/src/python/grpcio/grpc/__init__.py @@ -22,6 +22,7 @@ import six from grpc._cython import cygrpc as _cygrpc from grpc import _compression +from grpc import local_credentials logging.getLogger(__name__).addHandler(logging.NullHandler()) @@ -1744,6 +1745,44 @@ def dynamic_ssl_server_credentials(initial_certificate_configuration, certificate_configuration_fetcher, require_client_authentication)) +@enum.unique +class LocalConnectionType(enum.Enum): + """Type of local connections for which local channel/server credentials will be applied. + + Attributes: + UDS: Unix domain socket connections + LOCAL_TCP: Local TCP connections. + """ + UDS = _cygrpc.LocalConnectType.uds + LOCAL_TCP = _cygrpc.LocalConnectType.local_tcp + + +def local_channel_credentials(local_connect_type=LocalConnectionType.LOCAL_TCP): + """Creates a local ChannelCredentials used for local connections. + + Args: + local_connect_type: Local connection type (either UDS or LOCAL_TCP) + + Returns: + A ChannelCredentials for use with a local Channel + """ + return ChannelCredentials( + _cygrpc.channel_credentials_local(local_connect_type.value)) + + +def local_server_credentials(local_connect_type=LocalConnectionType.LOCAL_TCP): + """Creates a local ServerCredentials used for local connections. + + Args: + local_connect_type: Local connection type (either UDS or LOCAL_TCP) + + Returns: + A ServerCredentials for use with a local Server + """ + return ServerCredentials( + _cygrpc.server_credentials_local(local_connect_type.value)) + + def channel_ready_future(channel): """Creates a Future that tracks when a Channel is ready. @@ -1913,6 +1952,7 @@ __all__ = ( 'ClientCallDetails', 'ServerCertificateConfiguration', 'ServerCredentials', + 'LocalConnectionType', 'UnaryUnaryMultiCallable', 'UnaryStreamMultiCallable', 'StreamUnaryMultiCallable', @@ -1939,6 +1979,8 @@ __all__ = ( 'access_token_call_credentials', 'composite_call_credentials', 'composite_channel_credentials', + 'local_channel_credentials', + 'local_server_credentials', 'ssl_server_credentials', 'ssl_server_certificate_configuration', 'dynamic_ssl_server_credentials', diff --git a/src/python/grpcio/grpc/_cython/_cygrpc/credentials.pxd.pxi b/src/python/grpcio/grpc/_cython/_cygrpc/credentials.pxd.pxi index ec647378a99..0631e1cf63c 100644 --- a/src/python/grpcio/grpc/_cython/_cygrpc/credentials.pxd.pxi +++ b/src/python/grpcio/grpc/_cython/_cygrpc/credentials.pxd.pxi @@ -101,4 +101,4 @@ cdef class ServerCredentials: cdef class LocalChannelCredentials(ChannelCredentials): - cdef readonly object _local_connect_type + cdef grpc_local_connect_type _local_connect_type diff --git a/src/python/grpcio/grpc/_local_credentials.py b/src/python/grpcio/grpc/_local_credentials.py deleted file mode 100644 index 8d46fa3d3ae..00000000000 --- a/src/python/grpcio/grpc/_local_credentials.py +++ /dev/null @@ -1,56 +0,0 @@ -# Copyright 2019 The gRPC authors -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -"""gRPC's local credential API.""" - -import enum -import grpc -from grpc._cython import cygrpc - - -@enum.unique -class LocalConnectType(enum.Enum): - """Type of local connections for which local channel/server credentials will be applied. - - Attributes: - UDS: Unix domain socket connections - LOCAL_TCP: Local TCP connections. - """ - UDS = cygrpc.LocalConnectType.uds - LOCAL_TCP = cygrpc.LocalConnectType.local_tcp - - -def local_channel_credentials(local_connect_type=LocalConnectType.LOCAL_TCP): - """Creates a local ChannelCredentials used for local connections. - - Args: - local_connect_type: Local connection type (either UDS or LOCAL_TCP) - - Returns: - A ChannelCredentials for use with a local Channel - """ - return grpc.ChannelCredentials( - cygrpc.channel_credentials_local(local_connect_type.value)) - - -def local_server_credentials(local_connect_type=LocalConnectType.LOCAL_TCP): - """Creates a local ServerCredentials used for local connections. - - Args: - local_connect_type: Local connection type (either UDS or LOCAL_TCP) - - Returns: - A ServerCredentials for use with a local Server - """ - return grpc.ServerCredentials( - cygrpc.server_credentials_local(local_connect_type.value)) diff --git a/src/python/grpcio_tests/tests/unit/BUILD.bazel b/src/python/grpcio_tests/tests/unit/BUILD.bazel index baa8a4a3e6b..49203b7fa16 100644 --- a/src/python/grpcio_tests/tests/unit/BUILD.bazel +++ b/src/python/grpcio_tests/tests/unit/BUILD.bazel @@ -19,7 +19,7 @@ GRPCIO_TESTS_UNIT = [ "_interceptor_test.py", "_invalid_metadata_test.py", "_invocation_defects_test.py", - "_local_crednetials_test.py", + "_local_credentials_test.py", "_logging_test.py", "_metadata_code_details_test.py", "_metadata_test.py", diff --git a/src/python/grpcio_tests/tests/unit/_local_credentials_test.py b/src/python/grpcio_tests/tests/unit/_local_credentials_test.py index 838d8129e8c..fe7b052482b 100644 --- a/src/python/grpcio_tests/tests/unit/_local_credentials_test.py +++ b/src/python/grpcio_tests/tests/unit/_local_credentials_test.py @@ -1,4 +1,4 @@ -# Copyright 2019 The gRPC authors +# Copyright 2019 The gRPC Authors # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -16,7 +16,6 @@ import unittest from concurrent.futures import ThreadPoolExecutor import grpc -from grpc import local_credentials class _GenericHandler(grpc.GenericRpcHandler): @@ -35,10 +34,10 @@ class LocalCredentialsTest(unittest.TestCase): def test_local_tcp(self): server_addr = '[::1]:{}' - channel_creds = local_credentials.local_channel_credentials( - local_credentials.LocalConnectType.LOCAL_TCP) - server_creds = local_credentials.local_server_credentials( - local_credentials.LocalConnectType.LOCAL_TCP) + channel_creds = grpc.local_channel_credentials( + grpc.LocalConnectionType.LOCAL_TCP) + server_creds = grpc.local_server_credentials( + grpc.LocalConnectionType.LOCAL_TCP) server = self._create_server() port = server.add_secure_port(server_addr.format(0), server_creds) server.start() @@ -48,10 +47,10 @@ class LocalCredentialsTest(unittest.TestCase): def test_uds(self): server_addr = 'unix:/tmp/grpc_fullstack_test' - channel_creds = local_credentials.local_channel_credentials( - local_credentials.LocalConnectType.UDS) - server_creds = local_credentials.local_server_credentials( - local_credentials.LocalConnectType.UDS) + channel_creds = grpc.local_channel_credentials( + grpc.LocalConnectionType.UDS) + server_creds = grpc.local_server_credentials( + grpc.LocalConnectionType.UDS) server = self._create_server() server.add_secure_port(server_addr, server_creds) server.start() From 40fe76ad307626c441563b4d12640ce683da01c4 Mon Sep 17 00:00:00 2001 From: Lidi Zheng Date: Fri, 16 Aug 2019 14:17:05 -0700 Subject: [PATCH 04/11] Fix import --- src/python/grpcio/grpc/__init__.py | 1 - 1 file changed, 1 deletion(-) diff --git a/src/python/grpcio/grpc/__init__.py b/src/python/grpcio/grpc/__init__.py index f96ca270dc0..aa47316b448 100644 --- a/src/python/grpcio/grpc/__init__.py +++ b/src/python/grpcio/grpc/__init__.py @@ -22,7 +22,6 @@ import six from grpc._cython import cygrpc as _cygrpc from grpc import _compression -from grpc import local_credentials logging.getLogger(__name__).addHandler(logging.NullHandler()) From 64dd53273252db24662b93d4e3408c58bfc000f4 Mon Sep 17 00:00:00 2001 From: Lidi Zheng Date: Fri, 16 Aug 2019 14:55:48 -0700 Subject: [PATCH 05/11] Make _api_test.py happy --- src/python/grpcio_tests/tests/unit/_api_test.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/python/grpcio_tests/tests/unit/_api_test.py b/src/python/grpcio_tests/tests/unit/_api_test.py index 127dab336bf..cc0daba2098 100644 --- a/src/python/grpcio_tests/tests/unit/_api_test.py +++ b/src/python/grpcio_tests/tests/unit/_api_test.py @@ -60,6 +60,9 @@ class AllTest(unittest.TestCase): 'ServiceRpcHandler', 'Server', 'ServerInterceptor', + 'LocalConnectionType', + 'local_channel_credentials', + 'local_server_credentials', 'unary_unary_rpc_method_handler', 'unary_stream_rpc_method_handler', 'stream_unary_rpc_method_handler', From 5a4d46d19bc190e49feccc9879f2df57ab51dbb0 Mon Sep 17 00:00:00 2001 From: Lidi Zheng Date: Fri, 16 Aug 2019 15:16:29 -0700 Subject: [PATCH 06/11] Add wait_for_ready attempt to fix gevent issue --- .../grpcio_tests/tests/unit/_local_credentials_test.py | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/src/python/grpcio_tests/tests/unit/_local_credentials_test.py b/src/python/grpcio_tests/tests/unit/_local_credentials_test.py index fe7b052482b..7fb2520d48d 100644 --- a/src/python/grpcio_tests/tests/unit/_local_credentials_test.py +++ b/src/python/grpcio_tests/tests/unit/_local_credentials_test.py @@ -42,7 +42,9 @@ class LocalCredentialsTest(unittest.TestCase): port = server.add_secure_port(server_addr.format(0), server_creds) server.start() channel = grpc.secure_channel(server_addr.format(port), channel_creds) - self.assertEqual(b'abc', channel.unary_unary('/test/method')(b'abc')) + self.assertEqual(b'abc', + channel.unary_unary('/test/method')( + b'abc', wait_for_ready=True)) server.stop(None) def test_uds(self): @@ -55,7 +57,9 @@ class LocalCredentialsTest(unittest.TestCase): server.add_secure_port(server_addr, server_creds) server.start() channel = grpc.secure_channel(server_addr, channel_creds) - self.assertEqual(b'abc', channel.unary_unary('/test/method')(b'abc')) + self.assertEqual(b'abc', + channel.unary_unary('/test/method')( + b'abc', wait_for_ready=True)) server.stop(None) From 227a7cb47b14b135989897aa49d98b6abede9023 Mon Sep 17 00:00:00 2001 From: Lidi Zheng Date: Fri, 16 Aug 2019 15:43:06 -0700 Subject: [PATCH 07/11] Adopt reviewer's suggestion --- src/python/grpcio/grpc/__init__.py | 26 +++++++++++++++---- .../grpc/_cython/_cygrpc/credentials.pyx.pxi | 2 +- .../tests/unit/_local_credentials_test.py | 21 ++++++++------- 3 files changed, 34 insertions(+), 15 deletions(-) diff --git a/src/python/grpcio/grpc/__init__.py b/src/python/grpcio/grpc/__init__.py index aa47316b448..3852b40c971 100644 --- a/src/python/grpcio/grpc/__init__.py +++ b/src/python/grpcio/grpc/__init__.py @@ -1746,21 +1746,29 @@ def dynamic_ssl_server_credentials(initial_certificate_configuration, @enum.unique class LocalConnectionType(enum.Enum): - """Type of local connections for which local channel/server credentials will be applied. + """Types of local connection for local credential creation. Attributes: UDS: Unix domain socket connections LOCAL_TCP: Local TCP connections. """ - UDS = _cygrpc.LocalConnectType.uds - LOCAL_TCP = _cygrpc.LocalConnectType.local_tcp + UDS = _cygrpc.LocalConnectionType.uds + LOCAL_TCP = _cygrpc.LocalConnectionType.local_tcp def local_channel_credentials(local_connect_type=LocalConnectionType.LOCAL_TCP): """Creates a local ChannelCredentials used for local connections. + Local credentials are used by local TCP endpoints (e.g. localhost:10000) + also UDS connections. It allows them to create secure channel, hence + transmitting call credentials become possible. + + It is useful for 1) eliminating insecure_channel usage; 2) enable unit + testing for call credentials without setting up secrets. + Args: - local_connect_type: Local connection type (either UDS or LOCAL_TCP) + local_connect_type: Local connection type (either + grpc.LocalConnectionType.UDS or grpc.LocalConnectionType.LOCAL_TCP) Returns: A ChannelCredentials for use with a local Channel @@ -1772,8 +1780,16 @@ def local_channel_credentials(local_connect_type=LocalConnectionType.LOCAL_TCP): def local_server_credentials(local_connect_type=LocalConnectionType.LOCAL_TCP): """Creates a local ServerCredentials used for local connections. + Local credentials are used by local TCP endpoints (e.g. localhost:10000) + also UDS connections. It allows them to create secure channel, hence + transmitting call credentials become possible. + + It is useful for 1) eliminating insecure_channel usage; 2) enable unit + testing for call credentials without setting up secrets. + Args: - local_connect_type: Local connection type (either UDS or LOCAL_TCP) + local_connect_type: Local connection type (either + grpc.LocalConnectionType.UDS or grpc.LocalConnectionType.LOCAL_TCP) Returns: A ServerCredentials for use with a local Server diff --git a/src/python/grpcio/grpc/_cython/_cygrpc/credentials.pyx.pxi b/src/python/grpcio/grpc/_cython/_cygrpc/credentials.pyx.pxi index ac88bbe7afc..b2aa7800295 100644 --- a/src/python/grpcio/grpc/_cython/_cygrpc/credentials.pyx.pxi +++ b/src/python/grpcio/grpc/_cython/_cygrpc/credentials.pyx.pxi @@ -329,7 +329,7 @@ cdef grpc_ssl_certificate_config_reload_status _server_cert_config_fetcher_wrapp return GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_NEW -class LocalConnectType: +class LocalConnectionType: uds = UDS local_tcp = LOCAL_TCP diff --git a/src/python/grpcio_tests/tests/unit/_local_credentials_test.py b/src/python/grpcio_tests/tests/unit/_local_credentials_test.py index 7fb2520d48d..80a21af1cef 100644 --- a/src/python/grpcio_tests/tests/unit/_local_credentials_test.py +++ b/src/python/grpcio_tests/tests/unit/_local_credentials_test.py @@ -33,18 +33,20 @@ class LocalCredentialsTest(unittest.TestCase): return server def test_local_tcp(self): - server_addr = '[::1]:{}' + server_addr = 'localhost:{}' channel_creds = grpc.local_channel_credentials( grpc.LocalConnectionType.LOCAL_TCP) server_creds = grpc.local_server_credentials( grpc.LocalConnectionType.LOCAL_TCP) + server = self._create_server() port = server.add_secure_port(server_addr.format(0), server_creds) server.start() - channel = grpc.secure_channel(server_addr.format(port), channel_creds) - self.assertEqual(b'abc', - channel.unary_unary('/test/method')( - b'abc', wait_for_ready=True)) + with grpc.secure_channel(server_addr.format(port), + channel_creds) as channel: + self.assertEqual(b'abc', + channel.unary_unary('/test/method')( + b'abc', wait_for_ready=True)) server.stop(None) def test_uds(self): @@ -53,13 +55,14 @@ class LocalCredentialsTest(unittest.TestCase): grpc.LocalConnectionType.UDS) server_creds = grpc.local_server_credentials( grpc.LocalConnectionType.UDS) + server = self._create_server() server.add_secure_port(server_addr, server_creds) server.start() - channel = grpc.secure_channel(server_addr, channel_creds) - self.assertEqual(b'abc', - channel.unary_unary('/test/method')( - b'abc', wait_for_ready=True)) + with grpc.secure_channel(server_addr, channel_creds) as channel: + self.assertEqual(b'abc', + channel.unary_unary('/test/method')( + b'abc', wait_for_ready=True)) server.stop(None) From c45fb12ffb21966307888ef9c87dbd7ba70a0683 Mon Sep 17 00:00:00 2001 From: Lidi Zheng Date: Fri, 16 Aug 2019 17:33:19 -0700 Subject: [PATCH 08/11] Add experimental API note. --- src/python/grpcio/grpc/__init__.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/python/grpcio/grpc/__init__.py b/src/python/grpcio/grpc/__init__.py index 3852b40c971..aa1a20c58db 100644 --- a/src/python/grpcio/grpc/__init__.py +++ b/src/python/grpcio/grpc/__init__.py @@ -1759,6 +1759,8 @@ class LocalConnectionType(enum.Enum): def local_channel_credentials(local_connect_type=LocalConnectionType.LOCAL_TCP): """Creates a local ChannelCredentials used for local connections. + This is an EXPERIMENTAL API. + Local credentials are used by local TCP endpoints (e.g. localhost:10000) also UDS connections. It allows them to create secure channel, hence transmitting call credentials become possible. @@ -1780,6 +1782,8 @@ def local_channel_credentials(local_connect_type=LocalConnectionType.LOCAL_TCP): def local_server_credentials(local_connect_type=LocalConnectionType.LOCAL_TCP): """Creates a local ServerCredentials used for local connections. + This is an EXPERIMENTAL API. + Local credentials are used by local TCP endpoints (e.g. localhost:10000) also UDS connections. It allows them to create secure channel, hence transmitting call credentials become possible. From 5d7766153fe9e307cb3694d21f53a5c6d41eed02 Mon Sep 17 00:00:00 2001 From: Lidi Zheng Date: Mon, 19 Aug 2019 17:37:55 -0700 Subject: [PATCH 09/11] Disable local tcp test for gevent --- src/python/grpcio_tests/commands.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/python/grpcio_tests/commands.py b/src/python/grpcio_tests/commands.py index 166cea101a4..a3912cda712 100644 --- a/src/python/grpcio_tests/commands.py +++ b/src/python/grpcio_tests/commands.py @@ -155,6 +155,8 @@ class TestGevent(setuptools.Command): 'channelz._channelz_servicer_test.ChannelzServicerTest.test_streaming_rpc', # TODO(https://github.com/grpc/grpc/issues/15411) enable this test 'unit._cython._channel_test.ChannelTest.test_negative_deadline_connectivity' + # TODO(https://github.com/grpc/grpc/issues/15411) enable this test + 'unit._local_credentials_test.LocalCredentialsTest.test_local_tcp', ) BANNED_WINDOWS_TESTS = ( # TODO(https://github.com/grpc/grpc/pull/15411) enable this test From 853a6318b439b4bed1ea0707831b5d726ce286f1 Mon Sep 17 00:00:00 2001 From: Lidi Zheng Date: Tue, 20 Aug 2019 08:43:32 -0700 Subject: [PATCH 10/11] Correct the disable pattern --- src/python/grpcio_tests/commands.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/python/grpcio_tests/commands.py b/src/python/grpcio_tests/commands.py index a3912cda712..aa947329230 100644 --- a/src/python/grpcio_tests/commands.py +++ b/src/python/grpcio_tests/commands.py @@ -156,7 +156,7 @@ class TestGevent(setuptools.Command): # TODO(https://github.com/grpc/grpc/issues/15411) enable this test 'unit._cython._channel_test.ChannelTest.test_negative_deadline_connectivity' # TODO(https://github.com/grpc/grpc/issues/15411) enable this test - 'unit._local_credentials_test.LocalCredentialsTest.test_local_tcp', + 'unit._local_credentials_test.LocalCredentialsTest', ) BANNED_WINDOWS_TESTS = ( # TODO(https://github.com/grpc/grpc/pull/15411) enable this test From 2c9cff30a1efc6abc689a7205467dbf251903ec2 Mon Sep 17 00:00:00 2001 From: Lidi Zheng Date: Tue, 20 Aug 2019 14:52:20 -0700 Subject: [PATCH 11/11] Fix typo in the ignore list... --- src/python/grpcio_tests/commands.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/python/grpcio_tests/commands.py b/src/python/grpcio_tests/commands.py index aa947329230..61d8bdc1f7b 100644 --- a/src/python/grpcio_tests/commands.py +++ b/src/python/grpcio_tests/commands.py @@ -154,7 +154,7 @@ class TestGevent(setuptools.Command): 'channelz._channelz_servicer_test.ChannelzServicerTest.test_many_subchannels_and_sockets', 'channelz._channelz_servicer_test.ChannelzServicerTest.test_streaming_rpc', # TODO(https://github.com/grpc/grpc/issues/15411) enable this test - 'unit._cython._channel_test.ChannelTest.test_negative_deadline_connectivity' + 'unit._cython._channel_test.ChannelTest.test_negative_deadline_connectivity', # TODO(https://github.com/grpc/grpc/issues/15411) enable this test 'unit._local_credentials_test.LocalCredentialsTest', )