Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(api/rpc): Implement auth middleware on Server #1402

Merged
merged 3 commits into from
Dec 20, 2022
Merged

feat(api/rpc): Implement auth middleware on Server #1402

merged 3 commits into from
Dec 20, 2022

Conversation

renaynay
Copy link
Member

Related to #1187

This PR is based on #1313

It implements:

  • providing a new JWT secret from the nodebuilder/node module to both the node module and the rpc server.
  • auth middleware for the rpc.Server that verifies the given token with the server's secret

In a follow-up PR will come the ability to create an rpc client with elevated permissions (this branch restricts client access to read-only API methods).

@renaynay renaynay added area:rpc kind:feat Attached to feature PRs area:api Related to celestia-node API labels Nov 28, 2022
@renaynay renaynay self-assigned this Nov 28, 2022
@renaynay renaynay force-pushed the server-auth branch 3 times, most recently from a98a3b6 to a1582e9 Compare November 29, 2022 10:00
@codecov-commenter
Copy link

codecov-commenter commented Nov 29, 2022
edited
Loading

Codecov Report

Merging #1402 (3be37f8) into main (95907f4) will decrease coverage by 0.64%.
The diff coverage is 18.43%.

@@            Coverage Diff             @@
##             main    #1402      +/-   ##
==========================================
- Coverage   55.33%   54.69%   -0.65%     
==========================================
  Files         180      198      +18     
  Lines       10962    11903     +941     
==========================================
+ Hits         6066     6510     +444     
- Misses       4296     4756     +460     
- Partials      600      637      +37
Impacted Files Coverage Δ
api/gateway/availability.go 0.00% <0.00%> (ø)
api/gateway/middleware.go 42.30% <0.00%> (ø)
nodebuilder/das/das.go 0.00% <0.00%> (ø)
nodebuilder/fraud/fraud.go 0.00% <0.00%> (ø)
nodebuilder/header/header.go 0.00% <0.00%> (ø)
nodebuilder/header/service.go 57.14% <0.00%> (ø)
nodebuilder/module.go 100.00% <ø> (ø)
nodebuilder/share/share.go 0.00% <0.00%> (ø)
share/availability/cache/availability.go 87.50% <0.00%> (ø)
share/availability/full/availability.go 82.35% <0.00%> (ø)
... and 35 more

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

@renaynay renaynay force-pushed the server-auth branch 2 times, most recently from 272450b to 045cf73 Compare December 2, 2022 10:23
@renaynay renaynay mentioned this pull request Dec 2, 2022
Merged
@renaynay renaynay force-pushed the server-auth branch 2 times, most recently from b118c0f to 1ec02f9 Compare December 13, 2022 13:59
@renaynay renaynay marked this pull request as ready for review December 15, 2022 07:54
Wondertan
Wondertan approved these changes Dec 20, 2022
View reviewed changes
Copy link
Member

@Wondertan Wondertan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Glad that jsonrpc does not actually enforce a specific auth dependency. Would also be nice to have some tests here, but I assume they will come in later PRs

api/rpc/server.go Show resolved Hide resolved
@renaynay renaynay merged commit 8b71eaf into celestiaorg:main Dec 20, 2022
@renaynay renaynay deleted the server-auth branch December 20, 2022 10:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vgonkivs vgonkivs vgonkivs approved these changes

@Wondertan Wondertan Wondertan approved these changes

@distractedm1nd distractedm1nd distractedm1nd approved these changes

@walldiss walldiss walldiss approved these changes

Assignees

@renaynay renaynay

Labels
area:api Related to celestia-node API area:rpc kind:feat Attached to feature PRs
Projects
No open projects
Celestia Node
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@renaynay @codecov-commenter @walldiss @distractedm1nd @Wondertan @vgonkivs