Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add gRPC auth token helper #34

Merged
merged 1 commit into from
Jan 4, 2022
Merged

Add gRPC auth token helper #34

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ require (
github.com/smartystreets/assertions v1.0.1
github.com/smartystreets/goconvey v1.6.4
github.com/stretchr/testify v1.7.0
google.golang.org/grpc v1.40.0
)

require (
Expand All @@ -38,7 +39,6 @@ require (
golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c // indirect
golang.org/x/text v0.3.6 // indirect
google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c // indirect
google.golang.org/grpc v1.40.0 // indirect
google.golang.org/protobuf v1.27.1 // indirect
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect
)
30 changes: 30 additions & 0 deletions grpc/auth.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
package grpc

import (
"context"

"github.com/signalfx/golib/v3/sfxclient"
"google.golang.org/grpc/credentials"
)

// SignalFxTokenAuth is a credentials.PerRPCCredentials object that sets an auth token on each gRPC request
// as expected by our ingest service.
type SignalFxTokenAuth struct {
Token string
DisableTransportSecurity bool
}

var _ credentials.PerRPCCredentials = new(SignalFxTokenAuth)

// GetRequestMetadata returns the metadata with the auth token
func (a *SignalFxTokenAuth) GetRequestMetadata(ctx context.Context, uri ...string) (map[string]string, error) {
return map[string]string{
sfxclient.TokenHeaderName: a.Token,
}, nil
}

// RequireTransportSecurity determines whether TLS is required or not. This will return `true`
// unless DisableTokenSecurity has been overridden to `true`.
func (a *SignalFxTokenAuth) RequireTransportSecurity() bool {
return !a.DisableTransportSecurity
}
27 changes: 27 additions & 0 deletions grpc/auth_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
package grpc

import (
"context"
"testing"

"github.com/signalfx/golib/v3/sfxclient"
. "github.com/smartystreets/goconvey/convey"
)

func TestGRPCAuth(t *testing.T) {
Convey("grpc auth", t, func() {
a := &SignalFxTokenAuth{
Token: "test",
DisableTransportSecurity: false,
}

So(a.RequireTransportSecurity(), ShouldBeTrue)

md, err := a.GetRequestMetadata(context.Background(), "")
So(err, ShouldBeNil)
So(md[sfxclient.TokenHeaderName], ShouldEqual, "test")

a.DisableTransportSecurity = true
So(a.RequireTransportSecurity(), ShouldBeFalse)
})
}