examples_test.go

Documentation: github.com/grpc-ecosystem/go-grpc-middleware/auth

     1  package grpc_auth_test
     2  
     3  import (
     4  	"context"
     5  	"log"
     6  
     7  	"google.golang.org/grpc"
     8  	"google.golang.org/grpc/codes"
     9  	"google.golang.org/grpc/status"
    10  
    11  	grpc_auth "github.com/grpc-ecosystem/go-grpc-middleware/auth"
    12  	grpc_ctxtags "github.com/grpc-ecosystem/go-grpc-middleware/tags"
    13  	pb "github.com/grpc-ecosystem/go-grpc-middleware/testing/testproto"
    14  )
    15  
    16  func parseToken(token string) (struct{}, error) {
    17  	return struct{}{}, nil
    18  }
    19  
    20  func userClaimFromToken(struct{}) string {
    21  	return "foobar"
    22  }
    23  
    24  // exampleAuthFunc is used by a middleware to authenticate requests
    25  func exampleAuthFunc(ctx context.Context) (context.Context, error) {
    26  	token, err := grpc_auth.AuthFromMD(ctx, "bearer")
    27  	if err != nil {
    28  		return nil, err
    29  	}
    30  
    31  	tokenInfo, err := parseToken(token)
    32  	if err != nil {
    33  		return nil, status.Errorf(codes.Unauthenticated, "invalid auth token: %v", err)
    34  	}
    35  
    36  	grpc_ctxtags.Extract(ctx).Set("auth.sub", userClaimFromToken(tokenInfo))
    37  
    38  	// WARNING: in production define your own type to avoid context collisions
    39  	newCtx := context.WithValue(ctx, "tokenInfo", tokenInfo)
    40  
    41  	return newCtx, nil
    42  }
    43  
    44  // Simple example of server initialization code
    45  func Example_serverConfig() {
    46  	_ = grpc.NewServer(
    47  		grpc.StreamInterceptor(grpc_auth.StreamServerInterceptor(exampleAuthFunc)),
    48  		grpc.UnaryInterceptor(grpc_auth.UnaryServerInterceptor(exampleAuthFunc)),
    49  	)
    50  }
    51  
    52  type server struct {
    53  	pb.UnimplementedTestServiceServer
    54  	message string
    55  }
    56  
    57  // SayHello only can be called by client when authenticated by exampleAuthFunc
    58  func (g *server) Ping(ctx context.Context, request *pb.PingRequest) (*pb.PingResponse, error) {
    59  	return &pb.PingResponse{Value: g.message}, nil
    60  }
    61  
    62  // AuthFuncOverride is called instead of exampleAuthFunc
    63  func (g *server) AuthFuncOverride(ctx context.Context, fullMethodName string) (context.Context, error) {
    64  	log.Println("client is calling method:", fullMethodName)
    65  	return ctx, nil
    66  }
    67  
    68  // Simple example of server initialization code with AuthFuncOverride method.
    69  func Example_serverConfigWithAuthOverride() {
    70  	svr := grpc.NewServer(
    71  		grpc.StreamInterceptor(grpc_auth.StreamServerInterceptor(exampleAuthFunc)),
    72  		grpc.UnaryInterceptor(grpc_auth.UnaryServerInterceptor(exampleAuthFunc)),
    73  	)
    74  
    75  	overrideActive := true
    76  
    77  	if overrideActive {
    78  		pb.RegisterTestServiceServer(svr, &server{message: "pong unauthenticated"})
    79  	} else {
    80  		pb.RegisterTestServiceServer(svr, &server{message: "pong authenticated"})
    81  	}
    82  }
    83
View as plain text