Removing unnecessary TomlAuth interface

PegaSysEng · Jan 29, 2019 · 1c88dcd · 1c88dcd
1 parent f8a3fd5
commit 1c88dcd
Show file tree

Hide file tree

Showing 4 changed files with 139 additions and 162 deletions.
diff --git a/...jsonrpc/src/main/java/tech/pegasys/pantheon/ethereum/jsonrpc/authentication/TomlAuth.java b/...jsonrpc/src/main/java/tech/pegasys/pantheon/ethereum/jsonrpc/authentication/TomlAuth.java
@@ -12,12 +12,143 @@
  */
 package tech.pegasys.pantheon.ethereum.jsonrpc.authentication;
 
+import java.io.IOException;
+import java.util.List;
+import java.util.stream.Collectors;
+
+import io.vertx.core.AsyncResult;
+import io.vertx.core.Future;
+import io.vertx.core.Handler;
 import io.vertx.core.Vertx;
+import io.vertx.core.json.JsonObject;
 import io.vertx.ext.auth.AuthProvider;
+import io.vertx.ext.auth.User;
+import net.consensys.cava.toml.Toml;
+import net.consensys.cava.toml.TomlParseResult;
+import net.consensys.cava.toml.TomlTable;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
+import org.springframework.security.crypto.bcrypt.BCrypt;
+
+public class TomlAuth implements AuthProvider {
+
+  private static final Logger LOG = LogManager.getLogger();
+  private final Vertx vertx;
+  private final TomlAuthOptions options;
+
+  public TomlAuth(final Vertx vertx, final TomlAuthOptions options) {
+    this.vertx = vertx;
+    this.options = options;
+  }
 
-public interface TomlAuth extends AuthProvider {
+  @Override
+  public void authenticate(
+      final JsonObject authInfo, final Handler<AsyncResult<User>> resultHandler) {
+    final String username = authInfo.getString("username");
+    if (username == null) {
+      resultHandler.handle(Future.failedFuture("No username provided"));
+      return;
+    }
+
+    final String password = authInfo.getString("password");
+    if (password == null) {
+      resultHandler.handle(Future.failedFuture("No password provided"));
+      return;
+    }
+
+    LOG.debug("Authenticating user {} with password {}", username, password);
+
+    readUser(
+        username,
+        rs -> {
+          if (rs.succeeded()) {
+            TomlUser user = rs.result();
+            checkPasswordHash(
+                password,
+                user.getPassword(),
+                rs2 -> {
+                  if (rs2.succeeded()) {
+                    resultHandler.handle(Future.succeededFuture(user));
+                  } else {
+                    resultHandler.handle(Future.failedFuture(rs2.cause()));
+                  }
+                });
+          } else {
+            resultHandler.handle(Future.failedFuture(rs.cause()));
+          }
+        });
+  }
+
+  private void readUser(final String username, final Handler<AsyncResult<TomlUser>> resultHandler) {
+    vertx.executeBlocking(
+        f -> {
+          TomlParseResult parseResult;
+          try {
+            parseResult = Toml.parse(options.getTomlPath());
+          } catch (IOException e) {
+            f.fail(e);
+            return;
+          }
+
+          final TomlTable userData = parseResult.getTableOrEmpty("Users." + username);
+          if (userData.isEmpty()) {
+            f.fail("User not found");
+            return;
+          }
+
+          final TomlUser tomlUser = readTomlUserFromTable(username, userData);
+          if ("".equals(tomlUser.getPassword())) {
+            f.fail("No password set for user");
+            return;
+          }
+
+          f.complete(tomlUser);
+        },
+        res -> {
+          if (res.succeeded()) {
+            resultHandler.handle(Future.succeededFuture((TomlUser) res.result()));
+          } else {
+            resultHandler.handle(Future.failedFuture(res.cause()));
+          }
+        });
+  }
+
+  private TomlUser readTomlUserFromTable(final String username, final TomlTable userData) {
+    final String saltedAndHashedPassword = userData.getString("password", () -> "");
+    final List<String> groups =
+        userData
+            .getArrayOrEmpty("groups")
+            .toList()
+            .stream()
+            .map(Object::toString)
+            .collect(Collectors.toList());
+    final List<String> permissions =
+        userData
+            .getArrayOrEmpty("permissions")
+            .toList()
+            .stream()
+            .map(Object::toString)
+            .collect(Collectors.toList());
+    final List<String> roles =
+        userData
+            .getArrayOrEmpty("roles")
+            .toList()
+            .stream()
+            .map(Object::toString)
+            .collect(Collectors.toList());
+
+    return new TomlUser(username, saltedAndHashedPassword, groups, permissions, roles);
+  }
 
-  static TomlAuth create(final Vertx vertx, final TomlAuthOptions options) {
-    return new TomlAuthImpl(vertx, options);
+  private void checkPasswordHash(
+      final String password,
+      final String passwordHash,
+      final Handler<AsyncResult<Void>> resultHandler) {
+    boolean passwordMatches = BCrypt.checkpw(password, passwordHash);
+    if (passwordMatches) {
+      resultHandler.handle(Future.succeededFuture());
+    } else {
+      resultHandler.handle(Future.failedFuture("Invalid password"));
+    }
   }
 }
diff --git a/...rpc/src/main/java/tech/pegasys/pantheon/ethereum/jsonrpc/authentication/TomlAuthImpl.java b/...rpc/src/main/java/tech/pegasys/pantheon/ethereum/jsonrpc/authentication/TomlAuthImpl.java
diff --git a/.../src/main/java/tech/pegasys/pantheon/ethereum/jsonrpc/authentication/TomlAuthOptions.java b/.../src/main/java/tech/pegasys/pantheon/ethereum/jsonrpc/authentication/TomlAuthOptions.java
@@ -31,7 +31,7 @@ public TomlAuthOptions(final TomlAuthOptions that) {
 
   @Override
   public AuthProvider createProvider(final Vertx vertx) {
-    return TomlAuth.create(vertx, this);
+    return new TomlAuth(vertx, this);
   }
 
   @Override

diff --git a/...nrpc/authentication/TomlAuthImplTest.java → .../jsonrpc/authentication/TomlAuthTest.java b/...nrpc/authentication/TomlAuthImplTest.java → .../jsonrpc/authentication/TomlAuthTest.java
@@ -26,17 +26,17 @@
 import org.junit.runner.RunWith;
 
 @RunWith(VertxUnitRunner.class)
-public class TomlAuthImplTest {
+public class TomlAuthTest {
 
   private Vertx vertx;
   private JsonObject validAuthInfo;
-  private TomlAuthImpl tomlAuth;
+  private TomlAuth tomlAuth;
 
   @Before
   public void before(final TestContext context) throws URISyntaxException {
     vertx = Vertx.vertx();
     tomlAuth =
-        new TomlAuthImpl(
+        new TomlAuth(
             vertx, new TomlAuthOptions().setTomlPath(getTomlPath("authentication/auth.toml")));
     validAuthInfo = new JsonObject().put("username", "userA").put("password", "pegasys");
   }
@@ -63,7 +63,7 @@ public void authInfoWithoutPasswordShouldFailAuthentication(final TestContext co
 
   @Test
   public void parseFailureWithIOExceptionShouldFailAuthentication(final TestContext context) {
-    tomlAuth = new TomlAuthImpl(vertx, new TomlAuthOptions().setTomlPath("invalid_path"));
+    tomlAuth = new TomlAuth(vertx, new TomlAuthOptions().setTomlPath("invalid_path"));
 
     tomlAuth.authenticate(
         validAuthInfo,