Authentication processor 4/4 - Add configauth to configgrpc

Signed-off-by: Juraci Paixão Kröhling <[email protected]>
open-telemetry · Sep 18, 2020 · c1081a6 · c1081a6
1 parent 007f9f9
commit c1081a6
Show file tree

Hide file tree

Showing 2 changed files with 45 additions and 2 deletions.
diff --git a/config/configgrpc/configgrpc.go b/config/configgrpc/configgrpc.go
@@ -16,6 +16,7 @@
 package configgrpc
 
 import (
+	"context"
 	"fmt"
 	"net"
 	"strings"
@@ -27,8 +28,10 @@ import (
 	"google.golang.org/grpc/encoding/gzip"
 	"google.golang.org/grpc/keepalive"
 
+	"go.opentelemetry.io/collector/config/configauth"
 	"go.opentelemetry.io/collector/config/confignet"
 	"go.opentelemetry.io/collector/config/configtls"
+	"go.opentelemetry.io/collector/internal/auth"
 )
 
 // Compression gRPC keys for supported compression types within collector
@@ -157,9 +160,12 @@ type GRPCServerSettings struct {
 
 	// Keepalive anchor for all the settings related to keepalive.
 	Keepalive *KeepaliveServerConfig `mapstructure:"keepalive,omitempty"`
+
+	// Auth for this receiver
+	Auth *configauth.Authentication `mapstructure:"auth,omitempty"`
 }
 
-// ToServerOption maps configgrpc.GRPCClientSettings to a slice of dial options for gRPC
+// ToDialOptions maps configgrpc.GRPCClientSettings to a slice of dial options for gRPC
 func (gcs *GRPCClientSettings) ToDialOptions() ([]grpc.DialOption, error) {
 	var opts []grpc.DialOption
 	if gcs.Compression != "" {
@@ -287,6 +293,22 @@ func (gss *GRPCServerSettings) ToServerOption() ([]grpc.ServerOption, error) {
 		}
 	}
 
+	if gss.Auth != nil {
+		auth, err := auth.New(*gss.Auth)
+		if err != nil {
+			return nil, err
+		}
+
+		// perhaps we should use a timeout here?
+		if err := auth.Start(context.Background()); err != nil {
+			return nil, err
+		}
+
+		// TODO: we need a hook to call auth.Close()
+
+		opts = append(opts, grpc.UnaryInterceptor(auth.UnaryInterceptor), grpc.StreamInterceptor(auth.StreamInterceptor))
+	}
+
 	return opts, nil
 }
 

diff --git a/config/configgrpc/configgrpc_test.go b/config/configgrpc/configgrpc_test.go
@@ -22,8 +22,10 @@ import (
 	"time"
 
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 	"google.golang.org/grpc"
 
+	"go.opentelemetry.io/collector/config/configauth"
 	"go.opentelemetry.io/collector/config/confignet"
 	"go.opentelemetry.io/collector/config/configtls"
 	otelcol "go.opentelemetry.io/collector/internal/data/opentelemetry-proto-gen/collector/trace/v1"
@@ -74,7 +76,7 @@ func TestDefaultGrpcServerSettings(t *testing.T) {
 	assert.Len(t, opts, 0)
 }
 
-func TestAllGrpcServerSettings(t *testing.T) {
+func TestAllGrpcServerSettingsExceptAuth(t *testing.T) {
 	gss := &GRPCServerSettings{
 		NetAddr: confignet.NetAddr{
 			Endpoint:  "localhost:1234",
@@ -107,6 +109,25 @@ func TestAllGrpcServerSettings(t *testing.T) {
 	assert.Len(t, opts, 7)
 }
 
+func TestGrpcServerAuthSettings(t *testing.T) {
+	gss := &GRPCServerSettings{}
+
+	// sanity check
+	_, err := gss.ToServerOption()
+	require.NoError(t, err)
+
+	// test
+	gss.Auth = &configauth.Authentication{
+		OIDC: &configauth.OIDC{},
+	}
+	opts, err := gss.ToServerOption()
+
+	// verify
+	// an error here is a positive confirmation that Auth kicked in
+	assert.Error(t, err)
+	assert.Nil(t, opts)
+}
+
 func TestGRPCClientSettingsError(t *testing.T) {
 	tests := []struct {
 		settings GRPCClientSettings