Skip to content

Commit 71e7937

Browse files
author
paragrf
committed
bugfix:Fixed the issue that grpc was blocked because the returned body could not be parsed by the client to get the correct error code after authentication failed
1 parent d4e46bd commit 71e7937

1 file changed

Lines changed: 22 additions & 3 deletions

File tree

src/brpc/policy/http_rpc_protocol.cpp

Lines changed: 22 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1331,7 +1331,26 @@ ParseResult ParseHttpMessage(butil::IOBuf *source, Socket *socket,
13311331
}
13321332
}
13331333

1334-
static void SendUnauthorizedResponse(const std::string& user_error_text, Socket* socket) {
1334+
static void SendUnauthorizedResponse(const std::string& user_error_text, Socket* socket, const InputMessageBase* msg) {
1335+
HttpContext* http_request = (HttpContext*)msg;
1336+
const bool is_http2 = http_request->header().is_http2();
1337+
if (is_http2) {
1338+
// for grpc client
1339+
const H2StreamContext* h2_sctx = static_cast<const H2StreamContext*>(msg);
1340+
brpc::Controller* cntl = new brpc::Controller();
1341+
cntl->http_response().set_status_code(200);
1342+
cntl->http_response().set_content_type("application/grpc");
1343+
cntl->SetFailed(ERPCAUTH, user_error_text.empty() ? "Fail to authenticate" : user_error_text.c_str());
1344+
1345+
SocketMessagePtr<H2UnsentResponse> h2_response(
1346+
H2UnsentResponse::New(cntl, h2_sctx->stream_id(), true));
1347+
brpc::Socket::WriteOptions opt;
1348+
opt.ignore_eovercrowded = true;
1349+
socket->Write(h2_response, &opt);
1350+
delete cntl;
1351+
return;
1352+
}
1353+
13351354
// Send 403(forbidden) to client.
13361355
HttpHeader header;
13371356
header.set_status_code(HTTP_STATUS_FORBIDDEN);
@@ -1374,7 +1393,7 @@ bool VerifyHttpRequest(const InputMessageBase* msg) {
13741393
const std::string *authorization
13751394
= http_request->header().GetHeader(common->AUTHORIZATION);
13761395
if (authorization == NULL) {
1377-
SendUnauthorizedResponse(auth->GetUnauthorizedErrorText(), socket);
1396+
SendUnauthorizedResponse(auth->GetUnauthorizedErrorText(), socket, msg);
13781397
return false;
13791398
}
13801399
butil::EndPoint user_addr;
@@ -1383,7 +1402,7 @@ bool VerifyHttpRequest(const InputMessageBase* msg) {
13831402
}
13841403
if (auth->VerifyCredential(*authorization, user_addr,
13851404
socket->mutable_auth_context()) != 0) {
1386-
SendUnauthorizedResponse(auth->GetUnauthorizedErrorText(), socket);
1405+
SendUnauthorizedResponse(auth->GetUnauthorizedErrorText(), socket, msg);
13871406
return false;
13881407
}
13891408

0 commit comments

Comments
 (0)