Add Authorization option for eth1 readiness/liveness checks (#3)

stakewise · Sep 15, 2022 · 69e6b0e · 69e6b0e
1 parent 142cdfa
commit 69e6b0e
Show file tree

Hide file tree

Showing 6 changed files with 69 additions and 12 deletions.
diff --git a/clients/authorization.go b/clients/authorization.go
@@ -0,0 +1,33 @@
+package clients
+
+import (
+	"encoding/hex"
+	"strings"
+	"time"
+
+	"github.com/golang-jwt/jwt/v4"
+)
+
+type AuthorizationMethod string
+
+const (
+	None AuthorizationMethod = "bearer"
+	// Bearer Basic  AuthorizationMethod = "basic"
+	Bearer AuthorizationMethod = "bearer"
+)
+
+func CreateJWTAuthToken(jwtSecret string) (string, error) {
+	secret, err := hex.DecodeString(strings.TrimSpace(jwtSecret))
+	if err != nil {
+		return "", err
+	}
+
+	// TODO: caching strategy
+	token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.RegisteredClaims{
+		ExpiresAt: jwt.NewNumericDate(time.Now().Add(1 * time.Hour)),
+		IssuedAt:  jwt.NewNumericDate(time.Now()),
+		NotBefore: jwt.NewNumericDate(time.Now()),
+	})
+	tokenString, err := token.SignedString(secret)
+	return tokenString, err
+}
diff --git a/clients/eth1.go b/clients/eth1.go
@@ -11,9 +11,11 @@ import (
 )
 
 type eth1Client struct {
-	cfg    *config.Config
-	addr   string
-	client *resty.Client
+	cfg               *config.Config
+	addr              string
+	client            *resty.Client
+	authorizationType AuthorizationMethod
+	jwtSecret         string
 }
 
 func NewEth1Client() *eth1Client {
@@ -26,9 +28,11 @@ func NewEth1Client() *eth1Client {
 
 	client := resty.New()
 	return &eth1Client{
-		cfg:    cfg,
-		addr:   addr,
-		client: client,
+		cfg:               cfg,
+		addr:              addr,
+		client:            client,
+		authorizationType: AuthorizationMethod(cfg.Client.AuthorizationType),
+		jwtSecret:         cfg.Client.JWTSecret,
 	}
 }
 
@@ -42,9 +46,21 @@ func (e *eth1Client) HealthCheck(w http.ResponseWriter, r *http.Request) {
 	}
 
 	var ethSyncing, ethPeersConnected response
+	authorizationHeaders := map[string]string{}
+
+	if e.authorizationType == Bearer {
+		token, err := CreateJWTAuthToken(e.jwtSecret)
+		if err != nil {
+			fmt.Println(err)
+			w.WriteHeader(http.StatusInternalServerError)
+			return
+		}
+		authorizationHeaders["Authorization"] = fmt.Sprintf("Bearer %s", token)
+	}
 
 	_, err := e.client.R().
 		SetHeader("Content-Type", "application/json").
+		SetHeaders(authorizationHeaders).
 		SetBody(`{"jsonrpc":"2.0","method":"eth_syncing","params":[],"id":1}`).
 		SetResult(&ethSyncing).
 		Post(e.addr)
@@ -55,6 +71,7 @@ func (e *eth1Client) HealthCheck(w http.ResponseWriter, r *http.Request) {
 	}
 	_, err = e.client.R().
 		SetHeader("Content-Type", "application/json").
+		SetHeaders(authorizationHeaders).
 		SetBody(`{"jsonrpc":"2.0","method":"net_peerCount","params":[],"id":74}`).
 		SetResult(&ethPeersConnected).
 		Post(e.addr)
@@ -101,7 +118,7 @@ func (e *eth1Client) HealthCheck(w http.ResponseWriter, r *http.Request) {
 			}
 
 			if highestBlock-currentBlock > 50 {
-				fmt.Println(err)
+				fmt.Println(fmt.Sprintf("highestBlock-currentBlock < 50, highestBlock: %d, currentBlock: %d", highestBlock, currentBlock))
 				w.WriteHeader(http.StatusInternalServerError)
 				return
 			} else {

diff --git a/config.yml b/config.yml
@@ -5,3 +5,5 @@ client:
     scheme: "http"
     host: "127.0.0.1"
     port: "8545"
+    authorizationType: "bearer"
+    jwtSecret: "8cfef42fca94276aa2425cdb1a162c9ee003d8468040fc9c478b524561155254"
diff --git a/config/config.go b/config/config.go
@@ -16,9 +16,11 @@ type ServerConfig struct {
 }
 
 type ClientConfig struct {
-	Scheme string
-	Host   string
-	Port   string
+	Scheme            string
+	Host              string
+	Port              string
+	AuthorizationType string
+	JWTSecret         string
 }
 
 func NewConfig() (*Config, error) {

diff --git a/go.mod b/go.mod
@@ -11,6 +11,7 @@ require (
 
 require (
 	github.com/fsnotify/fsnotify v1.5.1 // indirect
+	github.com/golang-jwt/jwt/v4 v4.4.2 // indirect
 	github.com/hashicorp/hcl v1.0.0 // indirect
 	github.com/kr/text v0.2.0 // indirect
 	github.com/magiconair/properties v1.8.5 // indirect
@@ -27,4 +28,4 @@ require (
 	gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect
 	gopkg.in/ini.v1 v1.66.2 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
-)
+)
diff --git a/go.sum b/go.sum
@@ -6,6 +6,8 @@ github.com/fsnotify/fsnotify v1.5.1 h1:mZcQUHVQUQWoPXXtuf9yuEXKudkV2sx1E06UadKWp
 github.com/fsnotify/fsnotify v1.5.1/go.mod h1:T3375wBYaZdLLcVNkcVbzGHY7f1l/uK5T5Ai1i3InKU=
 github.com/go-resty/resty/v2 v2.7.0 h1:me+K9p3uhSmXtrBZ4k9jcEAfJmuC8IivWHwaLZwPrFY=
 github.com/go-resty/resty/v2 v2.7.0/go.mod h1:9PWDzw47qPphMRFfhsyk0NnSgvluHcljSMVIq3w7q0I=
+github.com/golang-jwt/jwt/v4 v4.4.2 h1:rcc4lwaZgFMCZ5jxF9ABolDcIHdBytAFgqFPbSJQAYs=
+github.com/golang-jwt/jwt/v4 v4.4.2/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
 github.com/gorilla/mux v1.8.0 h1:i40aqfkR1h2SlN9hojwV5ZA91wcXFOvkdNIeFDP5koI=
 github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So=
 github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4=
@@ -71,4 +73,4 @@ gopkg.in/ini.v1 v1.66.2/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
 gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
-gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo=
+gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo=