From f50e9a6ee0a6dbc5169bf01676f97f9f12e6e039 Mon Sep 17 00:00:00 2001 From: dkeysil Date: Wed, 3 Apr 2024 18:29:06 +0200 Subject: [PATCH 1/3] Change metric type and move check on status code in the client --- clients/blocksdata/r2_client.go | 8 ++++---- services/json-rpc/cache/json_rpc_cache.go | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/clients/blocksdata/r2_client.go b/clients/blocksdata/r2_client.go index 04072772..43f7b950 100644 --- a/clients/blocksdata/r2_client.go +++ b/clients/blocksdata/r2_client.go @@ -61,15 +61,15 @@ func (c *blocksDataClient) GetBlocksData(bucket int64) (_ *protocol.BlocksData, defer resp.Body.Close() + if resp.StatusCode == http.StatusForbidden { + return backoff.Permanent(fmt.Errorf("forbidden")) + } + b, err := io.ReadAll(resp.Body) if err != nil { return err } - if resp.StatusCode == http.StatusForbidden { - return backoff.Permanent(fmt.Errorf("forbidden")) - } - if resp.StatusCode == http.StatusNotFound && bytes.Contains(b, []byte("too old")) { return fmt.Errorf("%s", b) } diff --git a/services/json-rpc/cache/json_rpc_cache.go b/services/json-rpc/cache/json_rpc_cache.go index fa2ea512..36ab5b25 100644 --- a/services/json-rpc/cache/json_rpc_cache.go +++ b/services/json-rpc/cache/json_rpc_cache.go @@ -221,7 +221,7 @@ func (c *JsonRpcCache) pollBlocksData() { blocksData, err := c.blocksDataClient.GetBlocksData(b) if err != nil { c.msgClient.PublishProto(messaging.SubjectMetricAgent, - metrics.CreateEventMetric(time.Now(), "system", domain.MetricJSONRPCCachePollError, err.Error())) + metrics.CreateSystemMetric(domain.MetricJSONRPCCachePollError, 1, err.Error())) log.WithError(err).Errorf("Failed to get BlocksData from dispatcher. bucket: %d", b) return } From 6a7c5ddac4093861d7b17265c9432c14b2e39d15 Mon Sep 17 00:00:00 2001 From: dkeysil Date: Wed, 3 Apr 2024 18:53:26 +0200 Subject: [PATCH 2/3] Support jwt auth on blocksdata client --- clients/blocksdata/r2_client.go | 18 +++++++++++++++++- cmd/json-rpc/main.go | 2 +- services/json-rpc/cache/json_rpc_cache.go | 14 +++++++++++--- 3 files changed, 29 insertions(+), 5 deletions(-) diff --git a/clients/blocksdata/r2_client.go b/clients/blocksdata/r2_client.go index 43f7b950..3a86cbb4 100644 --- a/clients/blocksdata/r2_client.go +++ b/clients/blocksdata/r2_client.go @@ -11,7 +11,9 @@ import ( "time" backoff "github.com/cenkalti/backoff/v4" + "github.com/ethereum/go-ethereum/accounts/keystore" "github.com/forta-network/forta-core-go/protocol" + "github.com/forta-network/forta-core-go/security" "github.com/forta-network/forta-core-go/utils/httpclient" "google.golang.org/protobuf/proto" ) @@ -24,13 +26,15 @@ const ( type blocksDataClient struct { dispatcherURL *url.URL + key *keystore.Key } -func NewBlocksDataClient(dispatcherURL string) *blocksDataClient { +func NewBlocksDataClient(dispatcherURL string, key *keystore.Key) *blocksDataClient { u, _ := url.Parse(dispatcherURL) return &blocksDataClient{ dispatcherURL: u, + key: key, } } @@ -54,6 +58,18 @@ func (c *blocksDataClient) GetBlocksData(bucket int64) (_ *protocol.BlocksData, var item PresignedURLItem err = backoff.Retry(func() error { + req, err := http.NewRequest(http.MethodGet, dispatcherUrl, nil) + if err != nil { + return backoff.Permanent(err) + } + + jwt, err := security.CreateScannerJWT(c.key, nil) + if err != nil { + return backoff.Permanent(err) + } + + req.Header.Set("Authorization", "Bearer "+jwt) + resp, err := httpclient.Default.Get(dispatcherUrl) if err != nil { return err diff --git a/cmd/json-rpc/main.go b/cmd/json-rpc/main.go index 37a780b5..09cbbd58 100644 --- a/cmd/json-rpc/main.go +++ b/cmd/json-rpc/main.go @@ -18,7 +18,7 @@ func initJsonRpcProxy(ctx context.Context, cfg config.Config) (*jrp.JsonRpcProxy } func initJsonRpcCache(ctx context.Context, cfg config.Config, botRegistry registry.BotRegistry) (*jrpcache.JsonRpcCache, error) { - return jrpcache.NewJsonRpcCache(ctx, cfg.JsonRpcCache, botRegistry) + return jrpcache.NewJsonRpcCache(ctx, cfg, botRegistry) } func initServices(ctx context.Context, cfg config.Config) ([]services.Service, error) { diff --git a/services/json-rpc/cache/json_rpc_cache.go b/services/json-rpc/cache/json_rpc_cache.go index 36ab5b25..6fe8d238 100644 --- a/services/json-rpc/cache/json_rpc_cache.go +++ b/services/json-rpc/cache/json_rpc_cache.go @@ -7,6 +7,7 @@ import ( "strconv" "time" + "github.com/ethereum/go-ethereum/accounts/keystore" "github.com/forta-network/forta-core-go/domain" "github.com/forta-network/forta-core-go/protocol" "github.com/forta-network/forta-core-go/utils" @@ -38,6 +39,7 @@ type JsonRpcCache struct { botAuthenticator clients.IPAuthenticator botRegistry registry.BotRegistry msgClient clients.MessageClient + key *keystore.Key server *http.Server @@ -46,15 +48,21 @@ type JsonRpcCache struct { blocksDataClient clients.BlocksDataClient } -func NewJsonRpcCache(ctx context.Context, cfg config.JsonRpcCacheConfig, botRegistry registry.BotRegistry) (*JsonRpcCache, error) { +func NewJsonRpcCache(ctx context.Context, cfg config.Config, botRegistry registry.BotRegistry) (*JsonRpcCache, error) { botAuthenticator, err := clients.NewBotAuthenticator(ctx) if err != nil { return nil, err } + key, err := config.LoadKeyInContainer(cfg) + if err != nil { + return nil, err + } + return &JsonRpcCache{ ctx: ctx, - cfg: cfg, + key: key, + cfg: cfg.JsonRpcCache, botAuthenticator: botAuthenticator, botRegistry: botRegistry, msgClient: messaging.NewClient("json-rpc-cache", fmt.Sprintf("%s:%s", config.DockerNatsContainerName, config.DefaultNatsPort)), @@ -73,7 +81,7 @@ func (c *JsonRpcCache) Start() error { Handler: r, } - c.blocksDataClient = blocksdata.NewBlocksDataClient(c.cfg.DispatcherURL) + c.blocksDataClient = blocksdata.NewBlocksDataClient(c.cfg.DispatcherURL, c.key) utils.GoListenAndServe(c.server) From f54c3d19bdf5809a50213381f709406c4ad05618 Mon Sep 17 00:00:00 2001 From: dkeysil Date: Thu, 4 Apr 2024 12:42:41 +0200 Subject: [PATCH 3/3] Use Sprintf instead of sum --- clients/blocksdata/r2_client.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/clients/blocksdata/r2_client.go b/clients/blocksdata/r2_client.go index 3a86cbb4..6f585321 100644 --- a/clients/blocksdata/r2_client.go +++ b/clients/blocksdata/r2_client.go @@ -63,12 +63,12 @@ func (c *blocksDataClient) GetBlocksData(bucket int64) (_ *protocol.BlocksData, return backoff.Permanent(err) } - jwt, err := security.CreateScannerJWT(c.key, nil) + scannerJwt, err := security.CreateScannerJWT(c.key, nil) if err != nil { return backoff.Permanent(err) } - req.Header.Set("Authorization", "Bearer "+jwt) + req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", scannerJwt)) resp, err := httpclient.Default.Get(dispatcherUrl) if err != nil {