deliver

package
v0.0.0-...-b544036 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 16, 2022 License: Apache-2.0 Imports: 17 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ExtractChannelHeaderCertHash

func ExtractChannelHeaderCertHash(msg proto.Message) []byte

ExtractChannelHeaderCertHash extracts the TLS cert hash from a channel header.

Types

type BindingInspector

type BindingInspector func(context.Context, proto.Message) error

BindingInspector receives as parameters a gRPC context and an Envelope, and verifies whether the message contains an appropriate binding to the context

func NewBindingInspector

func NewBindingInspector(mutualTLS bool, extractTLSCertHash CertHashExtractor) BindingInspector

NewBindingInspector returns a BindingInspector according to whether mutualTLS is configured or not, and according to a function that extracts TLS certificate hashes from proto messages

type CertHashExtractor

type CertHashExtractor func(proto.Message) []byte

CertHashExtractor extracts a certificate from a proto.Message message

type Chain

type Chain interface {
	// Sequence returns the current config sequence number, can be used to detect config changes
	Sequence() uint64

	// PolicyManager returns the current policy manager as specified by the chain configuration
	PolicyManager() policies.Manager

	// Reader returns the chain Reader for the chain
	Reader() blockledger.Reader

	// Errored returns a channel which closes when the backing consenter has errored
	Errored() <-chan struct{}
}

Chain encapsulates chain operations and data.

type ChainManager

type ChainManager interface {
	GetChain(chainID string) Chain
}

ChainManager provides a way for the Handler to look up the Chain.

type ConfigSequencer

type ConfigSequencer interface {
	Sequence() uint64
}

ConfigSequencer provides the sequence number of the current config block.

type ExpiresAtFunc

type ExpiresAtFunc func(identityBytes []byte) time.Time

ExpiresAtFunc is used to extract the time at which an identity expires.

type Filtered

type Filtered interface {
	IsFiltered() bool
}

Filtered is a marker interface that indicates a response sender is configured to send filtered blocks Note: this is replaced by "data_type" label. Keep it for now until we decide how to take care of compatibility issue.

type Handler

type Handler struct {
	ExpirationCheckFunc func(identityBytes []byte) time.Time
	ChainManager        ChainManager
	TimeWindow          time.Duration
	BindingInspector    Inspector
	Metrics             *Metrics
}

Handler handles server requests.

func NewHandler

func NewHandler(cm ChainManager, timeWindow time.Duration, mutualTLS bool, metrics *Metrics, expirationCheckDisabled bool) *Handler

NewHandler creates an implementation of the Handler interface.

func (*Handler) Handle

func (h *Handler) Handle(ctx context.Context, srv *Server) error

Handle receives incoming deliver requests.

type Inspector

type Inspector interface {
	Inspect(context.Context, proto.Message) error
}

Inspector verifies an appropriate binding between the message and the context.

type InspectorFunc

type InspectorFunc func(context.Context, proto.Message) error

The InspectorFunc is an adapter that allows the use of an ordinary function as an Inspector.

func (InspectorFunc) Inspect

func (inspector InspectorFunc) Inspect(ctx context.Context, p proto.Message) error

Inspect calls inspector(ctx, p)

type Metrics

type Metrics struct {
	StreamsOpened     metrics.Counter
	StreamsClosed     metrics.Counter
	RequestsReceived  metrics.Counter
	RequestsCompleted metrics.Counter
	BlocksSent        metrics.Counter
}

func NewMetrics

func NewMetrics(p metrics.Provider) *Metrics

type PolicyChecker

type PolicyChecker interface {
	CheckPolicy(envelope *cb.Envelope, channelID string) error
}

PolicyChecker checks the envelope against the policy logic supplied by the function.

type PolicyCheckerFunc

type PolicyCheckerFunc func(envelope *cb.Envelope, channelID string) error

The PolicyCheckerFunc is an adapter that allows the use of an ordinary function as a PolicyChecker.

func (PolicyCheckerFunc) CheckPolicy

func (pcf PolicyCheckerFunc) CheckPolicy(envelope *cb.Envelope, channelID string) error

CheckPolicy calls pcf(envelope, channelID)

type Receiver

type Receiver interface {
	Recv() (*cb.Envelope, error)
}

Receiver is used to receive enveloped seek requests.

type ResponseSender

type ResponseSender interface {
	// SendStatusResponse sends completion status to the client.
	SendStatusResponse(status cb.Status) error
	// SendBlockResponse sends the block and optionally private data to the client.
	SendBlockResponse(data *cb.Block, channelID string, chain Chain, signedData *protoutil.SignedData) error
	// DataType returns the data type sent by the sender
	DataType() string
}

ResponseSender defines the interface a handler must implement to send responses.

type Server

type Server struct {
	Receiver
	PolicyChecker
	ResponseSender
}

Server is a polymorphic structure to support generalization of this handler to be able to deliver different type of responses.

type SessionAccessControl

type SessionAccessControl struct {
	// contains filtered or unexported fields
}

SessionAccessControl holds access control related data for a common Envelope that is used to determine if a request is allowed for the identity associated with the request envelope.

func NewSessionAC

func NewSessionAC(chain ConfigSequencer, env *common.Envelope, policyChecker PolicyChecker, channelID string, expiresAt ExpiresAtFunc) (*SessionAccessControl, error)

NewSessionAC creates an instance of SessionAccessControl. This constructor will return an error if a signature header cannot be extracted from the envelope.

func (*SessionAccessControl) Evaluate

func (ac *SessionAccessControl) Evaluate() error

Evaluate uses the PolicyChecker to determine if a request should be allowed. The decision is cached until the identity expires or the chain configuration changes.

Directories

Path Synopsis
Code generated by counterfeiter.
Code generated by counterfeiter.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL