Skip to content
Snippets Groups Projects
Commit 0921e31b authored by Olgun Cengiz's avatar Olgun Cengiz :drum:
Browse files

viam-apis & config changes

parent 4fe6ff89
Branches
Tags
3 merge requests!19Ci,!16Resolve "Configurable MaxMessageSize",!14Resolve "142-Implement_CA_cert"
[[constraint]]
branch = "master"
branch = "142-Implement_CA_cert"
name = "code.vereign.com/code/viam-apis"
[[constraint]]
......
dataStorageClientUrl: localhost:7777
grpcClientUrl: localhost:7877
restClientUrl: localhost:7878
# Make sure you have a "config.yaml" file on the root folder of this repo
# Certificate Related Config
# You can use this sample YAML file to configure your installation
# Connection Information
dataStorageUrl: localhost:7777
grpcListenAddress: localhost:7877
restListenAddress: localhost:7878
# Choose a certificate method for providing PEM strings
# 1 = Read from file (*.crt and *.key files)
# 2 = Read from Vault server (this will require additional config information for Vault)
certificateMethod: 1
# Read Certificates From Folder and Files
certDir: cert
certFile: server.crt
certKey: server.key
vereignCertFile: vereign_ca.cer
vereignCertKey: vereign_ca.key
\ No newline at end of file
vereignCertKey: vereign_ca.key
caCertFile: ca.crt
# Read Certificates From Vault Server
vaultAddress: http://10.6.10.119:8200
vaultToken: 00000000-0000-0000-0000-000000000000
vaultPath: /developers/data/devteam/cert
certificateKey: certificateKey
privateKey: privateKey
caCertificateKey: caCertificateKey
......@@ -39,7 +39,7 @@ func (s *KeyStorageServerImpl) GenerateKeyPair(ctx context.Context,
auth := s.CreateAuthentication(ctx)
client := &client.DataStorageClientImpl{}
client.SetUpClient(auth, s.DataStorageUrl, s.CertFilePath)
client.SetUpClient(auth, s.DataStorageUrl, s.CertFilePath, s.KeyFilePath, s.CaCertFilePath)
defer client.CloseClient()
generateKeyPairResponse := &api.GenerateKeyPairResponse{}
......
......@@ -36,6 +36,8 @@ import (
type KeyStorageServerImpl struct {
DataStorageUrl string
CertFilePath string
KeyFilePath string
CaCertFilePath string
VereignCertFilePath string
VereignPrivateKeyFilePath string
}
......@@ -60,7 +62,7 @@ func (s *KeyStorageServerImpl) GetKey(ctx context.Context, in *api.GetKeyRequest
auth := s.CreateAuthentication(ctx)
client := &client.DataStorageClientImpl{}
client.SetUpClient(auth, s.DataStorageUrl, s.CertFilePath)
client.SetUpClient(auth, s.DataStorageUrl, s.CertFilePath, s.KeyFilePath, s.CaCertFilePath)
defer client.CloseClient()
getKeyResponse := &api.GetKeyResponse{}
......@@ -107,7 +109,7 @@ func (s *KeyStorageServerImpl) SetKey(ctx context.Context, in *api.SetKeyRequest
auth := s.CreateAuthentication(ctx)
client := &client.DataStorageClientImpl{}
client.SetUpClient(auth, s.DataStorageUrl, s.CertFilePath)
client.SetUpClient(auth, s.DataStorageUrl, s.CertFilePath, s.KeyFilePath, s.CaCertFilePath)
defer client.CloseClient()
setKeyResponse := &api.SetKeyResponse{}
......@@ -155,7 +157,7 @@ func (s *KeyStorageServerImpl) ReserveKeyUUID(ctx context.Context, in *api.Reser
auth := s.CreateAuthentication(ctx)
client := &client.DataStorageClientImpl{}
client.SetUpClient(auth, s.DataStorageUrl, s.CertFilePath)
client.SetUpClient(auth, s.DataStorageUrl, s.CertFilePath, s.KeyFilePath, s.CaCertFilePath)
defer client.CloseClient()
reserveKeyUUIDResponse := &api.ReserveKeyUUIDResponse{}
......
......@@ -29,7 +29,7 @@ func (s *KeyStorageServerImpl) Revoke(ctx context.Context, in *api.RevokeRequest
auth := s.CreateAuthentication(ctx)
client := &client.DataStorageClientImpl{}
client.SetUpClient(auth, s.DataStorageUrl, s.CertFilePath)
client.SetUpClient(auth, s.DataStorageUrl, s.CertFilePath, s.KeyFilePath, s.CaCertFilePath)
defer client.CloseClient()
revokeResponse := &api.RevokeResponse{}
......
......@@ -35,18 +35,19 @@ func main() {
return
}
grpcAddress := viper.GetString("grpcClientUrl")
restAddress := viper.GetString("restClientUrl")
dataStorageAddress := viper.GetString("dataStorageClientUrl")
grpcAddress := viper.GetString("grpcListenAddress")
restAddress := viper.GetString("restListenAddress")
dataStorageAddress := viper.GetString("dataStorageUrl")
certFilePath := certDir + "/" + viper.GetString("certFile")
privateKeyFilePath := certDir + "/" + viper.GetString("certKey")
caCertFilePath := certDir + "/" + viper.GetString("caCertFile")
vereignCertFilePath := certDir + "/" + viper.GetString("vereignCertFile")
vereignPrivateKeyFilePath := certDir + "/" + viper.GetString("vereignCertKey")
// fire the gRPC server in a goroutine
go func() {
err := server.StartGRPCServer(grpcAddress, certFilePath, privateKeyFilePath, vereignCertFilePath,
err := server.StartGRPCServer(grpcAddress, certFilePath, privateKeyFilePath, caCertFilePath, vereignCertFilePath,
vereignPrivateKeyFilePath, dataStorageAddress)
if err != nil {
log.Fatalf("failed to start gRPC server: %s", err)
......
......@@ -9,14 +9,15 @@ func SetConfigValues() {
// Set Default Values For Config Variables
// Vereign API Related
viper.SetDefault("grpcClientUrl", "localhost:7877")
viper.SetDefault("restClientUrl", "localhost:7878")
viper.SetDefault("dataStorageClientUrl", "localhost:7777")
viper.SetDefault("grpcListenAddress", "localhost:7877")
viper.SetDefault("restListenAddress", "localhost:7878")
viper.SetDefault("dataStorageUrl", "localhost:7777")
// Certificates Related
viper.SetDefault("certDir", "cert")
viper.SetDefault("certFile", "server.crt")
viper.SetDefault("certKey", "server.key")
viper.SetDefault("caCertFile", "ca.crt")
viper.SetDefault("vereignCertFile", "vereign_ca.cer")
viper.SetDefault("vereignCertKey", "vereign_ca.key")
......
......@@ -47,6 +47,8 @@ const (
)
var pkgCertFile string
var pkgKeyFile string
var pkgCaCertFile string
func credMatcher(headerName string) (mdName string, ok bool) {
if headerName == "Session" {
......@@ -70,7 +72,7 @@ func authenticateClient(ctx context.Context, s *handler.KeyStorageServerImpl, in
}
sessionClient := &client.DataStorageClientImpl{}
sessionClient.SetUpClient(viamAuth, viper.GetString("dataStorageClientUrl"), pkgCertFile)
sessionClient.SetUpClient(viamAuth, viper.GetString("dataStorageUrl"), pkgCertFile, pkgKeyFile, pkgCaCertFile)
defer sessionClient.CloseClient()
if clientAuth.Uuid == viamAuth.Uuid {
......@@ -107,8 +109,10 @@ func unaryInterceptor(ctx context.Context, req interface{}, info *grpc.UnaryServ
return handler1(ctx, req)
}
func StartGRPCServer(address, certFilePath, privateKeyFilePath, vereignCertFilePath, vereignPrivateKeyFilePath, dataStorageAddress string) error {
func StartGRPCServer(address, certFilePath, privateKeyFilePath, caCertFilePath, vereignCertFilePath, vereignPrivateKeyFilePath, dataStorageAddress string) error {
pkgCertFile = certFilePath
pkgKeyFile = privateKeyFilePath
pkgCaCertFile = caCertFilePath
// create a listener on TCP port
lis, err := net.Listen("tcp", address)
......@@ -120,6 +124,8 @@ func StartGRPCServer(address, certFilePath, privateKeyFilePath, vereignCertFileP
s := handler.KeyStorageServerImpl{
DataStorageUrl: dataStorageAddress,
CertFilePath: certFilePath,
KeyFilePath: privateKeyFilePath,
CaCertFilePath: caCertFilePath,
VereignCertFilePath: vereignCertFilePath,
VereignPrivateKeyFilePath: vereignPrivateKeyFilePath,
}
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment