Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Examples: Add a JWT authentication example #5915

Merged
merged 18 commits into from Mar 18, 2020
Merged

Examples: Add a JWT authentication example #5915

Show file tree
Hide file tree
Changes from 4 commits
Commits
Show all changes
18 commits
Select commit Hold shift + click to select a range
cd8ae0a
Examples: Add a JWT authentication example
anarsultanov Jun 17, 2019
3b8516c
Examples: Move the JWT authentication example to a separate directory
anarsultanov Jun 22, 2019
feaf962
Examples: Make requested changes to JWT authentication example
anarsultanov Jul 2, 2019
1c7989c
Examples: Rename package and update README
anarsultanov Aug 29, 2019
bda77fc
examples: Fix build
anarsultanov Sep 9, 2019
6d9683f
examples: Make server host and port optional command line arguments
anarsultanov Sep 9, 2019
5d46508
examples: Fix usage
anarsultanov Sep 9, 2019
1122435
Merge branch 'master' into #5665-authentication-example
voidzcy Mar 12, 2020
ed5114d
Update SNAPSHOT version number
voidzcy Mar 12, 2020
b821c5b
Update SNAPSHOT version number for maven
voidzcy Mar 12, 2020
af12461
Update SNAPSHOT version for maven
voidzcy Mar 12, 2020
3b1f022
Update protobuf/protoc version for maven
voidzcy Mar 12, 2020
71d1cb2
Update protobuf/protoc version for Gradle
voidzcy Mar 12, 2020
119b7e8
Update mockito version in Gradle
voidzcy Mar 12, 2020
c4851c8
Update mockito version in maven
voidzcy Mar 12, 2020
146a3fc
Better exception handling for parsing JWT claims.
voidzcy Mar 17, 2020
bf4ddfd
Refactor callcredential creation to include logic of making JWT string.
voidzcy Mar 17, 2020
18d3ec5
Clean up build file.
voidzcy Mar 17, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
2 changes: 2 additions & 0 deletions RELEASING.md
View file
Open in desktop
Expand Up @@ -46,6 +46,8 @@ $ VERSION_FILES=(
examples/example-alts/build.gradle
examples/example-gauth/build.gradle
examples/example-gauth/pom.xml
examples/example-jwt-auth/build.gradle
examples/example-jwt-auth/pom.xml
examples/example-kotlin/build.gradle
examples/example-kotlin/android/helloworld/app/build.gradle
examples/example-tls/build.gradle
Expand Down
2 changes: 2 additions & 0 deletions examples/README.md
View file
Open in desktop
Expand Up @@ -159,6 +159,8 @@ $ bazel-bin/hello-world-client

- [Google Authentication](example-gauth)

- [JWT-based Authentication](example-jwt-auth)

- [Kotlin examples](example-kotlin)

- [Kotlin Android examples](example-kotlin/android)
Expand Down
65 changes: 65 additions & 0 deletions examples/example-jwt-auth/README.md
View file
Open in desktop
@@ -0,0 +1,65 @@
Authentication Example
==============================================

This example illustrates a simple JWT-based authentication implementation in gRPC using
server interceptor. It uses the JJWT library to create and verify JSON Web Tokens (JWTs).

The example requires grpc-java to be pre-built. Using a release tag will download the relevant binaries
from a maven repository. But if you need the latest SNAPSHOT binaries you will need to follow
[COMPILING](../../COMPILING.md) to build these.

The source code is [here](src/main/java/io/grpc/examples/jwtauth). Please follow the
[steps](../README.md#-to-build-the-examples) to build the examples. The build creates scripts
anarsultanov marked this conversation as resolved.
Show resolved Hide resolved
`auth-server` and `auth-client` in the `build/install/examples/bin/` directory which can be
anarsultanov marked this conversation as resolved.
Show resolved Hide resolved
used to run this example. The example requires the server to be running before starting the
client.

Running auth-server is similar to the normal hello world example and there are no arguments to supply:

**auth-server**:

```text
USAGE: AuthServer
anarsultanov marked this conversation as resolved.
Show resolved Hide resolved
```

The auth-client accepts optional arguments for user-name and client-id:

**auth-client**:

```text
USAGE: AuthClient [user-name [client-id]]
```

The `user-name` value is simply passed in the `HelloRequest` message as payload and the value of
`client-id` is included in the JWT claims passed in the metadata header.


#### How to run the example:

```bash
# Run the server:
./build/install/example-jwt-auth/bin/auth-server
anarsultanov marked this conversation as resolved.
Show resolved Hide resolved
# In another terminal run the client
./build/install/example-jwt-auth/bin/auth-client userA clientB
```

That's it! The client will show the user-name reflected back in the message from the server as follows:
```
INFO: Greeting: Hello, userA
```

And on the server side you will see the message with the client's identifier:
```
Processing request from clientB
```

## Maven

If you prefer to use Maven follow these [steps](../README.md#maven). You can run the example as follows:

```
$ # Run the server
$ mvn exec:java -Dexec.mainClass=io.grpc.examples.authentication.AuthServer
$ # In another terminal run the client
$ mvn exec:java -Dexec.mainClass=io.grpc.examples.authentication.AuthClient -Dexec.args="userA clientB"
```
84 changes: 84 additions & 0 deletions examples/example-jwt-auth/build.gradle
View file
Open in desktop
@@ -0,0 +1,84 @@
plugins {
// Provide convenience executables for trying out the examples.
id 'application'
// ASSUMES GRADLE 2.12 OR HIGHER. Use plugin version 0.7.5 with earlier gradle versions
id 'com.google.protobuf' version '0.8.8'
// Generate IntelliJ IDEA's .idea & .iml project files
id 'idea'
}

repositories {
maven { // The google mirror is less flaky than mavenCentral()
url "https://maven-central.storage-download.googleapis.com/repos/central/data/"
}
mavenLocal()
}

sourceCompatibility = 1.7
targetCompatibility = 1.7

// IMPORTANT: You probably want the non-SNAPSHOT version of gRPC. Make sure you
// are looking at a tagged version of the example and not "master"!

// Feel free to delete the comment at the next line. It is just for safely
// updating the version in our release process.
def grpcVersion = '1.23.0-SNAPSHOT' // CURRENT_GRPC_VERSION
anarsultanov marked this conversation as resolved.
Show resolved Hide resolved
def protobufVersion = '3.7.1'
def protocVersion = protobufVersion

dependencies {
implementation "io.grpc:grpc-protobuf:${grpcVersion}"
implementation "io.grpc:grpc-stub:${grpcVersion}"
implementation "io.jsonwebtoken:jjwt:0.9.1"
implementation "javax.xml.bind:jaxb-api:2.3.1"

compileOnly "javax.annotation:javax.annotation-api:1.2"

runtimeOnly "io.grpc:grpc-netty-shaded:${grpcVersion}"

testImplementation "io.grpc:grpc-testing:${grpcVersion}"
testImplementation "junit:junit:4.12"
testImplementation "org.mockito:mockito-core:2.25.1"
}

protobuf {
protoc { artifact = "com.google.protobuf:protoc:${protocVersion}" }
plugins {
grpc { artifact = "io.grpc:protoc-gen-grpc-java:${grpcVersion}" }
}
generateProtoTasks {
all()*.plugins { grpc {} }
}
}

// Inform IDEs like IntelliJ IDEA, Eclipse or NetBeans about the generated code.
sourceSets {
main {
java {
srcDirs 'build/generated/source/proto/main/grpc'
srcDirs 'build/generated/source/proto/main/java'
}
}
}

startScripts.enabled = false

task authServer(type: CreateStartScripts) {
mainClassName = 'io.grpc.examples.authentication.AuthServer'
applicationName = 'auth-server'
outputDir = new File(project.buildDir, 'tmp')
classpath = startScripts.classpath
}

task authClient(type: CreateStartScripts) {
mainClassName = 'io.grpc.examples.authentication.AuthClient'
applicationName = 'auth-client'
outputDir = new File(project.buildDir, 'tmp')
classpath = startScripts.classpath
}

applicationDistribution.into('bin') {
from(authServer)
from(authClient)
fileMode = 0755
}
136 changes: 136 additions & 0 deletions examples/example-jwt-auth/pom.xml
View file
Open in desktop
@@ -0,0 +1,136 @@
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>io.grpc</groupId>
<artifactId>example-jwt-auth</artifactId>
<packaging>jar</packaging>
<!-- Feel free to delete the comment at the end of these lines. It is just
for safely updating the version in our release process. -->
<version>1.23.0-SNAPSHOT</version><!-- CURRENT_GRPC_VERSION -->
<name>example-jwt-auth</name>
<url>https://github.com/grpc/grpc-java</url>

<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<grpc.version>1.23.0-SNAPSHOT</grpc.version><!-- CURRENT_GRPC_VERSION -->
<protobuf.version>3.7.1</protobuf.version>
<protoc.version>3.7.1</protoc.version>
<!-- required for jdk9 -->
<maven.compiler.source>1.7</maven.compiler.source>
<maven.compiler.target>1.7</maven.compiler.target>
</properties>

<dependencyManagement>
<dependencies>
<dependency>
<groupId>io.grpc</groupId>
<artifactId>grpc-bom</artifactId>
<version>${grpc.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>

<dependencies>
<dependency>
<groupId>io.grpc</groupId>
<artifactId>grpc-netty-shaded</artifactId>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>io.grpc</groupId>
<artifactId>grpc-protobuf</artifactId>
</dependency>
<dependency>
<groupId>io.grpc</groupId>
<artifactId>grpc-stub</artifactId>
</dependency>
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId>
<version>0.9.1</version>
</dependency>
<dependency>
<groupId>javax.xml.bind</groupId>
<artifactId>jaxb-api</artifactId>
<version>2.3.1</version>
</dependency>
<dependency>
<groupId>javax.annotation</groupId>
<artifactId>javax.annotation-api</artifactId>
<version>1.2</version>
<scope>provided</scope> <!-- not needed at runtime -->
</dependency>
<dependency>
<groupId>io.grpc</groupId>
<artifactId>grpc-testing</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.12</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.mockito</groupId>
<artifactId>mockito-core</artifactId>
<version>2.25.1</version>
<scope>test</scope>
</dependency>
</dependencies>

<build>
<extensions>
<extension>
<groupId>kr.motd.maven</groupId>
<artifactId>os-maven-plugin</artifactId>
<version>1.5.0.Final</version>
</extension>
</extensions>
<plugins>
<plugin>
<groupId>org.xolstice.maven.plugins</groupId>
<artifactId>protobuf-maven-plugin</artifactId>
<version>0.5.1</version>
<configuration>
<protocArtifact>
com.google.protobuf:protoc:${protoc.version}:exe:${os.detected.classifier}
</protocArtifact>
<pluginId>grpc-java</pluginId>
<pluginArtifact>
io.grpc:protoc-gen-grpc-java:${grpc.version}:exe:${os.detected.classifier}
</pluginArtifact>
</configuration>
<executions>
<execution>
<goals>
<goal>compile</goal>
<goal>compile-custom</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-enforcer-plugin</artifactId>
<version>1.4.1</version>
<executions>
<execution>
<id>enforce</id>
<goals>
<goal>enforce</goal>
</goals>
<configuration>
<rules>
<requireUpperBoundDeps/>
</rules>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>
8 changes: 8 additions & 0 deletions examples/example-jwt-auth/settings.gradle
View file
Open in desktop
@@ -0,0 +1,8 @@
pluginManagement {
repositories {
maven { // The google mirror is less flaky than mavenCentral()
url "https://maven-central.storage-download.googleapis.com/repos/central/data/"
}
gradlePluginPortal()
}
}