mirror of
https://github.com/rocky-linux/peridot.git
synced 2024-11-21 12:41:27 +00:00
Chain interceptors using grpc_middleware
Signed-off-by: Mustafa Gezen <mustafa@ctrliq.com>
This commit is contained in:
parent
226c0f4c30
commit
eeaced0b14
@ -29,11 +29,14 @@ go_library(
|
||||
"//vendor/github.com/go-chi/chi/middleware",
|
||||
"//vendor/github.com/go-openapi/runtime",
|
||||
"//vendor/github.com/go-openapi/strfmt",
|
||||
"//vendor/github.com/grpc-ecosystem/go-grpc-middleware",
|
||||
"//vendor/github.com/grpc-ecosystem/go-grpc-prometheus",
|
||||
"//vendor/github.com/jmoiron/sqlx",
|
||||
"//vendor/github.com/lib/pq",
|
||||
"//vendor/github.com/ory/hydra-client-go/client",
|
||||
"//vendor/github.com/ory/hydra-client-go/client/admin",
|
||||
"//vendor/github.com/ory/hydra-client-go/client/public",
|
||||
"//vendor/github.com/prometheus/client_golang/prometheus/promhttp",
|
||||
"//vendor/github.com/sirupsen/logrus",
|
||||
"//vendor/github.com/spf13/pflag",
|
||||
"//vendor/github.com/spf13/viper",
|
||||
|
@ -32,6 +32,7 @@ package utils
|
||||
|
||||
import (
|
||||
"context"
|
||||
grpc_middleware "github.com/grpc-ecosystem/go-grpc-middleware"
|
||||
"github.com/grpc-ecosystem/go-grpc-prometheus"
|
||||
"github.com/prometheus/client_golang/prometheus/promhttp"
|
||||
"google.golang.org/grpc/credentials/insecure"
|
||||
@ -169,25 +170,10 @@ func NewGRPCServer(goptions *GRPCOptions, endpoint func(*Register), serve func(*
|
||||
// If the server already declares a unary interceptor, let's chain
|
||||
// and make grpc_prometheus run first
|
||||
if options.Interceptor != nil {
|
||||
serverOpts = append(serverOpts, grpc.UnaryInterceptor(
|
||||
func(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (resp interface{}, err error) {
|
||||
n := func(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (resp interface{}, err error) {
|
||||
return options.Interceptor(ctx, req, info, handler)
|
||||
}
|
||||
n = func(next grpc.UnaryServerInterceptor) grpc.UnaryServerInterceptor {
|
||||
return func(ctx context.Context, req interface{}, usi *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (interface{}, error) {
|
||||
_, err := grpc_prometheus.UnaryServerInterceptor(ctx, req, info, handler)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return next(ctx, req, usi, handler)
|
||||
}
|
||||
}(n)
|
||||
|
||||
return n(ctx, req, info, handler)
|
||||
},
|
||||
))
|
||||
serverOpts = append(serverOpts, grpc.UnaryInterceptor(grpc_middleware.ChainUnaryServer(
|
||||
grpc_prometheus.UnaryServerInterceptor,
|
||||
options.Interceptor,
|
||||
)))
|
||||
} else {
|
||||
// Else, only declare prometheus interceptor
|
||||
serverOpts = append(serverOpts, grpc.UnaryInterceptor(grpc_prometheus.UnaryServerInterceptor))
|
||||
@ -196,25 +182,10 @@ func NewGRPCServer(goptions *GRPCOptions, endpoint func(*Register), serve func(*
|
||||
// If the server already declares a stream interceptor, let's chain
|
||||
// and make grpc_prometheus run first
|
||||
if options.ServerInterceptor != nil {
|
||||
serverOpts = append(serverOpts, grpc.StreamInterceptor(
|
||||
func(srv interface{}, ss grpc.ServerStream, info *grpc.StreamServerInfo, handler grpc.StreamHandler) error {
|
||||
n := func(srv interface{}, ss grpc.ServerStream, info *grpc.StreamServerInfo, handler grpc.StreamHandler) error {
|
||||
return options.ServerInterceptor(srv, ss, info, handler)
|
||||
}
|
||||
n = func(next grpc.StreamServerInterceptor) grpc.StreamServerInterceptor {
|
||||
return func(srv interface{}, ss grpc.ServerStream, info *grpc.StreamServerInfo, handler grpc.StreamHandler) error {
|
||||
err := grpc_prometheus.StreamServerInterceptor(srv, ss, info, handler)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return next(srv, ss, info, handler)
|
||||
}
|
||||
}(n)
|
||||
|
||||
return n(srv, ss, info, handler)
|
||||
},
|
||||
))
|
||||
serverOpts = append(serverOpts, grpc.StreamInterceptor(grpc_middleware.ChainStreamServer(
|
||||
grpc_prometheus.StreamServerInterceptor,
|
||||
options.ServerInterceptor,
|
||||
)))
|
||||
} else {
|
||||
// Else, only declare prometheus interceptor
|
||||
serverOpts = append(serverOpts, grpc.StreamInterceptor(grpc_prometheus.StreamServerInterceptor))
|
||||
|
@ -118,6 +118,9 @@ func checkAuth(ctx context.Context, hydraSDK *client.OryHydra, hydraAdmin *clien
|
||||
userInfo.Payload.Name = introspect.Payload.Sub
|
||||
userInfo.Payload.Email = fmt.Sprintf("%s@%s", introspect.Payload.Sub, "serviceaccount.resf.org")
|
||||
}
|
||||
if userInfo.Payload.Sub == "" {
|
||||
return ctx, status.Errorf(codes.Unauthenticated, "invalid authorization token")
|
||||
}
|
||||
|
||||
// supply subject and token to further requests
|
||||
pairs := metadata.Pairs("x-user-id", userInfo.Payload.Sub, "x-user-name", userInfo.Payload.Name, "x-user-email", userInfo.Payload.Email, "x-auth-token", authToken[1])
|
||||
|
Loading…
Reference in New Issue
Block a user