ms/blueprintsprocessor/modules/commons/grpc-lib/src/main/kotlin/org/onap/ccsdk/cds/blueprintsprocessor/grpc/service/TLSAuthGrpcClientService.kt

   1 /*
   2  * Copyright © 2018-2019 AT&T Intellectual Property.
   3  *
   4  * Licensed under the Apache License, Version 2.0 (the "License");
   5  * you may not use this file except in compliance with the License.
   6  * You may obtain a copy of the License at
   7  *
   8  *     http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  * Unless required by applicable law or agreed to in writing, software
  11  * distributed under the License is distributed on an "AS IS" BASIS,
  12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  * See the License for the specific language governing permissions and
  14  * limitations under the License.
  15  */
  16
  17 package org.onap.ccsdk.cds.blueprintsprocessor.grpc.service
  18
  19 import io.grpc.ManagedChannel
  20 import io.grpc.internal.DnsNameResolverProvider
  21 import io.grpc.netty.GrpcSslContexts
  22 import io.grpc.netty.NettyChannelBuilder
  23 import io.netty.handler.ssl.SslContext
  24 import org.onap.ccsdk.cds.blueprintsprocessor.grpc.TLSAuthGrpcClientProperties
  25 import org.onap.ccsdk.cds.blueprintsprocessor.grpc.interceptor.GrpcClientLoggingInterceptor
  26 import org.onap.ccsdk.cds.controllerblueprints.core.normalizedFile
  27
  28 class TLSAuthGrpcClientService(private val tlsAuthGrpcClientProperties: TLSAuthGrpcClientProperties) :
  29     BlueprintGrpcClientService {
  30
  31     override suspend fun channel(): ManagedChannel {
  32
  33         val target =
  34             if (tlsAuthGrpcClientProperties.port == -1) tlsAuthGrpcClientProperties.host
  35             else "${tlsAuthGrpcClientProperties.host}:${tlsAuthGrpcClientProperties.port}"
  36
  37         return NettyChannelBuilder
  38             .forTarget(target)
  39             .nameResolverFactory(DnsNameResolverProvider())
  40             .intercept(GrpcClientLoggingInterceptor())
  41             .sslContext(sslContext())
  42             .build()
  43     }
  44
  45     fun sslContext(): SslContext {
  46         val builder = GrpcSslContexts.forClient()
  47         if (tlsAuthGrpcClientProperties.trustCertCollection != null) {
  48             builder.trustManager(normalizedFile(tlsAuthGrpcClientProperties.trustCertCollection!!))
  49         }
  50         if (tlsAuthGrpcClientProperties.clientCertChain != null &&
  51             tlsAuthGrpcClientProperties.clientPrivateKey != null
  52         ) {
  53             builder.keyManager(
  54                 normalizedFile(tlsAuthGrpcClientProperties.clientCertChain!!),
  55                 normalizedFile(tlsAuthGrpcClientProperties.clientPrivateKey!!)
  56             )
  57         }
  58         return builder.build()
  59     }
  60 }