Fernet token AuthNZ available on all Apollo services. Token call cred…

…entials supplier is optionally available in the creation of the ServerConnectionCache. Clients now call the supplied ManagedServerChannel to wrap interceptors and call credentials appropriately.

choam/src/main/java/com/salesforce/apollo/choam/comm/TerminalClient.java

@@ -25,7 +25,7 @@ public class TerminalClient implements Terminal {
 
     public TerminalClient(ManagedServerChannel channel, ChoamMetrics metrics) {
         this.channel = channel;
-        this.client = TerminalGrpc.newBlockingStub(channel).withCompression("gzip");
+        this.client = channel.wrap(TerminalGrpc.newBlockingStub(channel));
         this.metrics = metrics;
     }
 

choam/src/main/java/com/salesforce/apollo/choam/comm/TxnSubmitClient.java

@@ -25,7 +25,7 @@ public class TxnSubmitClient implements TxnSubmission {
 
     public TxnSubmitClient(ManagedServerChannel channel, ChoamMetrics metrics) {
         this.channel = channel;
-        this.client = TransactionSubmissionGrpc.newBlockingStub(channel).withCompression("gzip");
+        this.client = channel.wrap(TransactionSubmissionGrpc.newBlockingStub(channel));
     }
 
     public static CreateClientCommunications<TxnSubmission> getCreate(ChoamMetrics metrics) {

ethereal/src/main/java/com/salesforce/apollo/ethereal/memberships/comm/GossiperClient.java

@@ -7,12 +7,12 @@
 package com.salesforce.apollo.ethereal.memberships.comm;
 
 import com.codahale.metrics.Timer.Context;
+import com.salesforce.apollo.archipelago.ManagedServerChannel;
+import com.salesforce.apollo.archipelago.ServerConnectionCache.CreateClientCommunications;
 import com.salesforce.apollo.ethereal.proto.ContextUpdate;
 import com.salesforce.apollo.ethereal.proto.Gossip;
 import com.salesforce.apollo.ethereal.proto.GossiperGrpc;
 import com.salesforce.apollo.ethereal.proto.Update;
-import com.salesforce.apollo.archipelago.ManagedServerChannel;
-import com.salesforce.apollo.archipelago.ServerConnectionCache.CreateClientCommunications;
 import com.salesforce.apollo.membership.Member;
 
 /**
@@ -27,7 +27,7 @@ public class GossiperClient implements Gossiper {
 
     public GossiperClient(ManagedServerChannel channel, EtherealMetrics metrics) {
         this.channel = channel;
-        this.client = GossiperGrpc.newBlockingStub(channel).withCompression("gzip");
+        this.client = channel.wrap(GossiperGrpc.newBlockingStub(channel));
         this.metrics = metrics;
     }
 

fireflies/src/main/java/com/salesforce/apollo/fireflies/comm/entrance/EntranceClient.java

@@ -26,7 +26,7 @@ public class EntranceClient implements Entrance {
 
     public EntranceClient(ManagedServerChannel channel, FireflyMetrics metrics) {
         this.channel = channel;
-        this.client = EntranceGrpc.newBlockingStub(channel).withCompression("gzip");
+        this.client = channel.wrap(EntranceGrpc.newBlockingStub(channel));
         this.metrics = metrics;
     }
 

fireflies/src/main/java/com/salesforce/apollo/fireflies/comm/gossip/FfClient.java

@@ -7,13 +7,13 @@
 package com.salesforce.apollo.fireflies.comm.gossip;
 
 import com.codahale.metrics.Timer.Context;
+import com.salesforce.apollo.archipelago.ManagedServerChannel;
+import com.salesforce.apollo.archipelago.ServerConnectionCache.CreateClientCommunications;
+import com.salesforce.apollo.fireflies.FireflyMetrics;
 import com.salesforce.apollo.fireflies.proto.FirefliesGrpc;
 import com.salesforce.apollo.fireflies.proto.Gossip;
 import com.salesforce.apollo.fireflies.proto.SayWhat;
 import com.salesforce.apollo.fireflies.proto.State;
-import com.salesforce.apollo.archipelago.ManagedServerChannel;
-import com.salesforce.apollo.archipelago.ServerConnectionCache.CreateClientCommunications;
-import com.salesforce.apollo.fireflies.FireflyMetrics;
 import com.salesforce.apollo.membership.Member;
 
 /**
@@ -28,7 +28,7 @@ public class FfClient implements Fireflies {
 
     public FfClient(ManagedServerChannel channel, FireflyMetrics metrics) {
         this.channel = channel;
-        this.client = FirefliesGrpc.newBlockingStub(channel).withCompression("gzip");
+        this.client = channel.wrap(FirefliesGrpc.newBlockingStub(channel));
         this.metrics = metrics;
     }
 

gorgoneion-client/src/main/java/com/salesforce/apollo/gorgoneion/client/client/comm/AdmissionsClient.java

@@ -6,14 +6,14 @@
  */
 package com.salesforce.apollo.gorgoneion.client.client.comm;
 
+import com.salesforce.apollo.archipelago.ManagedServerChannel;
+import com.salesforce.apollo.archipelago.ServerConnectionCache.CreateClientCommunications;
 import com.salesforce.apollo.gorgoneion.proto.AdmissionsGrpc;
 import com.salesforce.apollo.gorgoneion.proto.Credentials;
 import com.salesforce.apollo.gorgoneion.proto.SignedNonce;
+import com.salesforce.apollo.membership.Member;
 import com.salesforce.apollo.stereotomy.event.proto.KERL_;
 import com.salesforce.apollo.stereotomy.event.proto.Validations;
-import com.salesforce.apollo.archipelago.ManagedServerChannel;
-import com.salesforce.apollo.archipelago.ServerConnectionCache.CreateClientCommunications;
-import com.salesforce.apollo.membership.Member;
 
 import java.time.Duration;
 import java.util.concurrent.TimeUnit;
@@ -29,7 +29,7 @@ public class AdmissionsClient implements Admissions {
 
     public AdmissionsClient(ManagedServerChannel channel, GorgoneionClientMetrics metrics) {
         this.channel = channel;
-        this.client = AdmissionsGrpc.newBlockingStub(channel).withCompression("gzip");
+        this.client = channel.wrap(AdmissionsGrpc.newBlockingStub(channel));
         this.metrics = metrics;
     }
 

gorgoneion/src/main/java/com/salesforce/apollo/gorgoneion/comm/endorsement/EndorsementClient.java

@@ -6,12 +6,12 @@
  */
 package com.salesforce.apollo.gorgoneion.comm.endorsement;
 
-import com.salesforce.apollo.gorgoneion.proto.*;
-import com.salesforce.apollo.stereotomy.event.proto.Validation_;
 import com.salesforce.apollo.archipelago.ManagedServerChannel;
 import com.salesforce.apollo.archipelago.ServerConnectionCache.CreateClientCommunications;
 import com.salesforce.apollo.gorgoneion.comm.GorgoneionMetrics;
+import com.salesforce.apollo.gorgoneion.proto.*;
 import com.salesforce.apollo.membership.Member;
+import com.salesforce.apollo.stereotomy.event.proto.Validation_;
 
 import java.io.IOException;
 import java.time.Duration;
@@ -28,7 +28,7 @@ public class EndorsementClient implements Endorsement {
 
     public EndorsementClient(ManagedServerChannel channel, GorgoneionMetrics metrics) {
         this.channel = channel;
-        this.client = EndorsementGrpc.newBlockingStub(channel).withCompression("gzip");
+        this.client = channel.wrap(EndorsementGrpc.newBlockingStub(channel));
         this.metrics = metrics;
     }
 

gorgoneion/src/test/java/com/salesforce/apollo/gorgoneion/AdmissionsClient.java

@@ -6,14 +6,14 @@
  */
 package com.salesforce.apollo.gorgoneion;
 
+import com.salesforce.apollo.archipelago.ManagedServerChannel;
+import com.salesforce.apollo.archipelago.ServerConnectionCache.CreateClientCommunications;
 import com.salesforce.apollo.gorgoneion.proto.AdmissionsGrpc;
 import com.salesforce.apollo.gorgoneion.proto.Credentials;
 import com.salesforce.apollo.gorgoneion.proto.SignedNonce;
+import com.salesforce.apollo.membership.Member;
 import com.salesforce.apollo.stereotomy.event.proto.KERL_;
 import com.salesforce.apollo.stereotomy.event.proto.Validations;
-import com.salesforce.apollo.archipelago.ManagedServerChannel;
-import com.salesforce.apollo.archipelago.ServerConnectionCache.CreateClientCommunications;
-import com.salesforce.apollo.membership.Member;
 
 import java.time.Duration;
 import java.util.concurrent.TimeUnit;
@@ -28,7 +28,7 @@ public class AdmissionsClient implements Admissions {
 
     public AdmissionsClient(ManagedServerChannel channel) {
         this.channel = channel;
-        this.client = AdmissionsGrpc.newBlockingStub(channel).withCompression("gzip");
+        this.client = channel.wrap(AdmissionsGrpc.newBlockingStub(channel));
     }
 
     public static CreateClientCommunications<Admissions> getCreate() {

grpc/src/main/proto/leyden.proto

@@ -14,18 +14,17 @@ package leyden;
 
 service Binder {
   rpc bind(Binding) returns(google.protobuf.Empty) {}
-  rpc unbind(KeyAndToken) returns(google.protobuf.Empty) {}
-  rpc get(KeyAndToken) returns(Bound) {}
+  rpc unbind(Key) returns(google.protobuf.Empty) {}
+  rpc get(Key) returns(Bound) {}
 }
 
 service Reconciliation {
   rpc reconcile (Intervals) returns (Update) {}
   rpc update (Updating) returns (google.protobuf.Empty) {}
 }
 
-message KeyAndToken {
+message Key {
   bytes key = 1;
-  bytes token = 2;
 }
 
 message Update {

isolates/src/test/java/com/salesforce/apollo/demesnes/DemesneSmoke.java

@@ -226,7 +226,7 @@ public static class TestItClient implements TestItService {
 
         public TestItClient(ManagedServerChannel c) {
             this.connection = c;
-            client = TestItGrpc.newBlockingStub(c);
+            client = c.wrap(TestItGrpc.newBlockingStub(c));
         }
 
         @Override

leyden/src/main/java/com/salesforce/apollo/leyden/LeydenJar.java

@@ -125,7 +125,7 @@ public void bind(Binding bound) {
         }
     }
 
-    public Bound get(KeyAndToken keyAndToken) {
+    public Bound get(Key keyAndToken) {
         var hash = algorithm.digest(keyAndToken.getKey());
         log.info("Get: {} on: {}", hash, member.getId());
         Instant timedOut = Instant.now().plus(operationTimeout);
@@ -175,7 +175,7 @@ public void stop() {
         reconComms.deregister(context.getId());
     }
 
-    public void unbind(KeyAndToken keyAndToken) {
+    public void unbind(Key keyAndToken) {
         var key = keyAndToken.toByteArray();
         var hash = algorithm.digest(key);
         log.info("Unbind: {} on: {}", hash, member.getId());
@@ -477,11 +477,11 @@ private <B> boolean write(CompletableFuture<B> result, HashMultiset<B> gathered,
     }
 
     public interface OpValidator {
-        boolean validateBind(Bound bound, byte[] token);
+        boolean validateBind(Bound bound);
 
-        boolean validateGet(byte[] key, byte[] token);
+        boolean validateGet(byte[] key);
 
-        boolean validateUnbind(byte[] key, byte[] token);
+        boolean validateUnbind(byte[] key);
     }
 
     private static class ConsensusState {
@@ -553,7 +553,7 @@ private class Borders implements BinderService {
         @Override
         public void bind(Binding request, Digest from) {
             var bound = request.getBound();
-            if (!validator.validateBind(bound, request.getToken().toByteArray())) {
+            if (!validator.validateBind(bound)) {
                 log.warn("Invalid Bind Token on: {}", member.getId());
                 throw new StatusRuntimeException(Status.INVALID_ARGUMENT);
             }
@@ -565,8 +565,8 @@ public void bind(Binding request, Digest from) {
         }
 
         @Override
-        public Bound get(KeyAndToken request, Digest from) {
-            if (!validator.validateGet(request.getKey().toByteArray(), request.getToken().toByteArray())) {
+        public Bound get(Key request, Digest from) {
+            if (!validator.validateGet(request.getKey().toByteArray())) {
                 log.warn("Invalid Get Token on: {}", member.getId());
                 throw new StatusRuntimeException(Status.INVALID_ARGUMENT);
             }
@@ -577,8 +577,8 @@ public Bound get(KeyAndToken request, Digest from) {
         }
 
         @Override
-        public void unbind(KeyAndToken request, Digest from) {
-            if (!validator.validateUnbind(request.getKey().toByteArray(), request.getToken().toByteArray())) {
+        public void unbind(Key request, Digest from) {
+            if (!validator.validateUnbind(request.getKey().toByteArray())) {
                 log.warn("Invalid Unbind Token on: {}", member.getId());
                 throw new StatusRuntimeException(Status.INVALID_ARGUMENT);
             }

leyden/src/main/java/com/salesforce/apollo/leyden/comm/binding/Bind.java

@@ -4,7 +4,7 @@
 import com.salesforce.apollo.leyden.proto.BinderGrpc;
 import com.salesforce.apollo.leyden.proto.Binding;
 import com.salesforce.apollo.leyden.proto.Bound;
-import com.salesforce.apollo.leyden.proto.KeyAndToken;
+import com.salesforce.apollo.leyden.proto.Key;
 import com.salesforce.apollo.membership.Member;
 import com.salesforce.apollo.membership.SigningMember;
 
@@ -21,7 +21,7 @@ public class Bind implements BinderClient {
     public Bind(ManagedServerChannel channel, BinderMetrics metrics) {
         this.channel = channel;
         this.metrics = metrics;
-        this.client = BinderGrpc.newBlockingStub(channel);
+        this.client = channel.wrap(BinderGrpc.newBlockingStub(channel));
     }
 
     public static BinderClient getCreate(ManagedServerChannel c, BinderMetrics binderMetrics) {
@@ -41,7 +41,7 @@ public void close() throws IOException {
             }
 
             @Override
-            public Bound get(KeyAndToken key) {
+            public Bound get(Key key) {
                 return service.get(key, member.getId());
             }
 
@@ -51,7 +51,7 @@ public Member getMember() {
             }
 
             @Override
-            public void unbind(KeyAndToken key) {
+            public void unbind(Key key) {
                 service.unbind(key, member.getId());
             }
         };
@@ -68,7 +68,7 @@ public void close() throws IOException {
     }
 
     @Override
-    public Bound get(KeyAndToken key) {
+    public Bound get(Key key) {
         return client.get(key);
     }
 
@@ -78,7 +78,7 @@ public Member getMember() {
     }
 
     @Override
-    public void unbind(KeyAndToken key) {
+    public void unbind(Key key) {
         client.unbind(key);
     }
 }

leyden/src/main/java/com/salesforce/apollo/leyden/comm/binding/BinderClient.java

@@ -3,7 +3,7 @@
 import com.salesforce.apollo.archipelago.Link;
 import com.salesforce.apollo.leyden.proto.Binding;
 import com.salesforce.apollo.leyden.proto.Bound;
-import com.salesforce.apollo.leyden.proto.KeyAndToken;
+import com.salesforce.apollo.leyden.proto.Key;
 
 /**
  * @author hal.hildebrand
@@ -12,7 +12,7 @@ public interface BinderClient extends Link {
 
     void bind(Binding binding);
 
-    Bound get(KeyAndToken key);
+    Bound get(Key key);
 
-    void unbind(KeyAndToken key);
+    void unbind(Key key);
 }

leyden/src/main/java/com/salesforce/apollo/leyden/comm/binding/BinderServer.java

@@ -7,7 +7,7 @@
 import com.salesforce.apollo.leyden.proto.BinderGrpc;
 import com.salesforce.apollo.leyden.proto.Binding;
 import com.salesforce.apollo.leyden.proto.Bound;
-import com.salesforce.apollo.leyden.proto.KeyAndToken;
+import com.salesforce.apollo.leyden.proto.Key;
 import com.salesforce.apollo.protocols.ClientIdentity;
 import io.grpc.stub.StreamObserver;
 
@@ -54,7 +54,7 @@ public void bind(Binding request, StreamObserver<Empty> responseObserver) {
     }
 
     @Override
-    public void get(KeyAndToken request, StreamObserver<Bound> responseObserver) {
+    public void get(Key request, StreamObserver<Bound> responseObserver) {
         Timer.Context timer = metrics == null ? null : metrics.inboundGetTimer().time();
         if (metrics != null) {
             var serializedSize = request.getSerializedSize();
@@ -80,7 +80,7 @@ public void get(KeyAndToken request, StreamObserver<Bound> responseObserver) {
     }
 
     @Override
-    public void unbind(KeyAndToken request, StreamObserver<Empty> responseObserver) {
+    public void unbind(Key request, StreamObserver<Empty> responseObserver) {
         Timer.Context timer = metrics == null ? null : metrics.inboundUnbindTimer().time();
         if (metrics != null) {
             var serializedSize = request.getSerializedSize();

leyden/src/main/java/com/salesforce/apollo/leyden/comm/binding/BinderService.java

@@ -3,15 +3,15 @@
 import com.salesforce.apollo.cryptography.Digest;
 import com.salesforce.apollo.leyden.proto.Binding;
 import com.salesforce.apollo.leyden.proto.Bound;
-import com.salesforce.apollo.leyden.proto.KeyAndToken;
+import com.salesforce.apollo.leyden.proto.Key;
 
 /**
  * @author hal.hildebrand
  **/
 public interface BinderService {
     void bind(Binding request, Digest from);
 
-    Bound get(KeyAndToken request, Digest from);
+    Bound get(Key request, Digest from);
 
-    void unbind(KeyAndToken request, Digest from);
+    void unbind(Key request, Digest from);
 }

leyden/src/main/java/com/salesforce/apollo/leyden/comm/reconcile/Reckoning.java

@@ -20,7 +20,7 @@ public class Reckoning implements ReconciliationClient {
 
     public Reckoning(ManagedServerChannel channel, Member member, ReconciliationMetrics metrics) {
         this.channel = channel;
-        this.client = ReconciliationGrpc.newBlockingStub(channel);
+        this.client = channel.wrap(ReconciliationGrpc.newBlockingStub(channel));
         this.member = member;
     }