feat: Add grpc over tls support (#8)

cheqd · May 20, 2022 · 323d835 · 323d835
1 parent faa7a47
commit 323d835
Show file tree

Hide file tree

Showing 5 changed files with 18 additions and 4 deletions.
diff --git a/cmd/serve.go b/cmd/serve.go
@@ -48,7 +48,7 @@ func serve() {
 	e.Use(middleware.Recover())
 
 	// Services
-	ledgerService := services.NewLedgerService(config.Ledger.Timeout)
+	ledgerService := services.NewLedgerService(config.Ledger.Timeout, config.Ledger.UseTls)
 
 	networks := strings.Split(config.Ledger.Networks, ";")
 	for _, network := range networks {

diff --git a/config.yaml b/config.yaml
@@ -1,5 +1,6 @@
 ledger:
-  networks: "mainnet=grpc.seed1.ap.cheqd.net:9090;testnet=159.89.208.88:443"
+  networks: "mainnet=grpc.cheqd.net:443;testnet=grpc.cheqd.network:443"
+  useTls: true
   timeout: "5s"
 
 resolver:

diff --git a/services/ledger_service.go b/services/ledger_service.go
@@ -2,10 +2,13 @@ package services
 
 import (
 	"context"
+	"crypto/tls"
 	"errors"
 	"fmt"
 	"time"
 
+	"google.golang.org/grpc/credentials"
+
 	cheqd "github.com/cheqd/cheqd-node/x/cheqd/types"
 	cheqdUtils "github.com/cheqd/cheqd-node/x/cheqd/utils"
 	"github.com/rs/zerolog/log"
@@ -21,11 +24,13 @@ type LedgerServiceI interface {
 type LedgerService struct {
 	ledgers           map[string]string // namespace -> url
 	connectionTimeout time.Duration
+	useTls            bool
 }
 
-func NewLedgerService(connectionTimeout time.Duration) LedgerService {
+func NewLedgerService(connectionTimeout time.Duration, useTls bool) LedgerService {
 	ls := LedgerService{
 		connectionTimeout: connectionTimeout,
+		useTls:            useTls,
 	}
 	ls.ledgers = make(map[string]string)
 	return ls
@@ -83,6 +88,13 @@ func (ls LedgerService) openGRPCConnection(addr string) (conn *grpc.ClientConn,
 		grpc.WithTransportCredentials(insecure.NewCredentials()),
 		grpc.WithBlock(),
 	}
+
+	if ls.useTls {
+		opts = append(opts, grpc.WithTransportCredentials(credentials.NewTLS(&tls.Config{})))
+	} else {
+		opts = append(opts, grpc.WithTransportCredentials(insecure.NewCredentials()))
+	}
+
 	ctx, cancel := context.WithTimeout(context.Background(), ls.connectionTimeout)
 	defer cancel()
 

diff --git a/services/ledger_service_test.go b/services/ledger_service_test.go
@@ -33,7 +33,7 @@ func TestQueryDIDDoc(t *testing.T) {
 			timeout, err := time.ParseDuration("5s")
 			require.NoError(t, err)
 
-			ledgerService := NewLedgerService(timeout)
+			ledgerService := NewLedgerService(timeout, false)
 			didDoc, metadata, isFound, err := ledgerService.QueryDIDDoc("fake did")
 			require.EqualValues(t, subtest.expectedDID, didDoc)
 			require.EqualValues(t, subtest.expectedMetadata, metadata)

diff --git a/types/config.go b/types/config.go
@@ -18,6 +18,7 @@ type Config struct {
 type LedgerConfig struct {
 	Networks string
 	Timeout  time.Duration
+	UseTls   bool
 }
 
 type ResolverConfig struct {