Anar Sultanov | b7859e7 | 2020-03-18 01:43:31 +0100 | [diff] [blame] | 1 | Authentication Example |
| 2 | ============================================== |
| 3 | |
| 4 | This example illustrates a simple JWT-based authentication implementation in gRPC using |
| 5 | server interceptor. It uses the JJWT library to create and verify JSON Web Tokens (JWTs). |
| 6 | |
| 7 | The example requires grpc-java to be pre-built. Using a release tag will download the relevant binaries |
| 8 | from a maven repository. But if you need the latest SNAPSHOT binaries you will need to follow |
| 9 | [COMPILING](../../COMPILING.md) to build these. |
| 10 | |
| 11 | The source code is [here](src/main/java/io/grpc/examples/jwtauth). |
| 12 | To build the example, run in this directory: |
| 13 | ``` |
| 14 | $ ../gradlew installDist |
| 15 | ``` |
| 16 | The build creates scripts `auth-server` and `auth-client` in the `build/install/example-jwt-auth/bin/` directory |
| 17 | which can be used to run this example. The example requires the server to be running before starting the |
| 18 | client. |
| 19 | |
| 20 | Running auth-server is similar to the normal hello world example and there are no arguments to supply: |
| 21 | |
| 22 | **auth-server**: |
| 23 | |
| 24 | The auth-server accepts optional argument for port on which the server should run: |
| 25 | |
| 26 | ```text |
| 27 | USAGE: auth-server [port] |
| 28 | ``` |
| 29 | |
| 30 | The auth-client accepts optional arguments for server-host, server-port, user-name and client-id: |
| 31 | |
| 32 | **auth-client**: |
| 33 | |
| 34 | ```text |
| 35 | USAGE: auth-client [server-host [server-port [user-name [client-id]]]] |
| 36 | ``` |
| 37 | |
| 38 | The `user-name` value is simply passed in the `HelloRequest` message as payload and the value of |
| 39 | `client-id` is included in the JWT claims passed in the metadata header. |
| 40 | |
| 41 | |
| 42 | #### How to run the example: |
| 43 | |
| 44 | ```bash |
| 45 | # Run the server: |
| 46 | ./build/install/example-jwt-auth/bin/auth-server 50051 |
| 47 | # In another terminal run the client |
| 48 | ./build/install/example-jwt-auth/bin/auth-client localhost 50051 userA clientB |
| 49 | ``` |
| 50 | |
| 51 | That's it! The client will show the user-name reflected back in the message from the server as follows: |
| 52 | ``` |
| 53 | INFO: Greeting: Hello, userA |
| 54 | ``` |
| 55 | |
| 56 | And on the server side you will see the message with the client's identifier: |
| 57 | ``` |
| 58 | Processing request from clientB |
| 59 | ``` |
| 60 | |
| 61 | ## Maven |
| 62 | |
| 63 | If you prefer to use Maven follow these [steps](../README.md#maven). You can run the example as follows: |
| 64 | |
| 65 | ``` |
| 66 | $ # Run the server |
| 67 | $ mvn exec:java -Dexec.mainClass=io.grpc.examples.authentication.AuthServer -Dexec.args="50051" |
| 68 | $ # In another terminal run the client |
| 69 | $ mvn exec:java -Dexec.mainClass=io.grpc.examples.authentication.AuthClient -Dexec.args="localhost 50051 userA clientB" |
| 70 | ``` |