reactivegroup
diff --git a/‎xds/src/main/java/io/grpc/xds/FilterChainMatchingProtocolNegotiators.java‎
Lines changed: 33 additions & 17 deletions b/‎xds/src/main/java/io/grpc/xds/FilterChainMatchingProtocolNegotiators.java‎
Lines changed: 33 additions & 17 deletions
diff --git a/‎xds/src/main/java/io/grpc/xds/RoutingUtils.java‎
Lines changed: 219 additions & 0 deletions b/‎xds/src/main/java/io/grpc/xds/RoutingUtils.java‎
Lines changed: 219 additions & 0 deletions
diff --git a/‎xds/src/main/java/io/grpc/xds/XdsServerBuilder.java‎
Lines changed: 2 additions & 1 deletion b/‎xds/src/main/java/io/grpc/xds/XdsServerBuilder.java‎
Lines changed: 2 additions & 1 deletion
@@ -18,6 +18,7 @@
 
 import static com.google.common.base.Preconditions.checkNotNull;
 import static io.grpc.xds.InternalXdsAttributes.ATTR_FILTER_CHAIN_SELECTOR_REF;
+import static io.grpc.xds.XdsServerWrapper.ATTR_SERVER_ROUTING_CONFIG;
 import static io.grpc.xds.internal.sds.SdsProtocolNegotiators.ATTR_SERVER_SSL_CONTEXT_PROVIDER_SUPPLIER;
 
 import com.google.common.annotations.VisibleForTesting;
@@ -36,6 +37,7 @@
 import io.grpc.xds.EnvoyServerProtoData.FilterChain;
 import io.grpc.xds.EnvoyServerProtoData.FilterChainMatch;
 import io.grpc.xds.FilterChainMatchingProtocolNegotiators.FilterChainMatchingHandler.FilterChainSelector;
+import io.grpc.xds.XdsServerWrapper.ServerRoutingConfig;
 import io.grpc.xds.internal.Matchers.CidrMatcher;
 import io.grpc.xds.internal.sds.SslContextProviderSupplier;
 import io.netty.channel.ChannelFutureListener;
@@ -50,6 +52,7 @@
 import java.util.Collection;
 import java.util.Collections;
 import java.util.List;
+import java.util.Map;
 import java.util.concurrent.Executor;
 import java.util.concurrent.atomic.AtomicReference;
 import java.util.logging.Level;
@@ -101,32 +104,41 @@ public void userEventTriggered(ChannelHandlerContext ctx, Object evt) throws Exc
         return;
       }
       ProtocolNegotiationEvent pne = (ProtocolNegotiationEvent) evt;
-      Attributes attr = InternalProtocolNegotiationEvent.getAttributes(pne)
-              .toBuilder().set(ATTR_SERVER_SSL_CONTEXT_PROVIDER_SUPPLIER,
-                      config.sslContextProviderSupplier).build();
+      // TODO(zivy): merge into one key and take care of this outer class visibility.
+      Attributes attr = InternalProtocolNegotiationEvent.getAttributes(pne).toBuilder()
+              .set(ATTR_SERVER_SSL_CONTEXT_PROVIDER_SUPPLIER, config.sslContextProviderSupplier)
+              .set(ATTR_SERVER_ROUTING_CONFIG, config.routingConfig)
+              .build();
       pne = InternalProtocolNegotiationEvent.withAttributes(pne, attr);
       ctx.pipeline().replace(this, null, delegate.newHandler(grpcHandler));
       ctx.fireUserEventTriggered(pne);
     }
 
     static final class FilterChainSelector {
       public static final FilterChainSelector NO_FILTER_CHAIN = new FilterChainSelector(
-              Collections.<FilterChain>emptyList(), null);
-
-      private final List<FilterChain> filterChainList;
+              Collections.<FilterChain, ServerRoutingConfig>emptyMap(), null, null);
+      private final Map<FilterChain, ServerRoutingConfig> routingConfigs;
       @Nullable
       private final SslContextProviderSupplier defaultSslContextProviderSupplier;
+      @Nullable
+      private final ServerRoutingConfig defaultRoutingConfig;
 
-      FilterChainSelector(List<FilterChain> filterChainList,
-                          @Nullable SslContextProviderSupplier defaultSslContextProviderSupplier) {
-        checkNotNull(filterChainList, "filterChainList");
-        this.filterChainList = filterChainList;
+      FilterChainSelector(Map<FilterChain, ServerRoutingConfig> routingConfigs,
+                          @Nullable SslContextProviderSupplier defaultSslContextProviderSupplier,
+                          @Nullable ServerRoutingConfig defaultRoutingConfig) {
+        this.routingConfigs = checkNotNull(routingConfigs, "routingConfigs");
         this.defaultSslContextProviderSupplier = defaultSslContextProviderSupplier;
+        this.defaultRoutingConfig = defaultRoutingConfig;
+      }
+
+      @VisibleForTesting
+      Map<FilterChain, ServerRoutingConfig> getRoutingConfigs() {
+        return routingConfigs;
       }
 
       @VisibleForTesting
-      List<FilterChain> getFilterChains() {
-        return filterChainList;
+      ServerRoutingConfig getDefaultRoutingConfig() {
+        return defaultRoutingConfig;
       }
 
       @VisibleForTesting
@@ -138,7 +150,7 @@ SslContextProviderSupplier getDefaultSslContextProviderSupplier() {
        * Throws IllegalStateException when no exact one match, and we should close the connection.
        */
       SelectedConfig select(InetSocketAddress localAddr, InetSocketAddress remoteAddr) {
-        Collection<FilterChain> filterChains = new ArrayList<>(filterChainList);
+        Collection<FilterChain> filterChains = routingConfigs.keySet();
         filterChains = filterOnDestinationPort(filterChains);
         filterChains = filterOnIpAddress(filterChains, localAddr.getAddress(), true);
         filterChains = filterOnServerNames(filterChains);
@@ -155,10 +167,11 @@ SelectedConfig select(InetSocketAddress localAddr, InetSocketAddress remoteAddr)
         }
         if (filterChains.size() == 1) {
           FilterChain selected = Iterables.getOnlyElement(filterChains);
-          return new SelectedConfig(selected.getSslContextProviderSupplier());
+          return new SelectedConfig(
+                  routingConfigs.get(selected), selected.getSslContextProviderSupplier());
         }
-        if (defaultSslContextProviderSupplier != null) {
-          return new SelectedConfig(defaultSslContextProviderSupplier);
+        if (defaultRoutingConfig != null) {
+          return new SelectedConfig(defaultRoutingConfig, defaultSslContextProviderSupplier);
         }
         return null;
       }
@@ -361,10 +374,13 @@ public void close() {
    * The FilterChain level configuration.
    */
   private static final class SelectedConfig {
+    private final ServerRoutingConfig routingConfig;
     @Nullable
     private final SslContextProviderSupplier sslContextProviderSupplier;
 
-    private SelectedConfig(@Nullable SslContextProviderSupplier sslContextProviderSupplier) {
+    private SelectedConfig(ServerRoutingConfig routingConfig,
+                           @Nullable SslContextProviderSupplier sslContextProviderSupplier) {
+      this.routingConfig = checkNotNull(routingConfig, "routingConfig");
       this.sslContextProviderSupplier = sslContextProviderSupplier;
     }
   }
 
@@ -0,0 +1,219 @@
+/*
+ * Copyright 2021 The gRPC Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.grpc.xds;
+
+import static com.google.common.base.Preconditions.checkArgument;
+
+import com.google.common.base.Joiner;
+import io.grpc.Metadata;
+import io.grpc.xds.VirtualHost.Route.RouteMatch;
+import io.grpc.xds.VirtualHost.Route.RouteMatch.PathMatcher;
+import io.grpc.xds.internal.Matchers.FractionMatcher;
+import io.grpc.xds.internal.Matchers.HeaderMatcher;
+import java.util.List;
+import java.util.Locale;
+import javax.annotation.Nullable;
+
+/**
+ * Utilities for performing virtual host domain name matching and route matching.
+ */
+// TODO(chengyuanzhang): clean up implementations in XdsNameResolver.
+final class RoutingUtils {
+  // Prevent instantiation.
+  private RoutingUtils() {
+  }
+
+  /**
+   * Returns the {@link VirtualHost} with the best match domain for the given hostname.
+   */
+  @Nullable
+  static VirtualHost findVirtualHostForHostName(List<VirtualHost> virtualHosts, String hostName) {
+    // Domain search order:
+    //  1. Exact domain names: ``www.foo.com``.
+    //  2. Suffix domain wildcards: ``*.foo.com`` or ``*-bar.foo.com``.
+    //  3. Prefix domain wildcards: ``foo.*`` or ``foo-*``.
+    //  4. Special wildcard ``*`` matching any domain.
+    //
+    //  The longest wildcards match first.
+    //  Assuming only a single virtual host in the entire route configuration can match
+    //  on ``*`` and a domain must be unique across all virtual hosts.
+    int matchingLen = -1; // longest length of wildcard pattern that matches host name
+    boolean exactMatchFound = false;  // true if a virtual host with exactly matched domain found
+    VirtualHost targetVirtualHost = null;  // target VirtualHost with longest matched domain
+    for (VirtualHost vHost : virtualHosts) {
+      for (String domain : vHost.domains()) {
+        boolean selected = false;
+        if (matchHostName(hostName, domain)) { // matching
+          if (!domain.contains("*")) { // exact matching
+            exactMatchFound = true;
+            targetVirtualHost = vHost;
+            break;
+          } else if (domain.length() > matchingLen) { // longer matching pattern
+            selected = true;
+          } else if (domain.length() == matchingLen && domain.startsWith("*")) { // suffix matching
+            selected = true;
+          }
+        }
+        if (selected) {
+          matchingLen = domain.length();
+          targetVirtualHost = vHost;
+        }
+      }
+      if (exactMatchFound) {
+        break;
+      }
+    }
+    return targetVirtualHost;
+  }
+
+  /**
+   * Returns {@code true} iff {@code hostName} matches the domain name {@code pattern} with
+   * case-insensitive.
+   *
+   * <p>Wildcard pattern rules:
+   * <ol>
+   * <li>A single asterisk (*) matches any domain.</li>
+   * <li>Asterisk (*) is only permitted in the left-most or the right-most part of the pattern,
+   *     but not both.</li>
+   * </ol>
+   */
+  private static boolean matchHostName(String hostName, String pattern) {
+    checkArgument(hostName.length() != 0 && !hostName.startsWith(".") && !hostName.endsWith("."),
+        "Invalid host name");
+    checkArgument(pattern.length() != 0 && !pattern.startsWith(".") && !pattern.endsWith("."),
+        "Invalid pattern/domain name");
+
+    hostName = hostName.toLowerCase(Locale.US);
+    pattern = pattern.toLowerCase(Locale.US);
+    // hostName and pattern are now in lower case -- domain names are case-insensitive.
+
+    if (!pattern.contains("*")) {
+      // Not a wildcard pattern -- hostName and pattern must match exactly.
+      return hostName.equals(pattern);
+    }
+    // Wildcard pattern
+
+    if (pattern.length() == 1) {
+      return true;
+    }
+
+    int index = pattern.indexOf('*');
+
+    // At most one asterisk (*) is allowed.
+    if (pattern.indexOf('*', index + 1) != -1) {
+      return false;
+    }
+
+    // Asterisk can only match prefix or suffix.
+    if (index != 0 && index != pattern.length() - 1) {
+      return false;
+    }
+
+    // HostName must be at least as long as the pattern because asterisk has to
+    // match one or more characters.
+    if (hostName.length() < pattern.length()) {
+      return false;
+    }
+
+    if (index == 0 && hostName.endsWith(pattern.substring(1))) {
+      // Prefix matching fails.
+      return true;
+    }
+
+    // Pattern matches hostname if suffix matching succeeds.
+    return index == pattern.length() - 1
+        && hostName.startsWith(pattern.substring(0, pattern.length() - 1));
+  }
+
+  /**
+   * Returns {@code true} iff the given {@link RouteMatch} matches the RPC's full method name and
+   * headers.
+   */
+  static boolean matchRoute(RouteMatch routeMatch, String fullMethodName,
+      Metadata headers, ThreadSafeRandom random) {
+    if (!matchPath(routeMatch.pathMatcher(), fullMethodName)) {
+      return false;
+    }
+    for (HeaderMatcher headerMatcher : routeMatch.headerMatchers()) {
+      if (!matchHeader(headerMatcher, getHeaderValue(headers, headerMatcher.name()))) {
+        return false;
+      }
+    }
+    FractionMatcher fraction = routeMatch.fractionMatcher();
+    return fraction == null || random.nextInt(fraction.denominator()) < fraction.numerator();
+  }
+
+  private static boolean matchPath(PathMatcher pathMatcher, String fullMethodName) {
+    if (pathMatcher.path() != null) {
+      return pathMatcher.caseSensitive()
+          ? pathMatcher.path().equals(fullMethodName)
+          : pathMatcher.path().equalsIgnoreCase(fullMethodName);
+    } else if (pathMatcher.prefix() != null) {
+      return pathMatcher.caseSensitive()
+          ? fullMethodName.startsWith(pathMatcher.prefix())
+          : fullMethodName.toLowerCase().startsWith(pathMatcher.prefix().toLowerCase());
+    }
+    return pathMatcher.regEx().matches(fullMethodName);
+  }
+
+  private static boolean matchHeader(HeaderMatcher headerMatcher, @Nullable String value) {
+    if (headerMatcher.present() != null) {
+      return (value == null) == headerMatcher.present().equals(headerMatcher.inverted());
+    }
+    if (value == null) {
+      return false;
+    }
+    boolean baseMatch;
+    if (headerMatcher.exactValue() != null) {
+      baseMatch = headerMatcher.exactValue().equals(value);
+    } else if (headerMatcher.safeRegEx() != null) {
+      baseMatch = headerMatcher.safeRegEx().matches(value);
+    } else if (headerMatcher.range() != null) {
+      long numValue;
+      try {
+        numValue = Long.parseLong(value);
+        baseMatch = numValue >= headerMatcher.range().start()
+            && numValue <= headerMatcher.range().end();
+      } catch (NumberFormatException ignored) {
+        baseMatch = false;
+      }
+    } else if (headerMatcher.prefix() != null) {
+      baseMatch = value.startsWith(headerMatcher.prefix());
+    } else {
+      baseMatch = value.endsWith(headerMatcher.suffix());
+    }
+    return baseMatch != headerMatcher.inverted();
+  }
+
+  @Nullable
+  private static String getHeaderValue(Metadata headers, String headerName) {
+    if (headerName.endsWith(Metadata.BINARY_HEADER_SUFFIX)) {
+      return null;
+    }
+    if (headerName.equals("content-type")) {
+      return "application/grpc";
+    }
+    Metadata.Key<String> key;
+    try {
+      key = Metadata.Key.of(headerName, Metadata.ASCII_STRING_MARSHALLER);
+    } catch (IllegalArgumentException e) {
+      return null;
+    }
+    Iterable<String> values = headers.getAll(key);
+    return values == null ? null : Joiner.on(",").join(values);
+  }
+}
@@ -49,6 +49,7 @@ public final class XdsServerBuilder extends ForwardingServerBuilder<XdsServerBui
   private final int port;
   private XdsServingStatusListener xdsServingStatusListener;
   private AtomicBoolean isServerBuilt = new AtomicBoolean(false);
+  private final FilterRegistry filterRegistry = FilterRegistry.getDefaultRegistry();
   private XdsClientPoolFactory xdsClientPoolFactory =
           SharedXdsClientPoolProvider.getDefaultProvider();
 
@@ -98,7 +99,7 @@ public Server build() {
             .set(ATTR_FILTER_CHAIN_SELECTOR_REF, filterChainSelectorRef)
             .build());
     return new XdsServerWrapper("0.0.0.0:" + port, delegate, xdsServingStatusListener,
-            filterChainSelectorRef, xdsClientPoolFactory);
+            filterChainSelectorRef, xdsClientPoolFactory, filterRegistry);
   }
 
   @VisibleForTesting