How can I do custom authentication in python?

[Yan Yan]

How can I do this kind of authentication for each connection?

How can I do this kind of authentication for each call?

Where do I put that if(inputUsername == dbUsername && inputPassword == dbPassword) statement? And return a boolean?

Can I do it without encryption? I understand that plain text is insecure. Thx.

- authDb.txt

user01,password01

user02,password02

I have read these.

http://www.grpc.io/docs/guides/auth.html#extending-grpc-to-support-other-authentication-mechanisms

http://www.grpc.io/grpc/cpp/classgrpc_1_1_metadata_credentials_plugin.html

http://www.grpc.io/grpc/python/grpc.beta.html

https://groups.google.com/forum/#!topic/grpc-io/iLHgWC8o8UM

https://groups.google.com/forum/#!searchin/grpc-io/authentication/grpc-io/LP94S3UF8bU/bLfFV2RGEgAJ

[Yan Yan]

How could I use them in python and C++? Any sample code? Thx.

https://github.com/grpc/grpc/issues/2059

jboeuf commented 2 days ago

We now have APIs to do this:

1. Client Side: create your own credentials with the credentials metadata plugin API:
   https://github.com/grpc/grpc/blob/master/include/grpc/grpc_security.h#L292

2. Server Side interceptor: auth metadata processor:
   https://github.com/grpc/grpc/blob/master/include/grpc/grpc_security.h#L383

[Nathaniel Manista]

On Fri, May 20, 2016 at 5:35 AM, Yan Yan <lamh...@gmail.com> wrote:

How can I do this kind of authentication for each connection?

How can I do this kind of authentication for each call?

What kind of authentication is "this kind of authentication"? If you're writing about an authentication protocol that is entirely your own, I suspect that metadata is the right place to put the data that it needs to be transmitted.

Where do I put that if(inputUsername == dbUsername && inputPassword == dbPassword) statement? And return a boolean?

Perhaps in a utility function called at the start of each of your servicer methods?

Can I do it without encryption?

Perhaps; it might depend on how your authentication protocol is intended to function.

I understand that plain text is insecure. Thx.

Thanks for asking.

-Nathaniel

[Yan Yan]

I know that user+pass is discouraged, but I have this requirement from the client. HTTP basic auth is not supported either. I am resorting to putting user+pass as some form of metadata. Thx.

[Yan Yan]

Do we have this kind of auth interceptor in python and C++?

https://groups.google.com/d/msg/grpc-io/JApjQAGe2q4/SK3PenMnrJ4J

Do we have "auth policy" described by Eric Anderson? Thx.

http://stackoverflow.com/questions/36124618/how-to-get-client-ip-from-request-metadata-with-grpc-java

https://groups.google.com/d/msg/grpc-io/UodEY4N78Sk/Ofh7sRHsAgAJ

On Monday, May 23, 2016 at 2:01:35 AM UTC+8, Nathaniel Manista wrote:

[digit...@gmail.com]

Hi,

    Will this help if client wants to custom verify the server certificate. Is there any sample?

Client Side: create your own credentials with the credentials metadata plugin API:

https://github.com/grpc/grpc/blob/master/include/grpc/grpc_security.h#L292  

[Lidi Zheng]

If you are looking for metadata extensions, can you take a look at this Python example: https://github.com/grpc/grpc/tree/master/examples/python/auth

--
You received this message because you are subscribed to the Google Groups "grpc.io" group.
To unsubscribe from this group and stop receiving emails from it, send an email to grpc-io+u...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/grpc-io/cc5a118d-196b-486f-8a37-99f94f438ebc%40googlegroups.com.