Nicolas Leiva nleiva
☠️
nleiva
/ grpc-with-auth.go
Created
July 9, 2019 13:55
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Client | |
| config := &tls.Config{ | |
| InsecureSkipVerify: false, | |
| } | |
| conn, err := grpc.Dial(address, grpc.WithTransportCredentials(credentials.NewTLS(config))) | |
| if err != nil { | |
| log.Fatalf("did not connect: %v", err) | |
| } | |
| defer conn.Close() |
nleiva
/ grpc-with-auth-cert.go
Created
July 9, 2019 13:58
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Client | |
| b, _ := ioutil.ReadFile("ca.cert") | |
| cp := x509.NewCertPool() | |
| if !cp.AppendCertsFromPEM(b) { | |
| return nil, errors.New("credentials: failed to append certificates") | |
| } | |
| config := &tls.Config{ | |
| InsecureSkipVerify: false, | |
| RootCAs: cp, | |
| } |
nleiva
/ grpc-with-file.go
Created
July 9, 2019 14:04
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Client | |
| creds, err := credentials.NewClientTLSFromFile("service.pem", "") | |
| if err != nil { | |
| log.Fatalf("could not process the credentials: %v", err) | |
| } | |
| conn, err := grpc.Dial(address, grpc.WithTransportCredentials(creds)) | |
| if err != nil { | |
| log.Fatalf("did not connect: %v", err) | |
| } | |
| defer conn.Close() |
nleiva
/ certificate.go
Created
July 9, 2019 14:50
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| type Certificate struct { | |
| ... | |
| Signature []byte | |
| SignatureAlgorithm SignatureAlgorithm | |
| PublicKeyAlgorithm PublicKeyAlgorithm | |
| PublicKey interface{} | |
| Version int | |
| SerialNumber *big.Int |
nleiva
/ gumi.proto
Created
July 9, 2019 15:03
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| syntax = "proto3"; | |
| package test; | |
| service gUMI { | |
| rpc GetByID (GetByIDRequest) returns (User); | |
| } | |
| message GetByIDRequest { | |
| uint32 id = 1; |
nleiva
/ vault-issuer.go
Created
July 17, 2019 19:15
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| issuer := &vault.Issuer{ | |
| URL: &url.URL{ | |
| Scheme: "https", | |
| Host: "localhost:8200", | |
| }, | |
| TLSConfig: &tls.Config{ | |
| RootCAs: cp, | |
| }, | |
| Token: getenv("TOKEN"), | |
| Role: "my-role", |
nleiva
/ certify-cfg.go
Created
July 17, 2019 19:42
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| cfg := certify.CertConfig{ | |
| SubjectAlternativeNames: []string{"localhost"}, | |
| IPSubjectAlternativeNames: []net.IP{ | |
| net.ParseIP("127.0.0.1"), | |
| net.ParseIP("::1"), | |
| }, | |
| KeyGenerator: RSA{bits: 2048}, | |
| } |
nleiva
/ certify-type.go
Created
July 17, 2019 19:57
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| c := &certify.Certify{ | |
| CommonName: "localhost", | |
| Issuer: issuer, | |
| Cache: certify.NewMemCache(), | |
| CertConfig: &cfg, | |
| RenewBefore: 24 * time.Hour, | |
| Logger: kit.New(logger), | |
| } |
nleiva
/ grpc-certify.go
Created
July 17, 2019 20:13
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Client | |
| // ... as in http://bit.ly/go-grpc-tls-ca ... | |
| // Server | |
| tlsConfig := &tls.Config{ | |
| GetCertificate: c.GetCertificate, | |
| } | |
| s := grpc.NewServer(grpc.Creds(credentials.NewTLS(tlsConfig))) | |
| // ... register gRPC services ... |
nleiva
/ autocert-manager.go
Last active
July 18, 2019 14:03
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| manager := autocert.Manager{ | |
| Prompt: autocert.AcceptTOS, | |
| Cache: autocert.DirCache("golang-autocert"), | |
| HostPolicy: autocert.HostWhitelist(host), | |
| Email: "test@example.com", | |
| } |