| /* |
| * |
| * Copyright 2018 gRPC authors. |
| * |
| * Licensed under the Apache License, Version 2.0 (the "License"); |
| * you may not use this file except in compliance with the License. |
| * You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| * |
| */ |
| |
| // Binary server is an example server. |
| package main |
| |
| import ( |
| "context" |
| "flag" |
| "fmt" |
| "io" |
| "log" |
| "net" |
| "strings" |
| "time" |
| |
| "google.golang.org/grpc" |
| "google.golang.org/grpc/codes" |
| "google.golang.org/grpc/credentials" |
| ecpb "google.golang.org/grpc/examples/features/proto/echo" |
| "google.golang.org/grpc/metadata" |
| "google.golang.org/grpc/status" |
| "google.golang.org/grpc/testdata" |
| ) |
| |
| var ( |
| port = flag.Int("port", 50051, "the port to serve on") |
| |
| errMissingMetadata = status.Errorf(codes.InvalidArgument, "missing metadata") |
| errInvalidToken = status.Errorf(codes.Unauthenticated, "invalid token") |
| ) |
| |
| // logger is to mock a sophisticated logging system. To simplify the example, we just print out the content. |
| func logger(format string, a ...interface{}) { |
| fmt.Printf("LOG:\t"+format+"\n", a...) |
| } |
| |
| type server struct{} |
| |
| func (s *server) UnaryEcho(ctx context.Context, in *ecpb.EchoRequest) (*ecpb.EchoResponse, error) { |
| fmt.Printf("unary echoing message %q\n", in.Message) |
| return &ecpb.EchoResponse{Message: in.Message}, nil |
| } |
| |
| func (s *server) ServerStreamingEcho(in *ecpb.EchoRequest, stream ecpb.Echo_ServerStreamingEchoServer) error { |
| return status.Error(codes.Unimplemented, "not implemented") |
| } |
| |
| func (s *server) ClientStreamingEcho(stream ecpb.Echo_ClientStreamingEchoServer) error { |
| return status.Error(codes.Unimplemented, "not implemented") |
| } |
| |
| func (s *server) BidirectionalStreamingEcho(stream ecpb.Echo_BidirectionalStreamingEchoServer) error { |
| for { |
| in, err := stream.Recv() |
| if err != nil { |
| if err == io.EOF { |
| return nil |
| } |
| fmt.Printf("server: error receiving from stream: %v\n", err) |
| return err |
| } |
| fmt.Printf("bidi echoing message %q\n", in.Message) |
| stream.Send(&ecpb.EchoResponse{Message: in.Message}) |
| } |
| } |
| |
| // valid validates the authorization. |
| func valid(authorization []string) bool { |
| if len(authorization) < 1 { |
| return false |
| } |
| token := strings.TrimPrefix(authorization[0], "Bearer ") |
| // Perform the token validation here. For the sake of this example, the code |
| // here forgoes any of the usual OAuth2 token validation and instead checks |
| // for a token matching an arbitrary string. |
| return token == "some-secret-token" |
| } |
| |
| func unaryInterceptor(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (interface{}, error) { |
| // authentication (token verification) |
| md, ok := metadata.FromIncomingContext(ctx) |
| if !ok { |
| return nil, errMissingMetadata |
| } |
| if !valid(md["authorization"]) { |
| return nil, errInvalidToken |
| } |
| m, err := handler(ctx, req) |
| if err != nil { |
| logger("RPC failed with error %v", err) |
| } |
| return m, err |
| } |
| |
| // wrappedStream wraps around the embedded grpc.ServerStream, and intercepts the RecvMsg and |
| // SendMsg method call. |
| type wrappedStream struct { |
| grpc.ServerStream |
| } |
| |
| func (w *wrappedStream) RecvMsg(m interface{}) error { |
| logger("Receive a message (Type: %T) at %s", m, time.Now().Format(time.RFC3339)) |
| return w.ServerStream.RecvMsg(m) |
| } |
| |
| func (w *wrappedStream) SendMsg(m interface{}) error { |
| logger("Send a message (Type: %T) at %v", m, time.Now().Format(time.RFC3339)) |
| return w.ServerStream.SendMsg(m) |
| } |
| |
| func newWrappedStream(s grpc.ServerStream) grpc.ServerStream { |
| return &wrappedStream{s} |
| } |
| |
| func streamInterceptor(srv interface{}, ss grpc.ServerStream, info *grpc.StreamServerInfo, handler grpc.StreamHandler) error { |
| // authentication (token verification) |
| md, ok := metadata.FromIncomingContext(ss.Context()) |
| if !ok { |
| return errMissingMetadata |
| } |
| if !valid(md["authorization"]) { |
| return errInvalidToken |
| } |
| |
| err := handler(srv, newWrappedStream(ss)) |
| if err != nil { |
| logger("RPC failed with error %v", err) |
| } |
| return err |
| } |
| |
| func main() { |
| flag.Parse() |
| |
| lis, err := net.Listen("tcp", fmt.Sprintf(":%d", *port)) |
| if err != nil { |
| log.Fatalf("failed to listen: %v", err) |
| } |
| |
| // Create tls based credential. |
| creds, err := credentials.NewServerTLSFromFile(testdata.Path("server1.pem"), testdata.Path("server1.key")) |
| if err != nil { |
| log.Fatalf("failed to create credentials: %v", err) |
| } |
| |
| s := grpc.NewServer(grpc.Creds(creds), grpc.UnaryInterceptor(unaryInterceptor), grpc.StreamInterceptor(streamInterceptor)) |
| |
| // Register EchoServer on the server. |
| ecpb.RegisterEchoServer(s, &server{}) |
| |
| if err := s.Serve(lis); err != nil { |
| log.Fatalf("failed to serve: %v", err) |
| } |
| } |