From 61a0b777a0b21f03080622340c5fc749105cc41b Mon Sep 17 00:00:00 2001 From: Daouda Diakite Date: Wed, 6 Nov 2024 09:13:34 +0100 Subject: [PATCH] Handle Http request with certificates and using configuration object --- .../ArmoniK.Api.Client.Tests.csproj | 12 +-- .../ArmoniK.Api.Client.Test/ConfTest.cs | 76 ++++++++++++++++++- 2 files changed, 80 insertions(+), 8 deletions(-) diff --git a/packages/csharp/ArmoniK.Api.Client.Test/ArmoniK.Api.Client.Tests.csproj b/packages/csharp/ArmoniK.Api.Client.Test/ArmoniK.Api.Client.Tests.csproj index 038ea58e2..62ff91e09 100644 --- a/packages/csharp/ArmoniK.Api.Client.Test/ArmoniK.Api.Client.Tests.csproj +++ b/packages/csharp/ArmoniK.Api.Client.Test/ArmoniK.Api.Client.Tests.csproj @@ -20,12 +20,12 @@ - - - - - - + + + + + + diff --git a/packages/csharp/ArmoniK.Api.Client.Test/ConfTest.cs b/packages/csharp/ArmoniK.Api.Client.Test/ConfTest.cs index 3e66a6ba2..e2663249c 100644 --- a/packages/csharp/ArmoniK.Api.Client.Test/ConfTest.cs +++ b/packages/csharp/ArmoniK.Api.Client.Test/ConfTest.cs @@ -23,20 +23,92 @@ // along with this program.If not, see . using System; +using System.IO; using System.Net.Http; using System.Threading.Tasks; +using System.Runtime.InteropServices; +using System.Security.Cryptography.X509Certificates; + +using Microsoft.Extensions.Configuration; + +using ArmoniK.Api.Client.Options; +using ArmoniK.Api.Client.Submitter; + using Newtonsoft.Json.Linq; +using Org.BouncyCastle.X509; + +using X509Certificate = Org.BouncyCastle.X509.X509Certificate; + namespace ArmoniK.Api.Client.Tests; public class ConfTest { - private static readonly HttpClient client = new HttpClient(); + public static GrpcClient GetChannelOptions() + { + var builder = new ConfigurationBuilder().AddEnvironmentVariables(); + var configuration = builder.Build(); + var options = configuration.GetRequiredSection(GrpcClient.SettingSection) + .Get(); + if (options!.AllowUnsafeConnection) + { + if (RuntimeInformation.FrameworkDescription.StartsWith(".NET Framework") || options.HttpMessageHandler.ToLower() + .Contains("web")) + { + options!.Endpoint = Environment.GetEnvironmentVariable("Http__Endpoint"); + } + } + + return options; + } public static async Task RpcCalled(string service_name, string rpc_name) { - var call_endpoint = Environment.GetEnvironmentVariable("Http__Endpoint") + "/calls.json"; + var options = GetChannelOptions(); + + X509Certificate? caCert = null; + if (!string.IsNullOrWhiteSpace(options.CaCert) && !options.AllowUnsafeConnection) + { + if (!File.Exists(options.CaCert)) + { + throw new FileNotFoundException("Couldn't find specified CA certificate", + options.CaCert); + } + + var parser = new X509CertificateParser(); + using var stream = File.Open(options.CaCert, + FileMode.Open, + FileAccess.Read, + FileShare.Read); + caCert = parser.ReadCertificate(stream); + } + + var clientCert = options.HasClientCertificate + ? GrpcChannelFactory.GetCertificate(options) + : null; + var handler = new HttpClientHandler(); + if (clientCert != null) + { + handler.ClientCertificates.Add(clientCert!); + } + handler.ServerCertificateCustomValidationCallback = (httpRequestMessage, + cert, + certChain, + sslPolicyErrors) => + { + if (caCert != null) + { + certChain.ChainPolicy.ExtraStore.Add(new X509Certificate2(caCert!.GetEncoded())); + certChain.ChainPolicy.VerificationFlags = X509VerificationFlags.AllowUnknownCertificateAuthority; + certChain.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck; + } + + return certChain.Build(cert); + }; + + var client = new HttpClient(handler); + var call_endpoint = Environment.GetEnvironmentVariable("Http__Endpoint") + "/calls.json"; try { using HttpResponseMessage response = await client.GetAsync(call_endpoint);