From 4550b95dfd0040e2513ecb04f3d25b476d37ff2e Mon Sep 17 00:00:00 2001 From: Eric Chiang Date: Tue, 4 Oct 2016 00:27:50 -0700 Subject: [PATCH] cmd/dex: add config options for gRPC --- cmd/dex/config.go | 9 +++++++++ cmd/dex/init.go | 1 - cmd/dex/serve.go | 41 ++++++++++++++++++++++++++++++++++++----- 3 files changed, 45 insertions(+), 6 deletions(-) delete mode 100644 cmd/dex/init.go diff --git a/cmd/dex/config.go b/cmd/dex/config.go index b28733ec..f50cd173 100644 --- a/cmd/dex/config.go +++ b/cmd/dex/config.go @@ -22,6 +22,7 @@ type Config struct { Connectors []Connector `yaml:"connectors"` Web Web `yaml:"web"` OAuth2 OAuth2 `yaml:"oauth2"` + GRPC GRPC `yaml:"grpc"` Templates server.TemplateConfig `yaml:"templates"` @@ -41,6 +42,14 @@ type Web struct { TLSKey string `yaml:"tlsKey"` } +// GRPC is the config for the gRPC API. +type GRPC struct { + // The port to listen on. + Addr string `yaml:"addr"` + TLSCert string `yaml:"tlsCert"` + TLSKey string `yaml:"tlsKey"` +} + // Storage holds app's storage configuration. type Storage struct { Type string `yaml:"type"` diff --git a/cmd/dex/init.go b/cmd/dex/init.go deleted file mode 100644 index 06ab7d0f..00000000 --- a/cmd/dex/init.go +++ /dev/null @@ -1 +0,0 @@ -package main diff --git a/cmd/dex/serve.go b/cmd/dex/serve.go index 24beb4b6..08309e0f 100644 --- a/cmd/dex/serve.go +++ b/cmd/dex/serve.go @@ -5,11 +5,15 @@ import ( "fmt" "io/ioutil" "log" + "net" "net/http" "github.com/spf13/cobra" + "google.golang.org/grpc" + "google.golang.org/grpc/credentials" yaml "gopkg.in/yaml.v2" + "github.com/coreos/dex/api" "github.com/coreos/dex/server" "github.com/coreos/dex/storage" ) @@ -19,7 +23,7 @@ func commandServe() *cobra.Command { Use: "serve [ config file ]", Short: "Connect to the storage and begin serving requests.", Long: ``, - Example: "dex serve c.yaml", + Example: "dex serve config.yaml", RunE: serve, } } @@ -56,6 +60,9 @@ func serve(cmd *cobra.Command, args []string) error { {c.Web.HTTP == "" && c.Web.HTTPS == "", "must supply a HTTP/HTTPS address to listen on"}, {c.Web.HTTPS != "" && c.Web.TLSCert == "", "no cert specified for HTTPS"}, {c.Web.HTTPS != "" && c.Web.TLSKey == "", "no private key specified for HTTPS"}, + {c.GRPC.TLSCert != "" && c.GRPC.Addr == "", "no address specified for gRPC"}, + {c.GRPC.TLSKey != "" && c.GRPC.Addr == "", "no address specified for gRPC"}, + {(c.GRPC.TLSCert == "") != (c.GRPC.TLSKey == ""), "must specific both a gRPC TLS cert and key"}, } for _, check := range checks { @@ -64,6 +71,15 @@ func serve(cmd *cobra.Command, args []string) error { } } + var grpcOptions []grpc.ServerOption + if c.GRPC.TLSCert != "" { + opt, err := credentials.NewServerTLSFromFile(c.GRPC.TLSCert, c.GRPC.TLSKey) + if err != nil { + return fmt.Errorf("load grpc certs: %v", err) + } + grpcOptions = append(grpcOptions, grpc.Creds(opt)) + } + connectors := make([]server.Connector, len(c.Connectors)) for i, conn := range c.Connectors { if conn.Config == nil { @@ -96,22 +112,37 @@ func serve(cmd *cobra.Command, args []string) error { TemplateConfig: c.Templates, } - serv, err := server.New(serverConfig) + serv, err := server.NewServer(serverConfig) if err != nil { return fmt.Errorf("initializing server: %v", err) } - errc := make(chan error, 2) + errc := make(chan error, 3) if c.Web.HTTP != "" { + log.Printf("listening (http) on %s", c.Web.HTTP) go func() { - log.Printf("listening on %s", c.Web.HTTP) errc <- http.ListenAndServe(c.Web.HTTP, serv) }() } if c.Web.HTTPS != "" { + log.Printf("listening (https) on %s", c.Web.HTTPS) go func() { - log.Printf("listening on %s", c.Web.HTTPS) errc <- http.ListenAndServeTLS(c.Web.HTTPS, c.Web.TLSCert, c.Web.TLSKey, serv) }() } + if c.GRPC.Addr != "" { + log.Printf("listening (grpc) on %s", c.GRPC.Addr) + go func() { + errc <- func() error { + list, err := net.Listen("tcp", c.GRPC.Addr) + if err != nil { + return fmt.Errorf("listen grpc: %v", err) + } + s := grpc.NewServer(grpcOptions...) + api.RegisterDexServer(s, server.NewAPI(serverConfig.Storage)) + return s.Serve(list) + }() + }() + } + return <-errc }