fix: avoid overriding user config if possible #236
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,87 @@ | ||
| defmodule GRPC.Client.Adapters.GunTest do | ||
| use ExUnit.Case, async: true | ||
|
|
||
| import GRPC.Factory | ||
|
|
||
| alias GRPC.Client.Adapters.Gun | ||
|
|
||
| describe "connect/2" do | ||
| setup do | ||
| server_credential = build(:credential) | ||
| {:ok, _, port} = GRPC.Server.start(FeatureServer, 0, cred: server_credential) | ||
|
|
||
| on_exit(fn -> | ||
| :ok = GRPC.Server.stop(FeatureServer) | ||
| end) | ||
|
|
||
| %{ | ||
| port: port, | ||
| credential: | ||
| build(:credential, | ||
| ssl: Keyword.take(server_credential.ssl, [:certfile, :keyfile, :versions]) | ||
| ) | ||
| } | ||
| end | ||
|
|
||
| test "connects insecurely (default options)", %{port: port, credential: credential} do | ||
| channel = build(:channel, port: port, host: "localhost", cred: credential) | ||
|
|
||
| assert {:ok, result} = Gun.connect(channel) | ||
|
|
||
| assert %{channel | adapter_payload: %{conn_pid: result.adapter_payload.conn_pid}} == result | ||
| end | ||
|
|
||
| test "connects insecurely (custom options)", %{port: port, credential: credential} do | ||
| channel = build(:channel, port: port, host: "localhost", cred: credential) | ||
|
|
||
| # Ensure that it works | ||
| assert {:ok, result} = Gun.connect(channel, %{transport_opts: [ip: :loopback]}) | ||
| assert %{channel | adapter_payload: %{conn_pid: result.adapter_payload.conn_pid}} == result | ||
|
|
||
| # Ensure that changing one of the options breaks things | ||
| assert {:error, {:down, :badarg}} == | ||
| Gun.connect(channel, %{transport_opts: [ip: "256.0.0.0"]}) | ||
| end | ||
|
|
||
| test "connects securely (default options)", %{port: port, credential: credential} do | ||
| channel = | ||
| build(:channel, | ||
| port: port, | ||
| scheme: "https", | ||
| host: "localhost", | ||
| cred: credential | ||
| ) | ||
|
|
||
| assert {:ok, result} = Gun.connect(channel, %{tls_opts: channel.cred.ssl}) | ||
|
|
||
| assert %{channel | adapter_payload: %{conn_pid: result.adapter_payload.conn_pid}} == result | ||
| end | ||
|
|
||
| test "connects securely (custom options)", %{port: port, credential: credential} do | ||
| channel = | ||
| build(:channel, | ||
| port: port, | ||
| scheme: "https", | ||
| host: "localhost", | ||
| cred: credential | ||
| ) | ||
|
|
||
| # Ensure that it works | ||
| assert {:ok, result} = | ||
| Gun.connect(channel, %{ | ||
| transport_opts: [certfile: credential.ssl[:certfile], ip: :loopback] | ||
| }) | ||
|
|
||
| assert %{channel | adapter_payload: %{conn_pid: result.adapter_payload.conn_pid}} == result | ||
|
|
||
| # Ensure that changing one of the options breaks things | ||
| assert {:error, :timeout} == | ||
| Gun.connect(channel, %{ | ||
| transport_opts: [ | ||
| certfile: credential.ssl[:certfile] <> "invalidsuffix", | ||
| ip: :loopback | ||
| ] | ||
| }) | ||
| end | ||
| end | ||
| end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,52 @@ | ||
| defmodule GRPC.Factory do | ||
| @moduledoc false | ||
|
|
||
| alias GRPC.Channel | ||
| alias GRPC.Credential | ||
|
|
||
| @cert_path Path.expand("./tls/server1.pem", :code.priv_dir(:grpc)) | ||
| @key_path Path.expand("./tls/server1.key", :code.priv_dir(:grpc)) | ||
| @ca_path Path.expand("./tls/ca.pem", :code.priv_dir(:grpc)) | ||
|
|
||
| def build(resource, attrs \\ %{}) do | ||
| name = :"#{resource}_factory" | ||
|
|
||
| data = | ||
| if function_exported?(__MODULE__, name, 1) do | ||
| apply(__MODULE__, name, [attrs]) | ||
| else | ||
| apply(__MODULE__, name, []) | ||
| end | ||
|
|
||
| Map.merge(data, Map.new(attrs)) | ||
| end | ||
|
|
||
| def channel_factory do | ||
| %Channel{ | ||
| host: "localhost", | ||
| port: 1337, | ||
| scheme: "http", | ||
| cred: build(:credential), | ||
| adapter: GRPC.Client.Adapters.Gun, | ||
| adapter_payload: %{}, | ||
| codec: GRPC.Codec.Proto, | ||
| interceptors: [], | ||
| compressor: nil, | ||
| accepted_compressors: [], | ||
| headers: [] | ||
| } | ||
| end | ||
|
|
||
| def credential_factory do | ||
| %Credential{ | ||
| ssl: [ | ||
| certfile: @cert_path, | ||
| cacertfile: @ca_path, | ||
| keyfile: @key_path, | ||
| verify: :verify_peer, | ||
| fail_if_no_peer_cert: true, | ||
| versions: [:"tlsv1.2"] | ||
| ] | ||
| } | ||
| end | ||
| end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,7 @@ | ||
| defmodule FeatureServer do | ||
| use GRPC.Server, service: Routeguide.RouteGuide.Service | ||
|
|
||
| def get_feature(point, _stream) do | ||
| Routeguide.Feature.new(location: point, name: "#{point.latitude},#{point.longitude}") | ||
| end | ||
| end |
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just quick check from mobile.
which ssl configuration (via cred vs via transport_opts) is higher priority?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Via transport options
There's a test that shows that
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we need to document GRPC.Stub.connect about this behaviour? Because the library encourage user to use GRPC.Credential to set ssl credential but now user can set it via adapter option when calling GRPC.Stub.connect.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think so. This is a per-adapter specification
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We can decide to not let some overrides take place, though.
Although I wouldn't invest too much energy in the Gun adapter since we're planning on moving on to Mint
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I prefer the way it's currently coded, in which the
optsvalues have precedence. Could you point to where in the docs it encourages the SSL values to be used? I don't think we'll have to change those other than adding a "opts can override this" warningThere was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Here it is https://github.com/elixir-grpc/grpc/blob/master/lib/grpc/credential.ex#L3. Maybe it is only my understandable. 🙇♂️
Agree that if we can warning the opts can be override.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'll improve on that :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done :) I'm merging this, but let me know if things are still unclear
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That’s totally clear :)