status-im/nimbus-eth1
2
0
Fork 0
mirror of https://github.com/status-im/nimbus-eth1.git synced 2025-02-28 20:00:43 +00:00
Code Issues Projects Releases Wiki Activity

rm nim-graphql submodule (#3103)

Browse Source
This commit is contained in:
tersec 2025-02-25 02:47:31 +00:00 committed by GitHub
parent 21be015031
commit 42d25daaeb
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 13 additions and 131 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.gitmodules vendored
View File

@ -143,11 +143,6 @@
url = https://github.com/ethereum/tests url = https://github.com/ethereum/tests
ignore = dirty ignore = dirty
branch = develop branch = develop
[submodule "vendor/nim-graphql"]
path = vendor/nim-graphql
url = https://github.com/status-im/nim-graphql
ignore = dirty
branch = master
[submodule "vendor/nim-toml-serialization"] [submodule "vendor/nim-toml-serialization"]
path = vendor/nim-toml-serialization path = vendor/nim-toml-serialization
url = https://github.com/status-im/nim-toml-serialization url = https://github.com/status-im/nim-toml-serialization

138
tests/test_jwt_auth.nim
View File

@ -12,25 +12,21 @@
## ==================================== ## ====================================
import import
std/[base64, json, options, os, strutils, times],
../execution_chain/config, ../execution_chain/config,
../execution_chain/rpc/jwt_auth, ../execution_chain/rpc/jwt_auth,
../execution_chain/rpc {.all.}, ../execution_chain/rpc {.all.},
./replay/pp, ./replay/pp,
chronicles, chronicles,
chronos/apps/http/httpclient as chronoshttpclient, chronos/apps/http/httpclient as chronoshttpclient,
chronos/apps/http/httptable,
eth/common/keys,
eth/p2p,
nimcrypto/[hmac, sha2, utils], nimcrypto/[hmac, sha2, utils],
results,
stint,
unittest2, unittest2,
graphql,
websock/websock, websock/websock,
graphql/[httpserver, httpclient],
json_rpc/[rpcserver, rpcclient] json_rpc/[rpcserver, rpcclient]
from std/base64 import encode
from std/os import DirSep, fileExists, removeFile, splitFile, splitPath, `/`
from std/times import getTime, toUnix
type type
UnGuardedKey = UnGuardedKey =
array[jwtMinSecretLen,byte] array[jwtMinSecretLen,byte]
@ -70,11 +66,6 @@ proc say(noisy = false; pfx = "***"; args: varargs[string, `$`]) =
else: else:
echo pfx, args.toSeq.join echo pfx, args.toSeq.join
proc setTraceLevel =
discard
when defined(chronicles_runtime_filtering) and loggingEnabled:
setLogLevel(LogLevel.TRACE)
proc setErrorLevel = proc setErrorLevel =
discard discard
when defined(chronicles_runtime_filtering) and loggingEnabled: when defined(chronicles_runtime_filtering) and loggingEnabled:
@ -86,7 +77,7 @@ proc setErrorLevel =
func fakeGenSecret(fake: JwtSharedKey): JwtGenSecret = func fakeGenSecret(fake: JwtSharedKey): JwtGenSecret =
## Key random generator, fake version ## Key random generator, fake version
result = proc: JwtSharedKey = proc: JwtSharedKey =
fake fake
func base64urlEncode(x: auto): string = func base64urlEncode(x: auto): string =
@ -118,42 +109,13 @@ func getHttpAuthReqHeader2(secret: JwtSharedKey; time: uint64): HttpTable =
let bearer = secret.UnGuardedKey.getSignedToken2($getIatToken(time)) let bearer = secret.UnGuardedKey.getSignedToken2($getIatToken(time))
result.add("aUtHoRiZaTiOn", "Bearer " & bearer) result.add("aUtHoRiZaTiOn", "Bearer " & bearer)
proc createServer(serverAddress: TransportAddress, authHooks: seq[AuthHook] = @[]): GraphqlHttpServerRef =
let socketFlags = {ServerFlags.TcpNoDelay, ServerFlags.ReuseAddr}
var ctx = GraphqlRef.new()
const schema = """type Query {name: String}"""
let r = ctx.parseSchema(schema)
if r.isErr:
debugEcho r.error
return
let res = GraphqlHttpServerRef.new(
graphql = ctx,
address = serverAddress,
socketFlags = socketFlags,
authHooks = authHooks
)
if res.isErr():
debugEcho res.error
return
res.get()
proc setupClient(address: TransportAddress): GraphqlHttpClientRef =
GraphqlHttpClientRef.new(address, secure = false).get()
func localAddress(server: GraphqlHttpServerRef): TransportAddress =
server.server.instance.localAddress()
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
# Http combo helpers # HTTP combo helpers
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
func installRPC(server: RpcServer) = func installRPC(server: RpcServer) =
server.rpc("rpc_echo") do(input: int) -> string: server.rpc("rpc_echo") do(input: int) -> string:
result = "hello: " & $input "hello: " & $input
proc setupComboServer(hooks: sink seq[RpcAuthHook]): HttpResult[NimbusHttpServerRef] = proc setupComboServer(hooks: sink seq[RpcAuthHook]): HttpResult[NimbusHttpServerRef] =
var handlers: seq[RpcHandlerProc] var handlers: seq[RpcHandlerProc]
@ -212,7 +174,7 @@ proc runKeyLoader(noisy = true;
noisy.say " ", "text=", hexLine noisy.say " ", "text=", hexLine
noisy.say " ", "fake=", hexFake noisy.say " ", "fake=", hexFake
# Compare key against tcontents of shared key file # Compare key against contents of shared key file
check hexKey.cmpIgnoreCase(hexLine) == 0 check hexKey.cmpIgnoreCase(hexLine) == 0
# Just to make sure that there was no random generator used # Just to make sure that there was no random generator used
@ -236,7 +198,7 @@ proc runKeyLoader(noisy = true;
noisy.say " ", "text=", hexLine noisy.say " ", "text=", hexLine
noisy.say " ", "fake=", hexFake noisy.say " ", "fake=", hexFake
# Compare key against tcontents of shared key file # Compare key against contents of shared key file
check hexKey.cmpIgnoreCase(hexLine) == 0 check hexKey.cmpIgnoreCase(hexLine) == 0
# Just to make sure that there was no random generator used # Just to make sure that there was no random generator used
@ -264,16 +226,13 @@ proc runKeyLoader(noisy = true;
noisy.say "***", "key=", hexKey noisy.say "***", "key=", hexKey
noisy.say " ", "text=", hexLine noisy.say " ", "text=", hexLine
# Compare key against tcontents of shared key file # Compare key against contents of shared key file
check hexKey.cmpIgnoreCase(hexLine) == 0 check hexKey.cmpIgnoreCase(hexLine) == 0
proc runJwtAuth(noisy = true; keyFile = jwtKeyFile) = proc runJwtAuth(noisy = true; keyFile = jwtKeyFile) =
let let
filePath = keyFile.findFilePath.value filePath = keyFile.findFilePath.value
fileInfo = keyFile.splitFile.name.split(".")[0]
dataDir = filePath.splitPath.head dataDir = filePath.splitPath.head
dataDirCmdOpt = &"--data-dir={dataDir}" dataDirCmdOpt = &"--data-dir={dataDir}"
jwtSecretCmdOpt = &"--jwt-secret={filePath}" jwtSecretCmdOpt = &"--jwt-secret={filePath}"
config = @[dataDirCmdOpt,jwtSecretCmdOpt].makeConfig config = @[dataDirCmdOpt,jwtSecretCmdOpt].makeConfig
@ -285,78 +244,7 @@ proc runJwtAuth(noisy = true; keyFile = jwtKeyFile) =
# The wrapper contains the handler function with the captured shared key # The wrapper contains the handler function with the captured shared key
authHook = secret.value.httpJwtAuth authHook = secret.value.httpJwtAuth
const suite "Test combo HTTP server":
serverAddress = initTAddress("127.0.0.1:0")
query = """{ __type(name: "ID") { kind }}"""
suite "EngineAuth: Http/rpc authentication mechanics":
let server = createServer(serverAddress, @[authHook])
server.start()
test &"JSW/HS256 authentication using shared secret file {fileInfo}":
# Just to make sure that we made a proper choice. Typically, all
# ingredients shoud have been tested, already in the preceeding test
# suite.
let
lines = config.jwtSecret.get.string.readLines(1)
hexKey = "0x" & secret.value.UnGuardedKey.toHex
hexLine = lines[0].strip
noisy.say "***", "key=", hexKey
noisy.say " ", "text=", hexLine
check hexKey.cmpIgnoreCase(hexLine) == 0
let
time = getTime().toUnix.uint64
req = secret.value.getHttpAuthReqHeader(time)
noisy.say "***", "request",
" Authorization=", req.getString("Authorization")
setTraceLevel()
# Run http authorisation request
let client = setupClient(server.localAddress)
let res = waitFor client.sendRequest(query, req.toList)
check res.isOk
if res.isErr:
noisy.say "***", res.error
return
let resp = res.get()
check resp.status == 200
check resp.reason == "OK"
check resp.response == """{"data":{"__type":{"kind":"SCALAR"}}}"""
setErrorLevel()
test &"JSW/HS256, ditto with protected header variant":
let
time = getTime().toUnix.uint64
req = secret.value.getHttpAuthReqHeader2(time)
# Assemble request header
noisy.say "***", "request",
" Authorization=", req.getString("Authorization")
setTraceLevel()
# Run http authorisation request
let client = setupClient(server.localAddress)
let res = waitFor client.sendRequest(query, req.toList)
check res.isOk
if res.isErr:
noisy.say "***", res.error
return
let resp = res.get()
check resp.status == 200
check resp.reason == "OK"
check resp.response == """{"data":{"__type":{"kind":"SCALAR"}}}"""
setErrorLevel()
waitFor server.closeWait()
suite "Test combo http server":
let res = setupComboServer(@[authHook]) let res = setupComboServer(@[authHook])
if res.isErr: if res.isErr:
debugEcho res.error debugEcho res.error
@ -369,7 +257,7 @@ proc runJwtAuth(noisy = true; keyFile = jwtKeyFile) =
server.start() server.start()
test "rpc query no auth": test "RPC query no auth":
let client = newRpcHttpClient() let client = newRpcHttpClient()
waitFor client.connect("http://" & $server.localAddress) waitFor client.connect("http://" & $server.localAddress)
try: try:
@ -379,7 +267,7 @@ proc runJwtAuth(noisy = true; keyFile = jwtKeyFile) =
except ErrorResponse as exc: except ErrorResponse as exc:
check exc.msg == "Forbidden" check exc.msg == "Forbidden"
test "rpc query with uth": test "RPC query with auth":
proc authHeaders(): seq[(string, string)] = proc authHeaders(): seq[(string, string)] =
req.toList req.toList
let client = newRpcHttpClient(getHeaders = authHeaders) let client = newRpcHttpClient(getHeaders = authHeaders)

1
vendor/nim-graphql vendored

@ -1 +0,0 @@
Subproject commit 54dcec7f6f01a2f1e0d5115b7352a1e16182a655