From 4917d6ff434d1ed2bf2a41aad02c426dfaa16ffe Mon Sep 17 00:00:00 2001 From: flodesi Date: Tue, 11 Aug 2020 17:20:37 -0400 Subject: [PATCH 1/7] fixed header parsing and finished rough impl --- Cargo.lock | 417 ++++++++++++++++++-------------- Cargo.toml | 1 + forest/src/cli/auth_cmd.rs | 40 +++ forest/src/cli/mod.rs | 5 + forest/src/subcommand.rs | 3 + node/rpc-client/Cargo.toml | 4 +- node/rpc-client/src/auth_ops.rs | 23 ++ node/rpc-client/src/client.rs | 3 + node/rpc-client/src/lib.rs | 2 + node/rpc/Cargo.toml | 3 + node/rpc/src/auth_api.rs | 23 ++ node/rpc/src/lib.rs | 45 +++- utils/auth/Cargo.toml | 12 + utils/auth/src/lib.rs | 88 +++++++ 14 files changed, 488 insertions(+), 181 deletions(-) create mode 100644 forest/src/cli/auth_cmd.rs create mode 100644 node/rpc-client/src/auth_ops.rs create mode 100644 node/rpc/src/auth_api.rs create mode 100644 utils/auth/Cargo.toml create mode 100644 utils/auth/src/lib.rs diff --git a/Cargo.lock b/Cargo.lock index 881bdfbf11f7..fe0f50ba415d 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -98,7 +98,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a60f9ba7c4e6df97f3aacb14bb5c0cd7d98a49dcbaed0d7f292912ad9a6a3ed2" dependencies = [ "quote 1.0.7", - "syn 1.0.36", + "syn 1.0.38", ] [[package]] @@ -151,9 +151,9 @@ dependencies = [ [[package]] name = "actix-service" -version = "1.0.5" +version = "1.0.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d3e4fc95dfa7e24171b2d0bb46b85f8ab0e8499e4e3caec691fc4ea65c287564" +checksum = "0052435d581b5be835d11f4eb3bce417c8af18d87ddf8ace99f8e67e595882bb" dependencies = [ "futures-util", "pin-project", @@ -266,7 +266,7 @@ checksum = "a71bf475cbe07281d0b3696abb48212db118e7e23219f13596ce865235ff5766" dependencies = [ "proc-macro2 1.0.19", "quote 1.0.7", - "syn 1.0.36", + "syn 1.0.38", ] [[package]] @@ -325,7 +325,7 @@ version = "0.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7fc95d1bdb8e6666b2b217308eeeb09f2d6728d104be3e31916cc74d15420331" dependencies = [ - "generic-array 0.14.3", + "generic-array 0.14.4", ] [[package]] @@ -503,7 +503,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0d0864d84b8e07b145449be9a8537db86bf9de5ce03b913214694643b4743502" dependencies = [ "quote 1.0.7", - "syn 1.0.36", + "syn 1.0.38", ] [[package]] @@ -513,14 +513,14 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "efd3d156917d94862e779f356c5acae312b08fd3121e792c857d7928c8088423" dependencies = [ "quote 1.0.7", - "syn 1.0.36", + "syn 1.0.38", ] [[package]] name = "async-channel" -version = "1.1.1" +version = "1.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ee81ba99bee79f3c8ae114ae4baa7eaa326f63447cf2ec65e4393618b63f8770" +checksum = "43de69555a39d52918e2bc33a408d3c0a86c829b212d898f4ca25d21a6387478" dependencies = [ "concurrent-queue", "event-listener", @@ -529,14 +529,14 @@ dependencies = [ [[package]] name = "async-h1" -version = "2.1.0" +version = "2.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6ad1494db96c4a94ca8a31a9aa56f15f3419c98bd4d3575f1ba682a06f5c1ac7" +checksum = "7ca2b5cfe1804f48bb8dfb1b2391e6e9a3fbf89e07514dce3bddb03eb4d529db" dependencies = [ "async-std", "byte-pool", "futures-core", - "http-types 2.3.0", + "http-types 2.4.0", "httparse", "lazy_static", "log", @@ -585,7 +585,7 @@ checksum = "e5444eec77a9ec2bfe4524139e09195862e981400c4358d3b760cae634e4c4ee" dependencies = [ "proc-macro2 1.0.19", "quote 1.0.7", - "syn 1.0.36", + "syn 1.0.38", ] [[package]] @@ -664,7 +664,7 @@ checksum = "a265e3abeffdce30b2e26b7a11b222fe37c6067404001b434101457d0385eb92" dependencies = [ "proc-macro2 1.0.19", "quote 1.0.7", - "syn 1.0.36", + "syn 1.0.38", ] [[package]] @@ -684,6 +684,17 @@ dependencies = [ "winapi 0.3.9", ] +[[package]] +name = "auth" +version = "0.1.0" +dependencies = [ + "jsonrpc-v2", + "jsonwebtoken", + "lazy_static", + "serde", + "thiserror", +] + [[package]] name = "autocfg" version = "0.1.7" @@ -939,7 +950,7 @@ version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4152116fd6e9dadb291ae18fc1ec3575ed6d84c29642d97890f4b4a3417297e4" dependencies = [ - "generic-array 0.14.3", + "generic-array 0.14.4", ] [[package]] @@ -948,7 +959,7 @@ version = "0.7.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "fa136449e765dc7faa244561ccae839c394048667929af599b5d931ebe7b7f10" dependencies = [ - "generic-array 0.14.3", + "generic-array 0.14.4", ] [[package]] @@ -1055,9 +1066,9 @@ checksum = "2e8c087f005730276d1096a652e92a8bacee2e2472bcc9715a74d2bec38b5820" [[package]] name = "byte-pool" -version = "0.2.1" +version = "0.2.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9342e102eac8b1879fbedf9a7e0572c40b0cc5805b663c4d4ca791cae0bae221" +checksum = "1e38e98299d518ec351ca016363e0cbfc77059dcd08dfa9700d15e405536097a" dependencies = [ "crossbeam-queue", "stable_deref_trait", @@ -1284,9 +1295,9 @@ dependencies = [ [[package]] name = "clap" -version = "2.33.1" +version = "2.33.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bdfa80d47f954d53a35a64987ca1422f495b8d6483c0fe9f7117b36c2a792129" +checksum = "10040cdf04294b565d9e0319955430099ec3813a64c952b86a41200ad714ae48" dependencies = [ "ansi_term", "atty", @@ -1346,9 +1357,9 @@ dependencies = [ [[package]] name = "concurrent-queue" -version = "1.1.2" +version = "1.2.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1582139bb74d97ef232c30bc236646017db06f13ee7cc01fa24c9e55640f86d4" +checksum = "30ed07550be01594c6026cff2a1d7fe9c8f683caa798e12b68694ac9e88286a3" dependencies = [ "cache-padded", ] @@ -1382,6 +1393,23 @@ dependencies = [ "winapi-util", ] +[[package]] +name = "console" +version = "0.12.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c0b1aacfaffdbff75be81c15a399b4bedf78aaefe840e8af1d299ac2ade885d2" +dependencies = [ + "encode_unicode", + "lazy_static", + "libc", + "regex", + "terminal_size", + "termios", + "unicode-width", + "winapi 0.3.9", + "winapi-util", +] + [[package]] name = "const-random" version = "0.1.8" @@ -1601,7 +1629,7 @@ version = "0.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b584a330336237c1eecd3e94266efb216c56ed91225d634cb2991c5f3fd1aeab" dependencies = [ - "generic-array 0.14.3", + "generic-array 0.14.4", "subtle 2.2.3", ] @@ -1634,7 +1662,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "39858aa5bac06462d4dd4b9164848eb81ffc4aa5c479746393598fd193afa227" dependencies = [ "quote 1.0.7", - "syn 1.0.36", + "syn 1.0.38", ] [[package]] @@ -1649,9 +1677,9 @@ dependencies = [ [[package]] name = "ctrlc" -version = "3.1.5" +version = "3.1.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "54dedab740bc412d514cfbc4a1d9d5d16fed02c4b14a7be129003c07fdc33b9b" +checksum = "d0b676fa23f995faf587496dcd1c80fead847ed58d2da52ac1caca9a72790dd2" dependencies = [ "nix", "winapi 0.3.9", @@ -1684,9 +1712,9 @@ dependencies = [ [[package]] name = "curl-sys" -version = "0.4.33+curl-7.71.1" +version = "0.4.34+curl-7.71.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3e9818ea018327f79c811612f29b9834d2abddbe7db81460a2d5c7e12946b337" +checksum = "ad4eff0be6985b7e709f64b5a541f700e9ad1407190a29f4884319eb663ed1d6" dependencies = [ "cc", "libc", @@ -1732,7 +1760,7 @@ dependencies = [ "proc-macro2 1.0.19", "quote 1.0.7", "strsim 0.9.3", - "syn 1.0.36", + "syn 1.0.38", ] [[package]] @@ -1743,14 +1771,14 @@ checksum = "d9b5a2f4ac4969822c62224815d069952656cadc7084fdca9751e6d959189b72" dependencies = [ "darling_core", "quote 1.0.7", - "syn 1.0.36", + "syn 1.0.38", ] [[package]] name = "data-encoding" -version = "2.2.1" +version = "2.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "72aa14c04dfae8dd7d8a2b1cb7ca2152618cd01336dbfe704b8dcbf8d41dbd69" +checksum = "d4d0e2d24e5ee3b23a01de38eefdcd978907890701f08ffffd4cb457ca4ee8d6" [[package]] name = "data-encoding-macro" @@ -1771,7 +1799,7 @@ checksum = "8d2d6daefd5f1d4b74a891a5d2ab7dccba028d423107c074232a0c5dc0d40a9e" dependencies = [ "data-encoding", "proc-macro-hack", - "syn 1.0.36", + "syn 1.0.38", ] [[package]] @@ -1794,7 +1822,7 @@ dependencies = [ "derive_builder_core", "proc-macro2 1.0.19", "quote 1.0.7", - "syn 1.0.36", + "syn 1.0.38", ] [[package]] @@ -1806,7 +1834,7 @@ dependencies = [ "darling", "proc-macro2 1.0.19", "quote 1.0.7", - "syn 1.0.36", + "syn 1.0.38", ] [[package]] @@ -1817,7 +1845,7 @@ checksum = "298998b1cf6b5b2c8a7b023dfd45821825ce3ba8a8af55c921a0e734e4653f76" dependencies = [ "proc-macro2 1.0.19", "quote 1.0.7", - "syn 1.0.36", + "syn 1.0.38", ] [[package]] @@ -1826,7 +1854,7 @@ version = "0.6.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f4aa86af7b19b40ef9cbef761ed411a49f0afa06b7b6dcd3dfe2f96a3c546138" dependencies = [ - "console", + "console 0.11.3", "lazy_static", "tempfile", ] @@ -1852,7 +1880,7 @@ version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d3dd60d1080a57a05ab032377049e0591415d2b31afd7028356dbf3cc6dcb066" dependencies = [ - "generic-array 0.14.3", + "generic-array 0.14.4", ] [[package]] @@ -1922,9 +1950,9 @@ dependencies = [ [[package]] name = "either" -version = "1.5.3" +version = "1.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bb1f6b1ce1c140482ea30ddd3335fc0024ac7ee112895426e0a629a6c20adfe3" +checksum = "cd56b59865bce947ac5958779cfa508f6c3b9497cc762b7e24a12d11ccde2c4f" [[package]] name = "encode_unicode" @@ -1943,14 +1971,14 @@ dependencies = [ [[package]] name = "enum-as-inner" -version = "0.3.2" +version = "0.3.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bc4bfcfacb61d231109d1d55202c1f33263319668b168843e02ad4652725ec9c" +checksum = "7c5f0096a91d210159eceb2ff5e1c4da18388a170e1e3ce948aac9c8fdbbf595" dependencies = [ "heck", "proc-macro2 1.0.19", "quote 1.0.7", - "syn 1.0.36", + "syn 1.0.38", ] [[package]] @@ -1996,9 +2024,9 @@ dependencies = [ [[package]] name = "error-chain" -version = "0.12.2" +version = "0.12.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d371106cc88ffdfb1eabd7111e432da544f16f3e2d7bf1dfe8bf575f1df045cd" +checksum = "2d2f06b9cac1506ece98fe3231e3cc9c4410ec3d5b1f24ae1c8946f0742cdefc" dependencies = [ "backtrace", "version_check", @@ -2006,9 +2034,9 @@ dependencies = [ [[package]] name = "event-listener" -version = "2.2.1" +version = "2.3.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "829694371bd7bbc6aee17c4ff624aad8bf9f4dc06c6f9f6071eaa08c89530d10" +checksum = "7f14646a9e0430150a87951622ba9675472b68e384b7701b8423b30560805c7a" [[package]] name = "extensions" @@ -2037,7 +2065,7 @@ checksum = "aa4da3c766cd7a0db8242e326e9e4e081edd567072893ed320008189715366a4" dependencies = [ "proc-macro2 1.0.19", "quote 1.0.7", - "syn 1.0.36", + "syn 1.0.38", "synstructure", ] @@ -2049,21 +2077,22 @@ checksum = "e88a8acf291dafb59c2d96e8f59828f3838bb1a70398823ade51a84de6a6deed" [[package]] name = "fastrand" -version = "1.3.3" +version = "1.3.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "36a9cb09840f81cd211e435d00a4e487edd263dc3c8ff815c32dd76ad668ebed" +checksum = "4bd3bdaaf0a72155260a1c098989b60db1cbb22d6a628e64f16237aa4da93cc7" [[package]] name = "femme" -version = "2.1.0" +version = "2.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7b6b21baebbed15551f2170010ca4101b9ed3fdc05822791c8bd4631840eab81" +checksum = "2af1a24f391a5a94d756db5092c6576aad494b88a71a5a36b20c67b63e0df034" dependencies = [ "cfg-if", "js-sys", "log", "serde", "serde_derive", + "serde_json", "wasm-bindgen", "web-sys", ] @@ -2103,7 +2132,7 @@ dependencies = [ "num-traits 0.2.12", "proc-macro2 1.0.19", "quote 1.0.7", - "syn 1.0.36", + "syn 1.0.38", ] [[package]] @@ -2156,9 +2185,9 @@ dependencies = [ [[package]] name = "fil_logger" -version = "0.1.1" +version = "0.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9451be56e6ae9e28f96f382d28544ba519ca29101f4423f28e3ae84f30b2ab7a" +checksum = "8c17f555ec2b25672bd6906ca04cedda3a3caa211c420c9279bb1e71e6a192c5" dependencies = [ "atty", "flexi_logger", @@ -2185,9 +2214,9 @@ dependencies = [ [[package]] name = "filecoin-proofs" -version = "4.0.4" +version = "4.0.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b452e9ccddc7dcdb4e5b139092d049b448c1dad451e1835c8ad941cc3ad8ad3a" +checksum = "7f2b7f5fe05cf6c56c827f0bf8c77445038c317e268959af5083dd32b2b28e65" dependencies = [ "anyhow", "bellperson", @@ -2229,7 +2258,7 @@ dependencies = [ "serde", "serde_cbor", "serde_json", - "sha2ni", + "sha2 0.9.1", "simplelog", "storage-proofs", "structopt", @@ -2240,9 +2269,9 @@ dependencies = [ [[package]] name = "filecoin-proofs-api" -version = "4.0.3" +version = "4.0.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ff3e7829514fc351343d1bc5fd00d8b91b6a88ee75d074826c9bd07b9fdefa80" +checksum = "be1aea16f31209388e3db3473971c8442c339db355a12c1f4d3ec737c0c18a92" dependencies = [ "anyhow", "filecoin-proofs", @@ -2252,9 +2281,9 @@ dependencies = [ [[package]] name = "filetime" -version = "0.2.10" +version = "0.2.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "affc17579b132fc2461adf7c575cc6e8b134ebca52c51f5411388965227dc695" +checksum = "3ed85775dcc68644b5c950ac06a2b23768d3bc9390464151aaf27136998dcf9e" dependencies = [ "cfg-if", "libc", @@ -2365,7 +2394,7 @@ dependencies = [ [[package]] name = "forest_address" -version = "0.2.1" +version = "0.2.2" dependencies = [ "data-encoding", "data-encoding-macro", @@ -2658,9 +2687,9 @@ checksum = "de27142b013a8e869c14957e6d2edeef89e97c289e69d042ee3a49acd8b51789" [[package]] name = "futures-lite" -version = "0.1.9" +version = "0.1.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8cc8771bd1bb4c7be3c5f072a1d5e18086ef220f100a0a4efece41076e87b9f2" +checksum = "bbe71459749b2e8e66fb95df721b22fa08661ad384a0c5b519e11d3893b4692a" dependencies = [ "fastrand", "futures-core", @@ -2680,7 +2709,7 @@ dependencies = [ "proc-macro-hack", "proc-macro2 1.0.19", "quote 1.0.7", - "syn 1.0.36", + "syn 1.0.38", ] [[package]] @@ -2777,9 +2806,9 @@ dependencies = [ [[package]] name = "generic-array" -version = "0.14.3" +version = "0.14.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "60fb4bb6bba52f78a471264d9a3b7d026cc0af47b22cd2cffbc0b787ca003e63" +checksum = "501466ecc8a30d1d3b7fc9229b122b2ce8ed6e9d9223f1138d4babb253e51817" dependencies = [ "typenum", "version_check", @@ -2960,9 +2989,9 @@ dependencies = [ [[package]] name = "hashbrown" -version = "0.8.1" +version = "0.8.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "34f595585f103464d8d2f6e9864682d74c1601fed5e07d62b1c9058dba8246fb" +checksum = "e91b62f79061a0bc2e046024cb7ba44b08419ed238ecbd9adbd787434b9e8c25" dependencies = [ "autocfg 1.0.0", ] @@ -3084,7 +3113,7 @@ dependencies = [ "async-native-tls", "async-std", "futures 0.3.5", - "http-types 2.3.0", + "http-types 2.4.0", "isahc", "js-sys", "log", @@ -3112,9 +3141,9 @@ dependencies = [ [[package]] name = "http-types" -version = "2.3.0" +version = "2.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4bc341c4b7a71eb0d85c760dc7363648b82ecc38fa5ead50f69b52858df708b9" +checksum = "bb4daf8dc001485f4a32a7a17c54c67fa8a10340188f30ba87ac0fe1a9451e97" dependencies = [ "anyhow", "async-std", @@ -3206,12 +3235,12 @@ dependencies = [ [[package]] name = "indexmap" -version = "1.5.0" +version = "1.5.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5b88cd59ee5f71fea89a62248fc8f387d44400cefe05ef548466d61ced9029a7" +checksum = "86b45e59b16c76b11bf9738fd5d38879d3bd28ad292d7b313608becb17ae2df9" dependencies = [ "autocfg 1.0.0", - "hashbrown 0.8.1", + "hashbrown 0.8.2", "serde", ] @@ -3221,7 +3250,7 @@ version = "0.14.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "49a68371cf417889c9d7f98235b7102ea7c54fc59bcbd22f3dea785be9d27e40" dependencies = [ - "console", + "console 0.12.0", "lazy_static", "number_prefix", "regex", @@ -3341,9 +3370,9 @@ checksum = "47be2f14c678be2fdcab04ab1171db51b2762ce6f0a8ee87c8dd4a04ed216135" [[package]] name = "isahc" -version = "0.9.6" +version = "0.9.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fb136468b33e585d7b62aa4a4dce4da580494b73a17f8ca4778e51c6774ba7ac" +checksum = "4c7ae3a678e7d3bf240bfecc3ffda276db5db61e160c7639a196a1d944b2a5d4" dependencies = [ "bytes 0.5.6", "crossbeam-channel", @@ -3397,9 +3426,9 @@ dependencies = [ [[package]] name = "js-sys" -version = "0.3.42" +version = "0.3.44" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "52732a3d3ad72c58ad2dc70624f9c17b46ecd0943b9a4f1ee37c4c18c5d983e2" +checksum = "85a7e2c92a4804dd459b86c339278d0fe87cf93757fae222c3fa3ae75458bc73" dependencies = [ "wasm-bindgen", ] @@ -3430,7 +3459,7 @@ checksum = "3ec45934a6e793e0c0e1f4fd1966f5b1c0d2184e0185d6b24e585b6cd1eb96ba" dependencies = [ "proc-macro2 1.0.19", "quote 1.0.7", - "syn 1.0.36", + "syn 1.0.38", ] [[package]] @@ -3475,7 +3504,21 @@ dependencies = [ "Inflector", "proc-macro2 1.0.19", "quote 1.0.7", - "syn 1.0.36", + "syn 1.0.38", +] + +[[package]] +name = "jsonwebtoken" +version = "7.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "afabcc15e437a6484fc4f12d0fd63068fe457bf93f1c148d3d9649c60b103f32" +dependencies = [ + "base64 0.12.3", + "pem", + "ring", + "serde", + "serde_json", + "simple_asn1", ] [[package]] @@ -3560,15 +3603,15 @@ dependencies = [ [[package]] name = "libc" -version = "0.2.73" +version = "0.2.74" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bd7d4bd64732af4bf3a67f367c27df8520ad7e230c5817b8ff485864d80242b9" +checksum = "a2f02823cf78b754822df5f7f268fb59822e7296276d3e069d8e8cb26a14bd10" [[package]] name = "libipld-core" -version = "0.3.0" +version = "0.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "55cb1d6e9195f4c088b65dd96b942efae068fbc49fd2ca9f15ac7f4407a9292d" +checksum = "1644ab401cd98c4804d66b36a085c0ddc0841e93e0090d64b91c3663471c586c" dependencies = [ "cid", "multibase", @@ -3709,12 +3752,12 @@ dependencies = [ [[package]] name = "libp2p-core-derive" -version = "0.20.1" +version = "0.20.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "515c4a7cba5d321bb88ed3ed803997bdd5634ce35c9c5e8e9ace9c512e57eceb" +checksum = "f753d9324cd3ec14bf04b8a8cd0d269c87f294153d6bf2a84497a63a5ad22213" dependencies = [ "quote 1.0.7", - "syn 1.0.36", + "syn 1.0.38", ] [[package]] @@ -4222,9 +4265,9 @@ dependencies = [ [[package]] name = "merkletree" -version = "0.20.0" +version = "0.21.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "02c04e256049462714b58755aeb618d684db4aec010d0b72ee0fc7f56bcc63e7" +checksum = "2202d6eb93a775e0a619fc08924b341d0cf12d6e0f064ee52d24311de45b925b" dependencies = [ "anyhow", "arrayref", @@ -4555,13 +4598,13 @@ dependencies = [ [[package]] name = "num-derive" -version = "0.3.0" +version = "0.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0c8b15b261814f992e33760b1fca9fe8b693d8a65299f20c9901688636cfb746" +checksum = "e0396233fb2d5b0ae3f05ff6aba9a09185f7f6e70f87fb01147d545f85364665" dependencies = [ "proc-macro2 1.0.19", "quote 1.0.7", - "syn 1.0.36", + "syn 1.0.38", ] [[package]] @@ -4890,6 +4933,17 @@ version = "0.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "19b17cddbe7ec3f8bc800887bab5e717348c95ea2ca0b1bf0837fb964dc67099" +[[package]] +name = "pem" +version = "0.8.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "59698ea79df9bf77104aefd39cc3ec990cb9693fb59c3b0a70ddf2646fdffb4b" +dependencies = [ + "base64 0.12.3", + "once_cell", + "regex", +] + [[package]] name = "percent-encoding" version = "1.0.1" @@ -4949,7 +5003,7 @@ checksum = "2c0e815c3ee9a031fdf5af21c10aa17c573c9c6a566328d99e3936c34e36461f" dependencies = [ "proc-macro2 1.0.19", "quote 1.0.7", - "syn 1.0.36", + "syn 1.0.38", ] [[package]] @@ -5043,27 +5097,25 @@ dependencies = [ [[package]] name = "proc-macro-error" -version = "1.0.3" +version = "1.0.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fc175e9777c3116627248584e8f8b3e2987405cabe1c0adf7d1dd28f09dc7880" +checksum = "da25490ff9892aab3fcf7c36f08cfb902dd3e71ca0f9f9517bea02a73a5ce38c" dependencies = [ "proc-macro-error-attr", "proc-macro2 1.0.19", "quote 1.0.7", - "syn 1.0.36", + "syn 1.0.38", "version_check", ] [[package]] name = "proc-macro-error-attr" -version = "1.0.3" +version = "1.0.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3cc9795ca17eb581285ec44936da7fc2335a3f34f2ddd13118b6f4d515435c50" +checksum = "a1be40180e52ecc98ad80b184934baf3d0d29f979574e439af5a55274b35f869" dependencies = [ "proc-macro2 1.0.19", "quote 1.0.7", - "syn 1.0.36", - "syn-mid", "version_check", ] @@ -5135,7 +5187,7 @@ dependencies = [ "itertools 0.8.2", "proc-macro2 1.0.19", "quote 1.0.7", - "syn 1.0.36", + "syn 1.0.38", ] [[package]] @@ -5515,6 +5567,7 @@ name = "rpc" version = "0.1.0" dependencies = [ "async-std", + "auth", "chain", "chain_sync", "clock", @@ -5531,7 +5584,9 @@ dependencies = [ "hex", "ipld_blockstore", "jsonrpc-v2", + "jsonwebtoken", "key_management", + "lazy_static", "message_pool", "num-traits 0.2.12", "serde", @@ -5547,6 +5602,7 @@ dependencies = [ name = "rpc-client" version = "0.1.0" dependencies = [ + "auth", "forest_blocks", "forest_cid", "forest_crypto", @@ -5554,6 +5610,7 @@ dependencies = [ "jsonrpc-v2", "jsonrpsee", "key_management", + "lazy_static", "log", "serde_json", ] @@ -5796,9 +5853,9 @@ checksum = "f638d531eccd6e23b980caf34876660d38e265409d8e99b397ab71eb3612fad0" [[package]] name = "serde" -version = "1.0.114" +version = "1.0.115" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5317f7588f0a5078ee60ef675ef96735a1442132dc645eb1d12c018620ed8cd3" +checksum = "e54c9a88f2da7238af84b5101443f0c0d0a3bbdc455e34a5c9497b1903ed55d5" dependencies = [ "serde_derive", ] @@ -5824,13 +5881,13 @@ dependencies = [ [[package]] name = "serde_derive" -version = "1.0.114" +version = "1.0.115" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2a0be94b04690fbaed37cddffc5c134bf537c8e3329d53e982fe04c374978f8e" +checksum = "609feed1d0a73cc36a0182a840a9b37b4a82f0b1150369f0536a9e3f2a31dc48" dependencies = [ "proc-macro2 1.0.19", "quote 1.0.7", - "syn 1.0.36", + "syn 1.0.38", ] [[package]] @@ -5876,7 +5933,7 @@ checksum = "2dc6b7951b17b051f3210b063f12cc17320e2fe30ae05b0fe2a3abb068551c76" dependencies = [ "proc-macro2 1.0.19", "quote 1.0.7", - "syn 1.0.36", + "syn 1.0.38", ] [[package]] @@ -5897,7 +5954,7 @@ checksum = "4076151d1a2b688e25aaf236997933c66e18b870d0369f8b248b8ab2be630d7e" dependencies = [ "proc-macro2 1.0.19", "quote 1.0.7", - "syn 1.0.36", + "syn 1.0.38", ] [[package]] @@ -6024,9 +6081,9 @@ checksum = "7fdf1b9db47230893d76faad238fd6097fd6d6a9245cd7a4d90dbd639536bbd2" [[package]] name = "signal-hook-registry" -version = "1.2.0" +version = "1.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "94f478ede9f64724c5d173d7bb56099ec3e2d9fc2774aac65d34b8b890405f41" +checksum = "a3e12110bc539e657a646068aaf5eb5b63af9d0c1f7b29c97113fad80e15f035" dependencies = [ "arc-swap", "libc", @@ -6034,9 +6091,20 @@ dependencies = [ [[package]] name = "signature" -version = "1.1.0" +version = "1.2.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "65211b7b6fc3f14ff9fc7a2011a434e3e6880585bd2e9e9396315ae24cbf7852" +checksum = "29f060a7d147e33490ec10da418795238fd7545bba241504d6b31a409f2e6210" + +[[package]] +name = "simple_asn1" +version = "0.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "692ca13de57ce0613a363c8c2f1de925adebc81b04c923ac60c5488bb44abe4b" +dependencies = [ + "chrono", + "num-bigint 0.2.6", + "num-traits 0.2.12", +] [[package]] name = "simplelog" @@ -6290,7 +6358,7 @@ dependencies = [ "quote 1.0.7", "serde", "serde_derive", - "syn 1.0.36", + "syn 1.0.38", ] [[package]] @@ -6306,7 +6374,7 @@ dependencies = [ "serde_derive", "serde_json", "sha1", - "syn 1.0.36", + "syn 1.0.38", ] [[package]] @@ -6317,9 +6385,9 @@ checksum = "213701ba3370744dcd1a12960caa4843b3d68b4d1c0a5d575e0d65b2ee9d16c0" [[package]] name = "storage-proofs" -version = "4.0.4" +version = "4.0.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e6b3434dd7de25ec63925799a71456f4b89674a430900365c07e05605cf6886b" +checksum = "cbf038a792b70a30ad57fa9031f831e155bc73ee0de739f547db746089ddc2a3" dependencies = [ "storage-proofs-core", "storage-proofs-porep", @@ -6328,9 +6396,9 @@ dependencies = [ [[package]] name = "storage-proofs-core" -version = "4.0.4" +version = "4.0.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1b2ca9754cc550a3523d0b94a8c5fe2007e78c3c695edf358bfc61bc17b9f597" +checksum = "377dd46a1230fed0908336eba49585c6f6848fd0024beff7e2be530dd4e85148" dependencies = [ "aes 0.3.2", "anyhow", @@ -6358,7 +6426,7 @@ dependencies = [ "rayon", "serde", "serde_json", - "sha2ni", + "sha2 0.9.1", "tempfile", "thiserror", "toml", @@ -6366,12 +6434,13 @@ dependencies = [ [[package]] name = "storage-proofs-porep" -version = "4.0.4" +version = "4.0.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b49d0b1cf21badabe42b76d60705c73e5759f86b35436f79c60bdb23a392d2fe" +checksum = "12ed8b64151c1bf2a7f2351f2f1f4d8ff308fa81cb798637554282517c7a00de" dependencies = [ "anyhow", "bellperson", + "bincode", "byteorder 1.3.4", "fff", "fil-sapling-crypto", @@ -6390,16 +6459,16 @@ dependencies = [ "rand 0.7.3", "rayon", "serde", - "sha2ni", + "sha2 0.9.1", "sha2raw", "storage-proofs-core", ] [[package]] name = "storage-proofs-post" -version = "4.0.4" +version = "4.0.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "41e0659dad068da1e16c78ca6f6dd03daa6ecc583bb49c2b05e897ca2cebd3f0" +checksum = "2c917d1bfe2ecffac757f464bd0830ce9f9a771b4e629238c4e0de0b41923640" dependencies = [ "anyhow", "bellperson", @@ -6419,7 +6488,7 @@ dependencies = [ "rand 0.7.3", "rayon", "serde", - "sha2ni", + "sha2 0.9.1", "storage-proofs-core", ] @@ -6438,7 +6507,7 @@ version = "0.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "09f8ed9974042b8c3672ff3030a69fcc03b74c47c3d1ecb7755e8a3626011e88" dependencies = [ - "generic-array 0.14.3", + "generic-array 0.14.4", ] [[package]] @@ -6455,9 +6524,9 @@ checksum = "6446ced80d6c486436db5c078dde11a9f73d42b57fb273121e160b84f63d894c" [[package]] name = "structopt" -version = "0.3.15" +version = "0.3.16" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "de2f5e239ee807089b62adce73e48c625e0ed80df02c7ab3f068f5db5281065c" +checksum = "de5472fb24d7e80ae84a7801b7978f95a19ec32cb1876faea59ab711eb901976" dependencies = [ "clap", "lazy_static", @@ -6466,15 +6535,15 @@ dependencies = [ [[package]] name = "structopt-derive" -version = "0.4.8" +version = "0.4.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "510413f9de616762a4fbeab62509bf15c729603b72d7cd71280fbca431b1c118" +checksum = "1e0eb37335aeeebe51be42e2dc07f031163fbabfa6ac67d7ea68b5c2f68d5f99" dependencies = [ "heck", "proc-macro-error", "proc-macro2 1.0.19", "quote 1.0.7", - "syn 1.0.36", + "syn 1.0.38", ] [[package]] @@ -6499,7 +6568,7 @@ dependencies = [ "encoding_rs", "futures 0.3.5", "http-client", - "http-types 2.3.0", + "http-types 2.4.0", "log", "mime", "mime_guess", @@ -6524,26 +6593,15 @@ dependencies = [ [[package]] name = "syn" -version = "1.0.36" +version = "1.0.38" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4cdb98bcb1f9d81d07b536179c269ea15999b5d14ea958196413869445bb5250" +checksum = "e69abc24912995b3038597a7a593be5053eb0fb44f3cc5beec0deb421790c1f4" dependencies = [ "proc-macro2 1.0.19", "quote 1.0.7", "unicode-xid 0.2.1", ] -[[package]] -name = "syn-mid" -version = "0.5.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7be3539f6c128a931cf19dcee741c1af532c7fd387baa739c03dd2e96479338a" -dependencies = [ - "proc-macro2 1.0.19", - "quote 1.0.7", - "syn 1.0.36", -] - [[package]] name = "synstructure" version = "0.12.4" @@ -6552,7 +6610,7 @@ checksum = "b834f2d66f734cb897113e34aaff2f1ab4719ca946f9a7358dba8f8064148701" dependencies = [ "proc-macro2 1.0.19", "quote 1.0.7", - "syn 1.0.36", + "syn 1.0.38", "unicode-xid 0.2.1", ] @@ -6670,7 +6728,7 @@ checksum = "bd80fc12f73063ac132ac92aceea36734f04a1d93c1240c6944e23a3b8841793" dependencies = [ "proc-macro2 1.0.19", "quote 1.0.7", - "syn 1.0.36", + "syn 1.0.38", ] [[package]] @@ -6701,7 +6759,7 @@ dependencies = [ "async-sse", "async-std", "femme", - "http-types 2.3.0", + "http-types 2.4.0", "kv-log-macro", "mime", "mime_guess", @@ -6756,7 +6814,7 @@ dependencies = [ "proc-macro2 1.0.19", "quote 1.0.7", "standback", - "syn 1.0.36", + "syn 1.0.38", ] [[package]] @@ -6863,9 +6921,9 @@ checksum = "e987b6bf443f4b5b3b6f38704195592cca41c5bb7aedd3c3693c7081f8289860" [[package]] name = "tracing" -version = "0.1.17" +version = "0.1.19" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dbdf4ccd1652592b01286a5dbe1e2a77d78afaa34beadd9872a5f7396f92aaa9" +checksum = "6d79ca061b032d6ce30c660fded31189ca0b9922bf483cd70759f13a2d86786c" dependencies = [ "cfg-if", "log", @@ -6875,20 +6933,20 @@ dependencies = [ [[package]] name = "tracing-attributes" -version = "0.1.9" +version = "0.1.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f0693bf8d6f2bf22c690fc61a9d21ac69efdbb894a17ed596b9af0f01e64b84b" +checksum = "1fe233f4227389ab7df5b32649239da7ebe0b281824b4e84b342d04d3fd8c25e" dependencies = [ "proc-macro2 1.0.19", "quote 1.0.7", - "syn 1.0.36", + "syn 1.0.38", ] [[package]] name = "tracing-core" -version = "0.1.11" +version = "0.1.14" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "94ae75f0d28ae10786f3b1895c55fe72e79928fd5ccdebb5438c75e93fec178f" +checksum = "db63662723c316b43ca36d833707cc93dff82a02ba3d7e354f342682cc8b3545" dependencies = [ "lazy_static", ] @@ -6967,9 +7025,9 @@ checksum = "373c8a200f9e67a0c95e62a4f52fbf80c23b4381c05a17845531982fa99e6b33" [[package]] name = "uint" -version = "0.8.3" +version = "0.8.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "173cd16430c206dc1a430af8a89a0e9c076cf15cb42b4aedb10e8cc8fee73681" +checksum = "429ffcad8c8c15f874578c7337d156a3727eb4a1c2374c0ae937ad9a9b748c80" dependencies = [ "byteorder 1.3.4", "crunchy", @@ -7034,7 +7092,7 @@ version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8326b2c654932e3e4f9196e69d08fdf7cfd718e1dc6f66b347e6024a0c961402" dependencies = [ - "generic-array 0.14.3", + "generic-array 0.14.4", "subtle 2.2.3", ] @@ -7069,6 +7127,7 @@ dependencies = [ "idna", "matches", "percent-encoding 2.1.0", + "serde", ] [[package]] @@ -7140,9 +7199,9 @@ checksum = "cccddf32554fecc6acb585f82a32a72e28b48f8c4c1883ddfeeeaa96f7d8e519" [[package]] name = "wasm-bindgen" -version = "0.2.65" +version = "0.2.67" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f3edbcc9536ab7eababcc6d2374a0b7bfe13a2b6d562c5e07f370456b1a8f33d" +checksum = "f0563a9a4b071746dd5aedbc3a28c6fe9be4586fb3fbadb67c400d4f53c6b16c" dependencies = [ "cfg-if", "serde", @@ -7152,24 +7211,24 @@ dependencies = [ [[package]] name = "wasm-bindgen-backend" -version = "0.2.65" +version = "0.2.67" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "89ed2fb8c84bfad20ea66b26a3743f3e7ba8735a69fe7d95118c33ec8fc1244d" +checksum = "bc71e4c5efa60fb9e74160e89b93353bc24059999c0ae0fb03affc39770310b0" dependencies = [ "bumpalo", "lazy_static", "log", "proc-macro2 1.0.19", "quote 1.0.7", - "syn 1.0.36", + "syn 1.0.38", "wasm-bindgen-shared", ] [[package]] name = "wasm-bindgen-futures" -version = "0.4.15" +version = "0.4.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "41ad6e4e8b2b7f8c90b6e09a9b590ea15cb0d1dbe28502b5a405cd95d1981671" +checksum = "95f8d235a77f880bcef268d379810ea6c0af2eacfa90b1ad5af731776e0c4699" dependencies = [ "cfg-if", "js-sys", @@ -7179,9 +7238,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro" -version = "0.2.65" +version = "0.2.67" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "eb071268b031a64d92fc6cf691715ca5a40950694d8f683c5bb43db7c730929e" +checksum = "97c57cefa5fa80e2ba15641578b44d36e7a64279bc5ed43c6dbaf329457a2ed2" dependencies = [ "quote 1.0.7", "wasm-bindgen-macro-support", @@ -7189,22 +7248,22 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro-support" -version = "0.2.65" +version = "0.2.67" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cf592c807080719d1ff2f245a687cbadb3ed28b2077ed7084b47aba8b691f2c6" +checksum = "841a6d1c35c6f596ccea1f82504a192a60378f64b3bb0261904ad8f2f5657556" dependencies = [ "proc-macro2 1.0.19", "quote 1.0.7", - "syn 1.0.36", + "syn 1.0.38", "wasm-bindgen-backend", "wasm-bindgen-shared", ] [[package]] name = "wasm-bindgen-shared" -version = "0.2.65" +version = "0.2.67" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "72b6c0220ded549d63860c78c38f3bcc558d1ca3f4efa74942c536ddbbb55e87" +checksum = "93b162580e34310e5931c4b792560108b10fd14d64915d7fff8ff00180e70092" [[package]] name = "wasm-timer" @@ -7224,9 +7283,9 @@ dependencies = [ [[package]] name = "web-sys" -version = "0.3.42" +version = "0.3.44" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8be2398f326b7ba09815d0b403095f34dd708579220d099caae89be0b32137b2" +checksum = "dda38f4e5ca63eda02c059d243aa25b5f35ab98451e518c51612cd0f1bd19a47" dependencies = [ "js-sys", "wasm-bindgen", @@ -7421,6 +7480,6 @@ checksum = "de251eec69fc7c1bc3923403d18ececb929380e016afe103da75f396704f8ca2" dependencies = [ "proc-macro2 1.0.19", "quote 1.0.7", - "syn 1.0.36", + "syn 1.0.38", "synstructure", ] diff --git a/Cargo.toml b/Cargo.toml index 905b5acd9776..19737f3ede55 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -29,6 +29,7 @@ members = [ "ipld/graphsync", "utils/bigint", "tests/serialization_tests", + "utils/auth", "utils/bitfield", "utils/test_utils", "utils/commcid", diff --git a/forest/src/cli/auth_cmd.rs b/forest/src/cli/auth_cmd.rs new file mode 100644 index 000000000000..3928d7fc47b5 --- /dev/null +++ b/forest/src/cli/auth_cmd.rs @@ -0,0 +1,40 @@ +// Copyright 2020 ChainSafe Systems +// SPDX-License-Identifier: Apache-2.0, MIT + +// Copyright 2020 ChainSafe Systems +// SPDX-License-Identifier: Apache-2.0, MIT + +use super::stringify_rpc_err; +use rpc_client::{auth_new, new_client}; +use structopt::StructOpt; + +#[derive(Debug, StructOpt)] +pub enum AuthCommands { + /// Create a new Authentication token with given permission + #[structopt(about = " Create Authentication token with given permission")] + CreateToken { + #[structopt( + short, + help = "permission to assign to the token, one of: read, write, sign, admin" + )] + perm: String, + }, +} + +impl AuthCommands { + pub async fn run(&self) { + // TODO handle cli config + match self { + Self::CreateToken { perm } => { + let perm: String = perm.parse().unwrap(); + let mut client = new_client(); + + let obj = auth_new(&mut client, perm) + .await + .map_err(stringify_rpc_err) + .unwrap(); + println!("{}", serde_json::to_string_pretty(&obj).unwrap()); + } + } + } +} diff --git a/forest/src/cli/mod.rs b/forest/src/cli/mod.rs index f37ad621bdf0..bee8fc542dbe 100644 --- a/forest/src/cli/mod.rs +++ b/forest/src/cli/mod.rs @@ -1,11 +1,13 @@ // Copyright 2020 ChainSafe Systems // SPDX-License-Identifier: Apache-2.0, MIT +mod auth_cmd; mod chain_cmd; mod config; mod fetch_params_cmd; mod genesis; +pub(super) use self::auth_cmd::AuthCommands; pub(super) use self::chain_cmd::ChainCommands; pub use self::config::Config; pub(super) use self::fetch_params_cmd::FetchCommands; @@ -47,6 +49,9 @@ pub enum Subcommand { #[structopt(name = "chain", about = "Interact with Filecoin blockchain")] Chain(ChainCommands), + + #[structopt(name = "auth", about = "Manage RPC Permissions")] + Auth(AuthCommands), } /// Daemon process command line options. diff --git a/forest/src/subcommand.rs b/forest/src/subcommand.rs index e894847ce581..8cda7a3d2b32 100644 --- a/forest/src/subcommand.rs +++ b/forest/src/subcommand.rs @@ -12,5 +12,8 @@ pub(super) async fn process(command: Subcommand) { Subcommand::Chain(cmd) => { cmd.run().await; } + Subcommand::Auth(cmd) => { + cmd.run().await; + } } } diff --git a/node/rpc-client/Cargo.toml b/node/rpc-client/Cargo.toml index 538e41af7174..8d5afe451e4c 100644 --- a/node/rpc-client/Cargo.toml +++ b/node/rpc-client/Cargo.toml @@ -13,4 +13,6 @@ serde_json = "1.0" jsonrpc-v2 = { version = "0.5.2", features = ["easy-errors", "macros"] } log = "0.4.8" crypto = { package = "forest_crypto", path = "../../crypto", features = ["json"] } -wallet = {package = "key_management", path = "../../key_management", features = ["json"] } \ No newline at end of file +wallet = {package = "key_management", path = "../../key_management", features = ["json"] } +lazy_static = "1.4.0" +auth = { path = "../../utils/auth"} \ No newline at end of file diff --git a/node/rpc-client/src/auth_ops.rs b/node/rpc-client/src/auth_ops.rs new file mode 100644 index 000000000000..1bacc18d9a1d --- /dev/null +++ b/node/rpc-client/src/auth_ops.rs @@ -0,0 +1,23 @@ +// Copyright 2020 ChainSafe Systems +// SPDX-License-Identifier: Apache-2.0, MIT + +// Copyright 2020 ChainSafe Systems +// SPDX-License-Identifier: Apache-2.0, MIT + +use super::client::Filecoin; +use auth::*; +use jsonrpc_v2::Error as JsonRpcError; +use jsonrpsee::raw::RawClient; +use jsonrpsee::transport::http::HttpTransportClient as HTC; + +/// Creates a new JWT Token +pub async fn auth_new(client: &mut RawClient, perm: String) -> Result { + let ret: String = match perm.as_str() { + "admin" => Filecoin::auth_new(client, ADMIN.clone()).await?, + "sign" => Filecoin::auth_new(client, SIGN.clone()).await?, + "write" => Filecoin::auth_new(client, WRITE.clone()).await?, + "read" => Filecoin::auth_new(client, READ.clone()).await?, + _ => return Err(JsonRpcError::INVALID_PARAMS), + }; + Ok(ret) +} diff --git a/node/rpc-client/src/client.rs b/node/rpc-client/src/client.rs index 5c523a9949e8..3c93a344aabd 100644 --- a/node/rpc-client/src/client.rs +++ b/node/rpc-client/src/client.rs @@ -12,6 +12,9 @@ use message::unsigned_message::json::UnsignedMessageJson; jsonrpsee::rpc_api! { pub Filecoin { + /// Auth + #[rpc(method = "Filecoin.AuthNew", positional_params)] + fn auth_new(perm: Vec) -> String; /// Chain #[rpc(method = "Filecoin.ChainGetBlock", positional_params)] fn chain_get_block(cid: CidJson) -> BlockHeaderJson; diff --git a/node/rpc-client/src/lib.rs b/node/rpc-client/src/lib.rs index 9cc7ea8b5de5..5bd7d6afb384 100644 --- a/node/rpc-client/src/lib.rs +++ b/node/rpc-client/src/lib.rs @@ -1,8 +1,10 @@ // Copyright 2020 ChainSafe Systems // SPDX-License-Identifier: Apache-2.0, MIT +mod auth_ops; mod chain_ops; mod client; +pub use self::auth_ops::*; pub use self::chain_ops::*; pub use self::client::*; diff --git a/node/rpc/Cargo.toml b/node/rpc/Cargo.toml index 7768a484a7fa..c6a16856db2f 100644 --- a/node/rpc/Cargo.toml +++ b/node/rpc/Cargo.toml @@ -28,6 +28,9 @@ num-bigint = { path = "../../utils/bigint", package = "forest_bigint" } thiserror = "1.0" state_tree = { path = "../../vm/state_tree" } forest_libp2p = { path = "../forest_libp2p" } +jsonwebtoken = "7.2.0" +lazy_static = "1.4.0" +auth = { path = "../../utils/auth"} [dev-dependencies] db = { path = "../db" } diff --git a/node/rpc/src/auth_api.rs b/node/rpc/src/auth_api.rs new file mode 100644 index 000000000000..d9c44befaffa --- /dev/null +++ b/node/rpc/src/auth_api.rs @@ -0,0 +1,23 @@ +// Copyright 2020 ChainSafe Systems +// SPDX-License-Identifier: Apache-2.0, MIT + +use auth::*; +use jsonrpc_v2::{Error as JsonRpcError, Params}; + +/// RPC call to create a new JWT Token +pub(crate) async fn auth_new( + Params(params): Params<(Vec,)>, +) -> Result { + let (perms,) = params; + let token = create_token(perms)?; + Ok(token) +} + +/// RPC call to verify JWT Token and return the token's permissions +pub(crate) async fn auth_verify( + Params(params): Params<(String,)>, +) -> Result, JsonRpcError> { + let (token,) = params; + let perms = verify_token(&token)?; + Ok(perms) +} diff --git a/node/rpc/src/lib.rs b/node/rpc/src/lib.rs index 6088acf63f87..d5baad7860e5 100644 --- a/node/rpc/src/lib.rs +++ b/node/rpc/src/lib.rs @@ -1,21 +1,37 @@ // Copyright 2020 ChainSafe Systems // SPDX-License-Identifier: Apache-2.0, MIT +#[macro_use] +extern crate lazy_static; + +mod auth_api; mod chain_api; mod mpool_api; mod sync_api; mod wallet_api; use async_std::sync::{RwLock, Sender}; +use auth::{has_perms, Error}; use blockstore::BlockStore; use chain_sync::{BadBlockCache, SyncState}; use forest_libp2p::NetworkMessage; -use jsonrpc_v2::{Data, MapRouter, RequestObject, Server}; +use jsonrpc_v2::{Data, Error as JsonRpcError, ErrorLike, MapRouter, RequestObject, Server}; use message_pool::{MessagePool, MpoolRpcProvider}; use std::sync::Arc; use tide::{Request, Response, StatusCode}; use wallet::KeyStore; +lazy_static! { + pub static ref WRITE_ACCESS: Vec = vec![ + "Filecoin.MpoolPush".to_string(), + "Filecoin.WalletNew".to_string(), + "Filecoin.WalletHas".to_string(), + "Filecoin.WalletList".to_string(), + "Filecoin.WalletDefaultAddress".to_string(), + "Filecoin.WalletList".to_string(), + ]; +} + /// This is where you store persistant data, or at least access to stateful data. pub struct RpcState where @@ -33,6 +49,28 @@ where async fn handle_json_rpc(mut req: Request>) -> tide::Result { let call: RequestObject = req.body_json().await?; + let call_str = format!("{:?}", call); + let start = call_str + .find("method: \"") + .ok_or_else(|| Error::MethodParam)? + + 9; + let end = call_str + .find("\", params") + .ok_or_else(|| Error::MethodParam)?; + let method_name = &call_str[start..end]; + if WRITE_ACCESS.contains(&method_name.to_string()) { + if let Some(header) = req.header("Authorization") { + let header_raw = header.get(0).unwrap().message(); + let perm = has_perms(header_raw, "write"); + if perm.is_err() { + return Ok(Response::new(StatusCode::Ok).body_json(&perm.unwrap_err())?); + } + } else { + return Ok(Response::new(StatusCode::Ok) + .body_json(&JsonRpcError::from(Error::NoAuthHeader))?); + } + } + let res = req.state().handle(call).await; Ok(Response::new(StatusCode::Ok).body_json(&res)?) } @@ -42,6 +80,7 @@ where DB: BlockStore + Send + Sync + 'static, KS: KeyStore + Send + Sync + 'static, { + use auth_api::*; use chain_api::*; use mpool_api::*; use sync_api::*; @@ -49,6 +88,10 @@ where let rpc = Server::new() .with_data(Data::new(state)) + // Auth API + .with_method("Filecoin.AuthNew", auth_new) + .with_method("Filecoin.AuthVerify", auth_verify) + // Chain API .with_method( "Filecoin.ChainGetMessage", chain_api::chain_get_message::, diff --git a/utils/auth/Cargo.toml b/utils/auth/Cargo.toml new file mode 100644 index 000000000000..ce8a8d3c8cde --- /dev/null +++ b/utils/auth/Cargo.toml @@ -0,0 +1,12 @@ +[package] +name = "auth" +version = "0.1.0" +authors = ["ChainSafe Systems "] +edition = "2018" + +[dependencies] +jsonrpc-v2 = { version = "0.5.2", features = ["easy-errors", "macros"] } +jsonwebtoken = "7.2.0" +lazy_static = "1.4.0" +serde = { version = "1.0.101", default-features = false, features = ["derive"] } +thiserror = "1.0" \ No newline at end of file diff --git a/utils/auth/src/lib.rs b/utils/auth/src/lib.rs new file mode 100644 index 000000000000..cc41e743fdea --- /dev/null +++ b/utils/auth/src/lib.rs @@ -0,0 +1,88 @@ +// Copyright 2020 ChainSafe Systems +// SPDX-License-Identifier: Apache-2.0, MIT + +#[macro_use] +extern crate lazy_static; + +use jsonrpc_v2::Error as JsonRpcError; +use jsonwebtoken::errors::Result as JWTResult; +use jsonwebtoken::{decode, encode, DecodingKey, EncodingKey, Header, Validation}; +use serde::{Deserialize, Serialize}; +use thiserror::Error; + +/// Error Enum for Authentification +#[derive(Debug, Error, Serialize, Deserialize)] +pub enum Error { + /// Filecoin Method does not exist + #[error("Filecoin method does not exist")] + MethodParam, + /// Invalid permissions to use specified method + #[error("Incorrect permissions to access method")] + InvalidPermissions, + /// Missing authentication header + #[error("Missing authentication header")] + NoAuthHeader, + #[error("{0}")] + Other(String), +} + +lazy_static! { + /// Constants of all Levels of permissions + pub static ref ADMIN: Vec = vec![ + "read".to_string(), + "write".to_string(), + "sign".to_string(), + "admin".to_string() + ]; + pub static ref SIGN: Vec = + vec!["read".to_string(), "write".to_string(), "sign".to_string()]; + pub static ref WRITE: Vec = vec!["read".to_string(), "write".to_string()]; + pub static ref READ: Vec = vec!["read".to_string()]; +} + +// TODO need to figure out how lotus generates secret key for encoding and decoding JWT Tokens + +/// Claim struct for JWT Tokens +#[derive(Debug, Serialize, Deserialize)] +struct Claims { + #[serde(rename = "Allow")] + allow: Vec, + // TODO currently lotus does not have an exp value for their JWT tokens, need to figure out what they do instead to overcome invalid validations + exp: usize, +} + +/// Create a new JWT Token +pub fn create_token(perms: Vec) -> JWTResult { + let payload = Claims { + allow: perms, + /// TODO change value to proper expiration + exp: 10000000000, + }; + encode( + &Header::default(), + &payload, + &EncodingKey::from_secret("secret".as_ref()), + ) +} + +/// Verify JWT Token and return the allowed permissions from token +pub fn verify_token(token: &str) -> JWTResult> { + let token = decode::( + token, + &DecodingKey::from_secret("secret".as_ref()), + &Validation::default(), + )?; + Ok(token.claims.allow) +} + +/// Check whether or not header has required permissions +pub fn has_perms(header_raw: String, required: &str) -> Result<(), JsonRpcError> { + if header_raw.starts_with("Bearer: ") { + let token = header_raw.trim_start_matches("Bearer: "); + let perms = verify_token(token).map_err(|err| Error::Other(err.to_string()))?; + if !perms.contains(&required.to_string()) { + return Err(JsonRpcError::from(Error::InvalidPermissions)); + } + } + Ok(()) +} From 730bd3ab76ab9e3b2718b947adb1bb28999073c7 Mon Sep 17 00:00:00 2001 From: flodesi Date: Tue, 11 Aug 2020 17:21:47 -0400 Subject: [PATCH 2/7] rm dup license --- node/rpc-client/src/auth_ops.rs | 3 --- 1 file changed, 3 deletions(-) diff --git a/node/rpc-client/src/auth_ops.rs b/node/rpc-client/src/auth_ops.rs index 1bacc18d9a1d..b10b53d90525 100644 --- a/node/rpc-client/src/auth_ops.rs +++ b/node/rpc-client/src/auth_ops.rs @@ -1,9 +1,6 @@ // Copyright 2020 ChainSafe Systems // SPDX-License-Identifier: Apache-2.0, MIT -// Copyright 2020 ChainSafe Systems -// SPDX-License-Identifier: Apache-2.0, MIT - use super::client::Filecoin; use auth::*; use jsonrpc_v2::Error as JsonRpcError; From 205487a1d3bbab8412b1ae00359daf07bfc9829f Mon Sep 17 00:00:00 2001 From: flodesi Date: Mon, 17 Aug 2020 17:11:25 -0400 Subject: [PATCH 3/7] fixed jwt key gen --- Cargo.lock | 5 +++++ forest/Cargo.toml | 3 ++- forest/src/cli/mod.rs | 1 - forest/src/daemon.rs | 12 ++++++++---- forest/src/subcommand.rs | 3 ++- key_management/src/keystore.rs | 10 +++++++--- node/rpc/Cargo.toml | 1 + node/rpc/src/auth_api.rs | 31 ++++++++++++++++++++++------- node/rpc/src/lib.rs | 15 +++++++++++--- utils/auth/Cargo.toml | 5 ++++- utils/auth/src/lib.rs | 36 ++++++++++++++++++---------------- 11 files changed, 84 insertions(+), 38 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index d1511e627349..b944bbef900c 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -688,9 +688,12 @@ dependencies = [ name = "auth" version = "0.1.0" dependencies = [ + "forest_crypto", "jsonrpc-v2", "jsonwebtoken", + "key_management", "lazy_static", + "rand 0.7.3", "serde", "thiserror", ] @@ -2361,6 +2364,7 @@ version = "0.1.0" dependencies = [ "async-log", "async-std", + "auth", "beacon", "blake2b_simd", "chain", @@ -5600,6 +5604,7 @@ dependencies = [ "test_utils", "thiserror", "tide", + "utils", ] [[package]] diff --git a/forest/Cargo.toml b/forest/Cargo.toml index b4c909a2f1f7..b3ec331e6c27 100644 --- a/forest/Cargo.toml +++ b/forest/Cargo.toml @@ -37,4 +37,5 @@ pin-project-lite = "0.1" message_pool = { package = "message_pool", path = "../blockchain/message_pool" } wallet = {package = "key_management", path = "../key_management"} jsonrpc-v2 = { version = "0.5.2", features = ["easy-errors", "macros"] } -uuid = { version = "0.8.1", features = ["v4"] } \ No newline at end of file +uuid = { version = "0.8.1", features = ["v4"] } +auth = { path = "../utils/auth"} diff --git a/forest/src/cli/mod.rs b/forest/src/cli/mod.rs index 93ec29472b19..6c2f7aea25a2 100644 --- a/forest/src/cli/mod.rs +++ b/forest/src/cli/mod.rs @@ -57,7 +57,6 @@ pub enum Subcommand { #[structopt(name = "genesis", about = "Work with blockchain genesis")] Genesis(GenesisCommands), - } /// Daemon process command line options. diff --git a/forest/src/daemon.rs b/forest/src/daemon.rs index 432cc0e70b26..995a1b98990e 100644 --- a/forest/src/daemon.rs +++ b/forest/src/daemon.rs @@ -4,6 +4,7 @@ use super::cli::{block_until_sigint, initialize_genesis, Config}; use async_std::sync::RwLock; use async_std::task; +use auth::generate_priv_key; use beacon::DrandBeacon; use chain::ChainStore; use chain_sync::ChainSyncer; @@ -15,7 +16,7 @@ use message_pool::{MessagePool, MpoolRpcProvider}; use rpc::{start_rpc, RpcState}; use std::sync::Arc; use utils::write_to_file; -use wallet::PersistentKeyStore; +use wallet::{KeyStore, PersistentKeyStore}; /// Starts daemon process pub(super) async fn start(config: Config) { @@ -38,9 +39,12 @@ pub(super) async fn start(config: Config) { }); // Initialize keystore - let keystore = Arc::new(RwLock::new( - PersistentKeyStore::new(config.data_dir.to_string()).unwrap(), - )); + let mut ks = PersistentKeyStore::new(config.data_dir.to_string()).unwrap(); + if ks.get("auth-jwt-private").is_err() { + ks.put("auth-jwt-private".to_owned(), generate_priv_key()) + .unwrap(); + } + let keystore = Arc::new(RwLock::new(ks)); // Initialize database let mut db = RocksDb::new(config.data_dir + "/db"); diff --git a/forest/src/subcommand.rs b/forest/src/subcommand.rs index 6f3011c6774d..9107fa426027 100644 --- a/forest/src/subcommand.rs +++ b/forest/src/subcommand.rs @@ -13,9 +13,10 @@ pub(super) async fn process(command: Subcommand) { cmd.run().await; } Subcommand::Auth(cmd) => { + cmd.run().await; + } Subcommand::Genesis(cmd) => { - cmd.run().await; } } diff --git a/key_management/src/keystore.rs b/key_management/src/keystore.rs index 88a7a9f6ced7..1341b41b4ebe 100644 --- a/key_management/src/keystore.rs +++ b/key_management/src/keystore.rs @@ -15,6 +15,9 @@ const KEYSTORE_NAME: &str = "/keystore.json"; /// KeyInfo struct, this contains the type of key (stored as a string) and the private key. /// note how the private key is stored as a byte vector +/// +/// TODO need to update keyinfo to not use SignatureType, use string instead to save keys like +/// jwt secret #[derive(Clone, PartialEq, Debug, Eq, Serialize, Deserialize)] pub struct KeyInfo { key_type: SignatureType, @@ -148,7 +151,8 @@ pub struct PersistentKeyStore { impl PersistentKeyStore { pub fn new(location: String) -> Result { - let file_op = File::open(&format!("{}{}", location, KEYSTORE_NAME)); + let loc = format!("{}{}", location, KEYSTORE_NAME); + let file_op = File::open(&loc); match file_op { Ok(file) => { let reader = BufReader::new(file); @@ -160,7 +164,7 @@ impl PersistentKeyStore { .unwrap_or_default(); Ok(Self { key_info: data, - location, + location: loc, }) } Err(e) => { @@ -168,7 +172,7 @@ impl PersistentKeyStore { warn!("keystore.json does not exist, initializing new keystore"); Ok(Self { key_info: HashMap::new(), - location, + location: loc, }) } else { Err(Error::Other(e.to_string())) diff --git a/node/rpc/Cargo.toml b/node/rpc/Cargo.toml index c6a16856db2f..b24c297d6328 100644 --- a/node/rpc/Cargo.toml +++ b/node/rpc/Cargo.toml @@ -31,6 +31,7 @@ forest_libp2p = { path = "../forest_libp2p" } jsonwebtoken = "7.2.0" lazy_static = "1.4.0" auth = { path = "../../utils/auth"} +utils = { path = "../../node/utils" } [dev-dependencies] db = { path = "../db" } diff --git a/node/rpc/src/auth_api.rs b/node/rpc/src/auth_api.rs index d9c44befaffa..7c802ff84996 100644 --- a/node/rpc/src/auth_api.rs +++ b/node/rpc/src/auth_api.rs @@ -1,23 +1,40 @@ // Copyright 2020 ChainSafe Systems // SPDX-License-Identifier: Apache-2.0, MIT +use crate::RpcState; use auth::*; -use jsonrpc_v2::{Error as JsonRpcError, Params}; +use blockstore::BlockStore; +use jsonrpc_v2::{Data, Error as JsonRpcError, Params}; +use wallet::KeyStore; /// RPC call to create a new JWT Token -pub(crate) async fn auth_new( +pub(crate) async fn auth_new( + data: Data>, Params(params): Params<(Vec,)>, -) -> Result { +) -> Result +where + DB: BlockStore + Send + Sync + 'static, + KS: KeyStore + Send + Sync + 'static, +{ let (perms,) = params; - let token = create_token(perms)?; + let ks = data.keystore.read().await; + let ki = ks.get("auth-jwt-private")?; + let token = create_token(perms, ki.private_key())?; Ok(token) } /// RPC call to verify JWT Token and return the token's permissions -pub(crate) async fn auth_verify( +pub(crate) async fn auth_verify( + data: Data>, Params(params): Params<(String,)>, -) -> Result, JsonRpcError> { +) -> Result, JsonRpcError> +where + DB: BlockStore + Send + Sync + 'static, + KS: KeyStore + Send + Sync + 'static, +{ + let ks = data.keystore.read().await; let (token,) = params; - let perms = verify_token(&token)?; + let ki = ks.get("auth-jwt-private")?; + let perms = verify_token(&token, ki.private_key())?; Ok(perms) } diff --git a/node/rpc/src/lib.rs b/node/rpc/src/lib.rs index d5baad7860e5..19d2fd4f10ab 100644 --- a/node/rpc/src/lib.rs +++ b/node/rpc/src/lib.rs @@ -19,7 +19,9 @@ use jsonrpc_v2::{Data, Error as JsonRpcError, ErrorLike, MapRouter, RequestObjec use message_pool::{MessagePool, MpoolRpcProvider}; use std::sync::Arc; use tide::{Request, Response, StatusCode}; +use utils::get_home_dir; use wallet::KeyStore; +use wallet::PersistentKeyStore; lazy_static! { pub static ref WRITE_ACCESS: Vec = vec![ @@ -49,6 +51,7 @@ where async fn handle_json_rpc(mut req: Request>) -> tide::Result { let call: RequestObject = req.body_json().await?; + // TODO find a cleaner way *if possibe* to parse the RequestObject to get the method name in RPC call let call_str = format!("{:?}", call); let start = call_str .find("method: \"") @@ -58,10 +61,16 @@ async fn handle_json_rpc(mut req: Request>) -> tide::Result { .find("\", params") .ok_or_else(|| Error::MethodParam)?; let method_name = &call_str[start..end]; + // check for write access if WRITE_ACCESS.contains(&method_name.to_string()) { if let Some(header) = req.header("Authorization") { let header_raw = header.get(0).unwrap().message(); - let perm = has_perms(header_raw, "write"); + let keystore = PersistentKeyStore::new(get_home_dir() + "/.forest")?; + let ki = keystore + .get("auth-jwt-private") + .map_err(|_| Error::Other("No JWT private key found".to_owned()))?; + let key = ki.private_key(); + let perm = has_perms(header_raw, "write", key); if perm.is_err() { return Ok(Response::new(StatusCode::Ok).body_json(&perm.unwrap_err())?); } @@ -89,8 +98,8 @@ where let rpc = Server::new() .with_data(Data::new(state)) // Auth API - .with_method("Filecoin.AuthNew", auth_new) - .with_method("Filecoin.AuthVerify", auth_verify) + .with_method("Filecoin.AuthNew", auth_new::) + .with_method("Filecoin.AuthVerify", auth_verify::) // Chain API .with_method( "Filecoin.ChainGetMessage", diff --git a/utils/auth/Cargo.toml b/utils/auth/Cargo.toml index ce8a8d3c8cde..5dc3e0fc7f3e 100644 --- a/utils/auth/Cargo.toml +++ b/utils/auth/Cargo.toml @@ -9,4 +9,7 @@ jsonrpc-v2 = { version = "0.5.2", features = ["easy-errors", "macros"] } jsonwebtoken = "7.2.0" lazy_static = "1.4.0" serde = { version = "1.0.101", default-features = false, features = ["derive"] } -thiserror = "1.0" \ No newline at end of file +thiserror = "1.0" +wallet = {package = "key_management", path = "../../key_management" } +rand = "0.7.3" +crypto = { package = "forest_crypto", path = "../../crypto" } \ No newline at end of file diff --git a/utils/auth/src/lib.rs b/utils/auth/src/lib.rs index cc41e743fdea..7e2a8ce6efc0 100644 --- a/utils/auth/src/lib.rs +++ b/utils/auth/src/lib.rs @@ -4,11 +4,14 @@ #[macro_use] extern crate lazy_static; +use crypto::SignatureType; use jsonrpc_v2::Error as JsonRpcError; use jsonwebtoken::errors::Result as JWTResult; use jsonwebtoken::{decode, encode, DecodingKey, EncodingKey, Header, Validation}; +use rand::Rng; use serde::{Deserialize, Serialize}; use thiserror::Error; +use wallet::KeyInfo; /// Error Enum for Authentification #[derive(Debug, Error, Serialize, Deserialize)] @@ -40,49 +43,48 @@ lazy_static! { pub static ref READ: Vec = vec!["read".to_string()]; } -// TODO need to figure out how lotus generates secret key for encoding and decoding JWT Tokens - /// Claim struct for JWT Tokens #[derive(Debug, Serialize, Deserialize)] struct Claims { #[serde(rename = "Allow")] allow: Vec, - // TODO currently lotus does not have an exp value for their JWT tokens, need to figure out what they do instead to overcome invalid validations - exp: usize, } /// Create a new JWT Token -pub fn create_token(perms: Vec) -> JWTResult { +pub fn create_token(perms: Vec, key: &[u8]) -> JWTResult { let payload = Claims { allow: perms, - /// TODO change value to proper expiration - exp: 10000000000, }; - encode( - &Header::default(), - &payload, - &EncodingKey::from_secret("secret".as_ref()), - ) + encode(&Header::default(), &payload, &EncodingKey::from_secret(key)) } /// Verify JWT Token and return the allowed permissions from token -pub fn verify_token(token: &str) -> JWTResult> { +pub fn verify_token(token: &str, key: &[u8]) -> JWTResult> { + let mut validation = Validation::default(); + validation.validate_exp = false; let token = decode::( token, - &DecodingKey::from_secret("secret".as_ref()), - &Validation::default(), + &DecodingKey::from_secret(key), + &validation, )?; Ok(token.claims.allow) } /// Check whether or not header has required permissions -pub fn has_perms(header_raw: String, required: &str) -> Result<(), JsonRpcError> { +pub fn has_perms(header_raw: String, required: &str, key: &[u8]) -> Result<(), JsonRpcError> { if header_raw.starts_with("Bearer: ") { let token = header_raw.trim_start_matches("Bearer: "); - let perms = verify_token(token).map_err(|err| Error::Other(err.to_string()))?; + let perms = verify_token(token, key).map_err(|err| Error::Other(err.to_string()))?; if !perms.contains(&required.to_string()) { return Err(JsonRpcError::from(Error::InvalidPermissions)); } } Ok(()) } + +pub fn generate_priv_key() -> KeyInfo { + let priv_key = rand::thread_rng().gen::<[u8; 32]>(); + // TODO temp use of bls key as placeholder, need to update keyinfo to use string instead of keyinfo + // for key type + KeyInfo::new(SignatureType::BLS, priv_key.to_vec()) +} From faa70e179c5665f95774e369a61553f8087c5284 Mon Sep 17 00:00:00 2001 From: flodesi Date: Wed, 19 Aug 2020 23:18:36 -0400 Subject: [PATCH 4/7] fixed bug and made requested changes --- Cargo.lock | 2 -- forest/src/cli/auth_cmd.rs | 3 --- forest/src/daemon.rs | 6 ++--- key_management/src/keystore.rs | 8 ++++-- node/rpc-client/Cargo.toml | 1 - node/rpc-client/src/auth_ops.rs | 20 +++++++++++--- node/rpc/Cargo.toml | 1 - node/rpc/src/auth_api.rs | 4 +-- node/rpc/src/lib.rs | 20 +++----------- utils/auth/src/lib.rs | 47 +++++++++++++++------------------ 10 files changed, 52 insertions(+), 60 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index b944bbef900c..c9aa36e45fa1 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -5594,7 +5594,6 @@ dependencies = [ "jsonrpc-v2", "jsonwebtoken", "key_management", - "lazy_static", "message_pool", "num-traits 0.2.12", "serde", @@ -5619,7 +5618,6 @@ dependencies = [ "jsonrpc-v2", "jsonrpsee", "key_management", - "lazy_static", "log", "serde_json", ] diff --git a/forest/src/cli/auth_cmd.rs b/forest/src/cli/auth_cmd.rs index 3928d7fc47b5..cd6ab2810117 100644 --- a/forest/src/cli/auth_cmd.rs +++ b/forest/src/cli/auth_cmd.rs @@ -1,9 +1,6 @@ // Copyright 2020 ChainSafe Systems // SPDX-License-Identifier: Apache-2.0, MIT -// Copyright 2020 ChainSafe Systems -// SPDX-License-Identifier: Apache-2.0, MIT - use super::stringify_rpc_err; use rpc_client::{auth_new, new_client}; use structopt::StructOpt; diff --git a/forest/src/daemon.rs b/forest/src/daemon.rs index 995a1b98990e..9fbbb9069623 100644 --- a/forest/src/daemon.rs +++ b/forest/src/daemon.rs @@ -4,7 +4,7 @@ use super::cli::{block_until_sigint, initialize_genesis, Config}; use async_std::sync::RwLock; use async_std::task; -use auth::generate_priv_key; +use auth::{generate_priv_key, JWT_IDENTIFIER}; use beacon::DrandBeacon; use chain::ChainStore; use chain_sync::ChainSyncer; @@ -40,8 +40,8 @@ pub(super) async fn start(config: Config) { // Initialize keystore let mut ks = PersistentKeyStore::new(config.data_dir.to_string()).unwrap(); - if ks.get("auth-jwt-private").is_err() { - ks.put("auth-jwt-private".to_owned(), generate_priv_key()) + if ks.get(JWT_IDENTIFIER).is_err() { + ks.put(JWT_IDENTIFIER.to_owned(), generate_priv_key()) .unwrap(); } let keystore = Arc::new(RwLock::new(ks)); diff --git a/key_management/src/keystore.rs b/key_management/src/keystore.rs index 1341b41b4ebe..69cdf53d4617 100644 --- a/key_management/src/keystore.rs +++ b/key_management/src/keystore.rs @@ -10,6 +10,7 @@ use serde::{Deserialize, Serialize}; use std::collections::HashMap; use std::fs::{self, File, OpenOptions}; use std::io::{BufReader, BufWriter, ErrorKind}; +use std::path::Path; const KEYSTORE_NAME: &str = "/keystore.json"; @@ -182,9 +183,12 @@ impl PersistentKeyStore { } pub fn flush(&self) -> Result<(), Error> { - fs::create_dir_all(&self.location)?; + let dir = Path::new(&self.location) + .parent() + .ok_or_else(|| Error::Other("Invalid Path".to_string()))?; + fs::create_dir_all(dir)?; - let file = File::create(&format!("{}{}", &self.location, KEYSTORE_NAME))?; + let file = File::create(&self.location)?; let writer = BufWriter::new(file); serde_json::to_writer(writer, &self.key_info) .map_err(|e| Error::Other(format!("failed to serialize and write key info: {}", e)))?; diff --git a/node/rpc-client/Cargo.toml b/node/rpc-client/Cargo.toml index 8d5afe451e4c..3c03d2e3d552 100644 --- a/node/rpc-client/Cargo.toml +++ b/node/rpc-client/Cargo.toml @@ -14,5 +14,4 @@ jsonrpc-v2 = { version = "0.5.2", features = ["easy-errors", "macros"] } log = "0.4.8" crypto = { package = "forest_crypto", path = "../../crypto", features = ["json"] } wallet = {package = "key_management", path = "../../key_management", features = ["json"] } -lazy_static = "1.4.0" auth = { path = "../../utils/auth"} \ No newline at end of file diff --git a/node/rpc-client/src/auth_ops.rs b/node/rpc-client/src/auth_ops.rs index b10b53d90525..763e6bf2398e 100644 --- a/node/rpc-client/src/auth_ops.rs +++ b/node/rpc-client/src/auth_ops.rs @@ -10,10 +10,22 @@ use jsonrpsee::transport::http::HttpTransportClient as HTC; /// Creates a new JWT Token pub async fn auth_new(client: &mut RawClient, perm: String) -> Result { let ret: String = match perm.as_str() { - "admin" => Filecoin::auth_new(client, ADMIN.clone()).await?, - "sign" => Filecoin::auth_new(client, SIGN.clone()).await?, - "write" => Filecoin::auth_new(client, WRITE.clone()).await?, - "read" => Filecoin::auth_new(client, READ.clone()).await?, + "admin" => { + let perms: Vec = ADMIN.iter().map(|s| s.to_string()).collect(); + Filecoin::auth_new(client, perms).await? + } + "sign" => { + let perms: Vec = SIGN.iter().map(|s| s.to_string()).collect(); + Filecoin::auth_new(client, perms).await? + } + "write" => { + let perms: Vec = WRITE.iter().map(|s| s.to_string()).collect(); + Filecoin::auth_new(client, perms).await? + } + "read" => { + let perms: Vec = READ.iter().map(|s| s.to_string()).collect(); + Filecoin::auth_new(client, perms).await? + } _ => return Err(JsonRpcError::INVALID_PARAMS), }; Ok(ret) diff --git a/node/rpc/Cargo.toml b/node/rpc/Cargo.toml index b24c297d6328..a6c6cc671e66 100644 --- a/node/rpc/Cargo.toml +++ b/node/rpc/Cargo.toml @@ -29,7 +29,6 @@ thiserror = "1.0" state_tree = { path = "../../vm/state_tree" } forest_libp2p = { path = "../forest_libp2p" } jsonwebtoken = "7.2.0" -lazy_static = "1.4.0" auth = { path = "../../utils/auth"} utils = { path = "../../node/utils" } diff --git a/node/rpc/src/auth_api.rs b/node/rpc/src/auth_api.rs index 7c802ff84996..4de5563b5917 100644 --- a/node/rpc/src/auth_api.rs +++ b/node/rpc/src/auth_api.rs @@ -18,7 +18,7 @@ where { let (perms,) = params; let ks = data.keystore.read().await; - let ki = ks.get("auth-jwt-private")?; + let ki = ks.get(JWT_IDENTIFIER)?; let token = create_token(perms, ki.private_key())?; Ok(token) } @@ -34,7 +34,7 @@ where { let ks = data.keystore.read().await; let (token,) = params; - let ki = ks.get("auth-jwt-private")?; + let ki = ks.get(JWT_IDENTIFIER)?; let perms = verify_token(&token, ki.private_key())?; Ok(perms) } diff --git a/node/rpc/src/lib.rs b/node/rpc/src/lib.rs index 19d2fd4f10ab..e4146c053403 100644 --- a/node/rpc/src/lib.rs +++ b/node/rpc/src/lib.rs @@ -1,9 +1,6 @@ // Copyright 2020 ChainSafe Systems // SPDX-License-Identifier: Apache-2.0, MIT -#[macro_use] -extern crate lazy_static; - mod auth_api; mod chain_api; mod mpool_api; @@ -11,7 +8,7 @@ mod sync_api; mod wallet_api; use async_std::sync::{RwLock, Sender}; -use auth::{has_perms, Error}; +use auth::{has_perms, Error, JWT_IDENTIFIER, WRITE_ACCESS}; use blockstore::BlockStore; use chain_sync::{BadBlockCache, SyncState}; use forest_libp2p::NetworkMessage; @@ -23,17 +20,6 @@ use utils::get_home_dir; use wallet::KeyStore; use wallet::PersistentKeyStore; -lazy_static! { - pub static ref WRITE_ACCESS: Vec = vec![ - "Filecoin.MpoolPush".to_string(), - "Filecoin.WalletNew".to_string(), - "Filecoin.WalletHas".to_string(), - "Filecoin.WalletList".to_string(), - "Filecoin.WalletDefaultAddress".to_string(), - "Filecoin.WalletList".to_string(), - ]; -} - /// This is where you store persistant data, or at least access to stateful data. pub struct RpcState where @@ -62,12 +48,12 @@ async fn handle_json_rpc(mut req: Request>) -> tide::Result { .ok_or_else(|| Error::MethodParam)?; let method_name = &call_str[start..end]; // check for write access - if WRITE_ACCESS.contains(&method_name.to_string()) { + if WRITE_ACCESS.contains(&method_name) { if let Some(header) = req.header("Authorization") { let header_raw = header.get(0).unwrap().message(); let keystore = PersistentKeyStore::new(get_home_dir() + "/.forest")?; let ki = keystore - .get("auth-jwt-private") + .get(JWT_IDENTIFIER) .map_err(|_| Error::Other("No JWT private key found".to_owned()))?; let key = ki.private_key(); let perm = has_perms(header_raw, "write", key); diff --git a/utils/auth/src/lib.rs b/utils/auth/src/lib.rs index 7e2a8ce6efc0..5c2ca788049f 100644 --- a/utils/auth/src/lib.rs +++ b/utils/auth/src/lib.rs @@ -1,9 +1,6 @@ // Copyright 2020 ChainSafe Systems // SPDX-License-Identifier: Apache-2.0, MIT -#[macro_use] -extern crate lazy_static; - use crypto::SignatureType; use jsonrpc_v2::Error as JsonRpcError; use jsonwebtoken::errors::Result as JWTResult; @@ -13,6 +10,26 @@ use serde::{Deserialize, Serialize}; use thiserror::Error; use wallet::KeyInfo; +/// constant string that is used to identify the JWT secret key in KeyStore +pub const JWT_IDENTIFIER: &str = "auth-jwt-private"; +/// Admin permissions +pub const ADMIN: [&str; 4] = ["read", "write", "sign", "admin"]; +/// Signing permissions +pub const SIGN: [&str; 3] = ["read", "write", "sign"]; +/// Writing permissions +pub const WRITE: [&str; 2] = ["read", "write"]; +/// Reading permissions +pub const READ: [&str; 1] = ["read"]; +/// All methods that require write permission +pub const WRITE_ACCESS: [&str; 6] = [ + "Filecoin.MpoolPush", + "Filecoin.WalletNew", + "Filecoin.WalletHas", + "Filecoin.WalletList", + "Filecoin.WalletDefaultAddress", + "Filecoin.WalletList", +]; + /// Error Enum for Authentification #[derive(Debug, Error, Serialize, Deserialize)] pub enum Error { @@ -29,20 +46,6 @@ pub enum Error { Other(String), } -lazy_static! { - /// Constants of all Levels of permissions - pub static ref ADMIN: Vec = vec![ - "read".to_string(), - "write".to_string(), - "sign".to_string(), - "admin".to_string() - ]; - pub static ref SIGN: Vec = - vec!["read".to_string(), "write".to_string(), "sign".to_string()]; - pub static ref WRITE: Vec = vec!["read".to_string(), "write".to_string()]; - pub static ref READ: Vec = vec!["read".to_string()]; -} - /// Claim struct for JWT Tokens #[derive(Debug, Serialize, Deserialize)] struct Claims { @@ -52,9 +55,7 @@ struct Claims { /// Create a new JWT Token pub fn create_token(perms: Vec, key: &[u8]) -> JWTResult { - let payload = Claims { - allow: perms, - }; + let payload = Claims { allow: perms }; encode(&Header::default(), &payload, &EncodingKey::from_secret(key)) } @@ -62,11 +63,7 @@ pub fn create_token(perms: Vec, key: &[u8]) -> JWTResult { pub fn verify_token(token: &str, key: &[u8]) -> JWTResult> { let mut validation = Validation::default(); validation.validate_exp = false; - let token = decode::( - token, - &DecodingKey::from_secret(key), - &validation, - )?; + let token = decode::(token, &DecodingKey::from_secret(key), &validation)?; Ok(token.claims.allow) } From e370bfde1638d9d823a701f772925fa15080c2a4 Mon Sep 17 00:00:00 2001 From: Ashanti Mutinta Date: Fri, 16 Oct 2020 05:41:57 -0400 Subject: [PATCH 5/7] added dependancy for this current branch --- .circleci/config.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.circleci/config.yml b/.circleci/config.yml index 1db62477d18e..2d905895a7c7 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -64,6 +64,7 @@ commands: sudo unzip -o $PROTOC_ZIP -d /usr/local bin/protoc sudo unzip -o $PROTOC_ZIP -d /usr/local 'include/*' rm -f $PROTOC_ZIP + sudo apt-get install -y libhwloc-dev save_cargo_package_cache: description: Save cargo package cache for subsequent jobs steps: From 8f08a4ad596003f4d307113b7988983538647dc1 Mon Sep 17 00:00:00 2001 From: Ashanti Mutinta Date: Fri, 16 Oct 2020 06:20:54 -0400 Subject: [PATCH 6/7] removed extra clone --- node/rpc/src/lib.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/node/rpc/src/lib.rs b/node/rpc/src/lib.rs index 51890a556a32..8ed9ac94c5c6 100644 --- a/node/rpc/src/lib.rs +++ b/node/rpc/src/lib.rs @@ -462,7 +462,7 @@ async fn handle_rpc( } }; - Ok(state.clone().handle(call).await) + Ok(state.handle(call).await) } async fn send_error(code: i64, ws_sender: &RwLock, message: String) -> Result<(), Error> { From dc063bc21581976816ffb6d507ee58855c358a83 Mon Sep 17 00:00:00 2001 From: Ashanti Mutinta Date: Fri, 16 Oct 2020 14:22:45 -0400 Subject: [PATCH 7/7] updated actions --- .github/workflows/ci-rust.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci-rust.yml b/.github/workflows/ci-rust.yml index f0e7761a3a8a..d7e8b26a98d4 100644 --- a/.github/workflows/ci-rust.yml +++ b/.github/workflows/ci-rust.yml @@ -19,7 +19,9 @@ jobs: run: sudo apt update - name: Install apt packages - run: sudo apt install ocl-icd-opencl-dev + run: | + sudo apt install ocl-icd-opencl-dev + sudo apt-get install -y libhwloc-dev - name: Install Protoc uses: arduino/setup-protoc@master