Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow optional API methods with no authentication #3382

Merged
merged 30 commits into from
Feb 21, 2022
Merged

Allow optional API methods with no authentication #3382

merged 30 commits into from
Feb 21, 2022

Conversation

frankisawesome
Copy link
Contributor

@frankisawesome frankisawesome commented Feb 7, 2022
edited
Loading

PR description

Adds no auth api methods start up option for some api methods to require no authentication when RPC is configured with authentication

Main changes:

  • Add CLI options --rpc-http-api-methods-no-auth and --rpc-ws-api-methods-no-auth and relevant regression tests
  • Rename HttpServiceLoginAcceptanceTest to JsonRpcHttpAuthenticationAcceptanceTest as the acceptance test file for all RPC authentication tests
  • When no auth api methods are specified no token check is performed for incoming requests on the method, invalid and empty JWT tokens will be allowed

Fixed Issue(s)

fixes #2474

Changelog

@frankisawesome
some unit tests
b930dc2 
Signed-off-by: Frank Li <b439988l@gmail.com>
@frankisawesome
CLI parsing tests
996c053 
Signed-off-by: Frank Li <b439988l@gmail.com>
@frankisawesome
regression tests
b8a8104 
Signed-off-by: Frank Li <b439988l@gmail.com>
@frankisawesome frankisawesome added the enhancement New feature or request label Feb 7, 2022
@frankisawesome frankisawesome self-assigned this Feb 7, 2022
@frankisawesome frankisawesome marked this pull request as draft February 7, 2022 03:15
@frankisawesome
fix failing at
55260a3 
Signed-off-by: Frank Li <b439988l@gmail.com>
@frankisawesome
refactor -> api to api methods
bdd61b4 
Signed-off-by: Frank Li <b439988l@gmail.com>
@frankisawesome
functionality in
1d4a9ef 
Signed-off-by: Frank Li <b439988l@gmail.com>
@frankisawesome
fix override test
1b5fd1b 
Signed-off-by: Frank Li <b439988l@gmail.com>
@frankisawesome
fix duplicates test
7853c4a 
Signed-off-by: Frank Li <b439988l@gmail.com>
@frankisawesome
fix duplicates test
4c7f43a 
Signed-off-by: Frank Li <b439988l@gmail.com>
@frankisawesome
merge conflice
9f73755 
Signed-off-by: Frank Li <b439988l@gmail.com>
@frankisawesome
Merge branch 'main' into feature/no-auth-api-methods
f64252a
@frankisawesome frankisawesome marked this pull request as ready for review February 11, 2022 06:09
@frankisawesome
fix failing test and remove unnecessary code
d0358ce 
Signed-off-by: Frank Li <b439988l@gmail.com>
@frankisawesome
Merge branch 'main' into feature/no-auth-api-methods
387bc37 
merge main
@frankisawesome
add entry to changelog
2350c85 
Signed-off-by: Frank Li <b439988l@gmail.com>
jflo
jflo reviewed Feb 14, 2022
View reviewed changes
Copy link
Contributor

@jflo jflo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm curious as to why we add an additional peer to wait for in the tests.

...a/org/hyperledger/besu/tests/acceptance/jsonrpc/JsonRpcHttpAuthenticationAcceptanceTest.java Show resolved Hide resolved
besu/src/main/java/org/hyperledger/besu/cli/BesuCommand.java Outdated Show resolved Hide resolved
ethereum/api/src/main/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcConfiguration.java Outdated Show resolved Hide resolved
@frankisawesome
fix typo and NPE
db39e60 
Signed-off-by: Frank Li <b439988l@gmail.com>
@frankisawesome
resolve changelog conflict
6dbb9a0 
Signed-off-by: Frank Li <b439988l@gmail.com>
@frankisawesome
resolve conflice in changelog again
1804711 
Signed-off-by: Frank Li <b439988l@gmail.com>
pinges
pinges reviewed Feb 16, 2022
View reviewed changes
Copy link
Contributor

@pinges pinges left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please have a look at my comments

...g/hyperledger/besu/tests/acceptance/dsl/node/configuration/BesuNodeConfigurationBuilder.java Outdated Show resolved Hide resolved
besu/src/main/java/org/hyperledger/besu/cli/BesuCommand.java Show resolved Hide resolved
besu/src/main/java/org/hyperledger/besu/cli/BesuCommand.java Show resolved Hide resolved
.../main/java/org/hyperledger/besu/ethereum/api/jsonrpc/authentication/AuthenticationUtils.java Outdated Show resolved Hide resolved
@frankisawesome
action on some items
7d80dd7 
Signed-off-by: Frank Li <b439988l@gmail.com>
@frankisawesome
some refactoring + more tests + implement auth skip for web sockets
658d747 
Signed-off-by: Frank Li <b439988l@gmail.com>
@frankisawesome
fix changelog conflict
d2205d5 
Signed-off-by: Frank Li <b439988l@gmail.com>
@frankisawesome
refactor unused method
d4e4e92 
Signed-off-by: Frank Li <b439988l@gmail.com>
@frankisawesome
fix test failing
d9a665c 
Signed-off-by: Frank Li <b439988l@gmail.com>
@frankisawesome
Merge branch 'main' into feature/no-auth-api-methods
86e6762
@frankisawesome frankisawesome enabled auto-merge (squash) February 18, 2022 03:58
@sonarqubecloud
Copy link

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 2 Code Smells

96.4% 96.4% Coverage
0.0% 0.0% Duplication

@frankisawesome frankisawesome merged commit 0377404 into hyperledger:main Feb 21, 2022
jasonyic pushed a commit to jasonyic/besu that referenced this pull request Feb 22, 2022
@frankisawesome @jasonyic
Allow optional API methods with no authentication (hyperledger#3382)
f4aef73 
* some unit tests

Signed-off-by: Frank Li <b439988l@gmail.com>

* CLI parsing tests

Signed-off-by: Frank Li <b439988l@gmail.com>

* regression tests

Signed-off-by: Frank Li <b439988l@gmail.com>

* fix failing at

Signed-off-by: Frank Li <b439988l@gmail.com>

* refactor -> api to api methods

Signed-off-by: Frank Li <b439988l@gmail.com>

* functionality in

Signed-off-by: Frank Li <b439988l@gmail.com>

* fix override test

Signed-off-by: Frank Li <b439988l@gmail.com>

* fix duplicates test

Signed-off-by: Frank Li <b439988l@gmail.com>

* fix duplicates test

Signed-off-by: Frank Li <b439988l@gmail.com>

* fix failing test and remove unnecessary code

Signed-off-by: Frank Li <b439988l@gmail.com>

* add entry to changelog

Signed-off-by: Frank Li <b439988l@gmail.com>

* fix typo and NPE

Signed-off-by: Frank Li <b439988l@gmail.com>

* action on some items

Signed-off-by: Frank Li <b439988l@gmail.com>

* some refactoring + more tests + implement auth skip for web sockets

Signed-off-by: Frank Li <b439988l@gmail.com>

* refactor unused method

Signed-off-by: Frank Li <b439988l@gmail.com>

* fix test failing

Signed-off-by: Frank Li <b439988l@gmail.com>

* fix wrong variable used

Signed-off-by: Frank Li <b439988l@gmail.com>
Signed-off-by: Jason Yi <jasonhk.yi@consensys.net>
eum602 pushed a commit to lacchain/besu that referenced this pull request Nov 3, 2023
@frankisawesome @eum602
Allow optional API methods with no authentication (hyperledger#3382)
e3b5eb3 
* some unit tests

Signed-off-by: Frank Li <b439988l@gmail.com>

* CLI parsing tests

Signed-off-by: Frank Li <b439988l@gmail.com>

* regression tests

Signed-off-by: Frank Li <b439988l@gmail.com>

* fix failing at

Signed-off-by: Frank Li <b439988l@gmail.com>

* refactor -> api to api methods

Signed-off-by: Frank Li <b439988l@gmail.com>

* functionality in

Signed-off-by: Frank Li <b439988l@gmail.com>

* fix override test

Signed-off-by: Frank Li <b439988l@gmail.com>

* fix duplicates test

Signed-off-by: Frank Li <b439988l@gmail.com>

* fix duplicates test

Signed-off-by: Frank Li <b439988l@gmail.com>

* fix failing test and remove unnecessary code

Signed-off-by: Frank Li <b439988l@gmail.com>

* add entry to changelog

Signed-off-by: Frank Li <b439988l@gmail.com>

* fix typo and NPE

Signed-off-by: Frank Li <b439988l@gmail.com>

* action on some items

Signed-off-by: Frank Li <b439988l@gmail.com>

* some refactoring + more tests + implement auth skip for web sockets

Signed-off-by: Frank Li <b439988l@gmail.com>

* refactor unused method

Signed-off-by: Frank Li <b439988l@gmail.com>

* fix test failing

Signed-off-by: Frank Li <b439988l@gmail.com>

* fix wrong variable used

Signed-off-by: Frank Li <b439988l@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@siladu siladu siladu left review comments

@macfarla macfarla macfarla left review comments

@pinges pinges pinges approved these changes

@jflo jflo jflo approved these changes

Assignees

@frankisawesome frankisawesome

Labels
enhancement New feature or request mainnet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Enable unauthenticated access to specific API methods
5 participants
@frankisawesome @jflo @macfarla @siladu @pinges