def _stub(args):
if args.oauth_scope:
if args.test_case == 'oauth2_auth_token':
# TODO(jtattermusch): This testcase sets the auth metadata key-value
# manually, which also means that the user would need to do the same
# thing every time he/she would like to use and out of band oauth token.
# The transformer function that produces the metadata key-value from
# the access token should be provided by gRPC auth library.
access_token = _oauth_access_token(args)
metadata_transformer = lambda x: [
('authorization', 'Bearer %s' % access_token)]
else:
metadata_transformer = lambda x: [
('authorization', 'Bearer %s' % _oauth_access_token(args))]
else:
metadata_transformer = lambda x: []
if args.use_tls:
if args.use_test_ca:
root_certificates = resources.test_root_certificates()
else:
root_certificates = None # will load default roots.
channel = test_utilities.not_really_secure_channel(
args.server_host, args.server_port,
implementations.ssl_channel_credentials(root_certificates, None, None),
args.server_host_override)
stub = test_pb2.beta_create_TestService_stub(
channel, metadata_transformer=metadata_transformer)
else:
channel = implementations.insecure_channel(
args.server_host, args.server_port)
stub = test_pb2.beta_create_TestService_stub(channel)
return stub
def _stub(args):
if args.oauth_scope:
if args.test_case == "oauth2_auth_token":
# TODO(jtattermusch): This testcase sets the auth metadata key-value
# manually, which also means that the user would need to do the same
# thing every time he/she would like to use and out of band oauth token.
# The transformer function that produces the metadata key-value from
# the access token should be provided by gRPC auth library.
access_token = _oauth_access_token(args)
metadata_transformer = lambda x: [("authorization", "Bearer %s" % access_token)]
else:
metadata_transformer = lambda x: [("authorization", "Bearer %s" % _oauth_access_token(args))]
else:
metadata_transformer = lambda x: []
if args.use_tls:
if args.use_test_ca:
root_certificates = resources.test_root_certificates()
else:
root_certificates = None # will load default roots.
channel = test_utilities.not_really_secure_channel(
args.server_host,
args.server_port,
implementations.ssl_channel_credentials(root_certificates),
args.server_host_override,
)
stub = test_pb2.beta_create_TestService_stub(channel, metadata_transformer=metadata_transformer)
else:
channel = implementations.insecure_channel(args.server_host, args.server_port)
stub = test_pb2.beta_create_TestService_stub(channel)
return stub
def _stub(args):
if args.test_case == 'oauth2_auth_token':
creds = oauth2client_client.GoogleCredentials.get_application_default()
scoped_creds = creds.create_scoped([args.oauth_scope])
access_token = scoped_creds.get_access_token().access_token
call_creds = implementations.access_token_call_credentials(
access_token)
elif args.test_case == 'compute_engine_creds':
creds = oauth2client_client.GoogleCredentials.get_application_default()
scoped_creds = creds.create_scoped([args.oauth_scope])
call_creds = implementations.google_call_credentials(scoped_creds)
else:
call_creds = None
if args.use_tls:
if args.use_test_ca:
root_certificates = resources.test_root_certificates()
else:
root_certificates = None # will load default roots.
channel_creds = implementations.ssl_channel_credentials(
root_certificates)
if call_creds is not None:
channel_creds = implementations.composite_channel_credentials(
channel_creds, call_creds)
channel = test_utilities.not_really_secure_channel(
args.server_host, args.server_port, channel_creds,
args.server_host_override)
stub = test_pb2.beta_create_TestService_stub(channel)
else:
channel = implementations.insecure_channel(args.server_host,
args.server_port)
stub = test_pb2.beta_create_TestService_stub(channel)
return stub
def _stub(args):
if args.test_case == 'oauth2_auth_token':
creds = oauth2client_client.GoogleCredentials.get_application_default()
scoped_creds = creds.create_scoped([args.oauth_scope])
access_token = scoped_creds.get_access_token().access_token
call_creds = implementations.access_token_call_credentials(access_token)
elif args.test_case == 'compute_engine_creds':
creds = oauth2client_client.GoogleCredentials.get_application_default()
scoped_creds = creds.create_scoped([args.oauth_scope])
call_creds = implementations.google_call_credentials(scoped_creds)
elif args.test_case == 'jwt_token_creds':
creds = oauth2client_client.GoogleCredentials.get_application_default()
call_creds = implementations.google_call_credentials(creds)
else:
call_creds = None
if args.use_tls:
if args.use_test_ca:
root_certificates = resources.test_root_certificates()
else:
root_certificates = None # will load default roots.
channel_creds = implementations.ssl_channel_credentials(root_certificates)
if call_creds is not None:
channel_creds = implementations.composite_channel_credentials(
channel_creds, call_creds)
channel = test_utilities.not_really_secure_channel(
args.server_host, args.server_port, channel_creds,
args.server_host_override)
stub = test_pb2.beta_create_TestService_stub(channel)
else:
channel = implementations.insecure_channel(
args.server_host, args.server_port)
stub = test_pb2.beta_create_TestService_stub(channel)
return stub
def setUp(self):
self.server = test_pb2.beta_create_TestService_server(methods.TestService())
port = self.server.add_secure_port(
'[::]:0', implementations.ssl_server_credentials(
[(resources.private_key(), resources.certificate_chain())]))
self.server.start()
self.stub = test_pb2.beta_create_TestService_stub(
test_utilities.not_really_secure_channel(
'[::]', port, implementations.ssl_channel_credentials(
resources.test_root_certificates()),
_SERVER_HOST_OVERRIDE))
def setUp(self):
self.server = test_pb2.beta_create_TestService_server(methods.TestService())
port = self.server.add_secure_port(
'[::]:0', implementations.ssl_server_credentials(
[(resources.private_key(), resources.certificate_chain())]))
self.server.start()
self.stub = test_pb2.beta_create_TestService_stub(
test_utilities.not_really_secure_channel(
'[::]', port, implementations.ssl_channel_credentials(
resources.test_root_certificates()),
_SERVER_HOST_OVERRIDE))
def _get_channel(target, args):
if args.use_tls:
if args.use_test_ca:
root_certificates = resources.test_root_certificates()
else:
root_certificates = None # will load default roots.
channel_credentials = grpc.ssl_channel_credentials(
root_certificates=root_certificates)
options = (('grpc.ssl_target_name_override', args.server_host_override,),)
return grpc.secure_channel(
target, channel_credentials, options=options)
else:
return grpc.insecure_channel(target)
def setUp(self):
self.server = grpc.server(futures.ThreadPoolExecutor(max_workers=10))
test_pb2.add_TestServiceServicer_to_server(
methods.TestService(), self.server)
port = self.server.add_secure_port(
'[::]:0', grpc.ssl_server_credentials(
[(resources.private_key(), resources.certificate_chain())]))
self.server.start()
self.stub = test_pb2.TestServiceStub(
grpc.secure_channel(
'localhost:{}'.format(port),
grpc.ssl_channel_credentials(resources.test_root_certificates()),
(('grpc.ssl_target_name_override', _SERVER_HOST_OVERRIDE,),)))
def setUp(self):
self.server = grpc.server(futures.ThreadPoolExecutor(max_workers=10))
test_pb2_grpc.add_TestServiceServicer_to_server(methods.TestService(),
self.server)
port = self.server.add_secure_port(
'[::]:0',
grpc.ssl_server_credentials(
[(resources.private_key(), resources.certificate_chain())]))
self.server.start()
self.stub = test_pb2_grpc.TestServiceStub(
grpc.secure_channel('localhost:{}'.format(port),
grpc.ssl_channel_credentials(
resources.test_root_certificates()), (
('grpc.ssl_target_name_override',
_SERVER_HOST_OVERRIDE,),)))
def _stub(args):
target = '{}:{}'.format(args.server_host, args.server_port)
if args.test_case == 'oauth2_auth_token':
google_credentials, unused_project_id = google_auth.default(
scopes=[args.oauth_scope])
google_credentials.refresh(google_auth.transport.requests.Request())
call_credentials = grpc.access_token_call_credentials(
google_credentials.token)
elif args.test_case == 'compute_engine_creds':
google_credentials, unused_project_id = google_auth.default(
scopes=[args.oauth_scope])
call_credentials = grpc.metadata_call_credentials(
google_auth.transport.grpc.AuthMetadataPlugin(
credentials=google_credentials,
request=google_auth.transport.requests.Request()))
elif args.test_case == 'jwt_token_creds':
google_credentials = google_auth_jwt.OnDemandCredentials.from_service_account_file(
os.environ[google_auth.environment_vars.CREDENTIALS])
call_credentials = grpc.metadata_call_credentials(
google_auth.transport.grpc.AuthMetadataPlugin(
credentials=google_credentials, request=None))
else:
call_credentials = None
if args.use_tls:
if args.use_test_ca:
root_certificates = resources.test_root_certificates()
else:
root_certificates = None # will load default roots.
channel_credentials = grpc.ssl_channel_credentials(root_certificates)
if call_credentials is not None:
channel_credentials = grpc.composite_channel_credentials(
channel_credentials, call_credentials)
channel_opts = None
if args.server_host_override:
channel_opts = ((
'grpc.ssl_target_name_override',
args.server_host_override,
), )
channel = grpc.secure_channel(target, channel_credentials,
channel_opts)
else:
channel = grpc.insecure_channel(target)
if args.test_case == "unimplemented_service":
return test_pb2_grpc.UnimplementedServiceStub(channel)
else:
return test_pb2_grpc.TestServiceStub(channel)
def _get_channel(target, args):
if args.use_tls:
if args.use_test_ca:
root_certificates = resources.test_root_certificates()
else:
root_certificates = None # will load default roots.
channel_credentials = grpc.ssl_channel_credentials(
root_certificates=root_certificates)
options = (('grpc.ssl_target_name_override', args.server_host_override,),)
channel = grpc.secure_channel(target, channel_credentials, options=options)
else:
channel = grpc.insecure_channel(target)
# waits for the channel to be ready before we start sending messages
grpc.channel_ready_future(channel).result()
return channel
def setUp(self):
self.server = test_common.test_server()
test_pb2_grpc.add_TestServiceServicer_to_server(service.TestService(),
self.server)
port = self.server.add_secure_port(
'[::]:0',
grpc.ssl_server_credentials([(resources.private_key(),
resources.certificate_chain())]))
self.server.start()
self.stub = test_pb2_grpc.TestServiceStub(
grpc.secure_channel('localhost:{}'.format(port),
grpc.ssl_channel_credentials(
resources.test_root_certificates()), ((
'grpc.ssl_target_name_override',
_SERVER_HOST_OVERRIDE,
),)))
async def setUp(self):
server_credentials = grpc.ssl_server_credentials([
(resources.private_key(), resources.certificate_chain())
])
channel_credentials = grpc.ssl_channel_credentials(
resources.test_root_certificates())
channel_options = ((
'grpc.ssl_target_name_override',
_SERVER_HOST_OVERRIDE,
), )
address, self._server = await start_test_server(
secure=True, server_credentials=server_credentials)
self._channel = aio.secure_channel(address, channel_credentials,
channel_options)
self._stub = test_pb2_grpc.TestServiceStub(self._channel)
def _stub(args):
target = '{}:{}'.format(args.server_host, args.server_port)
if args.test_case == 'oauth2_auth_token':
google_credentials, unused_project_id = google_auth.default(
scopes=[args.oauth_scope])
google_credentials.refresh(google_auth.transport.requests.Request())
call_credentials = grpc.access_token_call_credentials(
google_credentials.token)
elif args.test_case == 'compute_engine_creds':
google_credentials, unused_project_id = google_auth.default(
scopes=[args.oauth_scope])
call_credentials = grpc.metadata_call_credentials(
google_auth.transport.grpc.AuthMetadataPlugin(
credentials=google_credentials,
request=google_auth.transport.requests.Request()))
elif args.test_case == 'jwt_token_creds':
google_credentials = google_auth_jwt.OnDemandCredentials.from_service_account_file(
os.environ[google_auth.environment_vars.CREDENTIALS])
call_credentials = grpc.metadata_call_credentials(
google_auth.transport.grpc.AuthMetadataPlugin(
credentials=google_credentials, request=None))
else:
call_credentials = None
if args.use_tls:
if args.use_test_ca:
root_certificates = resources.test_root_certificates()
else:
root_certificates = None # will load default roots.
channel_credentials = grpc.ssl_channel_credentials(root_certificates)
if call_credentials is not None:
channel_credentials = grpc.composite_channel_credentials(
channel_credentials, call_credentials)
channel_opts = None
if args.server_host_override:
channel_opts = ((
'grpc.ssl_target_name_override',
args.server_host_override,
),)
channel = grpc.secure_channel(target, channel_credentials, channel_opts)
else:
channel = grpc.insecure_channel(target)
if args.test_case == "unimplemented_service":
return test_pb2_grpc.UnimplementedServiceStub(channel)
else:
return test_pb2_grpc.TestServiceStub(channel)
def _get_channel(target, args):
if args.use_tls:
if args.use_test_ca:
root_certificates = resources.test_root_certificates()
else:
root_certificates = None # will load default roots.
channel_credentials = grpc.ssl_channel_credentials(
root_certificates=root_certificates)
options = ((
'grpc.ssl_target_name_override',
args.server_host_override,
), )
return grpc.secure_channel(target,
channel_credentials,
options=options)
else:
return grpc.insecure_channel(target)
def _stub(args):
target = '{}:{}'.format(args.server_host, args.server_port)
if args.test_case == 'oauth2_auth_token':
google_credentials = _application_default_credentials()
scoped_credentials = google_credentials.create_scoped(
[args.oauth_scope])
access_token = scoped_credentials.get_access_token().access_token
call_credentials = grpc.access_token_call_credentials(access_token)
elif args.test_case == 'compute_engine_creds':
google_credentials = _application_default_credentials()
scoped_credentials = google_credentials.create_scoped(
[args.oauth_scope])
# TODO(https://github.com/grpc/grpc/issues/6799): Eliminate this last
# remaining use of the Beta API.
call_credentials = implementations.google_call_credentials(
scoped_credentials)
elif args.test_case == 'jwt_token_creds':
google_credentials = _application_default_credentials()
# TODO(https://github.com/grpc/grpc/issues/6799): Eliminate this last
# remaining use of the Beta API.
call_credentials = implementations.google_call_credentials(
google_credentials)
else:
call_credentials = None
if args.use_tls:
if args.use_test_ca:
root_certificates = resources.test_root_certificates()
else:
root_certificates = None # will load default roots.
channel_credentials = grpc.ssl_channel_credentials(root_certificates)
if call_credentials is not None:
channel_credentials = grpc.composite_channel_credentials(
channel_credentials, call_credentials)
channel = grpc.secure_channel(target, channel_credentials, ((
'grpc.ssl_target_name_override',
args.server_host_override,
), ))
else:
channel = grpc.insecure_channel(target)
if args.test_case == "unimplemented_service":
return test_pb2.UnimplementedServiceStub(channel)
else:
return test_pb2.TestServiceStub(channel)
def _get_channel(target, args):
if args.use_tls:
if args.use_test_ca:
root_certificates = resources.test_root_certificates()
else:
root_certificates = None # will load default roots.
channel_credentials = grpc.ssl_channel_credentials(
root_certificates=root_certificates)
options = (('grpc.ssl_target_name_override',
args.server_host_override,),)
channel = grpc.secure_channel(
target, channel_credentials, options=options)
else:
channel = grpc.insecure_channel(target)
# waits for the channel to be ready before we start sending messages
grpc.channel_ready_future(channel).result()
return channel
def _stub(args):
target = '{}:{}'.format(args.server_host, args.server_port)
if args.test_case == 'oauth2_auth_token':
google_credentials = _application_default_credentials()
scoped_credentials = google_credentials.create_scoped(
[args.oauth_scope])
access_token = scoped_credentials.get_access_token().access_token
call_credentials = grpc.access_token_call_credentials(access_token)
elif args.test_case == 'compute_engine_creds':
google_credentials = _application_default_credentials()
scoped_credentials = google_credentials.create_scoped(
[args.oauth_scope])
# TODO(https://github.com/grpc/grpc/issues/6799): Eliminate this last
# remaining use of the Beta API.
call_credentials = implementations.google_call_credentials(
scoped_credentials)
elif args.test_case == 'jwt_token_creds':
google_credentials = _application_default_credentials()
# TODO(https://github.com/grpc/grpc/issues/6799): Eliminate this last
# remaining use of the Beta API.
call_credentials = implementations.google_call_credentials(
google_credentials)
else:
call_credentials = None
if args.use_tls:
if args.use_test_ca:
root_certificates = resources.test_root_certificates()
else:
root_certificates = None # will load default roots.
channel_credentials = grpc.ssl_channel_credentials(root_certificates)
if call_credentials is not None:
channel_credentials = grpc.composite_channel_credentials(
channel_credentials, call_credentials)
channel = grpc.secure_channel(target, channel_credentials, ((
'grpc.ssl_target_name_override',
args.server_host_override,),))
else:
channel = grpc.insecure_channel(target)
if args.test_case == "unimplemented_service":
return test_pb2.UnimplementedServiceStub(channel)
else:
return test_pb2.TestServiceStub(channel)
def get_secure_channel_parameters(args):
call_credentials = _create_call_credentials(args)
channel_opts = ()
if args.grpc_test_use_grpclb_with_child_policy:
channel_opts += ((
"grpc.service_config",
'{"loadBalancingConfig": [{"grpclb": {"childPolicy": [{"%s": {}}]}}]}'
% args.grpc_test_use_grpclb_with_child_policy), )
if args.custom_credentials_type is not None:
if args.custom_credentials_type == "compute_engine_channel_creds":
assert call_credentials is None
google_credentials, unused_project_id = google_auth.default(
scopes=[args.oauth_scope])
call_creds = grpc.metadata_call_credentials(
google_auth.transport.grpc.AuthMetadataPlugin(
credentials=google_credentials,
request=google_auth.transport.requests.Request()))
channel_credentials = grpc.compute_engine_channel_credentials(
call_creds)
else:
raise ValueError("Unknown credentials type '{}'".format(
args.custom_credentials_type))
elif args.use_tls:
if args.use_test_ca:
root_certificates = resources.test_root_certificates()
else:
root_certificates = None # will load default roots.
channel_credentials = grpc.ssl_channel_credentials(root_certificates)
if call_credentials is not None:
channel_credentials = grpc.composite_channel_credentials(
channel_credentials, call_credentials)
if args.server_host_override:
channel_opts += ((
'grpc.ssl_target_name_override',
args.server_host_override,
), )
elif args.use_alts:
channel_credentials = grpc.alts_channel_credentials()
return channel_credentials, channel_opts
def get_secure_channel_parameters(args):
call_credentials = _create_call_credentials(args)
if args.use_test_ca:
root_certificates = resources.test_root_certificates()
else:
root_certificates = None # will load default roots.
channel_credentials = grpc.ssl_channel_credentials(root_certificates)
if call_credentials is not None:
channel_credentials = grpc.composite_channel_credentials(
channel_credentials, call_credentials)
channel_opts = None
if args.server_host_override:
channel_opts = ((
'grpc.ssl_target_name_override',
args.server_host_override,
), )
return channel_credentials, channel_opts
