Esempio n. 1
0
func (s *testServer) UnaryCall(ctx context.Context, in *testpb.SimpleRequest) (*testpb.SimpleResponse, error) {
	md, ok := metadata.FromContext(ctx)
	if ok {
		if err := grpc.SendHeader(ctx, md); err != nil {
			grpclog.Fatalf("grpc.SendHeader(%v, %v) = %v, want %v", ctx, md, err, nil)
		}
		grpc.SetTrailer(ctx, md)
	}
	if s.security != "" {
		// Check Auth info
		authInfo, ok := credentials.FromContext(ctx)
		if !ok {
			grpclog.Fatalf("Failed to get AuthInfo from ctx.")
		}
		var authType string
		switch info := authInfo.(type) {
		case credentials.TLSInfo:
			authType = info.AuthType()
		default:
			grpclog.Fatalf("Unknown AuthInfo type")
		}
		if authType != s.security {
			grpclog.Fatalf("Wrong auth type: got %q, want %q", authType, s.security)
		}
	}

	// Simulate some service delay.
	time.Sleep(time.Second)
	return &testpb.SimpleResponse{
		Payload: newPayload(in.GetResponseType(), in.GetResponseSize()),
	}, nil
}
Esempio n. 2
0
func authenticateVerifier(ctx context.Context) (uint64, error) {
	authInfo, ok := credentials.FromContext(ctx)
	if !ok {
		return 0, fmt.Errorf("failed to authenticate verifier: credentials.FromContext returned false")
	}
	certChains := authInfo.(credentials.TLSInfo).State.VerifiedChains
	if len(certChains) != 1 {
		return 0, fmt.Errorf("failed to authenticate verifier: expected exactly one valid certificate chain")
	}
	chain := certChains[0]
	leaf := chain[0]
	verifierIDString := leaf.Subject.CommonName
	if !strings.HasPrefix(verifierIDString, verifierCommonNamePrefix) {
		return 0, fmt.Errorf("failed to authenticate verifier: invalid common name: missing prefix %q (got %q)", verifierCommonNamePrefix, verifierIDString)
	}
	verifierID, err := strconv.ParseUint(verifierIDString[len(verifierCommonNamePrefix):], 16, 64)
	if err != nil {
		return 0, fmt.Errorf("failed to authenticate verifier: invalid common name: id not an integer: %s", err)
	}
	return verifierID, nil
}