Remove netty-specific credentials factory in client

See also #10

Author: Dave Syer

spring-grpc-core/src/main/java/org/springframework/grpc/internal/InsecureTrustManagerFactory.java

@@ -0,0 +1,114 @@
+/*
+ * Copyright 2024-2024 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.springframework.grpc.internal;
+
+import java.net.Socket;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.Provider;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
+
+import javax.net.ssl.ManagerFactoryParameters;
+import javax.net.ssl.SSLEngine;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.TrustManagerFactory;
+import javax.net.ssl.TrustManagerFactorySpi;
+import javax.net.ssl.X509ExtendedTrustManager;
+import javax.net.ssl.X509TrustManager;
+
+/**
+ * A custom implementation of the TrustManagerFactory class that provides an insecure
+ * trust manager. This trust manager does not perform any certificate validation and
+ * accepts all certificates. It is intended for testing or development purposes only and
+ * should not be used in production environments.
+ */
+public class InsecureTrustManagerFactory extends TrustManagerFactory {
+
+	public static final TrustManagerFactory INSTANCE = new InsecureTrustManagerFactory();
+
+	private static final Provider provider = new Provider("", "0.0", "") {
+		private static final long serialVersionUID = -2680540247105807895L;
+
+	};
+
+	protected InsecureTrustManagerFactory() {
+		super(new SimpleTrustManagerFactorySpi(), provider, "");
+	}
+
+	private final static class InsecureTrustManager extends X509ExtendedTrustManager {
+
+		static final InsecureTrustManager INSTANCE = new InsecureTrustManager();
+
+		static final X509Certificate[] EMPTY_CERTS = new X509Certificate[] {};
+
+		@Override
+		public void checkClientTrusted(X509Certificate[] chain, String authType) {
+		}
+
+		@Override
+		public void checkServerTrusted(X509Certificate[] chain, String authType) {
+		}
+
+		@Override
+		public X509Certificate[] getAcceptedIssuers() {
+			return EMPTY_CERTS;
+		}
+
+		@Override
+		public void checkClientTrusted(X509Certificate[] chain, String authType, Socket socket)
+				throws CertificateException {
+		}
+
+		@Override
+		public void checkServerTrusted(X509Certificate[] chain, String authType, Socket socket)
+				throws CertificateException {
+		}
+
+		@Override
+		public void checkClientTrusted(X509Certificate[] chain, String authType, SSLEngine engine)
+				throws CertificateException {
+		}
+
+		@Override
+		public void checkServerTrusted(X509Certificate[] chain, String authType, SSLEngine engine)
+				throws CertificateException {
+		}
+
+	}
+
+	private final static class SimpleTrustManagerFactorySpi extends TrustManagerFactorySpi {
+
+		static final TrustManager[] TRUST_ALL = new X509TrustManager[] { InsecureTrustManager.INSTANCE };
+
+		@Override
+		protected void engineInit(KeyStore keyStore) throws KeyStoreException {
+		}
+
+		@Override
+		protected void engineInit(ManagerFactoryParameters managerFactoryParameters)
+				throws InvalidAlgorithmParameterException {
+		}
+
+		@Override
+		protected TrustManager[] engineGetTrustManagers() {
+			return TRUST_ALL;
+		}
+
+	}
+
+}

spring-grpc-spring-boot-autoconfigure/src/main/java/org/springframework/grpc/autoconfigure/client/GrpcChannelFactoryConfigurations.java

@@ -38,8 +38,7 @@
 
 @Configuration(proxyBeanMethods = false)
 @EnableConfigurationProperties(GrpcClientProperties.class)
-@Import({ GrpcChannelFactoryConfigurations.ShadedNettyChannelFactoryConfiguration.class,
-		GrpcChannelFactoryConfigurations.NettyChannelFactoryConfiguration.class, GrpcCodecConfiguration.class })
+@Import(GrpcCodecConfiguration.class)
 public class GrpcClientAutoConfiguration {
 
 	@Bean
@@ -52,6 +51,12 @@ public DefaultGrpcChannelFactory defaultGrpcChannelFactory(final List<GrpcChanne
 		return factory;
 	}
 
+	@Bean
+	@ConditionalOnMissingBean(ChannelCredentialsProvider.class)
+	public ChannelCredentialsProvider channelCredentialsProvider(GrpcClientProperties channels, SslBundles bundles) {
+		return new NamedChannelCredentialsProvider(bundles, channels);
+	}
+
 	@Bean
 	public GrpcChannelConfigurer sslGrpcChannelConfigurer(GrpcClientProperties channels) {
 		return (authority, builder) -> {

spring-grpc-spring-boot-autoconfigure/src/main/java/org/springframework/grpc/autoconfigure/client/GrpcClientAutoConfiguration.java

@@ -22,19 +22,19 @@
 import org.springframework.grpc.autoconfigure.client.GrpcClientProperties.NamedChannel;
 import org.springframework.grpc.client.ChannelCredentialsProvider;
 import org.springframework.grpc.client.NegotiationType;
+import org.springframework.grpc.internal.InsecureTrustManagerFactory;
 
 import io.grpc.ChannelCredentials;
 import io.grpc.InsecureChannelCredentials;
 import io.grpc.TlsChannelCredentials;
-import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
 
-public class NettyChannelCredentialsProvider implements ChannelCredentialsProvider {
+public class NamedChannelCredentialsProvider implements ChannelCredentialsProvider {
 
 	private final GrpcClientProperties channels;
 
 	private final SslBundles bundles;
 
-	public NettyChannelCredentialsProvider(SslBundles bundles, GrpcClientProperties channels) {
+	public NamedChannelCredentialsProvider(SslBundles bundles, GrpcClientProperties channels) {
 		this.bundles = bundles;
 		this.channels = channels;
 	}
@@ -47,11 +47,11 @@ public ChannelCredentials getChannelCredentials(String path) {
 			return InsecureChannelCredentials.create();
 		}
 		if (bundle != null) {
-			TrustManagerFactory trustManager = channel.isSecure() ? bundle.getManagers().getTrustManagerFactory()
+			TrustManagerFactory trustManagers = channel.isSecure() ? bundle.getManagers().getTrustManagerFactory()
 					: InsecureTrustManagerFactory.INSTANCE;
 			return TlsChannelCredentials.newBuilder()
 				.keyManager(bundle.getManagers().getKeyManagerFactory().getKeyManagers())
-				.trustManager(trustManager.getTrustManagers())
+				.trustManager(trustManagers.getTrustManagers())
 				.build();
 		}
 		else {