def testSecureNoCert(self): handler = grpc.method_handlers_generic_handler('test', { 'UnaryUnary': grpc.unary_unary_rpc_method_handler(handle_unary_unary) }) server = test_common.test_server() server.add_generic_rpc_handlers((handler,)) server_cred = grpc.ssl_server_credentials(_SERVER_CERTS) port = server.add_secure_port('[::]:0', server_cred) server.start() channel_creds = grpc.ssl_channel_credentials( root_certificates=_TEST_ROOT_CERTIFICATES) channel = grpc.secure_channel( 'localhost:{}'.format(port), channel_creds, options=_PROPERTY_OPTIONS) response = channel.unary_unary(_UNARY_UNARY)(_REQUEST) channel.close() server.stop(None) auth_data = pickle.loads(response) self.assertIsNone(auth_data[_ID]) self.assertIsNone(auth_data[_ID_KEY]) self.assertDictEqual({ 'transport_security_type': [b'ssl'], 'ssl_session_reused': [b'false'], }, auth_data[_AUTH_CTX])
def __init__(self, control_address, worker_count, credentials=None): self._worker_count = worker_count self._worker_index = 0 if credentials is None: logging.info('Creating insecure control channel.') self._control_channel = grpc.insecure_channel(control_address) else: logging.info('Creating secure control channel.') self._control_channel = grpc.secure_channel(control_address, credentials) grpc.channel_ready_future(self._control_channel).result(timeout=60) logging.info('Control channel established.') self._control_channel = grpc.intercept_channel( self._control_channel, WorkerIdInterceptor()) self._data_channel_factory = data_plane.GrpcClientDataChannelFactory( credentials) self._state_handler_factory = GrpcStateHandlerFactory() self.workers = queue.Queue() # one thread is enough for getting the progress report. # Assumption: # Progress report generation should not do IO or wait on other resources. # Without wait, having multiple threads will not improve performance and # will only add complexity. self._progress_thread_pool = futures.ThreadPoolExecutor(max_workers=1) self._process_thread_pool = futures.ThreadPoolExecutor( max_workers=self._worker_count) self._instruction_id_vs_worker = {} self._fns = {} self._responses = queue.Queue() self._process_bundle_queue = queue.Queue() self._unscheduled_process_bundle = set() logging.info('Initializing SDKHarness with %s workers.', self._worker_count)
def __init__(self, addr='localhost:9080', credentials=None, options=None): if credentials is None: self.channel = grpc.insecure_channel(addr, options) else: self.channel = grpc.secure_channel(addr, credentials, options) self.stub = api_grpc.DgraphStub(self.channel)
def __init__( self, hostname, port=50051, cacert=SERVER_CA, username=None, password=None, sessionid=None, ): super(SecureClient, self).__init__(hostname, port) server_ca = open(cacert, "r").read() if sessionid: call_creds = metadata_call_credentials(SessionIdCallCredentials(sessionid)) else: call_creds = metadata_call_credentials( UsernamePasswordCallCredentials(username, password) ) chan_creds = ssl_channel_credentials(server_ca) chan_creds = composite_channel_credentials(chan_creds, call_creds) self.channel = grpc.secure_channel( "%s:%d" % (self.hostname, self.port), chan_creds ) self.stub = xos_pb2_grpc.xosStub(self.channel) self.modeldefs = modeldefs_pb2_grpc.modeldefsStub(self.channel) self.utility = utility_pb2_grpc.utilityStub(self.channel) self.xos_orm = orm.ORMStub(self.stub, "xos")
def __init__(self, host, port, timeout, user, password, creds=None, options=None): """This class creates grpc calls using python. :param username: Username for device login :param password: Password for device login :param host: The ip address for the device :param port: The port for the device :param timeout: how long before the rpc call timesout :param creds: Input of the pem file :param options: TLS server name :type password: str :type username: str :type server: str :type port: int :type timeout:int :type creds: str :type options: str """ if creds != None: self._target = '%s:%d' % (host, port) self._creds = implementations.ssl_channel_credentials(creds) self._options = options channel = grpc.secure_channel( self._target, self._creds, (('grpc.ssl_target_name_override', self._options,),)) self._channel = implementations.Channel(channel) else: self._host = host self._port = port self._channel = implementations.insecure_channel(self._host, self._port) self._stub = ems_grpc_pb2.beta_create_gRPCConfigOper_stub(self._channel) self._timeout = int(timeout) self._metadata = [('username', user), ('password', password)]
def make_secure_stub(credentials, user_agent, stub_class, host): """Makes a secure stub for an RPC service. Uses / depends on gRPC. :type credentials: :class:`oauth2client.client.OAuth2Credentials` :param credentials: The OAuth2 Credentials to use for creating access tokens. :type user_agent: str :param user_agent: (Optional) The user agent to be used with API requests. :type stub_class: type :param stub_class: A gRPC stub type for a given service. :type host: str :param host: The host for the service. :rtype: object, instance of ``stub_class`` :returns: The stub object used to make gRPC requests to a given API. """ # ssl_channel_credentials() loads root certificates from # `grpc/_adapter/credentials/roots.pem`. transport_creds = grpc.ssl_channel_credentials() custom_metadata_plugin = MetadataPlugin(credentials, user_agent) auth_creds = grpc.metadata_call_credentials( custom_metadata_plugin, name='google_creds') channel_creds = grpc.composite_channel_credentials( transport_creds, auth_creds) target = '%s:%d' % (host, http_client.HTTPS_PORT) channel = grpc.secure_channel(target, channel_creds) return stub_class(channel)
def testSecureClientCert(self): handler = grpc.method_handlers_generic_handler('test', { 'UnaryUnary': grpc.unary_unary_rpc_method_handler(handle_unary_unary) }) server = test_common.test_server() server.add_generic_rpc_handlers((handler,)) server_cred = grpc.ssl_server_credentials( _SERVER_CERTS, root_certificates=_TEST_ROOT_CERTIFICATES, require_client_auth=True) port = server.add_secure_port('[::]:0', server_cred) server.start() channel_creds = grpc.ssl_channel_credentials( root_certificates=_TEST_ROOT_CERTIFICATES, private_key=_PRIVATE_KEY, certificate_chain=_CERTIFICATE_CHAIN) channel = grpc.secure_channel( 'localhost:{}'.format(port), channel_creds, options=_PROPERTY_OPTIONS) response = channel.unary_unary(_UNARY_UNARY)(_REQUEST) channel.close() server.stop(None) auth_data = pickle.loads(response) auth_ctx = auth_data[_AUTH_CTX] six.assertCountEqual(self, _CLIENT_IDS, auth_data[_ID]) self.assertEqual('x509_subject_alternative_name', auth_data[_ID_KEY]) self.assertSequenceEqual([b'ssl'], auth_ctx['transport_security_type']) self.assertSequenceEqual([b'*.test.google.com'], auth_ctx['x509_common_name'])
def MakeSecureChannel(target): """Creates grpc secure channel. Args: target: str, The server address, for example: bigtableadmin.googleapis.com:443. Returns: grpc.secure channel. """ credentials = cred_store.Load() # ssl_channel_credentials() loads root certificates from # `grpc/_adapter/credentials/roots.pem`. transport_creds = grpc.ssl_channel_credentials() custom_metadata_plugin = _MetadataPlugin(credentials) auth_creds = grpc.metadata_call_credentials( custom_metadata_plugin, name='google_creds') channel_creds = grpc.composite_channel_credentials( transport_creds, auth_creds) channel_args = ( ('grpc.primary_user_agent', http.MakeUserAgentString(properties.VALUES.metrics.command_name.Get())), ) return grpc.secure_channel(target, channel_creds, options=channel_args)
def getGRPCChannel(ipAddress, port, root_certificates, ssl_target_name_override): # channel = grpc.insecure_channel("{0}:{1}".format(ipAddress, 7051), options = [('grpc.max_message_length', 100*1024*1024)]) # creds = grpc.ssl_channel_credentials(root_certificates=root_certificates, private_key=private_key, certificate_chain=certificate_chain) creds = grpc.ssl_channel_credentials(root_certificates=root_certificates) channel = grpc.secure_channel("{0}:{1}".format(ipAddress, port), creds, options=(('grpc.ssl_target_name_override', ssl_target_name_override,),('grpc.default_authority', ssl_target_name_override,),)) print("Returning GRPC for address: {0}".format(ipAddress)) return channel
def _channel(args): target = '{}:{}'.format(args.server_host, args.server_port) if args.use_tls: channel_credentials = grpc.ssl_channel_credentials() channel = grpc.secure_channel(target, channel_credentials) else: channel = grpc.insecure_channel(target) return channel
def _do_one_shot_client_rpc(self, channel_creds, channel_options, port, expect_ssl_session_reused): channel = grpc.secure_channel( 'localhost:{}'.format(port), channel_creds, options=channel_options) response = channel.unary_unary(_UNARY_UNARY)(_REQUEST) auth_data = pickle.loads(response) self.assertEqual(expect_ssl_session_reused, auth_data[_AUTH_CTX]['ssl_session_reused']) channel.close()
def secure_authorized_channel( credentials, request, target, ssl_credentials=None, **kwargs): """Creates a secure authorized gRPC channel. This creates a channel with SSL and :class:`AuthMetadataPlugin`. This channel can be used to create a stub that can make authorized requests. Example:: import google.auth import google.auth.transport.grpc import google.auth.transport.requests from google.cloud.speech.v1 import cloud_speech_pb2 # Get credentials. credentials, _ = google.auth.default() # Get an HTTP request function to refresh credentials. request = google.auth.transport.requests.Request() # Create a channel. channel = google.auth.transport.grpc.secure_authorized_channel( credentials, 'speech.googleapis.com:443', request) # Use the channel to create a stub. cloud_speech.create_Speech_stub(channel) Args: credentials (google.auth.credentials.Credentials): The credentials to add to requests. request (google.auth.transport.Request): A HTTP transport request object used to refresh credentials as needed. Even though gRPC is a separate transport, there's no way to refresh the credentials without using a standard http transport. target (str): The host and port of the service. ssl_credentials (grpc.ChannelCredentials): Optional SSL channel credentials. This can be used to specify different certificates. kwargs: Additional arguments to pass to :func:`grpc.secure_channel`. Returns: grpc.Channel: The created gRPC channel. """ # Create the metadata plugin for inserting the authorization header. metadata_plugin = AuthMetadataPlugin(credentials, request) # Create a set of grpc.CallCredentials using the metadata plugin. google_auth_credentials = grpc.metadata_call_credentials(metadata_plugin) if ssl_credentials is None: ssl_credentials = grpc.ssl_channel_credentials() # Combine the ssl credentials and the authorization credentials. composite_credentials = grpc.composite_channel_credentials( ssl_credentials, google_auth_credentials) return grpc.secure_channel(target, composite_credentials, **kwargs)
def Main(): try: parser = argparse.ArgumentParser() parser.add_argument('-d','--device', help='Input hostname', required=True) parser.add_argument('-t','--timeout', help='Input time_out value', required=True,type=int) parser.add_argument('-u', '--user', help='Input username', required=True) parser.add_argument('-pw', '--password', help='Input password', required=True) args = parser.parse_args() #Establish grpc channel to jet router creds = grpc.ssl_channel_credentials(open('/tmp/RSA2048.pem').read(), None, None) channel = grpc.secure_channel(args.device + ":32767", creds, options=(('grpc.ssl_target_name_override', _HOST_OVERRIDE,),)) #create stub for authentication services stub = authentication_service_pb2.LoginStub(channel) #Authenticate login_request = authentication_service_pb2.LoginRequest( user_name=args.user, password=args.password, client_id="SampleApp") login_response = stub.LoginCheck(login_request, args.timeout) #Check if authentication is successful if login_response.result == True: print "[INFO] Connected to gRPC Server:" print login_response.result else: print "[ERROR] gRPC Server Connection failed!!!" print login_response.result #Create stub for management services stub = management_service_pb2.ManagementRpcApiStub(channel) print "[INFO] Connected to JSD and created handle to mgd services" for i in range(1): #Provide API request details op_xml_command = "<get-system-uptime-information>" \ "</get-system-uptime-information>" op = management_service_pb2.ExecuteOpCommandRequest( xml_command=op_xml_command, out_format=2, request_id=1000) # Invoke API result = stub.ExecuteOpCommand(op, 100) # Check API response like status and output for i in result: print "[INFO] Invoked ExecuteOpCommand API return code = " print i.status print "[INFO] Return output in CLI format = " print i.data except Exception as ex: print ex
def open_grpc_channel(endpoint): """ open grpc channel: - for http:// we open insecure_channel - for https:// we open secure_channel (with default credentials) - without prefix we open insecure_channel """ if (endpoint.startswith("https://")): return grpc.secure_channel(remove_http_https_prefix(endpoint), grpc.ssl_channel_credentials()) return grpc.insecure_channel(remove_http_https_prefix(endpoint))
def create_channel(target, **kwargs): """Create a secure channel with credentials. Args: target (str): The target service address in the format 'hostname:port'. kwargs: Additional key-word args passed to :func:`grpc_gcp.secure_channel` or :func:`grpc.secure_channel`. Returns: grpc.Channel: The created channel. """ return grpc.secure_channel(target, None, **kwargs)
def secure_authorized_channel( credentials, target, ssl_credentials=None): """Creates a secure authorized gRPC channel.""" if ssl_credentials is None: ssl_credentials = grpc.ssl_channel_credentials() metadata_plugin = AuthMetadataPlugin(credentials) call_credentials = grpc.metadata_call_credentials(metadata_plugin) channel_creds = grpc.composite_channel_credentials( ssl_credentials, call_credentials) return grpc.secure_channel(target, channel_creds)
def connect(self): """ (Re-)Connect to end-point """ if self.shutting_down or self.connected: return try: if self.endpoint.startswith('@'): _endpoint = yield self._get_endpoint_from_consul( self.endpoint[1:]) else: _endpoint = self.endpoint if self.credentials: log.info('securely connecting', endpoint=_endpoint) self.channel = grpc.secure_channel(_endpoint, self.credentials) else: log.info('insecurely connecting', endpoint=_endpoint) self.channel = grpc.insecure_channel(_endpoint) if self.restart_on_disconnect: connectivity_callback = functools.partial(self.connectivity_callback, self) self.channel.subscribe(connectivity_callback) # Delay between initiating connection and executing first gRPC. See CORD-3012. time.sleep(0.5) swagger_from = self._retrieve_schema() self._compile_proto_files(swagger_from) self._clear_backoff() self.connected = True if self.reconnect_callback is not None: reactor.callLater(0, self.reconnect_callback) return except _Rendezvous as e: if e.code() == grpc.StatusCode.UNAVAILABLE: log.info('grpc-endpoint-not-available') else: log.exception('rendezvous error', e=e) yield self._backoff('not-available') except Exception: if not self.shutting_down: log.exception('cannot-connect', endpoint=_endpoint) yield self._backoff('unknown-error') reactor.callLater(0, self.connect)
def create_channel( target, credentials=None, scopes=None, ssl_credentials=None, **kwargs ): """Create a secure channel with credentials. Args: target (str): The target service address in the format 'hostname:port'. credentials (google.auth.credentials.Credentials): The credentials. If not specified, then this function will attempt to ascertain the credentials from the environment using :func:`google.auth.default`. scopes (Sequence[str]): A optional list of scopes needed for this service. These are only used when credentials are not specified and are passed to :func:`google.auth.default`. ssl_credentials (grpc.ChannelCredentials): Optional SSL channel credentials. This can be used to specify different certificates. kwargs: Additional key-word args passed to :func:`grpc_gcp.secure_channel` or :func:`grpc.secure_channel`. Returns: grpc.Channel: The created channel. """ if credentials is None: credentials, _ = google.auth.default(scopes=scopes) else: credentials = google.auth.credentials.with_scopes_if_required( credentials, scopes ) request = google.auth.transport.requests.Request() # Create the metadata plugin for inserting the authorization header. metadata_plugin = google.auth.transport.grpc.AuthMetadataPlugin( credentials, request ) # Create a set of grpc.CallCredentials using the metadata plugin. google_auth_credentials = grpc.metadata_call_credentials(metadata_plugin) if ssl_credentials is None: ssl_credentials = grpc.ssl_channel_credentials() # Combine the ssl credentials and the authorization credentials. composite_credentials = grpc.composite_channel_credentials( ssl_credentials, google_auth_credentials ) if HAS_GRPC_GCP: # If grpc_gcp module is available use grpc_gcp.secure_channel, # otherwise, use grpc.secure_channel to create grpc channel. return grpc_gcp.secure_channel(target, composite_credentials, **kwargs) else: return grpc.secure_channel(target, composite_credentials, **kwargs)
def _get_channel(self): try: creds = grpc.ssl_channel_credentials( root_certificates=self.cert_context) self.channel = \ grpc.secure_channel('{}:{}'.format( self.host, self.port), creds, options=(('grpc.ssl_target_name_override', self.ssl_target_name,), ('grpc.default_authority', self.default_authority),)) except Exception as e: self._logger.error( 'failed to create connection exception: {}'.format( ';'.join(str(e).split('\n\t'))))
def Main(): """ This function handles connections to Sites, Routers and JET firewall and management services """ try: "connection handles to site is optional in case polling to sites on SNMP/DyCOS server" for i in range(1, n+1): creds = grpc.ssl_channel_credentials(open('{}.pem'.format(globals()['S%s_IP' %i])).read()) channel = grpc.secure_channel(globals()['S%s_IP' %i]+':'+PORT, creds) res = _authenticateChannel(channel, USER, PASSWORD, CLIENT_ID) print "Authentication "+('success' if res else 'failure')+' for '+globals()['S%s_IP' %i] if res is False: return S_mgmt_stub = mgd_service_pb2.ManagementRpcApiStub(channel) globals()['mgmt_S%s' % i] = S_mgmt_stub "MX router connection and JET service handles" for i in range(1, n-1): creds = grpc.ssl_channel_credentials(open('{}.pem'.format(globals()['R%s_IP' %i])).read()) channel = grpc.secure_channel(globals()['R%s_IP' %i]+':'+PORT, creds) res = _authenticateChannel(channel, USER, PASSWORD, CLIENT_ID) print "Authentication "+('success' if res else 'failure')+' for '+globals()['R%s_IP' %i] if res is False: return R_fw_stub = firewall_service_pb2.AclServiceStub(channel) R_mgmt_stub = mgd_service_pb2.ManagementRpcApiStub(channel) globals()['mgmt_R%s' % i] = R_mgmt_stub globals()['fw_R%s' % i] = R_fw_stub Initial_Cos_Configs() Get_Site_Latest_Data() except KeyboardInterrupt: pass except Exception as tx: print '%s' % (tx.message) return
def setUp(self): self.server = grpc.server(futures.ThreadPoolExecutor(max_workers=10)) test_pb2.add_TestServiceServicer_to_server( methods.TestService(), self.server) port = self.server.add_secure_port( '[::]:0', grpc.ssl_server_credentials( [(resources.private_key(), resources.certificate_chain())])) self.server.start() self.stub = test_pb2.TestServiceStub( grpc.secure_channel( 'localhost:{}'.format(port), grpc.ssl_channel_credentials(resources.test_root_certificates()), (('grpc.ssl_target_name_override', _SERVER_HOST_OVERRIDE,),)))
def _get_channel(target, args): if args.use_tls: if args.use_test_ca: root_certificates = resources.test_root_certificates() else: root_certificates = None # will load default roots. channel_credentials = grpc.ssl_channel_credentials( root_certificates=root_certificates) options = (('grpc.ssl_target_name_override', args.server_host_override,),) return grpc.secure_channel( target, channel_credentials, options=options) else: return grpc.insecure_channel(target)
def dial(self): if self.stub: self.stub.close() p = urlparse('http://' + self.addr) target = '%s:%s' % (p.hostname, p.port) if self.root_certificates or self.private_key or self.certificate_chain: creds = grpc.ssl_channel_credentials( self.root_certificates, self.private_key, self.certificate_chain) channel = grpc.secure_channel(target, creds) else: channel = grpc.insecure_channel(target) self.stub = vtgateservice_pb2.VitessStub(channel)
def secure_channel(host, port, channel_credentials): """Creates a secure Channel to a remote host. Args: host: The name of the remote host to which to connect. port: The port of the remote host to which to connect. If None only the 'host' part will be used. channel_credentials: A ChannelCredentials. Returns: A secure Channel to the remote host through which RPCs may be conducted. """ channel = grpc.secure_channel(host if port is None else '%s:%d' % (host, port), channel_credentials) return Channel(channel)
def setUp(self): self.server = test_common.test_server() test_pb2_grpc.add_TestServiceServicer_to_server(service.TestService(), self.server) port = self.server.add_secure_port( '[::]:0', grpc.ssl_server_credentials([(resources.private_key(), resources.certificate_chain())])) self.server.start() self.stub = test_pb2_grpc.TestServiceStub( grpc.secure_channel('localhost:{}'.format(port), grpc.ssl_channel_credentials( resources.test_root_certificates()), (( 'grpc.ssl_target_name_override', _SERVER_HOST_OVERRIDE, ),)))
def dial(self): if self.stub: self.stub.close() p = urlparse('http://' + self.addr) target = '%s:%s' % (p.hostname, p.port) if self.root_certificates or self.private_key or self.certificate_chain: creds = grpc.ssl_channel_credentials( self.root_certificates, self.private_key, self.certificate_chain) channel = grpc.secure_channel(target, creds) else: channel = grpc.insecure_channel(target) if self.auth_static_client_creds is not None: channel = grpc_with_metadata.GRPCWithMetadataChannel(channel, self.get_auth_static_client_creds) self.stub = vtgateservice_pb2.VitessStub(channel)
def _create_client_stub( port, expect_success, root_certificates=None, private_key=None, certificate_chain=None,): channel = grpc.secure_channel('localhost:{}'.format(port), grpc.ssl_channel_credentials( root_certificates=root_certificates, private_key=private_key, certificate_chain=certificate_chain)) if expect_success: # per Nathaniel: there's some robustness issue if we start # using a channel without waiting for it to be actually ready grpc.channel_ready_future(channel).result(timeout=10) return services_pb2_grpc.FirstServiceStub(channel)
def _stub(args): target = '{}:{}'.format(args.server_host, args.server_port) if args.test_case == 'oauth2_auth_token': google_credentials, unused_project_id = google_auth.default( scopes=[args.oauth_scope]) google_credentials.refresh(google_auth.transport.requests.Request()) call_credentials = grpc.access_token_call_credentials( google_credentials.token) elif args.test_case == 'compute_engine_creds': google_credentials, unused_project_id = google_auth.default( scopes=[args.oauth_scope]) call_credentials = grpc.metadata_call_credentials( google_auth.transport.grpc.AuthMetadataPlugin( credentials=google_credentials, request=google_auth.transport.requests.Request())) elif args.test_case == 'jwt_token_creds': google_credentials = google_auth_jwt.OnDemandCredentials.from_service_account_file( os.environ[google_auth.environment_vars.CREDENTIALS]) call_credentials = grpc.metadata_call_credentials( google_auth.transport.grpc.AuthMetadataPlugin( credentials=google_credentials, request=None)) else: call_credentials = None if args.use_tls: if args.use_test_ca: root_certificates = resources.test_root_certificates() else: root_certificates = None # will load default roots. channel_credentials = grpc.ssl_channel_credentials(root_certificates) if call_credentials is not None: channel_credentials = grpc.composite_channel_credentials( channel_credentials, call_credentials) channel_opts = None if args.server_host_override: channel_opts = (( 'grpc.ssl_target_name_override', args.server_host_override, ),) channel = grpc.secure_channel(target, channel_credentials, channel_opts) else: channel = grpc.insecure_channel(target) if args.test_case == "unimplemented_service": return test_pb2_grpc.UnimplementedServiceStub(channel) else: return test_pb2_grpc.TestServiceStub(channel)
def channel(target, pem=None, opts=None): """Construct a grpc channel. Args: target: url of target include host:port pem: ssl/tls pem location opts: grpc channel options grpc.default_authority: default authority grpc.ssl_target_name_override: ssl target name override Returns: a grpc channel. """ if pem is None: return grpc.insecure_channel(target, opts) else: with open(pem) as credential: return grpc.secure_channel(target, credential.read(), opts)
def test_secure_channel(target, channel_credentials, server_host_override): """Creates an insecure Channel to a remote host. Args: host: The name of the remote host to which to connect. port: The port of the remote host to which to connect. channel_credentials: The implementations.ChannelCredentials with which to connect. server_host_override: The target name used for SSL host name checking. Returns: An implementations.Channel to the remote host through which RPCs may be conducted. """ channel = grpc.secure_channel(target, channel_credentials, ( ('grpc.ssl_target_name_override', server_host_override,),)) return channel
def create_client_channel(cls, keys: GRPCSecureKeyCollection, host, ssl_auth_type: conf.SSLAuthType): credentials = grpc.ssl_channel_credentials( root_certificates=keys.ssl_root_crt) return grpc.secure_channel(host, credentials)
def get_stub(self): ssl_credentials = grpc.ssl_channel_credentials(self.certificate) channel = grpc.secure_channel('{}:{}'.format(self.host, BROKER_PORT), ssl_credentials) return BrokerStub(channel)
def unary_unary(*args): with grpc.secure_channel( self.address, self.credentials, options=self.secure_channel_options) as channel: return getattr(self.serviceStub(channel), name)(*args)
def run(args, schema, secret): global WaitingFor global Variables try: # Create secure channel with default credentials. channel = None if args.ssl: opts = (('grpc.ssl_target_name_override', args.ssl_host), ) if args.ssl_host else None channel = grpc.secure_channel(args.host, grpc.ssl_channel_credentials(), opts) else: channel = grpc.insecure_channel(args.host) # Call the server stream = pbx.NodeStub(channel).MessageLoop( gen_message(schema, secret, args)) # Read server responses for msg in stream: if msg.HasField("ctrl"): handle_ctrl(msg.ctrl) elif msg.HasField("meta"): what = [] if len(msg.meta.sub) > 0: what.append("sub") if msg.meta.HasField("desc"): what.append("desc") if msg.meta.HasField("del"): what.append("del") if len(msg.meta.tags) > 0: what.append("tags") stdoutln("\r<= meta " + ",".join(what) + " " + msg.meta.topic) if WaitingFor and WaitingFor.await_id == msg.meta.id: if 'varname' in WaitingFor: Variables[WaitingFor.varname] = msg.meta WaitingFor = None elif msg.HasField("data"): stdoutln("\n\rFrom: " + msg.data.from_user_id) stdoutln("Topic: " + msg.data.topic) stdoutln("Seq: " + str(msg.data.seq_id)) if msg.data.head: stdoutln("Headers:") for key in msg.data.head: stdoutln("\t" + key + ": " + str(msg.data.head[key])) stdoutln(json.loads(msg.data.content)) elif msg.HasField("pres"): pass elif msg.HasField("info"): what = "unknown" if msg.info.what == pb.READ: what = "read" elif msg.info.what == pb.RECV: what = "recv" elif msg.info.what == pb.KP: what = "kp" stdoutln("\rMessage #" + str(msg.info.seq_id) + " " + what + " by " + msg.info.from_user_id + "; topic=" + msg.info.topic + " (" + msg.topic + ")") else: stdoutln("\rMessage type not handled" + str(msg)) except grpc.RpcError as err: # print(err) printerr("gRPC failed with {0}: {1}".format(err.code(), err.details())) except Exception as ex: printerr("Request failed: {0}".format(ex)) # print(traceback.format_exc()) finally: printout('Shutting down...') channel.close() if InputThread != None: InputThread.join(0.3)
import grpc from consts import PORT, SERVER_CERT from grpc_generated_files import api_pb2, api_pb2_grpc def main(stub): request = api_pb2.ApiRequest(name="Shivam", message="Hey there!") response = stub.ApiEndpoint(request) print(response) if __name__ == "__main__": with open(SERVER_CERT, 'rb') as f: server_cert = f.read() creds = grpc.ssl_channel_credentials(server_cert) # the server IP should be in the common name of the certificate channel = grpc.secure_channel(f'localhost:{PORT}', creds) stub = api_pb2_grpc.ApiStub(channel) main(stub)
def grpc_create_channel(settings: HTTPConnectionSettings) -> Channel: target = f'{settings.host}:{settings.port}' options = [('grpc.max_send_message_length', -1), ('grpc.max_receive_message_length', -1)] if settings.oauth: # noinspection PyPackageRequirements from google.auth.transport.grpc import secure_authorized_channel # noinspection PyPackageRequirements from google.auth.transport.requests import Request as RefreshRequester # noinspection PyPackageRequirements from google.oauth2.credentials import Credentials as OAuthCredentials LOG.debug('Using a secure gRPC connection over OAuth:') credentials = OAuthCredentials( token=settings.oauth.token, refresh_token=settings.oauth.refresh_token, id_token=settings.oauth.id_token, token_uri=settings.oauth.token_uri, client_id=settings.oauth.client_id, client_secret=settings.oauth.client_secret) ssl_credentials = None if settings.ssl_settings: cert_chain = read_file_bytes(settings.ssl_settings.cert_file) cert = read_file_bytes(settings.ssl_settings.cert_key_file) ca_cert = read_file_bytes(settings.ssl_settings.ca_file) LOG.debug('Using a secure gRPC connection:') LOG.debug(' target: %s', target) LOG.debug(' root_certificates: contents of %s', settings.ssl_settings.ca_file) LOG.debug(' private_key: contents of %s', settings.ssl_settings.cert_key_file) LOG.debug(' certificate_chain: contents of %s', settings.ssl_settings.cert_file) ssl_credentials = ssl_channel_credentials( root_certificates=ca_cert, private_key=cert, certificate_chain=cert_chain) return secure_authorized_channel(credentials, RefreshRequester(), target, ssl_credentials=ssl_credentials, options=options) if settings.ssl_settings: cert_chain = read_file_bytes(settings.ssl_settings.cert_file) cert = read_file_bytes(settings.ssl_settings.cert_key_file) ca_cert = read_file_bytes(settings.ssl_settings.ca_file) LOG.debug('Using a secure gRPC connection:') LOG.debug(' target: %s', target) LOG.debug(' root_certificates: contents of %s', settings.ssl_settings.ca_file) LOG.debug(' private_key: contents of %s', settings.ssl_settings.cert_key_file) LOG.debug(' certificate_chain: contents of %s', settings.ssl_settings.cert_file) credentials = ssl_channel_credentials(root_certificates=ca_cert, private_key=cert, certificate_chain=cert_chain) return secure_channel(target, credentials, options) else: LOG.debug('Using an insecure gRPC connection...') return insecure_channel(target, options)
def grpc_create_channel(settings: "HTTPConnectionSettings") -> Channel: target = f"{settings.host}:{settings.port}" options = [("grpc.max_send_message_length", -1), ("grpc.max_receive_message_length", -1)] if not settings.enable_http_proxy: options.append(("grpc.enable_http_proxy", 0)) if settings.oauth: from google.auth.transport.grpc import secure_authorized_channel from google.auth.transport.requests import Request as RefreshRequester from google.oauth2.credentials import Credentials as OAuthCredentials LOG.debug("Using a secure gRPC connection over OAuth:") credentials = OAuthCredentials( token=settings.oauth.token, refresh_token=settings.oauth.refresh_token, id_token=settings.oauth.id_token, token_uri=settings.oauth.token_uri, client_id=settings.oauth.client_id, client_secret=settings.oauth.client_secret, ) ssl_credentials = None if settings.ssl_settings: cert_chain = read_file_bytes(settings.ssl_settings.cert_file) cert = read_file_bytes(settings.ssl_settings.cert_key_file) ca_cert = read_file_bytes(settings.ssl_settings.ca_file) LOG.debug("Using a secure gRPC connection:") LOG.debug(" target: %s", target) LOG.debug(" root_certificates: contents of %s", settings.ssl_settings.ca_file) LOG.debug(" private_key: contents of %s", settings.ssl_settings.cert_key_file) LOG.debug(" certificate_chain: contents of %s", settings.ssl_settings.cert_file) ssl_credentials = ssl_channel_credentials( root_certificates=ca_cert, private_key=cert, certificate_chain=cert_chain) return secure_authorized_channel( credentials, RefreshRequester(), target, ssl_credentials=ssl_credentials, options=options, ) if settings.ssl_settings: cert_chain = read_file_bytes(settings.ssl_settings.cert_file) cert = read_file_bytes(settings.ssl_settings.cert_key_file) ca_cert = read_file_bytes(settings.ssl_settings.ca_file) LOG.debug("Using a secure gRPC connection:") LOG.debug(" target: %s", target) LOG.debug(" root_certificates: contents of %s", settings.ssl_settings.ca_file) LOG.debug(" private_key: contents of %s", settings.ssl_settings.cert_key_file) LOG.debug(" certificate_chain: contents of %s", settings.ssl_settings.cert_file) credentials = ssl_channel_credentials(root_certificates=ca_cert, private_key=cert, certificate_chain=cert_chain) return secure_channel(target, credentials, options) else: LOG.debug("Using an insecure gRPC connection...") return insecure_channel(target, options)
import grpc import os from pprint import pprint # import the generated classes import src.tests.definition_pb2 as definition_pb2 import src.tests.definition_pb2_grpc as definition_pb2_grpc # open a gRPC channel # channel = grpc.insecure_channel('localhost:8080') with open('ca.pem', 'rb') as f: creds = grpc.ssl_channel_credentials(f.read()) channel = grpc.secure_channel('127.0.0.1:8080', creds, options=(('grpc.ssl_target_name_override', 'foo.test.google.fr'), )) # create a stub (client) stub = definition_pb2_grpc.FileHandlerAkkaServiceStub(channel) # create a valid request message number = definition_pb2.SayHelloMessage(message="hey it's a me") # make the call response = stub.Greet(number) # et voilà pprint(response.message) if __name__ == '__main__':
import datetime from os import environ import grpc import sb_pb2 import sb_pb2_grpc from utils import timestamp_from_datetime if environ.get("SB_SECURE_CLIENT", None): channel = grpc.secure_channel("api.safeblues.org:8443", grpc.ssl_channel_credentials()) else: channel = grpc.insecure_channel("localhost:5858") client_stub = sb_pb2_grpc.SafeBluesStub(channel) admin_client_stub = sb_pb2_grpc.SafeBluesAdminStub(channel) print(client_stub.PingServer(sb_pb2.Ping(nonce=12345))) admin_client_stub.NewStrand( sb_pb2.Strand( start_time=timestamp_from_datetime(datetime.datetime.utcnow() - datetime.timedelta(days=2)), end_time=timestamp_from_datetime(datetime.datetime.utcnow() + datetime.timedelta(days=2)), seeding_probability=0.1, infection_probability_map_p=0.5, infection_probability_map_k=0.5, infection_probability_map_l=0.5, incubation_period_hours_alpha=2,
def __init__( self, conn_str: str = "", secure: bool = False, metadata: List[Tuple[str, str]] = None, connection_retries: int = 3, _credentials: Optional[grpc.ChannelCredentials] = None, ): """Initializes the worker side grpc client. Args: conn_str: The host:port connection string for the ray server. secure: whether to use SSL secure channel or not. metadata: additional metadata passed in the grpc request headers. connection_retries: Number of times to attempt to reconnect to the ray server if it doesn't respond immediately. Setting to 0 tries at least once. For infinite retries, catch the ConnectionError exception. _credentials: gprc channel credentials. Default ones will be used if None. """ self._client_id = make_client_id() self.metadata = [("client_id", self._client_id) ] + (metadata if metadata else []) self.channel = None self.server = None self._conn_state = grpc.ChannelConnectivity.IDLE self._converted: Dict[str, ClientStub] = {} if secure and _credentials is None: _credentials = grpc.ssl_channel_credentials() if _credentials is not None: self.channel = grpc.secure_channel(conn_str, _credentials, options=GRPC_OPTIONS) else: self.channel = grpc.insecure_channel(conn_str, options=GRPC_OPTIONS) self.channel.subscribe(self._on_channel_state_change) # Retry the connection until the channel responds to something # looking like a gRPC connection, though it may be a proxy. conn_attempts = 0 timeout = INITIAL_TIMEOUT_SEC service_ready = False while conn_attempts < max(connection_retries, 1): conn_attempts += 1 try: # Let gRPC wait for us to see if the channel becomes ready. # If it throws, we couldn't connect. grpc.channel_ready_future(self.channel).result(timeout=timeout) # The HTTP2 channel is ready. Wrap the channel with the # RayletDriverStub, allowing for unary requests. self.server = ray_client_pb2_grpc.RayletDriverStub( self.channel) service_ready = bool(self.ping_server()) if service_ready: break # Ray is not ready yet, wait a timeout time.sleep(timeout) except grpc.FutureTimeoutError: logger.info( f"Couldn't connect channel in {timeout} seconds, retrying") # Note that channel_ready_future constitutes its own timeout, # which is why we do not sleep here. except grpc.RpcError as e: logger.info("Ray client server unavailable, " f"retrying in {timeout}s...") logger.debug(f"Received when checking init: {e.details()}") # Ray is not ready yet, wait a timeout. time.sleep(timeout) # Fallthrough, backoff, and retry at the top of the loop logger.info("Waiting for Ray to become ready on the server, " f"retry in {timeout}s...") timeout = backoff(timeout) # If we made it through the loop without service_ready # it means we've used up our retries and # should error back to the user. if not service_ready: if log_once("ray_client_security_groups"): warnings.warn( "Ray Client connection timed out. Ensure that " "the Ray Client port on the head node is reachable " "from your local machine. See https://docs.ray.io/en" "/latest/cluster/ray-client.html#step-2-check-ports for " "more information.") raise ConnectionError("ray client connection timeout") # Initialize the streams to finish protocol negotiation. self.data_client = DataClient(self.channel, self._client_id, self.metadata) self.reference_count: Dict[bytes, int] = defaultdict(int) self.log_client = LogstreamClient(self.channel, self.metadata) self.log_client.set_logstream_level(logging.INFO) self.closed = False # Track these values to raise a warning if many tasks are being # scheduled self.total_num_tasks_scheduled = 0 self.total_outbound_message_size_bytes = 0
def run(): credentials = grpc.ssl_channel_credentials() with grpc.secure_channel(GRPCBACKEND, credentials) as channel: stub = bidirectional_pb2_grpc.BidirectionalStub(channel) send_message(stub)
def secure_channel_using_kwargs(target, **kwargs): return grpc.secure_channel(target=target, **kwargs)
Библиотеки просто набиты ими. </s> </p> </speak> """), audio_config=tts_pb2.AudioConfig( audio_encoding=tts_pb2.LINEAR16, sample_rate_hertz=sample_rate, ), ) pyaudio_lib = pyaudio.PyAudio() f = pyaudio_lib.open(output=True, channels=1, format=pyaudio.paInt16, rate=sample_rate) stub = tts_pb2_grpc.TextToSpeechStub( grpc.secure_channel(endpoint, grpc.ssl_channel_credentials())) request = build_request() metadata = authorization_metadata(api_key, secret_key, "tinkoff.cloud.tts") responses = stub.StreamingSynthesize(request, metadata=metadata) for key, value in responses.initial_metadata(): if key == "x-audio-num-samples": print("Estimated audio duration is {:.2f} seconds".format( int(value) / sample_rate)) break for stream_response in responses: f.write(stream_response.audio_chunk)
def run(self): with open(r'roots.pem', 'rb') as f: cert = f.read() credentials = grpc.ssl_channel_credentials(root_certificates=cert) channel = grpc.secure_channel('{0}:{1}'.format(self.server, self.port), credentials) util_stub = util_grpc.UtilityServicesStub(channel) req = util.ConnectRequest(UserName=self.user, Domain=self.domain, Password=self.password, Locale=self.locale) connect_response = util_stub.Connect(req) print('Connect result: ', connect_response.Response) if connect_response.Response == 'success': token = connect_response.UserToken ord_stub = ord_grpc.SubmitOrderServiceStub(channel) req = ord.SubscribeOrderInfoRequest(Level=0, UserToken=token) iter = ord_stub.SubscribeOrderInfo(req) t = Thread(target=self.callback, args=(iter, )) t.start() # Place multiple orders in 1 request account = self.account.split(';') ord_request = ord.OrderRow() ord_request.DispName = 'GOOG' ord_request.Buyorsell = 'BUY' ord_request.Volume.value = 1000 ord_request.Bank = account[0] ord_request.Branch = account[1] ord_request.Customer = account[2] ord_request.Deposit = account[3] ord_request.GoodUntil = 'DAY' ord_request.Type = 'UserSubmitOrder' ord_request.Route = self.route ord_request.ExtendedFields['ORDER_TAG'] = 'XAP-{0}'.format( str(uuid4())) ord_request1 = ord.OrderRow() ord_request.DispName = 'MSFT' ord_request.Buyorsell = 'BUY' ord_request.Volume.value = 1000 ord_request.Bank = account[0] ord_request.Branch = account[1] ord_request.Customer = account[2] ord_request.Deposit = account[3] ord_request.GoodUntil = 'DAY' ord_request.Type = 'UserSubmitOrder' ord_request.Route = self.route ord_request.ExtendedFields['ORDER_TAG'] = 'XAP-{0}'.format( str(uuid4())) basket_order = ord.BasketOrderRequest() basket_order.Orders.extend([ord_request, ord_request1]) basket_order.UserToken = token response = ord_stub.SubmitBasketOrder(basket_order) if response.ServerResponse == 'success': print("Successfully Submitted Basket Order") else: print(response.OptionalFields["ErrorMessage"]) time.sleep(10) iter.cancel() t.join() req = util.DisconnectRequest(UserToken=token) disconnect_response = util_stub.Disconnect(req) print('Disconnect result: ', disconnect_response.ServerResponse)
def main(): if len(sys.argv) < 3: # missing num nodes print("Usage:") print(" py lnd-cluster.py <NUM_NODES> <GRAPH_TYPE> <ROUTING_TYPE>") print(" Graph types: tree, central, ring") print(" Routing types: random, merchant") exit(1) NUM_NODES = int(sys.argv[1]) GRAPH_TYPE = sys.argv[2] ROUTING_TYPE = sys.argv[3] WALLET_PASS = bytes('00000000', 'utf-8') MINNING_ADDR = "SY6RbmrfYo2Vg9P9RuTreucM7G1SyVqhhb" ### ARG Checking ### if GRAPH_TYPE not in graphs.graph_types: print("ERROR: invalid graph type -> " + GRAPH_TYPE) exit() if ROUTING_TYPE not in routing.routing_types: print("ERROR: invalid routing type -> " + ROUTING_TYPE) exit() ### Create BTCD dir ### if os.path.exists(BTCD_DIR) == False: os.makedirs(BTCD_DIR) ### Create Nodes dir ### if os.path.exists(NODES_DIR) == False: os.makedirs(NODES_DIR) ### Clean Nodes dir ### dir_list = os.listdir(NODES_DIR) for node_id in dir_list: node_dir = NODES_DIR + '/' + str(node_id) shutil.rmtree(node_dir) ### Thread data ### # btcd thread proc btcd = None # Stores all node data # { # id, # thread, # stub_wal, # addr # } nodes = [] ### Start Threads ### # start btcd thread btcd = Process(target=btcd_start_node) btcd.start() # start lnd threads for node_id in range(0, NUM_NODES): nodes.append({ "id": node_id, "thread": Process(target=ln_start_node, args=(node_id, )) }) nodes[node_id]["thread"].start() time.sleep(1) os.environ['GRPC_SSL_CIPHER_SUITES'] = 'HIGH+ECDSA' ### init RPC stubs ### for node_id in range(0, NUM_NODES): while True: try: print("Node {} reading cert file...".format(str(node_id))) cert = open(NODES_DIR + '/' + str(node_id) + '/tls.cert', 'rb').read() break except: print("ERROR: cannot find cert file: " + str(NODES_DIR + '/' + str(node_id) + '/tls.cert')) ssl_creds = grpc.ssl_channel_credentials(cert) channel = grpc.secure_channel('localhost:' + str(10000 + node_id), ssl_creds) stub_wal = lnrpc.WalletUnlockerStub(channel) nodes[node_id]["stub_wal"] = stub_wal ### Init a node ### for node_id in range(0, NUM_NODES): stub_wal = nodes[node_id]['stub_wal'] # Gen Seed request = None if node_id == 0: # use same seed for first node # keeps minning address constant request = ln.GenSeedRequest(seed_entropy=bytes(node_seed)) else: request = ln.GenSeedRequest() response = stub_wal.GenSeed(request) cipher_seed_mnemonic = response.cipher_seed_mnemonic print(bytes(node_seed)) print(response) # Init Wallet request = ln.InitWalletRequest( wallet_password=WALLET_PASS, cipher_seed_mnemonic=cipher_seed_mnemonic) response = stub_wal.InitWallet(request) print(response) ### wait for rpc servers to init ### for node_id in range(0, NUM_NODES): while True: output = cmd_async( lncli_cmd.format(str(node_id), str(10000 + node_id), "getinfo")) try: # if rpc server is active, # the response will be json info_output = json.loads(output) nodes[node_id]['id_pubkey'] = info_output["identity_pubkey"] print(info_output) break except: print("======== ERROR: RPC server not active yet ========") print("======== node_id: {} ========". format(node_id)) time.sleep(1) # New Address output = cmd_async( lncli_cmd.format(str(node_id), str(10000 + node_id), "newaddress np2wkh")) nodes[node_id]["addr"] = json.loads(output)["address"] ### Fund All Nodes ### COINS_PER_NODE = " 100000000" output_node_0_balance = cmd_async( lncli_cmd.format("0", "10000", "walletbalance")) print(output_node_0_balance) # Mine coins output_mining = cmd_async(btcctl_cmd.format("generate 200")) time.sleep(5) # Wait for mining # Send Coins for node_id in range(1, NUM_NODES): lnc_command = lncli_cmd.format( "0", "10000", "sendcoins " + nodes[node_id]['addr'] + COINS_PER_NODE) output_sendcoins = cmd_async(lnc_command) print(output_sendcoins) # Mine transactions cmd_async(btcctl_cmd.format("generate 100")) time.sleep(5) # Wait for mining ### Connect Peers and Create Channels ### # create graph graph = graphs.graph_types[GRAPH_TYPE](NUM_NODES) # connect peers and open channels for node_id in range(0, NUM_NODES): peers = graph[node_id] for peer_i in range(0, len(peers)): peer = nodes[peers[peer_i]] # connect peers lnc_command = lncli_cmd.format( str(node_id), str(10000 + node_id), "connect " + peer["id_pubkey"] + "@localhost:" + str(20000 + peer['id'])) output_connect = cmd_async(lnc_command) print(output_connect) # open channels lnc_command = lncli_cmd.format( str(node_id), str(10000 + node_id), "openchannel --node_key=" + peer["id_pubkey"] + " --local_amt=1000000 --push_amt=100000") output_channel = cmd_async(lnc_command) print(output_channel) # Mine channels output_mining = cmd_async(btcctl_cmd.format("generate 20")) time.sleep(5) # Wait for mining ### Simulate Routing ### routing.routing_types[ROUTING_TYPE](NUM_NODES) return
import grpc # import the generated classes from vessel_protos import vessel_pb2 from vessel_protos import vessel_pb2_grpc # open a gRPC channel #channel = grpc.insecure_channel('localhost:50052') #channel = grpc.insecure_channel('35.232.149.193:50052') ###-------- with open('tls.crt') as f: trusted_certs = f.read().encode() # create credentials credentials = grpc.ssl_channel_credentials(root_certificates=trusted_certs) #channel = grpc.secure_channel('localhost:50052', credentials) #channel = grpc.secure_channel('vessel:50052', credentials) #channel = grpc.secure_channel('shippy.example.com:50052', credentials) channel = grpc.secure_channel('shippy.example.com:443', credentials) ###-------- #channel = grpc.insecure_channel('35.237.1.120:80') # create a stub (client) stub = vessel_pb2_grpc.VesselStub(channel) # create a valid request message vessel = vessel_pb2.GetVesselRequest(weight=200) # make the call response = stub.GetVessel(vessel) print response
def _create_channel(credentials=None, options=None): if request.config.getoption('grpc-fake'): return FakeChannel(grpc_server, credentials) if credentials is not None: return grpc.secure_channel(grpc_addr, credentials, options) return grpc.insecure_channel(grpc_addr, options)
def getStub(url): channel = grpc.secure_channel(url, creds) return lnrpc.LightningStub(channel)
def _execute_action(self, action, flags): stdout, stderr = self._get_output() context = self._get_context() project = self._get_project() cascache = context.get_cascache() artifactcache = context.artifactcache action_digest = cascache.add_object(buffer=action.SerializeToString()) # check action cache download and download if there action_result = self._check_action_cache(action_digest) if not action_result: with CASRemote(self.storage_remote_spec, cascache) as casremote: try: casremote.init() except grpc.RpcError as e: raise SandboxError( "Failed to contact remote execution CAS endpoint at {}: {}".format(self.storage_url, e) ) from e with self._get_context().messenger.timed_activity( "Uploading input root", element_name=self._get_element_name() ): # Determine blobs missing on remote try: input_root_digest = action.input_root_digest missing_blobs = list(cascache.remote_missing_blobs_for_directory(casremote, input_root_digest)) except grpc.RpcError as e: raise SandboxError("Failed to determine missing blobs: {}".format(e)) from e # Check if any blobs are also missing locally (partial artifact) # and pull them from the artifact cache. try: local_missing_blobs = cascache.local_missing_blobs(missing_blobs) if local_missing_blobs: artifactcache.fetch_missing_blobs(project, local_missing_blobs) except (grpc.RpcError, BstError) as e: raise SandboxError("Failed to pull missing blobs from artifact cache: {}".format(e)) from e # Add command and action messages to blob list to push missing_blobs.append(action.command_digest) missing_blobs.append(action_digest) # Now, push the missing blobs to the remote. try: cascache.send_blobs(casremote, missing_blobs) except grpc.RpcError as e: raise SandboxError("Failed to push source directory to remote: {}".format(e)) from e # Next, try to create a communication channel to the BuildGrid server. url = urlparse(self.exec_url) if not url.port: raise SandboxError( "You must supply a protocol and port number in the execution-service url, " "for example: http://buildservice:50051." ) if url.scheme == "http": channel = grpc.insecure_channel("{}:{}".format(url.hostname, url.port)) elif url.scheme == "https": channel = grpc.secure_channel("{}:{}".format(url.hostname, url.port), self.exec_credentials) else: raise SandboxError( "Remote execution currently only supports the 'http' protocol " "and '{}' was supplied.".format(url.scheme) ) # Now request to execute the action with channel: operation = self.run_remote_command(channel, action_digest) action_result = self._extract_action_result(operation) # Fetch outputs with CASRemote(self.storage_remote_spec, cascache) as casremote: for output_directory in action_result.output_directories: tree_digest = output_directory.tree_digest if tree_digest is None or not tree_digest.hash: raise SandboxError("Output directory structure had no digest attached.") # Now do a pull to ensure we have the full directory structure. cascache.pull_tree(casremote, tree_digest) # Fetch stdout and stderr blobs cascache.fetch_blobs(casremote, [action_result.stdout_digest, action_result.stderr_digest]) # Forward remote stdout and stderr if stdout: if action_result.stdout_digest.hash: with open(cascache.objpath(action_result.stdout_digest), "r") as f: shutil.copyfileobj(f, stdout) elif action_result.stdout_raw: stdout.write(str(action_result.stdout_raw, "utf-8", errors="ignore")) if stderr: if action_result.stderr_digest.hash: with open(cascache.objpath(action_result.stderr_digest), "r") as f: shutil.copyfileobj(f, stderr) elif action_result.stderr_raw: stderr.write(str(action_result.stderr_raw, "utf-8", errors="ignore")) return action_result
version='1.0.0') except (Exception, DefaultCredentialsError): logger.error("Could not enable debugger") logger.error(traceback.print_exc()) pass except (Exception, DefaultCredentialsError): logger.info("Debugger disabled.") port = os.environ.get('PORT', "8080") catalog_addr = os.environ.get('PRODUCT_CATALOG_SERVICE_ADDR', '') if catalog_addr == "": raise Exception( 'PRODUCT_CATALOG_SERVICE_ADDR environment variable not set') logger.info("product catalog address: " + catalog_addr) # channel = grpc.insecure_channel(catalog_addr) channel = grpc.secure_channel(catalog_addr, grpc.ssl_channel_credentials()) product_catalog_stub = demo_pb2_grpc.ProductCatalogServiceStub(channel) # create gRPC server server = grpc.server(futures.ThreadPoolExecutor(max_workers=10), interceptors=(tracer_interceptor, )) # add class to gRPC server service = RecommendationService() demo_pb2_grpc.add_RecommendationServiceServicer_to_server(service, server) health_pb2_grpc.add_HealthServicer_to_server(service, server) # start server logger.info("listening on port: " + port) server.add_insecure_port('[::]:' + port) server.start()
def main(): with grpc.secure_channel("api.staging.autheid.com", grpc.ssl_channel_credentials()) as channel: stub = rp_pb2_grpc.RequestsStub(channel) send_request(stub)
import psutil import rpc_pb2 as ln import rpc_pb2_grpc as lnrpc import grpc import codecs with open(os.path.expanduser('/Users/paulcote/gocode/dev/alice/data/chain/bitcoin/simnet/admin.macaroon'), 'rb') as f: macaroon_bytes = f.read() macaroon = codecs.encode(macaroon_bytes, 'hex') os.environ["GRPC_SSL_CIPHER_SUITES"] = 'HIGH+ECDSA' cert = open(os.path.expanduser('/Users/paulcote/Library/Application Support/Lnd/tls.cert'), 'rb').read() creds = grpc.ssl_channel_credentials(cert) channel = grpc.secure_channel('localhost:10001', creds) stub = lnrpc.LightningStub(channel) process = psutil.Process(os.getpid()) beginning = process.memory_info().rss print("Beginning", beginning, "bytes") print('\nEnter an equation: ') a = input() a = "(" + a + ")00000" solution=[] sol_cnt=0 master=[]
def get_grpc_stub(): channel = grpc.secure_channel('{}:{}'.format(HOST, PORT), UA.getCredentials()) stub = gigagenieRPC_pb2_grpc.GigagenieStub(channel) return stub
def connect(self): """ Building the connectivity towards network element over gNMI """ if self.__insecure: self.__channel = grpc.insecure_channel( self.__target_path, self.__metadata + self.__options) else: if self.__path_cert and self.__path_key and self.__path_root: try: cert = open(self.__path_cert, 'rb').read() key = open(self.__path_key, 'rb').read() root_cert = open(self.__path_root, 'rb').read() cert = grpc.ssl_channel_credentials( root_certificates=root_cert, private_key=key, certificate_chain=cert) except: logging.error('The SSL certificate cannot be opened.') raise Exception('The SSL certificate cannot be opened.') elif self.__path_cert: try: with open(self.__path_cert, 'rb') as f: cert = grpc.ssl_channel_credentials(f.read()) except: logger.error('The SSL certificate cannot be opened.') raise Exception('The SSL certificate cannot be opened.') else: try: ssl_cert = ssl.get_server_certificate( (self.__target[0], self.__target[1])).encode("utf-8") ssl_cert_deserialized = x509.load_pem_x509_certificate( ssl_cert, default_backend()) ssl_cert_common_names = ssl_cert_deserialized.subject.get_attributes_for_oid( x509.oid.NameOID.COMMON_NAME) ssl_target_name_override = ssl_cert_common_names[0].value self.__options += [("grpc.ssl_target_name_override", ssl_target_name_override)] logger.warning( 'ssl_target_name_override is applied, should be used for testing only!' ) cert = grpc.ssl_channel_credentials(ssl_cert) except: logger.error( f'The SSL certificate cannot be retrieved from {self.__target}' ) raise Exception( f'The SSL certificate cannot be retrieved from {self.__target}' ) self.__channel = grpc.secure_channel(self.__target_path, credentials=cert, options=self.__options) if self.__gnmi_timeout is None or self.__gnmi_timeout > 0: self.wait_for_connect(self.__gnmi_timeout) self.__stub = gNMIStub(self.__channel) return self
import google.cloud.speech_v1.gapic.transports.speech_grpc_transport parser = argparse.ArgumentParser() parser.add_argument('--input-path', '-i') parser.add_argument('--output-path', '-o', default = 'data') parser.add_argument('--verbose', action = 'store_true') parser.add_argument('--api-key-credentials', default = 'googleapikeycredentials.json') parser.add_argument('--lang', default = 'ru-RU') parser.add_argument('--vendor', default = 'google') parser.add_argument('--format', default = 'LINEAR16') parser.add_argument('--recognition-model', default = 'phone_call', choices = ['phone_call', 'default', 'video', 'command_and_search']) parser.add_argument('--endpoint', default = google.cloud.speech_v1.SpeechClient.SERVICE_ADDRESS) args = parser.parse_args() os.environ.update(dict(GRPC_VERBOSITY = 'DEBUG', GRPC_TRACE = 'all') if args.verbose else {}) LocalSpeechGrpcTransport = type('LocalSpeechGrpcTransport', (google.cloud.speech_v1.gapic.transports.speech_grpc_transport.SpeechGrpcTransport, ), dict(create_channel = lambda self, address, credentials, **kwargs: grpc.secure_channel(address, credentials, **kwargs))) credentials = google.oauth2.service_account.Credentials.from_service_account_file(args.api_key_credentials) if args.api_key_credentials else grpc.local_channel_credentials() client_options = dict(api_endpoint = args.endpoint) client = google.cloud.speech_v1.SpeechClient(credentials = credentials, client_options = client_options) if args.api_key_credentials else google.cloud.speech_v1.SpeechClient(transport = LocalSpeechGrpcTransport(address = args.endpoint, credentials = credentials), client_options = client_options) transcript = [] for t in json.load(open(args.input_path)): sample_rate, signal = scipy.io.wavfile.read(t['audio_path']) assert signal.dtype == 'int16' and sample_rate in [8_000, 16_000] pcm = io.BytesIO() scipy.io.wavfile.write(pcm, sample_rate, signal) res = client.recognize(dict(audio_channel_count = 1, encoding = args.format, sample_rate_hertz = sample_rate, language_code = args.lang, model = args.recognition_model), dict(content = pcm.getvalue())) hyp = res.results[0].alternatives[0].transcript transcript.append(dict(t, hyp = hyp))
def _run(flags): """Runs the main uploader program given parsed flags. Args: flags: An `argparse.Namespace`. """ logging.set_stderrthreshold(logging.WARNING) intent = _get_intent(flags) store = auth.CredentialsStore() if isinstance(intent, _AuthRevokeIntent): store.clear() sys.stderr.write("Logged out of uploader.\n") sys.stderr.flush() return # TODO(b/141723268): maybe reconfirm Google Account prior to reuse. credentials = store.read_credentials() if not credentials: _prompt_for_user_ack(intent) client_config = json.loads(auth.OAUTH_CLIENT_CONFIG) flow = auth.build_installed_app_flow(client_config) credentials = flow.run(force_console=flags.auth_force_console) sys.stderr.write("\n") # Extra newline after auth flow messages. store.write_credentials(credentials) channel_options = None if flags.grpc_creds_type == "local": channel_creds = grpc.local_channel_credentials() elif flags.grpc_creds_type == "ssl": channel_creds = grpc.ssl_channel_credentials() elif flags.grpc_creds_type == "ssl_dev": # Configure the dev cert to use by passing the environment variable # GRPC_DEFAULT_SSL_ROOTS_FILE_PATH=path/to/cert.crt channel_creds = grpc.ssl_channel_credentials() channel_options = [("grpc.ssl_target_name_override", "localhost")] else: msg = "Invalid --grpc_creds_type %s" % flags.grpc_creds_type raise base_plugin.FlagsError(msg) try: server_info = _get_server_info(flags) except server_info_lib.CommunicationError as e: _die(str(e)) _handle_server_info(server_info) logging.info("Received server info: <%r>", server_info) if not server_info.api_server.endpoint: logging.error("Server info response: %s", server_info) _die("Internal error: frontend did not specify an API server") composite_channel_creds = grpc.composite_channel_credentials( channel_creds, auth.id_token_call_credentials(credentials)) # TODO(@nfelt): In the `_UploadIntent` case, consider waiting until # logdir exists to open channel. channel = grpc.secure_channel( server_info.api_server.endpoint, composite_channel_creds, options=channel_options, ) with channel: intent.execute(server_info, channel)
def Main(): try: parser = argparse.ArgumentParser() parser.add_argument('-d', '--device', help='Input hostname', required=True) parser.add_argument('-t', '--timeout', help='Input time_out value', required=True, type=int) parser.add_argument('-u', '--user', help='Input username', required=True) parser.add_argument('-pw', '--password', help='Input password', required=True) args = parser.parse_args() #Establish grpc channel to jet router creds = grpc.ssl_channel_credentials( open('/tmp/RSA2048.pem').read(), None, None) channel = grpc.secure_channel(args.device + ":32767", creds, options=(( 'grpc.ssl_target_name_override', _HOST_OVERRIDE, ), )) #create stub for authentication services stub = authentication_service_pb2.LoginStub(channel) #Authenticate login_request = authentication_service_pb2.LoginRequest( user_name=args.user, password=args.password, client_id="SampleApp") login_response = stub.LoginCheck(login_request, args.timeout) #Check if authentication is successful if login_response.result == True: print "[INFO] Connected to gRPC Server:" print login_response.result else: print "[ERROR] gRPC Server Connection failed!!!" print login_response.result #Create stub for management services stub = management_service_pb2.ManagementRpcApiStub(channel) print "[INFO] Connected to JSD and created handle to mgd services" for i in range(1): #Provide API request details op_xml_command = "<get-system-uptime-information>" \ "</get-system-uptime-information>" op = management_service_pb2.ExecuteOpCommandRequest( xml_command=op_xml_command, out_format=2, request_id=1000) # Invoke API result = stub.ExecuteOpCommand(op, 100) # Check API response like status and output for i in result: print "[INFO] Invoked ExecuteOpCommand API return code = " print i.status print "[INFO] Return output in CLI format = " print i.data except Exception as ex: print ex
request.streaming_config.config.vad_config.silence_prob_threshold = 0.2 return request def generate_requests(): try: with wave.open("../../audio/sample_3.wav") as f: yield build_first_request(f.getframerate(), f.getnchannels()) frame_samples = f.getframerate()//10 # Send 100ms at a time for data in iter(lambda:f.readframes(frame_samples), b''): request = stt_pb2.StreamingRecognizeRequest() request.audio_content = data yield request except Exception as e: print("Got exception in generate_requests", e) raise def print_streaming_recognition_responses(responses): for response in responses: for result in response.results: print("Channel", result.recognition_result.channel) print("Phrase start:", result.recognition_result.start_time.ToTimedelta()) print("Phrase end: ", result.recognition_result.end_time.ToTimedelta()) for alternative in result.recognition_result.alternatives: print('"' + alternative.transcript + '"') print("------------------") stub = stt_pb2_grpc.SpeechToTextStub(grpc.secure_channel(endpoint, grpc.ssl_channel_credentials())) metadata = authorization_metadata(api_key, secret_key, "tinkoff.cloud.stt") responses = stub.StreamingRecognize(generate_requests(), metadata=metadata) print_streaming_recognition_responses(responses)
def _connect_channel(self, reconnecting=False) -> None: """ Attempts to connect to the server specified by conn_str. If reconnecting after an RPC error, cleans up the old channel and continues to attempt to connect until the grace period is over. """ if self.channel is not None: self.channel.unsubscribe(self._on_channel_state_change) self.channel.close() if self._secure: if self._credentials is not None: credentials = self._credentials elif os.environ.get("RAY_USE_TLS", "0").lower() in ("1", "true"): ( server_cert_chain, private_key, ca_cert, ) = ray._private.utils.load_certs_from_env() credentials = grpc.ssl_channel_credentials( certificate_chain=server_cert_chain, private_key=private_key, root_certificates=ca_cert, ) else: credentials = grpc.ssl_channel_credentials() self.channel = grpc.secure_channel(self._conn_str, credentials, options=GRPC_OPTIONS) else: self.channel = grpc.insecure_channel(self._conn_str, options=GRPC_OPTIONS) self.channel.subscribe(self._on_channel_state_change) # Retry the connection until the channel responds to something # looking like a gRPC connection, though it may be a proxy. start_time = time.time() conn_attempts = 0 timeout = INITIAL_TIMEOUT_SEC service_ready = False while conn_attempts < max(self._connection_retries, 1) or reconnecting: conn_attempts += 1 if self._in_shutdown: # User manually closed the worker before connection finished break elapsed_time = time.time() - start_time if reconnecting and elapsed_time > self._reconnect_grace_period: self._in_shutdown = True raise ConnectionError( "Failed to reconnect within the reconnection grace period " f"({self._reconnect_grace_period}s)") try: # Let gRPC wait for us to see if the channel becomes ready. # If it throws, we couldn't connect. grpc.channel_ready_future(self.channel).result(timeout=timeout) # The HTTP2 channel is ready. Wrap the channel with the # RayletDriverStub, allowing for unary requests. self.server = ray_client_pb2_grpc.RayletDriverStub( self.channel) service_ready = bool(self.ping_server()) if service_ready: break # Ray is not ready yet, wait a timeout time.sleep(timeout) except grpc.FutureTimeoutError: logger.debug( f"Couldn't connect channel in {timeout} seconds, retrying") # Note that channel_ready_future constitutes its own timeout, # which is why we do not sleep here. except grpc.RpcError as e: logger.debug("Ray client server unavailable, " f"retrying in {timeout}s...") logger.debug(f"Received when checking init: {e.details()}") # Ray is not ready yet, wait a timeout. time.sleep(timeout) # Fallthrough, backoff, and retry at the top of the loop logger.debug("Waiting for Ray to become ready on the server, " f"retry in {timeout}s...") if not reconnecting: # Don't increase backoff when trying to reconnect -- # we already know the server exists, attempt to reconnect # as soon as we can timeout = backoff(timeout) # If we made it through the loop without service_ready # it means we've used up our retries and # should error back to the user. if not service_ready: self._in_shutdown = True if log_once("ray_client_security_groups"): warnings.warn( "Ray Client connection timed out. Ensure that " "the Ray Client port on the head node is reachable " "from your local machine. See https://docs.ray.io/en" "/latest/cluster/ray-client.html#step-2-check-ports for " "more information.") raise ConnectionError("ray client connection timeout")
def __init__(self, conn_str: str = "", secure: bool = False, metadata: List[Tuple[str, str]] = None, connection_retries: int = 3): """Initializes the worker side grpc client. Args: conn_str: The host:port connection string for the ray server. secure: whether to use SSL secure channel or not. metadata: additional metadata passed in the grpc request headers. connection_retries: Number of times to attempt to reconnect to the ray server if it doesn't respond immediately. Setting to 0 tries at least once. For infinite retries, catch the ConnectionError exception. """ self.metadata = metadata if metadata else [] self.channel = None self.server = None self._conn_state = grpc.ChannelConnectivity.IDLE self._client_id = make_client_id() self._converted: Dict[str, ClientStub] = {} grpc_options = [ ("grpc.max_send_message_length", GRPC_MAX_MESSAGE_SIZE), ("grpc.max_receive_message_length", GRPC_MAX_MESSAGE_SIZE), ] if secure: credentials = grpc.ssl_channel_credentials() self.channel = grpc.secure_channel(conn_str, credentials, options=grpc_options) else: self.channel = grpc.insecure_channel(conn_str, options=grpc_options) self.channel.subscribe(self._on_channel_state_change) # Retry the connection until the channel responds to something # looking like a gRPC connection, though it may be a proxy. conn_attempts = 0 timeout = INITIAL_TIMEOUT_SEC service_ready = False while conn_attempts < max(connection_retries, 1): conn_attempts += 1 try: # Let gRPC wait for us to see if the channel becomes ready. # If it throws, we couldn't connect. grpc.channel_ready_future(self.channel).result(timeout=timeout) # The HTTP2 channel is ready. Wrap the channel with the # RayletDriverStub, allowing for unary requests. self.server = ray_client_pb2_grpc.RayletDriverStub( self.channel) service_ready = bool(self.ping_server()) if service_ready: break # Ray is not ready yet, wait a timeout time.sleep(timeout) except grpc.FutureTimeoutError: logger.info( f"Couldn't connect channel in {timeout} seconds, retrying") # Note that channel_ready_future constitutes its own timeout, # which is why we do not sleep here. except grpc.RpcError as e: logger.info("Ray client server unavailable, " f"retrying in {timeout}s...") logger.debug(f"Received when checking init: {e.details()}") # Ray is not ready yet, wait a timeout. time.sleep(timeout) # Fallthrough, backoff, and retry at the top of the loop logger.info("Waiting for Ray to become ready on the server, " f"retry in {timeout}s...") timeout = backoff(timeout) # If we made it through the loop without service_ready # it means we've used up our retries and # should error back to the user. if not service_ready: raise ConnectionError("ray client connection timeout") # Initialize the streams to finish protocol negotiation. self.data_client = DataClient(self.channel, self._client_id, self.metadata) self.reference_count: Dict[bytes, int] = defaultdict(int) self.log_client = LogstreamClient(self.channel, self.metadata) self.log_client.set_logstream_level(logging.INFO) self.closed = False