From 69e6b0eebf98e7f1704d71dd9d3ff36326deee59 Mon Sep 17 00:00:00 2001 From: unxnn Date: Thu, 15 Sep 2022 12:29:49 +0300 Subject: [PATCH] Add Authorization option for eth1 readiness/liveness checks (#3) --- clients/authorization.go | 33 +++++++++++++++++++++++++++++++++ clients/eth1.go | 31 ++++++++++++++++++++++++------- config.yml | 2 ++ config/config.go | 8 +++++--- go.mod | 3 ++- go.sum | 4 +++- 6 files changed, 69 insertions(+), 12 deletions(-) create mode 100644 clients/authorization.go diff --git a/clients/authorization.go b/clients/authorization.go new file mode 100644 index 0000000..cf93fb9 --- /dev/null +++ b/clients/authorization.go @@ -0,0 +1,33 @@ +package clients + +import ( + "encoding/hex" + "strings" + "time" + + "github.com/golang-jwt/jwt/v4" +) + +type AuthorizationMethod string + +const ( + None AuthorizationMethod = "bearer" + // Bearer Basic AuthorizationMethod = "basic" + Bearer AuthorizationMethod = "bearer" +) + +func CreateJWTAuthToken(jwtSecret string) (string, error) { + secret, err := hex.DecodeString(strings.TrimSpace(jwtSecret)) + if err != nil { + return "", err + } + + // TODO: caching strategy + token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.RegisteredClaims{ + ExpiresAt: jwt.NewNumericDate(time.Now().Add(1 * time.Hour)), + IssuedAt: jwt.NewNumericDate(time.Now()), + NotBefore: jwt.NewNumericDate(time.Now()), + }) + tokenString, err := token.SignedString(secret) + return tokenString, err +} diff --git a/clients/eth1.go b/clients/eth1.go index 833b6b6..e81fb7c 100644 --- a/clients/eth1.go +++ b/clients/eth1.go @@ -11,9 +11,11 @@ import ( ) type eth1Client struct { - cfg *config.Config - addr string - client *resty.Client + cfg *config.Config + addr string + client *resty.Client + authorizationType AuthorizationMethod + jwtSecret string } func NewEth1Client() *eth1Client { @@ -26,9 +28,11 @@ func NewEth1Client() *eth1Client { client := resty.New() return ð1Client{ - cfg: cfg, - addr: addr, - client: client, + cfg: cfg, + addr: addr, + client: client, + authorizationType: AuthorizationMethod(cfg.Client.AuthorizationType), + jwtSecret: cfg.Client.JWTSecret, } } @@ -42,9 +46,21 @@ func (e *eth1Client) HealthCheck(w http.ResponseWriter, r *http.Request) { } var ethSyncing, ethPeersConnected response + authorizationHeaders := map[string]string{} + + if e.authorizationType == Bearer { + token, err := CreateJWTAuthToken(e.jwtSecret) + if err != nil { + fmt.Println(err) + w.WriteHeader(http.StatusInternalServerError) + return + } + authorizationHeaders["Authorization"] = fmt.Sprintf("Bearer %s", token) + } _, err := e.client.R(). SetHeader("Content-Type", "application/json"). + SetHeaders(authorizationHeaders). SetBody(`{"jsonrpc":"2.0","method":"eth_syncing","params":[],"id":1}`). SetResult(ðSyncing). Post(e.addr) @@ -55,6 +71,7 @@ func (e *eth1Client) HealthCheck(w http.ResponseWriter, r *http.Request) { } _, err = e.client.R(). SetHeader("Content-Type", "application/json"). + SetHeaders(authorizationHeaders). SetBody(`{"jsonrpc":"2.0","method":"net_peerCount","params":[],"id":74}`). SetResult(ðPeersConnected). Post(e.addr) @@ -101,7 +118,7 @@ func (e *eth1Client) HealthCheck(w http.ResponseWriter, r *http.Request) { } if highestBlock-currentBlock > 50 { - fmt.Println(err) + fmt.Println(fmt.Sprintf("highestBlock-currentBlock < 50, highestBlock: %d, currentBlock: %d", highestBlock, currentBlock)) w.WriteHeader(http.StatusInternalServerError) return } else { diff --git a/config.yml b/config.yml index 8bc91cf..dc512eb 100644 --- a/config.yml +++ b/config.yml @@ -5,3 +5,5 @@ client: scheme: "http" host: "127.0.0.1" port: "8545" + authorizationType: "bearer" + jwtSecret: "8cfef42fca94276aa2425cdb1a162c9ee003d8468040fc9c478b524561155254" \ No newline at end of file diff --git a/config/config.go b/config/config.go index 656b52c..ef27b9d 100644 --- a/config/config.go +++ b/config/config.go @@ -16,9 +16,11 @@ type ServerConfig struct { } type ClientConfig struct { - Scheme string - Host string - Port string + Scheme string + Host string + Port string + AuthorizationType string + JWTSecret string } func NewConfig() (*Config, error) { diff --git a/go.mod b/go.mod index 646cef8..9e19f03 100644 --- a/go.mod +++ b/go.mod @@ -11,6 +11,7 @@ require ( require ( github.com/fsnotify/fsnotify v1.5.1 // indirect + github.com/golang-jwt/jwt/v4 v4.4.2 // indirect github.com/hashicorp/hcl v1.0.0 // indirect github.com/kr/text v0.2.0 // indirect github.com/magiconair/properties v1.8.5 // indirect @@ -27,4 +28,4 @@ require ( gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect gopkg.in/ini.v1 v1.66.2 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect -) +) \ No newline at end of file diff --git a/go.sum b/go.sum index 88fdcf9..433d78d 100644 --- a/go.sum +++ b/go.sum @@ -6,6 +6,8 @@ github.com/fsnotify/fsnotify v1.5.1 h1:mZcQUHVQUQWoPXXtuf9yuEXKudkV2sx1E06UadKWp github.com/fsnotify/fsnotify v1.5.1/go.mod h1:T3375wBYaZdLLcVNkcVbzGHY7f1l/uK5T5Ai1i3InKU= github.com/go-resty/resty/v2 v2.7.0 h1:me+K9p3uhSmXtrBZ4k9jcEAfJmuC8IivWHwaLZwPrFY= github.com/go-resty/resty/v2 v2.7.0/go.mod h1:9PWDzw47qPphMRFfhsyk0NnSgvluHcljSMVIq3w7q0I= +github.com/golang-jwt/jwt/v4 v4.4.2 h1:rcc4lwaZgFMCZ5jxF9ABolDcIHdBytAFgqFPbSJQAYs= +github.com/golang-jwt/jwt/v4 v4.4.2/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= github.com/gorilla/mux v1.8.0 h1:i40aqfkR1h2SlN9hojwV5ZA91wcXFOvkdNIeFDP5koI= github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So= github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= @@ -71,4 +73,4 @@ gopkg.in/ini.v1 v1.66.2/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= -gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo= +gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo= \ No newline at end of file