-
Notifications
You must be signed in to change notification settings - Fork 1
/
client.go
237 lines (210 loc) · 7.64 KB
/
client.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
/*
* Copyright (c) 2019. Aberic - All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* http://www.apache.org/licenses/LICENSE-2.0
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package config
import (
"github.com/aberic/fabric-client/geneses"
"strings"
)
// Client go sdk 使用的客户端
type Client struct {
// Organization 这个应用程序实例属于哪个组织?值必须是在“组织”下定义的组织的名称,如:Org1或league-org1
Organization string `yaml:"organization"`
// Logging 日志级别,debug、info、warn、error等
Logging *ClientLogging `yaml:"logging"`
// 节点超时的全局配置,如果省略此部分,则将使用缺省值
Peer *ClientPeer `yaml:"peer"`
// 事件服务超时的全局配置,如果省略此部分,则将使用缺省值
EventService *ClientEventService `yaml:"eventService"`
// orderer超时的全局配置,如果省略此部分,则将使用缺省值
Order *ClientOrder `yaml:"orderer"`
// 超时的全局配置,如果省略此部分,则将使用缺省值
Global *ClientGlobal `yaml:"global"`
CryptoConfig *ClientCryptoConfig `yaml:"cryptoconfig"`
CredentialStore *ClientCredentialStore `yaml:"credentialStore"`
// BCCSP 客户端的BCCSP配置
BCCSP *ClientBCCSP `yaml:"BCCSP"`
TLSCerts *ClientTLSCerts `yaml:"tlsCerts"`
}
// ClientLogging 客户端日志设置对象
type ClientLogging struct {
Level string `yaml:"level"` // info
}
// ClientCryptoConfig 客户端
type ClientCryptoConfig struct {
// Path 带有密钥和证书的MSP目录的根目录
Path string `yaml:"path"` // /Users/Documents/fabric/crypto-config
}
type ClientCredentialStore struct {
Path string `yaml:"path"` // /tmp/state-store"
CryptoStore *ClientCredentialStoreCryptoStore `yaml:"cryptoStore"`
}
type ClientCredentialStoreCryptoStore struct {
Path string `yaml:"path"` // /tmp/msp
}
type ClientBCCSP struct {
Security *ClientBCCSPSecurity `yaml:"security"`
}
type ClientBCCSPSecurity struct {
Enabled bool `yaml:"enabled"`
Default *ClientBCCSPSecurityDefault `yaml:"default"`
HashAlgorithm string `yaml:"hashAlgorithm"`
SoftVerify bool `yaml:"softVerify"`
Level int32 `yaml:"level"`
}
type ClientBCCSPSecurityDefault struct {
Provider string `yaml:"provider"`
}
type ClientTLSCerts struct {
// SystemCertPool 是否开启TLS,默认false
SystemCertPool bool `yaml:"systemCertPool"`
// Client 客户端密钥和证书,用于TLS与节点和排序服务的握手
Client *ClientTLSCertsClient `yaml:"client"`
}
type ClientTLSCertsClient struct {
Key *ClientTLSCertsClientKey `yaml:"key"`
Cert *ClientTLSCertsClientCert `yaml:"cert"`
}
type ClientTLSCertsClientKey struct {
Path string `yaml:"path"` // /fabric/crypto-config/peerOrganizations/org1.example.com/users/User1@org1.example.com/tls/client.key
}
type ClientTLSCertsClientCert struct {
Path string `yaml:"path"` // /fabric/crypto-config/peerOrganizations/org1.example.com/users/User1@org1.example.com/tls/client.crt
}
type ClientPeer struct {
Timeout *ClientPeerTimeout `yaml:"timeout"`
}
type ClientPeerTimeout struct {
Connection string `yaml:"connection"`
Response string `yaml:"response"`
Discovery *ClientPeerTimeoutDiscovery `yaml:"discovery"`
}
type ClientPeerTimeoutDiscovery struct {
// GreyListExpiry 发现服务失效列表筛选器的有效期。
//
// 通道客户端将列出脱机的失效节点名单,防止在后续重试中重新选择它们。
//
// 这个间隔将定义一个节点被灰列出的时间
GreyListExpiry string `yaml:"greylistExpiry"`
}
type ClientEventService struct {
Timeout *ClientEventServiceTimeout `yaml:"timeout"`
}
type ClientEventServiceTimeout struct {
RegistrationResponse string `yaml:"registrationResponse"`
}
type ClientOrder struct {
Timeout *ClientOrderTimeout `yaml:"timeout"`
}
type ClientOrderTimeout struct {
Connection string `yaml:"connection"`
Response string `yaml:"response"`
}
type ClientGlobal struct {
Timeout *ClientGlobalTimeout `yaml:"timeout"`
Cache *ClientGlobalCache `yaml:"cache"`
}
type ClientGlobalTimeout struct {
Query string `yaml:"query"`
Execute string `yaml:"execute"`
Resmgmt string `yaml:"resmgmt"`
}
type ClientGlobalCache struct {
ConnectionIdle string `yaml:"connectionIdle"`
EventServiceIdle string `yaml:"eventServiceIdle"`
ChannelConfig string `yaml:"channelConfig"`
ChannelMembership string `yaml:"channelMembership"`
Discovery string `yaml:"discovery"`
Selection string `yaml:"selection"`
}
func (c *Client) initSelfClient(tls bool, leagueName, orgName, userName, level string) {
cryptoConfig := geneses.CryptoConfigPath(leagueName)
domain := strings.Join([]string{leagueName, strings.ToLower(orgName)}, "-")
keyPath := strings.Join([]string{
cryptoConfig, "/peerOrganizations/", domain, "/users/", userName, "@", domain, "/tls/client.key"}, "")
certPath := strings.Join([]string{
cryptoConfig, "/peerOrganizations/", domain, "/users/", userName, "@", domain, "/tls/client.crt"}, "")
c.initClient(tls, orgName, level, cryptoConfig, keyPath, certPath)
}
func (c *Client) initClient(tls bool, organization, level, cryptoConfig, keyPath, certPath string) {
c.initCustomClient(
tls, organization, level, cryptoConfig, keyPath, certPath,
&ClientPeer{
Timeout: &ClientPeerTimeout{
Connection: "10s",
Response: "180s",
Discovery: &ClientPeerTimeoutDiscovery{
GreyListExpiry: "10s",
},
},
},
&ClientEventService{
Timeout: &ClientEventServiceTimeout{
RegistrationResponse: "15s",
},
},
&ClientOrder{
Timeout: &ClientOrderTimeout{
Connection: "15s",
Response: "15s",
},
},
&ClientGlobal{
Timeout: &ClientGlobalTimeout{
Query: "180s",
Execute: "180s",
Resmgmt: "180s",
},
Cache: &ClientGlobalCache{
ConnectionIdle: "30s",
EventServiceIdle: "2m",
ChannelConfig: "30m",
ChannelMembership: "30s",
Discovery: "10s",
Selection: "10m",
},
},
&ClientCredentialStore{
Path: strings.Join([]string{"/tmp", organization, "state-store"}, "/"),
CryptoStore: &ClientCredentialStoreCryptoStore{Path: strings.Join([]string{"/tmp", organization, "msp"}, "/")},
},
&ClientBCCSP{
Security: &ClientBCCSPSecurity{
Enabled: true,
HashAlgorithm: "SHA2",
SoftVerify: true,
Level: 256,
Default: &ClientBCCSPSecurityDefault{Provider: "SW"},
},
})
}
func (c *Client) initCustomClient(tls bool, organization, level, cryptoConfig, keyPath, certPath string,
peer *ClientPeer, eventService *ClientEventService, order *ClientOrder, global *ClientGlobal,
ccs *ClientCredentialStore, bccsp *ClientBCCSP) {
c.Organization = organization
c.Logging = &ClientLogging{Level: level}
c.Peer = peer
c.EventService = eventService
c.Order = order
c.Global = global
c.CryptoConfig = &ClientCryptoConfig{Path: cryptoConfig}
c.CredentialStore = ccs
c.BCCSP = bccsp
c.TLSCerts = &ClientTLSCerts{
SystemCertPool: tls,
Client: &ClientTLSCertsClient{
Key: &ClientTLSCertsClientKey{Path: keyPath},
Cert: &ClientTLSCertsClientCert{Path: certPath},
},
}
}