mystiq
/
dex
Archived
4
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity
This repository has been archived on 2022-08-17. You can view files and clone it, but cannot push or open issues or pull requests.
dex/examples/grpc-client
History
Eng Zer Jun f0186ff265
refactor: move from io/ioutil to io and os package 
The io/ioutil package has been deprecated as of Go 1.16, see
https://golang.org/doc/go1.16#ioutil. This commit replaces the existing
io/ioutil functions with their new definitions in io and os packages.

Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
 		2021-09-17 14:12:39 +08:00
..
.gitignore examples: adding a gRPC client example. 2017-02-28 12:06:44 -08:00
README.md chore: rename the docs directory 2021-01-14 17:30:04 +01:00
cert-destroy examples: adding a gRPC client example. 2017-02-28 12:06:44 -08:00
cert-gen examples: adding a gRPC client example. 2017-02-28 12:06:44 -08:00
client.go refactor: move from io/ioutil to io and os package 2021-09-17 14:12:39 +08:00
config.yaml examples/grpc-client: clean up the example and add tlsClientCA to ConfigMap. 2017-03-23 16:57:23 -07:00
openssl.conf examples: adding a gRPC client example. 2017-02-28 12:06:44 -08:00

README.md

Running a Dex gRPC client

Using gRPC, a client application can directly call methods on a server application as if it was a local object. The schema for Dex's gRPC API calls is defined in api/api.proto. client.go is an example client program that makes a bunch of API calls to the dex server. For further details on the Dex API refer the [documentation][https://dexidp.io/docs/api/].

Generating Credentials

Before running the client or the server, TLS credentials have to be setup for secure communication. Run the cred-gen script to create TLS credentials for running this example. This script generates a ca.crt, server.crt, server.key, client.crt, and client.key.

# Used to set certificate subject alt names.
export SAN=IP.1:127.0.0.1

# Run the script
./examples/grpc-client/cert-gen

To verify that the server and client certificates were signed by the CA, run the following commands:

openssl verify -CAfile ca.crt server.crt
openssl verify -CAfile ca.crt client.crt

Running the Dex server

To expose the gRPC service, the gRPC option must be enabled via the dex config file as shown below.

# Enables the gRPC API.
grpc:
  addr: 127.0.0.1:5557
  tlsCert: server.crt
  tlsKey: server.key

Start an instance of the dex server with an in-memory data store:

./bin/dex serve examples/grpc-client/config.yaml

Running the Dex client

Finally run the Dex client providing the CA certificate, client certificate and client key as arguments.

./bin/grpc-client -ca-crt=ca.crt -client-crt=client.crt -client-key=client.key

Running the gRPC client will cause the following API calls to be made to the server

  1. CreatePassword
  2. ListPasswords
  3. VerifyPassword
  4. DeletePassword

Cleaning up

Run the following command to destroy all the credentials files that were created by the cert-gen script:

./examples/grpc-client/cert-destroy