From 99eca42b132c723541dfeed76b701762889259d0 Mon Sep 17 00:00:00 2001 From: Etan Kissling Date: Tue, 12 Jul 2022 03:08:52 -0700 Subject: [PATCH] introduce `loadJwtSecret` helper (#3856) Extract repeated code to load the JWT secret file into a separate func. --- beacon_chain/conf.nim | 26 ++++++++++++++++++++- beacon_chain/nimbus_beacon_node.nim | 35 +++-------------------------- 2 files changed, 28 insertions(+), 33 deletions(-) diff --git a/beacon_chain/conf.nim b/beacon_chain/conf.nim index 705e7a233..3f9f51c09 100644 --- a/beacon_chain/conf.nim +++ b/beacon_chain/conf.nim @@ -21,7 +21,7 @@ import eth/common/eth_types as commonEthTypes, eth/net/nat, eth/p2p/discoveryv5/enr, json_serialization, web3/[ethtypes, confutils_defs], - ./spec/[keystore, network, crypto], + ./spec/[engine_authentication, keystore, network, crypto], ./spec/datatypes/base, ./networking/network_metadata, ./validators/slashing_protection_common, @@ -1153,3 +1153,27 @@ proc loadEth2Network*( template loadEth2Network*(config: BeaconNodeConf): Eth2NetworkMetadata = loadEth2Network(config.eth2Network) + +proc loadJwtSecret*( + rng: var HmacDrbgContext, + dataDir: string, + jwtSecret: Option[string], + allowCreate: bool): Option[seq[byte]] = + # Some Web3 endpoints aren't compatible with JWT, but if explicitly chosen, + # use it regardless. + if jwtSecret.isSome or allowCreate: + let secret = rng.checkJwtSecret(dataDir, jwtSecret) + if secret.isErr: + fatal "Specified a JWT secret file which couldn't be loaded", + err = secret.error + quit 1 + + some secret.get + else: + none(seq[byte]) + +template loadJwtSecret*( + rng: var HmacDrbgContext, + config: BeaconNodeConf, + allowCreate: bool): Option[seq[byte]] = + rng.loadJwtSecret(string(config.dataDir), config.jwtSecret, allowCreate) diff --git a/beacon_chain/nimbus_beacon_node.nim b/beacon_chain/nimbus_beacon_node.nim index 7cc60198a..5de6bd6d8 100644 --- a/beacon_chain/nimbus_beacon_node.nim +++ b/beacon_chain/nimbus_beacon_node.nim @@ -495,20 +495,7 @@ proc init*(T: type BeaconNode, fatal "--finalized-checkpoint-block cannot be specified without --finalized-checkpoint-state" quit 1 - let optJwtSecret = - # Some Web3 endpoints aren't compatible with JWT, but if explicitly chosen, - # use it regardless. - if config.jwtSecret.isSome: - let jwtSecret = rng[].checkJwtSecret( - string(config.dataDir), config.jwtSecret) - if jwtSecret.isErr: - fatal "Specified a JWT secret file which couldn't be loaded", - err = jwtSecret.error - quit 1 - - some jwtSecret.get - else: - none(seq[byte]) + let optJwtSecret = rng[].loadJwtSecret(config, allowCreate = false) template getDepositContractSnapshot: auto = if depositContractSnapshot.isSome: @@ -1888,15 +1875,7 @@ proc doCreateTestnet*(config: BeaconNodeConf, rng: var HmacDrbgContext) {.raises eth1Hash = if config.web3Urls.len == 0: eth1BlockHash else: (waitFor getEth1BlockHash( config.web3Urls[0], blockId("latest"), - block: - let jwtSecret = rng.checkJwtSecret( - string(config.dataDir), config.jwtSecret) - if jwtSecret.isErr: - fatal "Specified a JWT secret file which couldn't be loaded", - err = jwtSecret.error - quit 1 - - some jwtSecret.get)).asEth2Digest + rng.loadJwtSecret(config, allowCreate = true))).asEth2Digest cfg = getRuntimeConfig(config.eth2Network) var initialState = newClone(initialize_beacon_state_from_eth1( @@ -1977,15 +1956,7 @@ proc doWeb3Cmd(config: BeaconNodeConf, rng: var HmacDrbgContext) waitFor testWeb3Provider(config.web3TestUrl, metadata.cfg.DEPOSIT_CONTRACT_ADDRESS, - block: - let jwtSecret = rng.checkJwtSecret( - string(config.dataDir), config.jwtSecret) - - if jwtSecret.isErr: - fatal "Specified a JWT secret file which couldn't be loaded", - err = jwtSecret.error - quit 1 - some jwtSecret.get) + rng.loadJwtSecret(config, allowCreate = true)) proc doSlashingExport(conf: BeaconNodeConf) {.raises: [IOError, Defect].}= let