Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow optional API methods with no authentication #3382

Merged
merged 30 commits into from
Feb 21, 2022
Merged

Allow optional API methods with no authentication #3382

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
30 commits
Select commit Hold shift + click to select a range
b930dc2
some unit tests
frankisawesome Feb 3, 2022
996c053
CLI parsing tests
frankisawesome Feb 3, 2022
b8a8104
regression tests
frankisawesome Feb 7, 2022
55260a3
fix failing at
frankisawesome Feb 7, 2022
bdd61b4
refactor -> api to api methods
frankisawesome Feb 10, 2022
1d4a9ef
functionality in
frankisawesome Feb 11, 2022
1b5fd1b
fix override test
frankisawesome Feb 11, 2022
7853c4a
fix duplicates test
frankisawesome Feb 11, 2022
4c7f43a
fix duplicates test
frankisawesome Feb 11, 2022
9f73755
merge conflice
frankisawesome Feb 11, 2022
f64252a
Merge branch 'main' into feature/no-auth-api-methods
frankisawesome Feb 11, 2022
d0358ce
fix failing test and remove unnecessary code
frankisawesome Feb 14, 2022
387bc37
Merge branch 'main' into feature/no-auth-api-methods
frankisawesome Feb 14, 2022
2350c85
add entry to changelog
frankisawesome Feb 14, 2022
db39e60
fix typo and NPE
frankisawesome Feb 15, 2022
6dbb9a0
resolve changelog conflict
frankisawesome Feb 15, 2022
1804711
resolve conflice in changelog again
frankisawesome Feb 16, 2022
7d80dd7
action on some items
frankisawesome Feb 16, 2022
658d747
some refactoring + more tests + implement auth skip for web sockets
frankisawesome Feb 17, 2022
d2205d5
fix changelog conflict
frankisawesome Feb 17, 2022
d4e4e92
refactor unused method
frankisawesome Feb 17, 2022
d9a665c
fix test failing
frankisawesome Feb 17, 2022
86e6762
Merge branch 'main' into feature/no-auth-api-methods
frankisawesome Feb 17, 2022
7bfedd3
Merge branch 'main' into feature/no-auth-api-methods
frankisawesome Feb 18, 2022
7cc577f
fix wrong variable used
frankisawesome Feb 18, 2022
f2f4a51
Merge branch 'feature/no-auth-api-methods' of github.com:frankisaweso…
frankisawesome Feb 18, 2022
9b38143
Merge branch 'main' into feature/no-auth-api-methods
frankisawesome Feb 18, 2022
3c8b38d
fix ws node builder
frankisawesome Feb 21, 2022
011fab2
Merge branch 'feature/no-auth-api-methods' of github.com:frankisaweso…
frankisawesome Feb 21, 2022
4cd2c1d
Merge branch 'main' into feature/no-auth-api-methods
frankisawesome Feb 21, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
refactor unused method 
Signed-off-by: Frank Li <b439988l@gmail.com>
  • Loading branch information
@frankisawesome
frankisawesome committed Feb 17, 2022
commit d4e4e9283a0728fdf5e50439d1132bca4dea2aac
11 changes: 0 additions & 11 deletions ...in/java/org/hyperledger/besu/ethereum/api/jsonrpc/authentication/AuthenticationUtils.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,11 +17,9 @@
import org.hyperledger.besu.ethereum.api.jsonrpc.internal.methods.JsonRpcMethod;

import java.util.Collection;
import java.util.Collections;
import java.util.Optional;
import java.util.concurrent.atomic.AtomicBoolean;

import com.google.common.annotations.VisibleForTesting;
import io.vertx.core.Handler;
import io.vertx.core.json.JsonObject;
import io.vertx.ext.auth.User;
Expand All @@ -31,15 +29,6 @@
public class AuthenticationUtils {
private static final Logger LOG = LoggerFactory.getLogger(AuthenticationUtils.class);

@VisibleForTesting
public static boolean isPermitted(
final Optional<AuthenticationService> authenticationService,
final Optional<User> optionalUser,
final JsonRpcMethod jsonRpcMethod) {
return isPermitted(authenticationService, optionalUser, jsonRpcMethod, Collections.emptyList());
}

@VisibleForTesting
public static boolean isPermitted(
final Optional<AuthenticationService> authenticationService,
final Optional<User> optionalUser,
Expand Down
55 changes: 44 additions & 11 deletions .../src/test/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcHttpServiceLoginTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -398,26 +398,41 @@ public void checkJsonRpcMethodsAvailableWithGoodCredentialsAndPermissions() thro
// single eth/blockNumber method permitted
Assertions.assertThat(
AuthenticationUtils.isPermitted(
service.authenticationService, Optional.of(user), ethBlockNumber))
service.authenticationService,
Optional.of(user),
ethBlockNumber,
Collections.emptyList()))
.isTrue();
// eth/accounts NOT permitted
assertThat(
AuthenticationUtils.isPermitted(
service.authenticationService, Optional.of(user), ethAccounts))
service.authenticationService,
Optional.of(user),
ethAccounts,
Collections.emptyList()))
.isFalse();
// allowed by web3/*
assertThat(
AuthenticationUtils.isPermitted(
service.authenticationService, Optional.of(user), web3ClientVersion))
service.authenticationService,
Optional.of(user),
web3ClientVersion,
Collections.emptyList()))
.isTrue();
assertThat(
AuthenticationUtils.isPermitted(
service.authenticationService, Optional.of(user), web3Sha3))
service.authenticationService,
Optional.of(user),
web3Sha3,
Collections.emptyList()))
.isTrue();
// NO net permissions
assertThat(
AuthenticationUtils.isPermitted(
service.authenticationService, Optional.of(user), netVersion))
service.authenticationService,
Optional.of(user),
netVersion,
Collections.emptyList()))
.isFalse();
});
}
Expand Down Expand Up @@ -458,26 +473,41 @@ public void checkJsonRpcMethodsAvailableWithGoodCredentialsAndAllPermissions()
// single eth/blockNumber method permitted
Assertions.assertThat(
AuthenticationUtils.isPermitted(
service.authenticationService, Optional.of(user), ethBlockNumber))
service.authenticationService,
Optional.of(user),
ethBlockNumber,
Collections.emptyList()))
.isTrue();
// eth/accounts IS permitted
assertThat(
AuthenticationUtils.isPermitted(
service.authenticationService, Optional.of(user), ethAccounts))
service.authenticationService,
Optional.of(user),
ethAccounts,
Collections.emptyList()))
.isTrue();
// allowed by *:*
assertThat(
AuthenticationUtils.isPermitted(
service.authenticationService, Optional.of(user), web3ClientVersion))
service.authenticationService,
Optional.of(user),
web3ClientVersion,
Collections.emptyList()))
.isTrue();
assertThat(
AuthenticationUtils.isPermitted(
service.authenticationService, Optional.of(user), web3Sha3))
service.authenticationService,
Optional.of(user),
web3Sha3,
Collections.emptyList()))
.isTrue();
// YES net permissions
assertThat(
AuthenticationUtils.isPermitted(
service.authenticationService, Optional.of(user), netVersion))
service.authenticationService,
Optional.of(user),
netVersion,
Collections.emptyList()))
.isTrue();
});
}
Expand All @@ -489,7 +519,10 @@ public void checkPermissionsWithEmptyUser() {

assertThat(
AuthenticationUtils.isPermitted(
service.authenticationService, Optional.empty(), ethAccounts))
service.authenticationService,
Optional.empty(),
ethAccounts,
Collections.emptyList()))
.isFalse();
}

Expand Down