Add support to setup ClientAuth in server

[sudoHackIn]

Is it possible to add support for setting client authentication(io.netty.handler.ssl.ClientAuth) in server, possibly with GrpcServerProperties? Now, as i understand the only possible solution is create own GRpcServerBuilderConfigurer and override defined ServerBuilder with new SslContext like that:

((NettyServerBuilder) serverBuilder).sslContext(GrpcSslContexts.forServer(...,...)
.clientAuth(ClientAuth.REQUIRE).build());

But to define GrpcSslContext, used application.properties certChain and key, i have to duplicate existing code in grpcInternalConfigurator(defined in GRpcAutoConfiguration), which already fill context with cert chain and private key and my configurer again override it

If you approve my issue, will be glad to contribute with your help :)

[jvmlet]

You can @Autowire GrpcServerProperties into your configurer and override the ssl context :

public class MyConfigurer extends  GRpcServerBuilderConfigurer {
@Autowire  GrpcServerProperties props;
    public void configure(ServerBuilder<?> serverBuilder){
((NettyServerBuilder) serverBuilder).sslContext(GrpcSslContexts.forServer(props.getSecurity().getCertChain().getInputStream(),
                                            props.getSecurity().getPrivateKey().getInputStream())
.clientAuth(ClientAuth.REQUIRE).build());
    }
}

[sudoHackIn]

Yeah, i agree, but i thought that clientAuth is that something should be configured easily with appilcation.properties as it works with spring ssl configuration

[jvmlet]

The problem is that ServerBuilder facade exposes only certChain and privateKey settings, clientAuth is NettyServerBuilder specific. I'll think how to combine them from configuration file