Hulk did something

[bytom/vapor.git] / vendor / google.golang.org / grpc / Documentation / grpc-auth-support.md

diff --git a/vendor/google.golang.org/grpc/Documentation/grpc-auth-support.md b/vendor/google.golang.org/grpc/Documentation/grpc-auth-support.md
new file mode 100644 (file)
index 0000000..1b6b14e
--- /dev/null
+++ b/vendor/google.golang.org/grpc/Documentation/grpc-auth-support.md
@@ -0,0 +1,41 @@
+# Authentication
+
+As outlined in the [gRPC authentication guide](https://grpc.io/docs/guides/auth.html) there are a number of different mechanisms for asserting identity between an client and server. We'll present some code-samples here demonstrating how to provide TLS support encryption and identity assertions as well as passing OAuth2 tokens to services that support it.
+
+# Enabling TLS on a gRPC client
+
+```Go
+conn, err := grpc.Dial(serverAddr, grpc.WithTransportCredentials(credentials.NewClientTLSFromCert(nil, "")))
+```
+
+# Enabling TLS on a gRPC server
+
+```Go
+creds, err := credentials.NewServerTLSFromFile(certFile, keyFile)
+if err != nil {
+  log.Fatalf("Failed to generate credentials %v", err)
+}
+lis, err := net.Listen("tcp", ":0")
+server := grpc.NewServer(grpc.Creds(creds))
+...
+server.Serve(lis)
+```
+
+# Authenticating with Google
+
+## Google Compute Engine (GCE)
+
+```Go
+conn, err := grpc.Dial(serverAddr, grpc.WithTransportCredentials(credentials.NewClientTLSFromCert(nil, "")), grpc.WithPerRPCCredentials(oauth.NewComputeEngine()))
+```
+
+## JWT
+
+```Go
+jwtCreds, err := oauth.NewServiceAccountFromFile(*serviceAccountKeyFile, *oauthScope)
+if err != nil {
+  log.Fatalf("Failed to create JWT credentials: %v", err)
+}
+conn, err := grpc.Dial(serverAddr, grpc.WithTransportCredentials(credentials.NewClientTLSFromCert(nil, "")), grpc.WithPerRPCCredentials(jwtCreds))
+```
+