aspnetcore微服务之间grpc通信,无proto文件

  • aspnetcore微服务之间grpc通信,无proto文件已关闭评论
  • 102 次浏览
  • A+
所属分类:.NET技术
摘要

aspnetcore微服务之间通信grpc,一般服务对外接口用restful架构,HTTP请求,服务之间的通信grpc多走内网。

aspnetcore微服务之间通信grpc,一般服务对外接口用restful架构,HTTP请求,服务之间的通信grpc多走内网。

以前写过一篇grpc和web前端之间的通讯,代码如下:

exercisebook/grpc/grpc-web at main · liuzhixin405/exercisebook (github.com)

 

本次是微服务之间的通信使用了开源软件MagicOnion,该软件定义接口约束免去proto复杂配置,类似orleans或者webservice,服务调用都通过约定接口规范做传输调用,使用起来非常简单和简洁。

下面通过服务之间调用的示例代码做演示:

aspnetcore微服务之间grpc通信,无proto文件

Server里面包含简单jwt的token的生成,client和002需要调用登录,通过外部接口调用传入用户和密码,内部再调用jwt服务。

aspnetcore微服务之间grpc通信,无proto文件

aspnetcore微服务之间grpc通信,无proto文件

aspnetcore微服务之间grpc通信,无proto文件

 

服务之间调用如果不用proto的话,那么接口必须是公共部分,值得注意的是接口的参数和返回值必须 包含[MessagePackObject(true)]的特性,硬性条件。返回值必须被UnaryResult包裹,接口继承MagicOnion的IService,有兴趣深入的自己研究源码。

using System; using System.Collections.Generic; using System.Linq; using System.Text; using System.Threading.Tasks; using MagicOnion; using MessagePack;  namespace MicroService.Shared {     public interface IAccountService:IService<IAccountService>     {         UnaryResult<SignInResponse> SignInAsync(string signInId, string password);         UnaryResult<CurrentUserResponse> GetCurrentUserNameAsync();         UnaryResult<string> DangerousOperationAsync();     }      [MessagePackObject(true)]     public class SignInResponse     {         public long UserId { get; set; }         public string Name { get; set; }         public string Token { get; set; }         public DateTimeOffset Expiration { get; set; }         public bool Success { get; set; }          public static SignInResponse Failed { get; } = new SignInResponse() { Success = false };          public SignInResponse() { }          public SignInResponse(long userId, string name, string token, DateTimeOffset expiration)         {             Success = true;             UserId = userId;             Name = name;             Token = token;             Expiration = expiration;         }     }      [MessagePackObject(true)]     public class CurrentUserResponse     {         public static CurrentUserResponse Anonymous { get; } = new CurrentUserResponse() { IsAuthenticated = false, Name = "Anonymous" };          public bool IsAuthenticated { get; set; }         public string Name { get; set; }         public long UserId { get; set; }     } }

aspnetcore微服务之间grpc通信,无proto文件

上面GrpcClientPool和IGrpcClientFactory是我封装的客户端请求的一个链接池,跟MagicOnion没有任何关系。客户端如果使用原生的Grpc.Net.Client库作为客户端请求完全可以,通过 MagicOnionClient.Create<IAccountService>(channel)把grpcchannel塞入拿到接口服务即可。

服务端代码如下:

using JwtAuthApp.Server.Authentication; using Microsoft.AspNetCore.Authentication.JwtBearer; using Microsoft.AspNetCore.Server.Kestrel.Core; using Microsoft.IdentityModel.Tokens;  namespace JwtAuthApp.Server {     public class Program     {         public static void Main(string[] args)         {             var builder = WebApplication.CreateBuilder(args);              // Add services to the container.             builder.WebHost.ConfigureKestrel(options =>             {                 options.ConfigureEndpointDefaults(endpointOptions =>                 {                     endpointOptions.Protocols = HttpProtocols.Http2;                 });             });             builder.Services.AddGrpc();             builder.Services.AddMagicOnion();              builder.Services.AddSingleton<JwtTokenService>();             builder.Services.Configure<JwtTokenServiceOptions>(builder.Configuration.GetSection("JwtAuthApp.Server:JwtTokenService"));             builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)                 .AddJwtBearer(options =>                 {                     options.TokenValidationParameters = new TokenValidationParameters                     {                         IssuerSigningKey = new SymmetricSecurityKey(Convert.FromBase64String(builder.Configuration.GetSection("JwtAuthApp.Server:JwtTokenService:Secret").Value!)),                         RequireExpirationTime = true,                         RequireSignedTokens = true,                         ClockSkew = TimeSpan.FromSeconds(10),                          ValidateIssuer = false,                         ValidateAudience = false,                         ValidateLifetime = true,                         ValidateIssuerSigningKey = true,                     }; #if DEBUG                     options.RequireHttpsMetadata = false; #endif                 });             builder.Services.AddAuthorization();              builder.Services.AddControllers();             // Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle             builder.Services.AddEndpointsApiExplorer();             builder.Services.AddSwaggerGen();              var app = builder.Build();              // Configure the HTTP request pipeline.             if (app.Environment.IsDevelopment())             {                 app.UseSwagger();                 app.UseSwaggerUI();             }              app.UseHttpsRedirection();              app.UseAuthentication();              app.UseAuthorization();               app.MapControllers();             app.MapMagicOnionService();             app.Run();         }     } }

实际上跟组件有关的代码只有这么多了,剩下的就是jwt的。
 builder.WebHost.ConfigureKestrel(options =>             {                 options.ConfigureEndpointDefaults(endpointOptions =>                 {                     endpointOptions.Protocols = HttpProtocols.Http2;                 });             });             builder.Services.AddGrpc();             builder.Services.AddMagicOnion();             app.MapMagicOnionService();

当然作为服务的提供者实现IAccountService的接口是必须的。

using Grpc.Core; using JwtAuthApp.Server.Authentication; using System.Security.Claims; using MagicOnion; using MagicOnion.Server; using MicroService.Shared; using Microsoft.AspNetCore.Authorization;  namespace JwtAuthApp.Server.GrpcService {     [Authorize]     public class AccountService : ServiceBase<IAccountService>, IAccountService     {         private static IDictionary<string, (string Password, long UserId, string DisplayName)> DummyUsers = new Dictionary<string, (string, long, string)>(StringComparer.OrdinalIgnoreCase)         {             {"signInId001", ("123456", 1001, "Jack")},             {"signInId002", ("123456", 1002, "Rose")},         };          private readonly JwtTokenService _jwtTokenService;          public AccountService(JwtTokenService jwtTokenService)         {             _jwtTokenService = jwtTokenService ?? throw new ArgumentNullException(nameof(jwtTokenService));         }          [AllowAnonymous]         public async UnaryResult<SignInResponse> SignInAsync(string signInId, string password)         {             await Task.Delay(1); // some workloads...              if (DummyUsers.TryGetValue(signInId, out var userInfo) && userInfo.Password == password)             {                 var (token, expires) = _jwtTokenService.CreateToken(userInfo.UserId, userInfo.DisplayName);                  return new SignInResponse(                     userInfo.UserId,                     userInfo.DisplayName,                     token,                     expires                 );             }              return SignInResponse.Failed;         }          [AllowAnonymous]         public async UnaryResult<CurrentUserResponse> GetCurrentUserNameAsync()         {             await Task.Delay(1); // some workloads...              var userPrincipal = Context.CallContext.GetHttpContext().User;             if (userPrincipal.Identity?.IsAuthenticated ?? false)             {                 if (!int.TryParse(userPrincipal.Claims.FirstOrDefault(x => x.Type == ClaimTypes.NameIdentifier)?.Value, out var userId))                 {                     return CurrentUserResponse.Anonymous;                 }                  var user = DummyUsers.SingleOrDefault(x => x.Value.UserId == userId).Value;                 return new CurrentUserResponse()                 {                     IsAuthenticated = true,                     UserId = user.UserId,                     Name = user.DisplayName,                 };             }              return CurrentUserResponse.Anonymous;         }          [Authorize(Roles = "Administrators")]         public async UnaryResult<string> DangerousOperationAsync()         {             await Task.Delay(1); // some workloads...              return "rm -rf /";         }     } }

当然jwt服务的代码也必不可少,还有密钥串json文件。

using Microsoft.Extensions.Options; using Microsoft.IdentityModel.Tokens; using System.IdentityModel.Tokens.Jwt; using System.Security.Claims;  namespace JwtAuthApp.Server.Authentication {     public class JwtTokenService     {         private readonly SymmetricSecurityKey _securityKey;          public JwtTokenService(IOptions<JwtTokenServiceOptions> jwtTokenServiceOptions)         {             _securityKey = new SymmetricSecurityKey(Convert.FromBase64String(jwtTokenServiceOptions.Value.Secret));         }          public (string Token, DateTime Expires) CreateToken(long userId, string displayName)         {             var jwtTokenHandler = new JwtSecurityTokenHandler();             var expires = DateTime.UtcNow.AddSeconds(10);             var token = jwtTokenHandler.CreateEncodedJwt(new SecurityTokenDescriptor()             {                 SigningCredentials = new SigningCredentials(_securityKey, SecurityAlgorithms.HmacSha256),                 Subject = new ClaimsIdentity(new[]                 {                     new Claim(ClaimTypes.Name, displayName),                     new Claim(ClaimTypes.NameIdentifier, userId.ToString()),                 }),                 Expires = expires,             });              return (token, expires);         }     }      public class JwtTokenServiceOptions     {         public string Secret { get; set; }     } }

{     "JwtAuthApp.Server": {         "JwtTokenService": {             /* 64 bytes (512 bits) secret key */             "Secret": "/Z8OkdguxFFbaxOIG1q+V9HeujzMKg1n9gcAYB+x4QvhF87XcD8sQA4VsdwqKVuCmVrXWxReh/6dmVXrjQoo9Q=="         }     },     "Logging": {         "LogLevel": {             "Default": "Trace",             "System": "Information",             "Microsoft": "Information"         }     } }

上面的代码完全可以运行一个jwt服务了。

下面就是客户端代码,因为两个客户端是一样的只是做测试,所以列出一个就够了。

using Login.Client.GrpcClient; using MicroService.Shared.GrpcPool; using MicroService.Shared;  namespace Login.Client {     public class Program     {         public static void Main(string[] args)         {             var builder = WebApplication.CreateBuilder(args);              // Add services to the container.              builder.Services.AddControllers();             // Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle             builder.Services.AddEndpointsApiExplorer();             builder.Services.AddSwaggerGen();             builder.Services.AddTransient<IGrpcClientFactory<IAccountService>, LoginClientFactory>();             builder.Services.AddTransient(sp => new GrpcClientPool<IAccountService>(sp.GetService<IGrpcClientFactory<IAccountService>>(), builder.Configuration, builder.Configuration["Grpc:Service:JwtAuthApp.ServiceAddress"]));              var app = builder.Build();              // Configure the HTTP request pipeline.             if (app.Environment.IsDevelopment())             {                 app.UseSwagger();                 app.UseSwaggerUI();             }              app.UseHttpsRedirection();              app.UseAuthorization();               app.MapControllers();              app.Run();         }     } }

客户端Program.cs只是注入了连接池,没有其他任何多余代码,配置文件当然必不可少。

  builder.Services.AddTransient<IGrpcClientFactory<IAccountService>, LoginClientFactory>();   builder.Services.AddTransient(sp => new GrpcClientPool<IAccountService>(sp.GetService<IGrpcClientFactory<IAccountService>>(), builder.Configuration, builder.Configuration["Grpc:Service:JwtAuthApp.ServiceAddress"]));

{     "Logging": {         "LogLevel": {             "Default": "Information",             "Microsoft.AspNetCore": "Warning"         }     },     "AllowedHosts": "*",     "Grpc": {         "Service": {             "JwtAuthApp.ServiceAddress": "https://localhost:7021"         },          "maxConnections": 10,         "handoverTimeout":10  // seconds     } }

登录的对外接口如下:

using System.ComponentModel.DataAnnotations; using System.Threading.Channels; using Grpc.Net.Client; using Login.Client.GrpcClient; using MagicOnion.Client; using MicroService.Shared; using MicroService.Shared.GrpcPool; using Microsoft.AspNetCore.Mvc;  namespace Login.Client.Controllers {     [ApiController]     [Route("[controller]")]     public class LoginController : ControllerBase     {           private readonly ILogger<LoginController> _logger;         private IConfiguration _configuration;         private readonly IGrpcClientFactory<IAccountService> _grpcClientFactory;         private readonly GrpcClientPool<IAccountService> _grpcClientPool;         public LoginController(ILogger<LoginController> logger, IConfiguration configuration, IGrpcClientFactory<IAccountService> grpcClientFactory, GrpcClientPool<IAccountService> grpcClientPool)         {              _configuration = configuration;             _logger = logger;             _grpcClientFactory = grpcClientFactory;             _grpcClientPool = grpcClientPool;         }          [HttpGet(Name = "Login")]         public async Task<ActionResult<Tuple<bool,string?>>> Login([Required]string signInId, [Required]string pwd)         {             SignInResponse authResult;             /*using (var channel = GrpcChannel.ForAddress(_configuration["JwtAuthApp.ServiceAddress"]))              {                 //var accountClient = MagicOnionClient.Create<IAccountService>(channel);                                }*/              var client = _grpcClientPool.GetClient();             try             {                 // 使用client进行gRPC调用                 authResult = await client.SignInAsync(signInId, pwd);             }             finally             {                 _grpcClientPool.ReleaseClient(client);             }             return (authResult!=null && authResult.Success)?  Tuple.Create(true,authResult.Token): Tuple.Create(false,string.Empty);         }     } }

客户端就剩下一个返回服务的接口工厂了

using Grpc.Net.Client; using MagicOnion.Client; using MicroService.Shared; using MicroService.Shared.GrpcPool;  namespace Login.Client.GrpcClient {     public class LoginClientFactory : IGrpcClientFactory<IAccountService>     {         public IAccountService Create(GrpcChannel channel)         {             return MagicOnionClient.Create<IAccountService>(channel);         }     } }

最后就是连接池的实现:

using System; using System.Collections.Concurrent; using System.Collections.Generic; using System.Linq; using System.Text; using System.Threading.Channels; using System.Threading.Tasks; using Grpc.Core; using Grpc.Net.Client; using Microsoft.Extensions.Configuration; using Microsoft.Extensions.Hosting;  namespace MicroService.Shared.GrpcPool {     public class GrpcClientPool<TClient>     {         private readonly static ConcurrentBag<TClient> _clientPool = new ConcurrentBag<TClient>();                 private readonly IGrpcClientFactory<TClient> _clientFactory;                private readonly int _maxConnections;         private readonly TimeSpan _handoverTimeout;         private readonly string _address;         private readonly DateTime _now;         public GrpcClientPool(IGrpcClientFactory<TClient> clientFactory,             IConfiguration configuration,string address)         {             _now =  DateTime.Now;             _clientFactory = clientFactory;             _maxConnections = int.Parse(configuration["Grpc:maxConnections"]?? throw new ArgumentNullException("grpc maxconnections is null"));             _handoverTimeout = TimeSpan.FromSeconds(double.Parse(configuration["Grpc:maxConnections"]??throw new ArgumentNullException("grpc timeout is null")));             _address = address;         }          public TClient GetClient()         {             if (_clientPool.TryTake(out var client))             {                 return client;             }              if (_clientPool.Count < _maxConnections)             {                 var channel = GrpcChannel.ForAddress(_address);                 client = _clientFactory.Create(channel);                 _clientPool.Add(client);                 return client;             }              if (!_clientPool.TryTake(out client) && DateTime.Now.Subtract(_now) > _handoverTimeout)             {                 throw new TimeoutException("Failed to acquire a connection from the pool within the specified timeout.");             }             return client;         }          public void ReleaseClient(TClient client)         {             if (client == null)             {                 return;             }             _clientPool.Add(client);         }     } }

上面已经演示过了接口调用的接口,这里不再展示,代码示例如下:

liuzhixin405/efcore-template (github.com)

 

不想做池化客户端注入的代码全部不需要了,只需要下面代码就可以了,代码会更少更精简。

 SignInResponse authResult;             using (var channel = GrpcChannel.ForAddress(_configuration["JwtAuthApp.ServiceAddress"]))              {                 var accountClient = MagicOnionClient.Create<IAccountService>(channel);                  authResult = await accountClient.SignInAsync(user, pwd);             }