examples/features/interceptor/server/main.go - third_party/grpc/grpc-go - Git at Google

 /*
  *
  * Copyright 2018 gRPC authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
  */

 // Binary server is an example server.
 package main

 import (
 	"context"
 	"flag"
 	"fmt"
 	"io"
 	"log"
 	"net"
 	"strings"
 	"time"

 	"google.golang.org/grpc"
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/credentials"
 	ecpb "google.golang.org/grpc/examples/features/proto/echo"
 	"google.golang.org/grpc/metadata"
 	"google.golang.org/grpc/status"
 	"google.golang.org/grpc/testdata"
 )

 var (
 	port = flag.Int("port", 50051, "the port to serve on")

 	errMissingMetadata = status.Errorf(codes.InvalidArgument, "missing metadata")
 	errInvalidToken    = status.Errorf(codes.Unauthenticated, "invalid token")
 )

 // logger is to mock a sophisticated logging system. To simplify the example, we just print out the content.
 func logger(format string, a ...interface{}) {
 	fmt.Printf("LOG:\t"+format+"\n", a...)
 }

 type server struct{}

 func (s *server) UnaryEcho(ctx context.Context, in *ecpb.EchoRequest) (*ecpb.EchoResponse, error) {
 	fmt.Printf("unary echoing message %q\n", in.Message)
 	return &ecpb.EchoResponse{Message: in.Message}, nil
 }

 func (s *server) ServerStreamingEcho(in *ecpb.EchoRequest, stream ecpb.Echo_ServerStreamingEchoServer) error {
 	return status.Error(codes.Unimplemented, "not implemented")
 }

 func (s *server) ClientStreamingEcho(stream ecpb.Echo_ClientStreamingEchoServer) error {
 	return status.Error(codes.Unimplemented, "not implemented")
 }

 func (s *server) BidirectionalStreamingEcho(stream ecpb.Echo_BidirectionalStreamingEchoServer) error {
 	for {
 		in, err := stream.Recv()
 		if err != nil {
 			if err == io.EOF {
 				return nil
 			}
 			fmt.Printf("server: error receiving from stream: %v\n", err)
 			return err
 		}
 		fmt.Printf("bidi echoing message %q\n", in.Message)
 		stream.Send(&ecpb.EchoResponse{Message: in.Message})
 	}
 }

 // valid validates the authorization.
 func valid(authorization []string) bool {
 	if len(authorization) < 1 {
 		return false
 	}
 	token := strings.TrimPrefix(authorization[0], "Bearer ")
 	// Perform the token validation here. For the sake of this example, the code
 	// here forgoes any of the usual OAuth2 token validation and instead checks
 	// for a token matching an arbitrary string.
 	return token == "some-secret-token"
 }

 func unaryInterceptor(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (interface{}, error) {
 	// authentication (token verification)
 	md, ok := metadata.FromIncomingContext(ctx)
 	if !ok {
 		return nil, errMissingMetadata
 	}
 	if !valid(md["authorization"]) {
 		return nil, errInvalidToken
 	}
 	m, err := handler(ctx, req)
 	if err != nil {
 		logger("RPC failed with error %v", err)
 	}
 	return m, err
 }

 // wrappedStream wraps around the embedded grpc.ServerStream, and intercepts the RecvMsg and
 // SendMsg method call.
 type wrappedStream struct {
 	grpc.ServerStream
 }

 func (w *wrappedStream) RecvMsg(m interface{}) error {
 	logger("Receive a message (Type: %T) at %s", m, time.Now().Format(time.RFC3339))
 	return w.ServerStream.RecvMsg(m)
 }

 func (w *wrappedStream) SendMsg(m interface{}) error {
 	logger("Send a message (Type: %T) at %v", m, time.Now().Format(time.RFC3339))
 	return w.ServerStream.SendMsg(m)
 }

 func newWrappedStream(s grpc.ServerStream) grpc.ServerStream {
 	return &wrappedStream{s}
 }

 func streamInterceptor(srv interface{}, ss grpc.ServerStream, info *grpc.StreamServerInfo, handler grpc.StreamHandler) error {
 	// authentication (token verification)
 	md, ok := metadata.FromIncomingContext(ss.Context())
 	if !ok {
 		return errMissingMetadata
 	}
 	if !valid(md["authorization"]) {
 		return errInvalidToken
 	}

 	err := handler(srv, newWrappedStream(ss))
 	if err != nil {
 		logger("RPC failed with error %v", err)
 	}
 	return err
 }

 func main() {
 	flag.Parse()

 	lis, err := net.Listen("tcp", fmt.Sprintf(":%d", *port))
 	if err != nil {
 		log.Fatalf("failed to listen: %v", err)
 	}

 	// Create tls based credential.
 	creds, err := credentials.NewServerTLSFromFile(testdata.Path("server1.pem"), testdata.Path("server1.key"))
 	if err != nil {
 		log.Fatalf("failed to create credentials: %v", err)
 	}

 	s := grpc.NewServer(grpc.Creds(creds), grpc.UnaryInterceptor(unaryInterceptor), grpc.StreamInterceptor(streamInterceptor))

 	// Register EchoServer on the server.
 	ecpb.RegisterEchoServer(s, &server{})

 	if err := s.Serve(lis); err != nil {
 		log.Fatalf("failed to serve: %v", err)
 	}
 }
	/*
	*
	* Copyright 2018 gRPC authors.
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*
	*/

	// Binary server is an example server.
	package main

	import (
	"context"
	"flag"
	"fmt"
	"io"
	"log"
	"net"
	"strings"
	"time"

	"google.golang.org/grpc"
	"google.golang.org/grpc/codes"
	"google.golang.org/grpc/credentials"
	ecpb "google.golang.org/grpc/examples/features/proto/echo"
	"google.golang.org/grpc/metadata"
	"google.golang.org/grpc/status"
	"google.golang.org/grpc/testdata"
	)

	var (
	port = flag.Int("port", 50051, "the port to serve on")

	errMissingMetadata = status.Errorf(codes.InvalidArgument, "missing metadata")
	errInvalidToken = status.Errorf(codes.Unauthenticated, "invalid token")
	)

	// logger is to mock a sophisticated logging system. To simplify the example, we just print out the content.
	func logger(format string, a ...interface{}) {
	fmt.Printf("LOG:\t"+format+"\n", a...)
	}

	type server struct{}

	func (s server) UnaryEcho(ctx context.Context, in ecpb.EchoRequest) (*ecpb.EchoResponse, error) {
	fmt.Printf("unary echoing message %q\n", in.Message)
	return &ecpb.EchoResponse{Message: in.Message}, nil
	}

	func (s server) ServerStreamingEcho(in ecpb.EchoRequest, stream ecpb.Echo_ServerStreamingEchoServer) error {
	return status.Error(codes.Unimplemented, "not implemented")
	}

	func (s *server) ClientStreamingEcho(stream ecpb.Echo_ClientStreamingEchoServer) error {
	return status.Error(codes.Unimplemented, "not implemented")
	}

	func (s *server) BidirectionalStreamingEcho(stream ecpb.Echo_BidirectionalStreamingEchoServer) error {
	for {
	in, err := stream.Recv()
	if err != nil {
	if err == io.EOF {
	return nil
	}
	fmt.Printf("server: error receiving from stream: %v\n", err)
	return err
	}
	fmt.Printf("bidi echoing message %q\n", in.Message)
	stream.Send(&ecpb.EchoResponse{Message: in.Message})
	}
	}

	// valid validates the authorization.
	func valid(authorization []string) bool {
	if len(authorization) < 1 {
	return false
	}
	token := strings.TrimPrefix(authorization[0], "Bearer ")
	// Perform the token validation here. For the sake of this example, the code
	// here forgoes any of the usual OAuth2 token validation and instead checks
	// for a token matching an arbitrary string.
	return token == "some-secret-token"
	}

	func unaryInterceptor(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (interface{}, error) {
	// authentication (token verification)
	md, ok := metadata.FromIncomingContext(ctx)
	if !ok {
	return nil, errMissingMetadata
	}
	if !valid(md["authorization"]) {
	return nil, errInvalidToken
	}
	m, err := handler(ctx, req)
	if err != nil {
	logger("RPC failed with error %v", err)
	}
	return m, err
	}

	// wrappedStream wraps around the embedded grpc.ServerStream, and intercepts the RecvMsg and
	// SendMsg method call.
	type wrappedStream struct {
	grpc.ServerStream
	}

	func (w *wrappedStream) RecvMsg(m interface{}) error {
	logger("Receive a message (Type: %T) at %s", m, time.Now().Format(time.RFC3339))
	return w.ServerStream.RecvMsg(m)
	}

	func (w *wrappedStream) SendMsg(m interface{}) error {
	logger("Send a message (Type: %T) at %v", m, time.Now().Format(time.RFC3339))
	return w.ServerStream.SendMsg(m)
	}

	func newWrappedStream(s grpc.ServerStream) grpc.ServerStream {
	return &wrappedStream{s}
	}

	func streamInterceptor(srv interface{}, ss grpc.ServerStream, info *grpc.StreamServerInfo, handler grpc.StreamHandler) error {
	// authentication (token verification)
	md, ok := metadata.FromIncomingContext(ss.Context())
	if !ok {
	return errMissingMetadata
	}
	if !valid(md["authorization"]) {
	return errInvalidToken
	}

	err := handler(srv, newWrappedStream(ss))
	if err != nil {
	logger("RPC failed with error %v", err)
	}
	return err
	}

	func main() {
	flag.Parse()

	lis, err := net.Listen("tcp", fmt.Sprintf(":%d", *port))
	if err != nil {
	log.Fatalf("failed to listen: %v", err)
	}

	// Create tls based credential.
	creds, err := credentials.NewServerTLSFromFile(testdata.Path("server1.pem"), testdata.Path("server1.key"))
	if err != nil {
	log.Fatalf("failed to create credentials: %v", err)
	}

	s := grpc.NewServer(grpc.Creds(creds), grpc.UnaryInterceptor(unaryInterceptor), grpc.StreamInterceptor(streamInterceptor))

	// Register EchoServer on the server.
	ecpb.RegisterEchoServer(s, &server{})

	if err := s.Serve(lis); err != nil {
	log.Fatalf("failed to serve: %v", err)
	}
	}