def test_behavior_outside_asyncio(self): # Ensures non-AsyncIO object can be initiated channel_creds = grpc.ssl_channel_credentials() # Ensures AsyncIO API not raising outside of AsyncIO. # NOTE(lidiz) This behavior is bound with GAPIC generator, and required # by test frameworks like pytest. In test frameworks, objects shared # across cases need to be created outside of AsyncIO coroutines. aio.insecure_channel('') aio.secure_channel('', channel_creds) aio.server() aio.init_grpc_aio() aio.shutdown_grpc_aio()
async def coro(): server_target, _ = await start_test_server(secure=True) # pylint: disable=unused-variable credentials = grpc.local_channel_credentials( grpc.LocalConnectionType.LOCAL_TCP) secure_channel = aio.secure_channel(server_target, credentials) self.assertIsInstance(secure_channel, aio.Channel)
async def test_secure_no_cert(self): handler = grpc.method_handlers_generic_handler('test', { 'UnaryUnary': grpc.unary_unary_rpc_method_handler(handle_unary_unary) }) server = aio.server() server.add_generic_rpc_handlers((handler, )) server_cred = grpc.ssl_server_credentials(_SERVER_CERTS) port = server.add_secure_port('[::]:0', server_cred) await server.start() channel_creds = grpc.ssl_channel_credentials( root_certificates=_TEST_ROOT_CERTIFICATES) channel = aio.secure_channel('localhost:{}'.format(port), channel_creds, options=_PROPERTY_OPTIONS) response = await channel.unary_unary(_UNARY_UNARY)(_REQUEST) await channel.close() await server.stop(None) auth_data = pickle.loads(response) self.assertIsNone(auth_data[_ID]) self.assertIsNone(auth_data[_ID_KEY]) self.assertDictEqual( { 'security_level': [b'TSI_PRIVACY_AND_INTEGRITY'], 'transport_security_type': [b'ssl'], 'ssl_session_reused': [b'false'], }, auth_data[_AUTH_CTX])
async def test_secure_client_cert(self): handler = grpc.method_handlers_generic_handler('test', { 'UnaryUnary': grpc.unary_unary_rpc_method_handler(handle_unary_unary) }) server = aio.server() server.add_generic_rpc_handlers((handler, )) server_cred = grpc.ssl_server_credentials( _SERVER_CERTS, root_certificates=_TEST_ROOT_CERTIFICATES, require_client_auth=True) port = server.add_secure_port('[::]:0', server_cred) await server.start() channel_creds = grpc.ssl_channel_credentials( root_certificates=_TEST_ROOT_CERTIFICATES, private_key=_PRIVATE_KEY, certificate_chain=_CERTIFICATE_CHAIN) channel = aio.secure_channel('localhost:{}'.format(port), channel_creds, options=_PROPERTY_OPTIONS) response = await channel.unary_unary(_UNARY_UNARY)(_REQUEST) await channel.close() await server.stop(None) auth_data = pickle.loads(response) auth_ctx = auth_data[_AUTH_CTX] self.assertCountEqual(_CLIENT_IDS, auth_data[_ID]) self.assertEqual('x509_subject_alternative_name', auth_data[_ID_KEY]) self.assertSequenceEqual([b'ssl'], auth_ctx['transport_security_type']) self.assertSequenceEqual([b'*.test.google.com'], auth_ctx['x509_common_name'])
def test_behavior_outside_asyncio(self): # Ensures non-AsyncIO object can be initiated channel_creds = grpc.ssl_channel_credentials() # Ensures AsyncIO API NOT working outside of AsyncIO with self.assertRaises(RuntimeError): aio.insecure_channel('') with self.assertRaises(RuntimeError): aio.secure_channel('', channel_creds) with self.assertRaises(RuntimeError): aio.server() # Ensures init_grpc_aio fail outside of AsyncIO with self.assertRaises(RuntimeError): aio.init_grpc_aio()
def _create_channel(args): target = f'{args.server_host}:{args.server_port}' if args.use_tls or args.use_alts or args.custom_credentials_type is not None: channel_credentials, options = interop_client_lib.get_secure_channel_parameters( args) return aio.secure_channel(target, channel_credentials, options) else: return aio.insecure_channel(target)
async def test_secure_channel(self): server_target, _ = await start_test_server(secure=True) # pylint: disable=unused-variable credentials = grpc.ssl_channel_credentials( root_certificates=_TEST_ROOT_CERTIFICATES, private_key=_PRIVATE_KEY, certificate_chain=_CERTIFICATE_CHAIN, ) secure_channel = aio.secure_channel(server_target, credentials) self.assertIsInstance(secure_channel, aio.Channel)
def test_document_understanding_service_grpc_asyncio_transport_channel(): channel = aio.secure_channel("http://localhost/", grpc.local_channel_credentials()) # Check that channel is used if provided. transport = transports.DocumentUnderstandingServiceGrpcAsyncIOTransport( host="squid.clam.whelk", channel=channel, ) assert transport.grpc_channel == channel assert transport._host == "squid.clam.whelk:443" assert transport._ssl_channel_credentials == None
async def _do_one_shot_client_rpc(self, channel_creds, channel_options, port, expect_ssl_session_reused): channel = aio.secure_channel('localhost:{}'.format(port), channel_creds, options=channel_options) response = await channel.unary_unary(_UNARY_UNARY)(_REQUEST) auth_data = pickle.loads(response) self.assertEqual(expect_ssl_session_reused, auth_data[_AUTH_CTX]['ssl_session_reused']) await channel.close()
def test_quota_controller_grpc_asyncio_transport_channel(): channel = aio.secure_channel("http://localhost/", grpc.local_channel_credentials()) # Check that channel is used if provided. transport = transports.QuotaControllerGrpcAsyncIOTransport( host="squid.clam.whelk", channel=channel, ) assert transport.grpc_channel == channel assert transport._host == "squid.clam.whelk:443" assert transport._ssl_channel_credentials == None
def test_policy_tag_manager_serialization_grpc_asyncio_transport_channel(): channel = aio.secure_channel("http://localhost/", grpc.local_channel_credentials()) # Check that channel is used if provided. transport = transports.PolicyTagManagerSerializationGrpcAsyncIOTransport( host="squid.clam.whelk", channel=channel, ) assert transport.grpc_channel == channel assert transport._host == "squid.clam.whelk:443" assert transport._ssl_channel_credentials == None
def test_video_intelligence_service_grpc_asyncio_transport_channel(): channel = aio.secure_channel("http://localhost/", grpc.local_channel_credentials()) # Check that channel is used if provided. transport = transports.VideoIntelligenceServiceGrpcAsyncIOTransport( host="squid.clam.whelk", channel=channel, ) assert transport.grpc_channel == channel assert transport._host == "squid.clam.whelk:443" assert transport._ssl_channel_credentials == None
def test_customer_license_service_grpc_asyncio_transport_channel(): channel = aio.secure_channel('http://localhost/', grpc.local_channel_credentials()) # Check that channel is used if provided. transport = transports.CustomerLicenseServiceGrpcAsyncIOTransport( host="squid.clam.whelk", channel=channel, ) assert transport.grpc_channel == channel assert transport._host == "squid.clam.whelk:443" assert transport._ssl_channel_credentials == None
def test_authorized_domains_grpc_asyncio_transport_channel(): channel = aio.secure_channel("http://localhost/", grpc.local_channel_credentials()) # Check that channel is used if provided. transport = transports.AuthorizedDomainsGrpcAsyncIOTransport( host="squid.clam.whelk", channel=channel, ) assert transport.grpc_channel == channel assert transport._host == "squid.clam.whelk:443" assert transport._ssl_channel_credentials == None
def create_channel( target, credentials=None, scopes=None, ssl_credentials=None, credentials_file=None, quota_project_id=None, default_scopes=None, default_host=None, **kwargs): """Create an AsyncIO secure channel with credentials. Args: target (str): The target service address in the format 'hostname:port'. credentials (google.auth.credentials.Credentials): The credentials. If not specified, then this function will attempt to ascertain the credentials from the environment using :func:`google.auth.default`. scopes (Sequence[str]): A optional list of scopes needed for this service. These are only used when credentials are not specified and are passed to :func:`google.auth.default`. ssl_credentials (grpc.ChannelCredentials): Optional SSL channel credentials. This can be used to specify different certificates. credentials_file (str): A file with credentials that can be loaded with :func:`google.auth.load_credentials_from_file`. This argument is mutually exclusive with credentials. quota_project_id (str): An optional project to use for billing and quota. default_scopes (Sequence[str]): Default scopes passed by a Google client library. Use 'scopes' for user-defined scopes. default_host (str): The default endpoint. e.g., "pubsub.googleapis.com". kwargs: Additional key-word args passed to :func:`aio.secure_channel`. Returns: aio.Channel: The created channel. Raises: google.api_core.DuplicateCredentialArgs: If both a credentials object and credentials_file are passed. """ composite_credentials = grpc_helpers._create_composite_credentials( credentials=credentials, credentials_file=credentials_file, scopes=scopes, default_scopes=default_scopes, ssl_credentials=ssl_credentials, quota_project_id=quota_project_id, default_host=default_host ) return aio.secure_channel(target, composite_credentials, **kwargs)
async def setUp(self): server_credentials = grpc.ssl_server_credentials([ (resources.private_key(), resources.certificate_chain()) ]) channel_credentials = grpc.ssl_channel_credentials( resources.test_root_certificates()) channel_options = (( 'grpc.ssl_target_name_override', _SERVER_HOST_OVERRIDE, ), ) address, self._server = await start_test_server( secure=True, server_credentials=server_credentials) self._channel = aio.secure_channel(address, channel_credentials, channel_options) self._stub = test_pb2_grpc.TestServiceStub(self._channel)
def __init__(self, address: str, config: control_pb2.ClientConfig, hist: histogram.Histogram): # Disables underlying reuse of subchannels unique_option = (('iv', random.random()),) # Parses the channel argument from config channel_args = tuple( (arg.name, arg.str_value) if arg.HasField('str_value') else ( arg.name, int(arg.int_value)) for arg in config.channel_args) # Creates the channel if config.HasField('security_params'): channel_credentials = grpc.ssl_channel_credentials( resources.test_root_certificates(),) server_host_override_option = (( 'grpc.ssl_target_name_override', config.security_params.server_host_override, ),) self._channel = aio.secure_channel( address, channel_credentials, unique_option + channel_args + server_host_override_option) else: self._channel = aio.insecure_channel(address, options=unique_option + channel_args) # Creates the stub if config.payload_config.WhichOneof('payload') == 'simple_params': self._generic = False self._stub = benchmark_service_pb2_grpc.BenchmarkServiceStub( self._channel) payload = messages_pb2.Payload( body=b'\0' * config.payload_config.simple_params.req_size) self._request = messages_pb2.SimpleRequest( payload=payload, response_size=config.payload_config.simple_params.resp_size) else: self._generic = True self._stub = GenericStub(self._channel) self._request = b'\0' * config.payload_config.bytebuf_params.req_size self._hist = hist self._response_callbacks = [] self._concurrency = config.outstanding_rpcs_per_channel