astelm
/
grpcurl
mirror of https://github.com/fullstorydev/grpcurl.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added alts credential option 

Added flag that sets up ALTS credentials to connect to gRPC services using Application Layer Transport Security.

Reference: https://grpc.io/docs/languages/go/alts/
Fixes: #333
This commit is contained in:
Jonathan Beaulieu 2022-10-22 05:32:22 +00:00
parent 81c624c41f
commit 6a7c4742e2
1 changed files with 23 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
cmd/grpcurl/grpcurl.go
View File

@ -19,6 +19,7 @@ import (
"google.golang.org/grpc" "google.golang.org/grpc"
"google.golang.org/grpc/codes" "google.golang.org/grpc/codes"
"google.golang.org/grpc/credentials" "google.golang.org/grpc/credentials"
"google.golang.org/grpc/credentials/alts"
"google.golang.org/grpc/keepalive" "google.golang.org/grpc/keepalive"
"google.golang.org/grpc/metadata" "google.golang.org/grpc/metadata"
reflectpb "google.golang.org/grpc/reflection/grpc_reflection_v1alpha" reflectpb "google.golang.org/grpc/reflection/grpc_reflection_v1alpha"
@ -55,6 +56,8 @@ var (
Print version.`)) Print version.`))
plaintext = flags.Bool("plaintext", false, prettify(` plaintext = flags.Bool("plaintext", false, prettify(`
Use plain-text HTTP/2 when connecting to server (no TLS).`)) Use plain-text HTTP/2 when connecting to server (no TLS).`))
usealts = flags.Bool("alts", false, prettify(`
Use Application Layer Transport Security (ALTS) when connecting to server.`))
insecure = flags.Bool("insecure", false, prettify(` insecure = flags.Bool("insecure", false, prettify(`
Skip server certificate and domain verification. (NOT SECURE!) Not Skip server certificate and domain verification. (NOT SECURE!) Not
valid with -plaintext option.`)) valid with -plaintext option.`))
@ -281,6 +284,9 @@ func main() {
if *maxMsgSz < 0 { if *maxMsgSz < 0 {
fail(nil, "The -max-msg-sz argument must not be negative.") fail(nil, "The -max-msg-sz argument must not be negative.")
} }
if *plaintext && *usealts {
fail(nil, "The -plaintext and -alts arguments are mutually exclusive.")
}
if *plaintext && *insecure { if *plaintext && *insecure {
fail(nil, "The -plaintext and -insecure arguments are mutually exclusive.") fail(nil, "The -plaintext and -insecure arguments are mutually exclusive.")
} }
@ -290,6 +296,15 @@ func main() {
if *plaintext && *key != "" { if *plaintext && *key != "" {
fail(nil, "The -plaintext and -key arguments are mutually exclusive.") fail(nil, "The -plaintext and -key arguments are mutually exclusive.")
} }
if *usealts && *insecure {
fail(nil, "The -alts and -insecure arguments are mutually exclusive.")
}
if *usealts && *cert != "" {
fail(nil, "The -alts and -cert arguments are mutually exclusive.")
}
if *usealts && *key != "" {
fail(nil, "The -alts and -key arguments are mutually exclusive.")
}
if (*key == "") != (*cert == "") { if (*key == "") != (*cert == "") {
fail(nil, "The -cert and -key arguments must be used together and both be present.") fail(nil, "The -cert and -key arguments must be used together and both be present.")
} }
@ -407,7 +422,14 @@ func main() {
opts = append(opts, grpc.WithDefaultCallOptions(grpc.MaxCallRecvMsgSize(*maxMsgSz))) opts = append(opts, grpc.WithDefaultCallOptions(grpc.MaxCallRecvMsgSize(*maxMsgSz)))
} }
var creds credentials.TransportCredentials var creds credentials.TransportCredentials
if !*plaintext { if *plaintext {
if *authority != "" {
opts = append(opts, grpc.WithAuthority(*authority))
}
} else if *usealts {
creds = alts.NewClientCreds(alts.DefaultClientOptions())
} else {
// Use TLS
tlsConf, err := grpcurl.ClientTLSConfig(*insecure, *cacert, *cert, *key) tlsConf, err := grpcurl.ClientTLSConfig(*insecure, *cacert, *cert, *key)
if err != nil { if err != nil {
fail(err, "Failed to create TLS config") fail(err, "Failed to create TLS config")
@ -440,8 +462,6 @@ func main() {
if overrideName != "" { if overrideName != "" {
opts = append(opts, grpc.WithAuthority(overrideName)) opts = append(opts, grpc.WithAuthority(overrideName))
} }
} else if *authority != "" {
opts = append(opts, grpc.WithAuthority(*authority))
} }
grpcurlUA := "grpcurl/" + version grpcurlUA := "grpcurl/" + version