1/*
2 *
3 * Copyright 2018 gRPC authors.
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at
8 *
9 *     http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 */
18
19// This binary can only run on Google Cloud Platform (GCP).
20package main
21
22import (
23	"context"
24	"flag"
25	"net"
26	"strings"
27
28	"google.golang.org/grpc"
29	"google.golang.org/grpc/credentials/alts"
30	"google.golang.org/grpc/grpclog"
31	"google.golang.org/grpc/interop"
32	"google.golang.org/grpc/tap"
33
34	testgrpc "google.golang.org/grpc/interop/grpc_testing"
35)
36
37const (
38	udsAddrPrefix = "unix:"
39)
40
41var (
42	hsAddr     = flag.String("alts_handshaker_service_address", "", "ALTS handshaker gRPC service address")
43	serverAddr = flag.String("server_address", ":8080", "The address on which the server is listening. Only two types of addresses are supported, 'host:port' and 'unix:/path'.")
44
45	logger = grpclog.Component("interop")
46)
47
48func main() {
49	flag.Parse()
50
51	// If the server address starts with `unix:`, then we have a UDS address.
52	network := "tcp"
53	address := *serverAddr
54	if strings.HasPrefix(address, udsAddrPrefix) {
55		network = "unix"
56		address = strings.TrimPrefix(address, udsAddrPrefix)
57	}
58	lis, err := net.Listen(network, address)
59	if err != nil {
60		logger.Fatalf("gRPC Server: failed to start the server at %v: %v", address, err)
61	}
62	opts := alts.DefaultServerOptions()
63	if *hsAddr != "" {
64		opts.HandshakerServiceAddress = *hsAddr
65	}
66	altsTC := alts.NewServerCreds(opts)
67	grpcServer := grpc.NewServer(grpc.Creds(altsTC), grpc.InTapHandle(authz))
68	testgrpc.RegisterTestServiceServer(grpcServer, interop.NewTestServer())
69	grpcServer.Serve(lis)
70}
71
72// authz shows how to access client information at the server side to perform
73// application-layer authorization checks.
74func authz(ctx context.Context, info *tap.Info) (context.Context, error) {
75	authInfo, err := alts.AuthInfoFromContext(ctx)
76	if err != nil {
77		return nil, err
78	}
79	// Access all alts.AuthInfo data:
80	logger.Infof("authInfo.ApplicationProtocol() = %v", authInfo.ApplicationProtocol())
81	logger.Infof("authInfo.RecordProtocol() = %v", authInfo.RecordProtocol())
82	logger.Infof("authInfo.SecurityLevel() = %v", authInfo.SecurityLevel())
83	logger.Infof("authInfo.PeerServiceAccount() = %v", authInfo.PeerServiceAccount())
84	logger.Infof("authInfo.LocalServiceAccount() = %v", authInfo.LocalServiceAccount())
85	logger.Infof("authInfo.PeerRPCVersions() = %v", authInfo.PeerRPCVersions())
86	logger.Infof("info.FullMethodName = %v", info.FullMethodName)
87	return ctx, nil
88}
89