aspnetcore微服务之间通信grpc,一般服务对外接口用restful架构,HTTP请求,服务之间的通信grpc多走内网。

以前写过一篇grpc和web前端之间的通讯,代码如下:

exercisebook/grpc/grpc-web at main · liuzhixin405/exercisebook (github.com)

本次是微服务之间的通信使用了开源软件MagicOnion,该软件定义接口约束免去proto复杂配置,类似orleans或者webservice,服务调用都通过约定接口规范做传输调用,使用起来非常简单和简洁。

下面通过服务之间调用的示例代码做演示:

Server里面包含简单jwt的token的生成,client和002需要调用登录,通过外部接口调用传入用户和密码,内部再调用jwt服务。

服务之间调用如果不用proto的话,那么接口必须是公共部分,值得注意的是接口的参数和返回值必须 包含[MessagePackObject(true)]的特性,硬性条件。返回值必须被UnaryResult包裹,接口继承MagicOnion的IService,有兴趣深入的自己研究源码。

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using MagicOnion;
using MessagePack; namespace MicroService.Shared
{
public interface IAccountService:IService<IAccountService>
{
UnaryResult<SignInResponse> SignInAsync(string signInId, string password);
UnaryResult<CurrentUserResponse> GetCurrentUserNameAsync();
UnaryResult<string> DangerousOperationAsync();
} [MessagePackObject(true)]
public class SignInResponse
{
public long UserId { get; set; }
public string Name { get; set; }
public string Token { get; set; }
public DateTimeOffset Expiration { get; set; }
public bool Success { get; set; } public static SignInResponse Failed { get; } = new SignInResponse() { Success = false }; public SignInResponse() { } public SignInResponse(long userId, string name, string token, DateTimeOffset expiration)
{
Success = true;
UserId = userId;
Name = name;
Token = token;
Expiration = expiration;
}
} [MessagePackObject(true)]
public class CurrentUserResponse
{
public static CurrentUserResponse Anonymous { get; } = new CurrentUserResponse() { IsAuthenticated = false, Name = "Anonymous" }; public bool IsAuthenticated { get; set; }
public string Name { get; set; }
public long UserId { get; set; }
}
}

上面GrpcClientPool和IGrpcClientFactory是我封装的客户端请求的一个链接池,跟MagicOnion没有任何关系。客户端如果使用原生的Grpc.Net.Client库作为客户端请求完全可以,通过 MagicOnionClient.Create<IAccountService>(channel)把grpcchannel塞入拿到接口服务即可。

服务端代码如下:

using JwtAuthApp.Server.Authentication;
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.AspNetCore.Server.Kestrel.Core;
using Microsoft.IdentityModel.Tokens; namespace JwtAuthApp.Server
{
public class Program
{
public static void Main(string[] args)
{
var builder = WebApplication.CreateBuilder(args); // Add services to the container.
builder.WebHost.ConfigureKestrel(options =>
{
options.ConfigureEndpointDefaults(endpointOptions =>
{
endpointOptions.Protocols = HttpProtocols.Http2;
});
});
builder.Services.AddGrpc();
builder.Services.AddMagicOnion(); builder.Services.AddSingleton<JwtTokenService>();
builder.Services.Configure<JwtTokenServiceOptions>(builder.Configuration.GetSection("JwtAuthApp.Server:JwtTokenService"));
builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.TokenValidationParameters = new TokenValidationParameters
{
IssuerSigningKey = new SymmetricSecurityKey(Convert.FromBase64String(builder.Configuration.GetSection("JwtAuthApp.Server:JwtTokenService:Secret").Value!)),
RequireExpirationTime = true,
RequireSignedTokens = true,
ClockSkew = TimeSpan.FromSeconds(10), ValidateIssuer = false,
ValidateAudience = false,
ValidateLifetime = true,
ValidateIssuerSigningKey = true,
};
#if DEBUG
options.RequireHttpsMetadata = false;
#endif
});
builder.Services.AddAuthorization(); builder.Services.AddControllers();
// Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle
builder.Services.AddEndpointsApiExplorer();
builder.Services.AddSwaggerGen(); var app = builder.Build(); // Configure the HTTP request pipeline.
if (app.Environment.IsDevelopment())
{
app.UseSwagger();
app.UseSwaggerUI();
} app.UseHttpsRedirection(); app.UseAuthentication(); app.UseAuthorization(); app.MapControllers();
app.MapMagicOnionService();
app.Run();
}
}
}
实际上跟组件有关的代码只有这么多了,剩下的就是jwt的。
 builder.WebHost.ConfigureKestrel(options =>
{
options.ConfigureEndpointDefaults(endpointOptions =>
{
endpointOptions.Protocols = HttpProtocols.Http2;
});
});
builder.Services.AddGrpc();
builder.Services.AddMagicOnion();
app.MapMagicOnionService();

当然作为服务的提供者实现IAccountService的接口是必须的。

using Grpc.Core;
using JwtAuthApp.Server.Authentication;
using System.Security.Claims;
using MagicOnion;
using MagicOnion.Server;
using MicroService.Shared;
using Microsoft.AspNetCore.Authorization; namespace JwtAuthApp.Server.GrpcService
{
[Authorize]
public class AccountService : ServiceBase<IAccountService>, IAccountService
{
private static IDictionary<string, (string Password, long UserId, string DisplayName)> DummyUsers = new Dictionary<string, (string, long, string)>(StringComparer.OrdinalIgnoreCase)
{
{"signInId001", ("123456", 1001, "Jack")},
{"signInId002", ("123456", 1002, "Rose")},
}; private readonly JwtTokenService _jwtTokenService; public AccountService(JwtTokenService jwtTokenService)
{
_jwtTokenService = jwtTokenService ?? throw new ArgumentNullException(nameof(jwtTokenService));
} [AllowAnonymous]
public async UnaryResult<SignInResponse> SignInAsync(string signInId, string password)
{
await Task.Delay(1); // some workloads... if (DummyUsers.TryGetValue(signInId, out var userInfo) && userInfo.Password == password)
{
var (token, expires) = _jwtTokenService.CreateToken(userInfo.UserId, userInfo.DisplayName); return new SignInResponse(
userInfo.UserId,
userInfo.DisplayName,
token,
expires
);
} return SignInResponse.Failed;
} [AllowAnonymous]
public async UnaryResult<CurrentUserResponse> GetCurrentUserNameAsync()
{
await Task.Delay(1); // some workloads... var userPrincipal = Context.CallContext.GetHttpContext().User;
if (userPrincipal.Identity?.IsAuthenticated ?? false)
{
if (!int.TryParse(userPrincipal.Claims.FirstOrDefault(x => x.Type == ClaimTypes.NameIdentifier)?.Value, out var userId))
{
return CurrentUserResponse.Anonymous;
} var user = DummyUsers.SingleOrDefault(x => x.Value.UserId == userId).Value;
return new CurrentUserResponse()
{
IsAuthenticated = true,
UserId = user.UserId,
Name = user.DisplayName,
};
} return CurrentUserResponse.Anonymous;
} [Authorize(Roles = "Administrators")]
public async UnaryResult<string> DangerousOperationAsync()
{
await Task.Delay(1); // some workloads... return "rm -rf /";
}
}
}

当然jwt服务的代码也必不可少,还有密钥串json文件。

using Microsoft.Extensions.Options;
using Microsoft.IdentityModel.Tokens;
using System.IdentityModel.Tokens.Jwt;
using System.Security.Claims; namespace JwtAuthApp.Server.Authentication
{
public class JwtTokenService
{
private readonly SymmetricSecurityKey _securityKey; public JwtTokenService(IOptions<JwtTokenServiceOptions> jwtTokenServiceOptions)
{
_securityKey = new SymmetricSecurityKey(Convert.FromBase64String(jwtTokenServiceOptions.Value.Secret));
} public (string Token, DateTime Expires) CreateToken(long userId, string displayName)
{
var jwtTokenHandler = new JwtSecurityTokenHandler();
var expires = DateTime.UtcNow.AddSeconds(10);
var token = jwtTokenHandler.CreateEncodedJwt(new SecurityTokenDescriptor()
{
SigningCredentials = new SigningCredentials(_securityKey, SecurityAlgorithms.HmacSha256),
Subject = new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.Name, displayName),
new Claim(ClaimTypes.NameIdentifier, userId.ToString()),
}),
Expires = expires,
}); return (token, expires);
}
} public class JwtTokenServiceOptions
{
public string Secret { get; set; }
}
}
{
"JwtAuthApp.Server": {
"JwtTokenService": {
/* 64 bytes (512 bits) secret key */
"Secret": "/Z8OkdguxFFbaxOIG1q+V9HeujzMKg1n9gcAYB+x4QvhF87XcD8sQA4VsdwqKVuCmVrXWxReh/6dmVXrjQoo9Q=="
}
},
"Logging": {
"LogLevel": {
"Default": "Trace",
"System": "Information",
"Microsoft": "Information"
}
}
}

上面的代码完全可以运行一个jwt服务了。

下面就是客户端代码,因为两个客户端是一样的只是做测试,所以列出一个就够了。

using Login.Client.GrpcClient;
using MicroService.Shared.GrpcPool;
using MicroService.Shared; namespace Login.Client
{
public class Program
{
public static void Main(string[] args)
{
var builder = WebApplication.CreateBuilder(args); // Add services to the container. builder.Services.AddControllers();
// Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle
builder.Services.AddEndpointsApiExplorer();
builder.Services.AddSwaggerGen();
builder.Services.AddTransient<IGrpcClientFactory<IAccountService>, LoginClientFactory>();
builder.Services.AddTransient(sp => new GrpcClientPool<IAccountService>(sp.GetService<IGrpcClientFactory<IAccountService>>(), builder.Configuration, builder.Configuration["Grpc:Service:JwtAuthApp.ServiceAddress"])); var app = builder.Build(); // Configure the HTTP request pipeline.
if (app.Environment.IsDevelopment())
{
app.UseSwagger();
app.UseSwaggerUI();
} app.UseHttpsRedirection(); app.UseAuthorization(); app.MapControllers(); app.Run();
}
}
}

客户端Program.cs只是注入了连接池,没有其他任何多余代码,配置文件当然必不可少。

  builder.Services.AddTransient<IGrpcClientFactory<IAccountService>, LoginClientFactory>();
builder.Services.AddTransient(sp => new GrpcClientPool<IAccountService>(sp.GetService<IGrpcClientFactory<IAccountService>>(), builder.Configuration, builder.Configuration["Grpc:Service:JwtAuthApp.ServiceAddress"]));
{
"Logging": {
"LogLevel": {
"Default": "Information",
"Microsoft.AspNetCore": "Warning"
}
},
"AllowedHosts": "*",
"Grpc": {
"Service": {
"JwtAuthApp.ServiceAddress": "https://localhost:7021"
},
"maxConnections": 10,
"handoverTimeout":10 // seconds
}
}

登录的对外接口如下:

using System.ComponentModel.DataAnnotations;
using System.Threading.Channels;
using Grpc.Net.Client;
using Login.Client.GrpcClient;
using MagicOnion.Client;
using MicroService.Shared;
using MicroService.Shared.GrpcPool;
using Microsoft.AspNetCore.Mvc; namespace Login.Client.Controllers
{
[ApiController]
[Route("[controller]")]
public class LoginController : ControllerBase
{ private readonly ILogger<LoginController> _logger;
private IConfiguration _configuration;
private readonly IGrpcClientFactory<IAccountService> _grpcClientFactory;
private readonly GrpcClientPool<IAccountService> _grpcClientPool;
public LoginController(ILogger<LoginController> logger, IConfiguration configuration, IGrpcClientFactory<IAccountService> grpcClientFactory, GrpcClientPool<IAccountService> grpcClientPool)
{ _configuration = configuration;
_logger = logger;
_grpcClientFactory = grpcClientFactory;
_grpcClientPool = grpcClientPool;
} [HttpGet(Name = "Login")]
public async Task<ActionResult<Tuple<bool,string?>>> Login([Required]string signInId, [Required]string pwd)
{
SignInResponse authResult;
/*using (var channel = GrpcChannel.ForAddress(_configuration["JwtAuthApp.ServiceAddress"]))
{
//var accountClient = MagicOnionClient.Create<IAccountService>(channel); }*/ var client = _grpcClientPool.GetClient();
try
{
// 使用client进行gRPC调用
authResult = await client.SignInAsync(signInId, pwd);
}
finally
{
_grpcClientPool.ReleaseClient(client);
}
return (authResult!=null && authResult.Success)? Tuple.Create(true,authResult.Token): Tuple.Create(false,string.Empty);
}
}
}

客户端就剩下一个返回服务的接口工厂了

using Grpc.Net.Client;
using MagicOnion.Client;
using MicroService.Shared;
using MicroService.Shared.GrpcPool; namespace Login.Client.GrpcClient
{
public class LoginClientFactory : IGrpcClientFactory<IAccountService>
{
public IAccountService Create(GrpcChannel channel)
{
return MagicOnionClient.Create<IAccountService>(channel);
}
}
}

最后就是连接池的实现:

using System;
using System.Collections.Concurrent;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Channels;
using System.Threading.Tasks;
using Grpc.Core;
using Grpc.Net.Client;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.Hosting; namespace MicroService.Shared.GrpcPool
{
public class GrpcClientPool<TClient>
{
private readonly static ConcurrentBag<TClient> _clientPool = new ConcurrentBag<TClient>(); private readonly IGrpcClientFactory<TClient> _clientFactory; private readonly int _maxConnections;
private readonly TimeSpan _handoverTimeout;
private readonly string _address;
private readonly DateTime _now;
public GrpcClientPool(IGrpcClientFactory<TClient> clientFactory,
IConfiguration configuration,string address)
{
_now = DateTime.Now;
_clientFactory = clientFactory;
_maxConnections = int.Parse(configuration["Grpc:maxConnections"]?? throw new ArgumentNullException("grpc maxconnections is null"));
_handoverTimeout = TimeSpan.FromSeconds(double.Parse(configuration["Grpc:maxConnections"]??throw new ArgumentNullException("grpc timeout is null")));
_address = address;
} public TClient GetClient()
{
if (_clientPool.TryTake(out var client))
{
return client;
} if (_clientPool.Count < _maxConnections)
{
var channel = GrpcChannel.ForAddress(_address);
client = _clientFactory.Create(channel);
_clientPool.Add(client);
return client;
} if (!_clientPool.TryTake(out client) && DateTime.Now.Subtract(_now) > _handoverTimeout)
{
throw new TimeoutException("Failed to acquire a connection from the pool within the specified timeout.");
}
return client;
} public void ReleaseClient(TClient client)
{
if (client == null)
{
return;
}
_clientPool.Add(client);
}
}
}

上面已经演示过了接口调用的接口,这里不再展示,代码示例如下:

liuzhixin405/efcore-template (github.com)

不想做池化客户端注入的代码全部不需要了,只需要下面代码就可以了,代码会更少更精简。

 SignInResponse authResult;
using (var channel = GrpcChannel.ForAddress(_configuration["JwtAuthApp.ServiceAddress"]))
{
var accountClient = MagicOnionClient.Create<IAccountService>(channel);
authResult = await accountClient.SignInAsync(user, pwd);
}

aspnetcore微服务之间grpc通信,无proto文件的更多相关文章

  1. 微服务7:通信之RPC

    ★微服务系列 微服务1:微服务及其演进史 微服务2:微服务全景架构 微服务3:微服务拆分策略 微服务4:服务注册与发现 微服务5:服务注册与发现(实践篇) 微服务6:通信之网关 微服务7:通信之RPC ...

  2. 微服务8:通信之RPC实践篇(附源码)

    ★微服务系列 微服务1:微服务及其演进史 微服务2:微服务全景架构 微服务3:微服务拆分策略 微服务4:服务注册与发现 微服务5:服务注册与发现(实践篇) 微服务6:通信之网关 微服务7:通信之RPC ...

  3. aspnetcore微服务中使用发件箱模式实例

    aspnetcore微服务种服务之间的通信一般都有用到消息中间件,如何确保该服务的持久层保存创建的数据同时又把消息成功投递到了关联服务,关联服务做对应的处理. 下面就以一个简单的例子来演示实现方式之一 ...

  4. eShopOnContainers 看微服务⑤:消息通信

    1.消息通信 传统的单体应用,组件间的调用都是使用代码级的方法函数.比如用户登录自动签到,增加积分.我们可以在登录函数调用积分模块的某个函数,为了解耦我们使用以来注入并放弃new Class()这种方 ...

  5. AspNetCore微服务下的网关-Kong(一)

    Kong是Mashape开源的高性能高可用API网关和API服务管理层.它基于OpenResty,进行API管理,并提供了插件实现API的AOP.Kong在Mashape 管理了超过15,000 个A ...

  6. spring-cloud - 服务之间的通信

    上文中已经讲述了基本环境搭建,本文基于上文环境https://www.cnblogs.com/xxpandong/p/10485172.html. spring-cloud中微服务之间通信主要有俩种形 ...

  7. 微服务之间如何共享DTO?

    1. 概述 近些年来,微服务变得越来越流行.微服务基本特征是模块化.独立.易于扩展的.它们之间需要协同工作并交换数据.为了实现这一点,我们创建了名为 DTO 的共享数据传输对象.在本文中,我们将介绍在 ...

  8. 微服务6:通信之网关 Ready

    ★微服务系列 微服务1:微服务及其演进史 微服务2:微服务全景架构 微服务3:微服务拆分策略 微服务4:服务注册与发现 微服务5:服务注册与发现(实践篇) 微服务6:通信之网关 1 概述 回顾下前面几 ...

  9. 10月9日Android学习笔记:活动与服务之间的通信

    最近在照着<第一行代码>这本书来学安卓,顺便记下笔记.主要的内容是Android中服务的第二种启动方式,通过活动绑定服务来启动服务,实现活动与服务之间的通信. 一. 首先创建一个服务类 p ...

  10. JHipster技术栈定制 - 基于UAA的微服务之间安全调用

    本文通过代码实例演示如何通过UAA实现微服务之间的安全调用. uaa: 身份认证服务,同时也作为被调用的资源服务.服务端口9999. microservice1: 调用uaa的消费者服务,服务端口80 ...

随机推荐

  1. 彻底解决各种浏览器访问不了GitHub问题(注意代理)

    如果有穿墙插件如Google助手  VPN  SS 之类别 有可能被全局代理 首先关闭这些软件 或者浏览器插件 假设,您的本地代理端口为:1080 ,打开git base窗口进行按下列的方式设置.(在 ...

  2. 4.7 x64dbg 应用层的钩子扫描

    所谓的应用层钩子(Application-level hooks)是一种编程技术,它允许应用程序通过在特定事件发生时执行特定代码来自定义或扩展其行为.这些事件可以是用户交互,系统事件,或者其他应用程序 ...

  3. 【ElasticSearch】大数据量情况下的前缀、中缀实时搜索方案

    简述 业务开发中经常会遇到这样一种情况,用户在搜索框输入时要实时展示搜索相关的结果.要实现这个场景常用的方案有Completion Suggester.search_as_you_type.那么这两种 ...

  4. MAUI Blazor 加载本地图片的解决方案

    前言 为了解决MAUI Blazor无法加载本地图片,https://github.com/dotnet/maui/issues/2907,所以写了这篇文章. 有token大佬珠玉在前,https:/ ...

  5. virt-install 使用 qcow2格式虚拟机镜 、macvtap网卡

    安装虚拟机 这里使用 amazn2 虚拟机镜像安装,根据官网文档,需要预先配置一个 seed.iso 文件 参考文档:https://docs.aws.amazon.com/zh_cn/AWSEC2/ ...

  6. Redis从入门到放弃(6):持久化

    1.引言 Redis作为一种高性能的内存数据存储系统,常被用作缓存.会话存储.消息队列等多种应用场景.然而,由于其数据存储在内存中,一旦发生意外或服务器重启,数据就会丢失.为了保障数据的持久性和安全性 ...

  7. 使用 python 快速搭建http服务

    python -m SimpleHTTPServer 8888 使用上面的命令可以把当前目录发布到8888端口. 直接浏览器访问 但是这条命令是当前运行的,不是后台运行的,也就是说如果Ctrl + C ...

  8. 利用文件包含漏洞包含ssh日志拿shell

    今天看文章学了一招,有包含漏洞无法传文件的时候用 目标服务器环境为ubuntu,ssh登录日志文件是/var/log/auth.log 找个Linux的环境执行ssh '<? phpinfo() ...

  9. SpringCloud-Hystrix服务熔断与降级工作原理&源码

    先附上Hystrix源码图 在微服务架构中,根据业务来拆分成一个个的服务,服务与服务之间可以相互调用(RPC),在Spring Cloud可以用RestTemplate+Ribbon和Feign来调用 ...

  10. P1941 [NOIP2014 提高组] 飞扬的小鸟 题解

    我们先不管障碍物. 设 \(f[i][j]\) 表示来到点 \((i,j)\) 的最少点击屏幕数. 因为每秒要不上升 \(k\times x[i]\),要么下降 \(y[i]\). 所以有: \[f[ ...