/
grpc_white_list.go
37 lines (34 loc) · 1.15 KB
/
grpc_white_list.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
package grpc_proxy_middleware
import (
"fmt"
"github.com/didi/gatekeeper/model"
"github.com/didi/gatekeeper/public"
"github.com/pkg/errors"
"google.golang.org/grpc"
"google.golang.org/grpc/peer"
"log"
"strings"
)
//匹配接入方式 基于请求信息
func GrpcWhiteListMiddleware(serviceDetail *model.ServiceDetail) func(srv interface{}, ss grpc.ServerStream, info *grpc.StreamServerInfo, handler grpc.StreamHandler) error {
return func(srv interface{}, ss grpc.ServerStream, info *grpc.StreamServerInfo, handler grpc.StreamHandler) error {
peerCtx, ok := peer.FromContext(ss.Context())
if !ok {
return errors.New("peer not found with context")
}
peerAddr := peerCtx.Addr.String()
addrPos := strings.LastIndex(peerAddr, ":")
clientIP := peerAddr[0:addrPos]
whiteListStr := serviceDetail.PluginConf.GetPath("grpc_whiteblacklist", "ip_white_list").MustString()
if whiteListStr != "" {
if !public.InIPSliceStr(clientIP, whiteListStr) {
return errors.New(fmt.Sprintf("%s not in white ip list", clientIP))
}
}
if err := handler(srv, ss); err != nil {
log.Printf("RPC failed with error %v\n", err)
return err
}
return nil
}
}