diff --git a/ethereum/jsonrpc/src/main/java/tech/pegasys/pantheon/ethereum/jsonrpc/authentication/TomlAuth.java b/ethereum/jsonrpc/src/main/java/tech/pegasys/pantheon/ethereum/jsonrpc/authentication/TomlAuth.java index 85a02d7906..481e5127d5 100644 --- a/ethereum/jsonrpc/src/main/java/tech/pegasys/pantheon/ethereum/jsonrpc/authentication/TomlAuth.java +++ b/ethereum/jsonrpc/src/main/java/tech/pegasys/pantheon/ethereum/jsonrpc/authentication/TomlAuth.java @@ -12,12 +12,143 @@ */ package tech.pegasys.pantheon.ethereum.jsonrpc.authentication; +import java.io.IOException; +import java.util.List; +import java.util.stream.Collectors; + +import io.vertx.core.AsyncResult; +import io.vertx.core.Future; +import io.vertx.core.Handler; import io.vertx.core.Vertx; +import io.vertx.core.json.JsonObject; import io.vertx.ext.auth.AuthProvider; +import io.vertx.ext.auth.User; +import net.consensys.cava.toml.Toml; +import net.consensys.cava.toml.TomlParseResult; +import net.consensys.cava.toml.TomlTable; +import org.apache.logging.log4j.LogManager; +import org.apache.logging.log4j.Logger; +import org.springframework.security.crypto.bcrypt.BCrypt; + +public class TomlAuth implements AuthProvider { + + private static final Logger LOG = LogManager.getLogger(); + private final Vertx vertx; + private final TomlAuthOptions options; + + public TomlAuth(final Vertx vertx, final TomlAuthOptions options) { + this.vertx = vertx; + this.options = options; + } -public interface TomlAuth extends AuthProvider { + @Override + public void authenticate( + final JsonObject authInfo, final Handler> resultHandler) { + final String username = authInfo.getString("username"); + if (username == null) { + resultHandler.handle(Future.failedFuture("No username provided")); + return; + } + + final String password = authInfo.getString("password"); + if (password == null) { + resultHandler.handle(Future.failedFuture("No password provided")); + return; + } + + LOG.debug("Authenticating user {} with password {}", username, password); + + readUser( + username, + rs -> { + if (rs.succeeded()) { + TomlUser user = rs.result(); + checkPasswordHash( + password, + user.getPassword(), + rs2 -> { + if (rs2.succeeded()) { + resultHandler.handle(Future.succeededFuture(user)); + } else { + resultHandler.handle(Future.failedFuture(rs2.cause())); + } + }); + } else { + resultHandler.handle(Future.failedFuture(rs.cause())); + } + }); + } + + private void readUser(final String username, final Handler> resultHandler) { + vertx.executeBlocking( + f -> { + TomlParseResult parseResult; + try { + parseResult = Toml.parse(options.getTomlPath()); + } catch (IOException e) { + f.fail(e); + return; + } + + final TomlTable userData = parseResult.getTableOrEmpty("Users." + username); + if (userData.isEmpty()) { + f.fail("User not found"); + return; + } + + final TomlUser tomlUser = readTomlUserFromTable(username, userData); + if ("".equals(tomlUser.getPassword())) { + f.fail("No password set for user"); + return; + } + + f.complete(tomlUser); + }, + res -> { + if (res.succeeded()) { + resultHandler.handle(Future.succeededFuture((TomlUser) res.result())); + } else { + resultHandler.handle(Future.failedFuture(res.cause())); + } + }); + } + + private TomlUser readTomlUserFromTable(final String username, final TomlTable userData) { + final String saltedAndHashedPassword = userData.getString("password", () -> ""); + final List groups = + userData + .getArrayOrEmpty("groups") + .toList() + .stream() + .map(Object::toString) + .collect(Collectors.toList()); + final List permissions = + userData + .getArrayOrEmpty("permissions") + .toList() + .stream() + .map(Object::toString) + .collect(Collectors.toList()); + final List roles = + userData + .getArrayOrEmpty("roles") + .toList() + .stream() + .map(Object::toString) + .collect(Collectors.toList()); + + return new TomlUser(username, saltedAndHashedPassword, groups, permissions, roles); + } - static TomlAuth create(final Vertx vertx, final TomlAuthOptions options) { - return new TomlAuthImpl(vertx, options); + private void checkPasswordHash( + final String password, + final String passwordHash, + final Handler> resultHandler) { + boolean passwordMatches = BCrypt.checkpw(password, passwordHash); + if (passwordMatches) { + resultHandler.handle(Future.succeededFuture()); + } else { + resultHandler.handle(Future.failedFuture("Invalid password")); + } } } diff --git a/ethereum/jsonrpc/src/main/java/tech/pegasys/pantheon/ethereum/jsonrpc/authentication/TomlAuthImpl.java b/ethereum/jsonrpc/src/main/java/tech/pegasys/pantheon/ethereum/jsonrpc/authentication/TomlAuthImpl.java deleted file mode 100644 index d4b2c20dd0..0000000000 --- a/ethereum/jsonrpc/src/main/java/tech/pegasys/pantheon/ethereum/jsonrpc/authentication/TomlAuthImpl.java +++ /dev/null @@ -1,154 +0,0 @@ -/* - * Copyright 2019 ConsenSys AG. - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on - * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the - * specific language governing permissions and limitations under the License. - */ -package tech.pegasys.pantheon.ethereum.jsonrpc.authentication; - -import java.io.IOException; -import java.util.List; -import java.util.stream.Collectors; - -import io.vertx.core.AsyncResult; -import io.vertx.core.Future; -import io.vertx.core.Handler; -import io.vertx.core.Vertx; -import io.vertx.core.json.JsonObject; -import io.vertx.ext.auth.AuthProvider; -import io.vertx.ext.auth.User; -import net.consensys.cava.toml.Toml; -import net.consensys.cava.toml.TomlParseResult; -import net.consensys.cava.toml.TomlTable; -import org.apache.logging.log4j.LogManager; -import org.apache.logging.log4j.Logger; -import org.springframework.security.crypto.bcrypt.BCrypt; - -public class TomlAuthImpl implements AuthProvider, TomlAuth { - - private static final Logger LOG = LogManager.getLogger(); - private final Vertx vertx; - private final TomlAuthOptions options; - - public TomlAuthImpl(final Vertx vertx, final TomlAuthOptions options) { - this.vertx = vertx; - this.options = options; - } - - @Override - public void authenticate( - final JsonObject authInfo, final Handler> resultHandler) { - final String username = authInfo.getString("username"); - if (username == null) { - resultHandler.handle(Future.failedFuture("No username provided")); - return; - } - - final String password = authInfo.getString("password"); - if (password == null) { - resultHandler.handle(Future.failedFuture("No password provided")); - return; - } - - LOG.debug("Authenticating user {} with password {}", username, password); - - readUser( - username, - rs -> { - if (rs.succeeded()) { - TomlUser user = rs.result(); - checkPasswordHash( - password, - user.getPassword(), - rs2 -> { - if (rs2.succeeded()) { - resultHandler.handle(Future.succeededFuture(user)); - } else { - resultHandler.handle(Future.failedFuture(rs2.cause())); - } - }); - } else { - resultHandler.handle(Future.failedFuture(rs.cause())); - } - }); - } - - private void readUser(final String username, final Handler> resultHandler) { - vertx.executeBlocking( - f -> { - TomlParseResult parseResult; - try { - parseResult = Toml.parse(options.getTomlPath()); - } catch (IOException e) { - f.fail(e); - return; - } - - final TomlTable userData = parseResult.getTableOrEmpty("Users." + username); - if (userData.isEmpty()) { - f.fail("User not found"); - return; - } - - final TomlUser tomlUser = readTomlUserFromTable(username, userData); - if ("".equals(tomlUser.getPassword())) { - f.fail("No password set for user"); - return; - } - - f.complete(tomlUser); - }, - res -> { - if (res.succeeded()) { - resultHandler.handle(Future.succeededFuture((TomlUser) res.result())); - } else { - resultHandler.handle(Future.failedFuture(res.cause())); - } - }); - } - - private TomlUser readTomlUserFromTable(final String username, final TomlTable userData) { - final String saltedAndHashedPassword = userData.getString("password", () -> ""); - final List groups = - userData - .getArrayOrEmpty("groups") - .toList() - .stream() - .map(Object::toString) - .collect(Collectors.toList()); - final List permissions = - userData - .getArrayOrEmpty("permissions") - .toList() - .stream() - .map(Object::toString) - .collect(Collectors.toList()); - final List roles = - userData - .getArrayOrEmpty("roles") - .toList() - .stream() - .map(Object::toString) - .collect(Collectors.toList()); - - return new TomlUser(username, saltedAndHashedPassword, groups, permissions, roles); - } - - private void checkPasswordHash( - final String password, - final String passwordHash, - final Handler> resultHandler) { - boolean passwordMatches = BCrypt.checkpw(password, passwordHash); - if (passwordMatches) { - resultHandler.handle(Future.succeededFuture()); - } else { - resultHandler.handle(Future.failedFuture("Invalid password")); - } - } -} diff --git a/ethereum/jsonrpc/src/main/java/tech/pegasys/pantheon/ethereum/jsonrpc/authentication/TomlAuthOptions.java b/ethereum/jsonrpc/src/main/java/tech/pegasys/pantheon/ethereum/jsonrpc/authentication/TomlAuthOptions.java index a6594b513c..03f0257381 100644 --- a/ethereum/jsonrpc/src/main/java/tech/pegasys/pantheon/ethereum/jsonrpc/authentication/TomlAuthOptions.java +++ b/ethereum/jsonrpc/src/main/java/tech/pegasys/pantheon/ethereum/jsonrpc/authentication/TomlAuthOptions.java @@ -31,7 +31,7 @@ public TomlAuthOptions(final TomlAuthOptions that) { @Override public AuthProvider createProvider(final Vertx vertx) { - return TomlAuth.create(vertx, this); + return new TomlAuth(vertx, this); } @Override diff --git a/ethereum/jsonrpc/src/test/java/tech/pegasys/pantheon/ethereum/jsonrpc/authentication/TomlAuthImplTest.java b/ethereum/jsonrpc/src/test/java/tech/pegasys/pantheon/ethereum/jsonrpc/authentication/TomlAuthTest.java similarity index 96% rename from ethereum/jsonrpc/src/test/java/tech/pegasys/pantheon/ethereum/jsonrpc/authentication/TomlAuthImplTest.java rename to ethereum/jsonrpc/src/test/java/tech/pegasys/pantheon/ethereum/jsonrpc/authentication/TomlAuthTest.java index 861c58a802..b318f483f7 100644 --- a/ethereum/jsonrpc/src/test/java/tech/pegasys/pantheon/ethereum/jsonrpc/authentication/TomlAuthImplTest.java +++ b/ethereum/jsonrpc/src/test/java/tech/pegasys/pantheon/ethereum/jsonrpc/authentication/TomlAuthTest.java @@ -26,17 +26,17 @@ import org.junit.runner.RunWith; @RunWith(VertxUnitRunner.class) -public class TomlAuthImplTest { +public class TomlAuthTest { private Vertx vertx; private JsonObject validAuthInfo; - private TomlAuthImpl tomlAuth; + private TomlAuth tomlAuth; @Before public void before(final TestContext context) throws URISyntaxException { vertx = Vertx.vertx(); tomlAuth = - new TomlAuthImpl( + new TomlAuth( vertx, new TomlAuthOptions().setTomlPath(getTomlPath("authentication/auth.toml"))); validAuthInfo = new JsonObject().put("username", "userA").put("password", "pegasys"); } @@ -63,7 +63,7 @@ public void authInfoWithoutPasswordShouldFailAuthentication(final TestContext co @Test public void parseFailureWithIOExceptionShouldFailAuthentication(final TestContext context) { - tomlAuth = new TomlAuthImpl(vertx, new TomlAuthOptions().setTomlPath("invalid_path")); + tomlAuth = new TomlAuth(vertx, new TomlAuthOptions().setTomlPath("invalid_path")); tomlAuth.authenticate( validAuthInfo,