Connecting to the Server

Describes how to connect to a running Cobalt Privacy Screen server instance.

Once you have the Cobalt Privacy Screen server up and running, you are ready to create a client connection.

First, you need to know the address (host:port) where the server is running. This document will assume the values 127.0.0.1:9002, but these can be replaced with your server address in actual code.

Default Connection

The following code snippet connects to the server and queries its version. It uses our recommended default setup, expecting the server to be listening on a TLS encrypted connection.

Go
Python

package main

import (
	"context"
	"fmt"
	"log"

	"github.com/cobaltspeech/sdk-trifid/grpc/go-trifid"
)

const serverAddr = "127.0.0.1:9002"

func main() {
	client, err := trifid.NewClient(serverAddr)
	if err != nil {
		log.Fatal(err)
	}

	// Be sure to close the client when we are done with it.
	defer client.Close()
}

import trifid

client = trifid.Client(server_address="localhost:9002")

Insecure Connection

It is sometimes required to connect to Privacy Screen server without TLS enabled (during debugging, for example). Note that if the server has TLS enabled, attempting to connect with an insecure client will fail.

To create an insecure connection, do the following when creating the client:

Go
Python

client, err := trifid.NewClient(serverAddr, trifid.WithInsecure())

client = trifid.Client(server_address="localhost:9002", insecure=True)

Client Authentication

In our recommended default setup, TLS is enabled in the gRPC setup, and when connecting to the server, clients validate the server’s SSL certificate to make sure they are talking to the right party. This is similar to how “https” connections work in web browsers.

In some setups, it may be desired that the server should also validate clients connecting to it and only respond to the ones it can verify. If your Privacy Screen server is configured to do client authentication, you will need to present the appropriate certificate and key when connecting to it.

Please note that in the client-authentication mode, the client will still also verify the server’s certificate, and therefore this setup uses mutually authenticated TLS. This can be done with:

Go
Python

// certPem and keyPem are the bytes of the client certificate and key
// provided to you.
client, err := trifid.NewClient(serverAddr, trifid.WithClientCert(certPem, keyPem))

# cert_pem and key_pem are the contents of the client certificate and key
# provided to you.
client = trifid.Client(server_address="localhost:9002", client_certificate=cert_pem client_key=key_pem)

Server Information

The client provides two methods to get information about the server - Version and ListModels.

Version

The Version method provides information about the version of the Privacy Screen server the client is connected to, as well as information about other relevant services and packages the server uses.

Go
Python

// Request the server version info
ver, err := client.Version(context.Background())
fmt.Printf("Server Version: %v\n", ver)

# Request the server version info
ver = client.version()
print(f"Server Version: {ver}")

List Models

The ListModels method fetches a list of models available on the Privacy Screen server. On the server side, the models are specified as part of the server’s config file.

Go
Python

// Request the list of models
modelList, err := client.ListModels(context.Background())
fmt.Printf("Available Models:\n")
for _, mdl := range modelList.Models {
	fmt.Printf("  ID: %v\n", mdl.Id)
	fmt.Printf("    Name: %v\n", mdl.Name)
	fmt.Printf("    Redaction Classes: %v\n", mdl.RedactionClasses)
}

# Request the list of models
model_list = client.list_models()
print("Available Models:")
for mdl in model_list:
    print(f"  ID: {mdl.id}")
    print(f"    Name: {mdl.name}")
    print(f"    Redaction Classes: {mdl.redaction_classes}")