Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

How to use ApiWrapper to load certificate for access #89

Open
Borkes opened this issue Jun 15, 2023 · 6 comments
Open

How to use ApiWrapper to load certificate for access #89

Borkes opened this issue Jun 15, 2023 · 6 comments

Comments

@Borkes
Copy link

Borkes commented Jun 15, 2023

No description provided.

@eodiandie
Copy link
Contributor

No description provided.
hi, @Borkes
From the issue title, I guess you may mean adding support for 'API Key' to ApiWrapper in order to access the Java-Tron gRPC endpoints more flexible. So could you provide more information about your question?

@borkesmao
Copy link

borkesmao commented Jun 26, 2023

hi @xq-lu
our tron node server do not support NO TLS access, so grpcurl -plaintext request will response error.
grpcurl -import-path . -proto ./api/api.proto -plaintext host:50051 protocol.Wallet/GetNowBlock
ERROR:
Code: Unavailable
Message: error reading from server: EOF
and if I use TLS, it will response block info. same as ApiWrapper, I have no idea to set TSL

ApiWrapper wrapper = new ApiWrapper("host:50051", "host:50051","api key");
Chain.Block block = wrapper.getNowBlock();

then I get:

io.grpc.StatusRuntimeException: UNAVAILABLE: Network closed for unknown reason

	at io.grpc.stub.ClientCalls.toStatusRuntimeException(ClientCalls.java:271)
	at io.grpc.stub.ClientCalls.getUnchecked(ClientCalls.java:252)
	at io.grpc.stub.ClientCalls.blockingUnaryCall(ClientCalls.java:165)
	at org.tron.trident.api.WalletGrpc$WalletBlockingStub.getNowBlock(WalletGrpc.java:4763)
	at org.tron.trident.core.ApiWrapper.getNowBlock(ApiWrapper.java:780)
	at AddressCheckTest.testAddress(AddressCheckTest.java:22)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:566)
	at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:59)
	at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
	at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:56)
	at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)
	at org.junit.runners.ParentRunner$3.evaluate(ParentRunner.java:306)
	at org.junit.runners.BlockJUnit4ClassRunner$1.evaluate(BlockJUnit4ClassRunner.java:100)
	at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:366)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:103)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:63)
	at org.junit.runners.ParentRunner$4.run(ParentRunner.java:331)
	at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:79)
	at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:329)
	at org.junit.runners.ParentRunner.access$100(ParentRunner.java:66)
	at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:293)
	at org.junit.runners.ParentRunner$3.evaluate(ParentRunner.java:306)
	at org.junit.runners.ParentRunner.run(ParentRunner.java:413)
	at org.junit.runner.JUnitCore.run(JUnitCore.java:137)
	at com.intellij.junit4.JUnit4IdeaTestRunner.startRunnerWithArgs(JUnit4IdeaTestRunner.java:69)
	at com.intellij.rt.junit.IdeaTestRunner$Repeater$1.execute(IdeaTestRunner.java:38)
	at com.intellij.rt.execution.junit.TestsRepeater.repeat(TestsRepeater.java:11)
	at com.intellij.rt.junit.IdeaTestRunner$Repeater.startRunnerWithArgs(IdeaTestRunner.java:35)
	at com.intellij.rt.junit.JUnitStarter.prepareStreamsAndStart(JUnitStarter.java:232)
	at com.intellij.rt.junit.JUnitStarter.main(JUnitStarter.java:55)

@eodiandie
Copy link
Contributor

Hi @Borkes if you are accessing the network from your node, then no API key is needed, just need to include your private key as shown below,
ApiWrapper wrapper = new ApiWrapper("grpc endpoint", "solidity grpc endpoint", "hex private key");
where,
grpc port = 50051
solidity grpc port = 50061
These ports as set default as above, you may check your node config.conf file and see if the ports remain the same.

@borkesmao
Copy link

hi @xq-lu, my node has already set the default port 50051, maybe you are not aware of my problem. As my nodes are accessed using ssl and certificates, so I want to initialize ApiWrapper with something like TSL

  1. use grpcurl access node with TSL, response correct blockInfo

grpcurl -import-path . -proto ./api/api.proto host:50051 protocol.Wallet/GetNowBlock

  1. use grpcurl access node with NO TSL

grpcurl -import-path . -proto ./api/api.proto -plaintext host:50051 protocol.Wallet/GetNowBlock
Code: Unavailable
Message: error reading from server: EOF

  1. use ApiWrapper access node, so I guess there's no TSL

ApiWrapper wrapper = new ApiWrapper("host:50051", "host:50051","api key");
Chain.Block block = wrapper.getNowBlock();
io.grpc.StatusRuntimeException: UNAVAILABLE: Network closed for unknown reason

@eodiandie
Copy link
Contributor

hi, @borkesmao
I kind of know what's your problem mentioned above. Let's clarify it. you enable TLS in your Tron node. when you access the node with TLS setup on the client side, it works fine. but when you use ApiWrapper to access it, it throws errors.
Currently, the latest version trident-sdk does not support gRPC authentication with SSL/TLS.
If you want to config Apiwrapper to support TLS, you can try with the codes below and replace the default channel in Apiwrapper constructor function:

// With server authentication SSL/TLS
ManagedChannel channel = Grpc.newChannelBuilder(
        "myservice.example.com:443", TlsChannelCredentials.create())
    .build();
blockingStub = WalletGrpc.newBlockingStub(channel);
or
// With server authentication SSL/TLS; custom CA root certificates
ChannelCredentials creds = TlsChannelCredentials.newBuilder()
    .trustManager(new File("roots.pem"))
    .build();
ManagedChannel channel = Grpc.newChannelBuilder("myservice.example.com:443", creds)
    .build();
blockingStub = WalletGrpc.newBlockingStub(channel);

for the details, you may refer to this doc:https://grpc.io/docs/guides/auth/#with-server-authentication-ssltls-4

By the way,' support gRPC authentication in TLS in Apiwrapper'is a good feature, and it may be included in the later release.

@shamoh
Copy link

shamoh commented Jul 12, 2023

I would appreciate the feature. 🙏

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

4 participants