2019-06-25 11:42:17 +00:00
|
|
|
package modules
|
2019-07-01 10:18:00 +00:00
|
|
|
|
|
|
|
import (
|
2019-10-11 00:31:06 +00:00
|
|
|
"context"
|
2019-07-23 20:37:06 +00:00
|
|
|
"crypto/rand"
|
2020-02-12 20:25:29 +00:00
|
|
|
"errors"
|
2019-11-22 16:20:56 +00:00
|
|
|
"io"
|
|
|
|
"io/ioutil"
|
2020-06-22 22:38:36 +00:00
|
|
|
"path/filepath"
|
2019-11-22 16:20:56 +00:00
|
|
|
|
2020-05-20 18:23:51 +00:00
|
|
|
"github.com/gbrlsnchs/jwt/v3"
|
|
|
|
logging "github.com/ipfs/go-log/v2"
|
|
|
|
"github.com/libp2p/go-libp2p-core/peerstore"
|
|
|
|
record "github.com/libp2p/go-libp2p-record"
|
|
|
|
"golang.org/x/xerrors"
|
|
|
|
|
|
|
|
"github.com/filecoin-project/go-jsonrpc/auth"
|
2020-02-12 20:25:29 +00:00
|
|
|
|
2020-05-20 18:23:51 +00:00
|
|
|
"github.com/filecoin-project/lotus/api/apistruct"
|
2019-10-18 04:47:41 +00:00
|
|
|
"github.com/filecoin-project/lotus/build"
|
2019-10-23 11:11:18 +00:00
|
|
|
"github.com/filecoin-project/lotus/chain/types"
|
2020-06-22 22:38:36 +00:00
|
|
|
"github.com/filecoin-project/lotus/journal"
|
2019-10-18 04:47:41 +00:00
|
|
|
"github.com/filecoin-project/lotus/lib/addrutil"
|
2019-10-23 11:11:18 +00:00
|
|
|
"github.com/filecoin-project/lotus/node/modules/dtypes"
|
|
|
|
"github.com/filecoin-project/lotus/node/repo"
|
2019-07-01 10:18:00 +00:00
|
|
|
)
|
|
|
|
|
2019-07-03 17:39:07 +00:00
|
|
|
var log = logging.Logger("modules")
|
|
|
|
|
2019-07-25 22:15:03 +00:00
|
|
|
type Genesis func() (*types.BlockHeader, error)
|
2019-07-08 13:36:43 +00:00
|
|
|
|
2019-07-01 10:18:00 +00:00
|
|
|
// RecordValidator provides namesys compatible routing record validator
|
|
|
|
func RecordValidator(ps peerstore.Peerstore) record.Validator {
|
|
|
|
return record.NamespacedValidator{
|
2019-07-01 20:00:22 +00:00
|
|
|
"pk": record.PublicKeyValidator{},
|
2019-07-01 10:18:00 +00:00
|
|
|
}
|
|
|
|
}
|
2019-07-08 13:36:43 +00:00
|
|
|
|
2020-08-20 04:49:10 +00:00
|
|
|
const JWTSecretName = "auth-jwt-private" //nolint:gosec
|
|
|
|
const KTJwtHmacSecret = "jwt-hmac-secret" //nolint:gosec
|
2019-07-23 20:23:44 +00:00
|
|
|
|
2020-08-19 19:18:36 +00:00
|
|
|
type JwtPayload struct {
|
2020-05-20 18:23:51 +00:00
|
|
|
Allow []auth.Permission
|
2019-07-23 20:37:06 +00:00
|
|
|
}
|
|
|
|
|
2019-08-20 17:19:24 +00:00
|
|
|
func APISecret(keystore types.KeyStore, lr repo.LockedRepo) (*dtypes.APIAlg, error) {
|
2019-07-23 20:23:44 +00:00
|
|
|
key, err := keystore.Get(JWTSecretName)
|
2020-02-12 20:25:29 +00:00
|
|
|
|
|
|
|
if errors.Is(err, types.ErrKeyInfoNotFound) {
|
2019-07-23 20:37:06 +00:00
|
|
|
log.Warn("Generating new API secret")
|
|
|
|
|
|
|
|
sk, err := ioutil.ReadAll(io.LimitReader(rand.Reader, 32))
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
key = types.KeyInfo{
|
2020-08-19 19:18:36 +00:00
|
|
|
Type: KTJwtHmacSecret,
|
2019-07-23 20:37:06 +00:00
|
|
|
PrivateKey: sk,
|
|
|
|
}
|
|
|
|
|
|
|
|
if err := keystore.Put(JWTSecretName, key); err != nil {
|
|
|
|
return nil, xerrors.Errorf("writing API secret: %w", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
// TODO: make this configurable
|
2020-08-19 19:18:36 +00:00
|
|
|
p := JwtPayload{
|
2019-12-09 17:08:32 +00:00
|
|
|
Allow: apistruct.AllPermissions,
|
2019-07-23 20:37:06 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
cliToken, err := jwt.Sign(&p, jwt.NewHS256(key.PrivateKey))
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
if err := lr.SetAPIToken(cliToken); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
2020-02-12 20:25:29 +00:00
|
|
|
} else if err != nil {
|
|
|
|
return nil, xerrors.Errorf("could not get JWT Token: %w", err)
|
2019-07-23 20:23:44 +00:00
|
|
|
}
|
2019-07-23 20:37:06 +00:00
|
|
|
|
2019-08-20 17:19:24 +00:00
|
|
|
return (*dtypes.APIAlg)(jwt.NewHS256(key.PrivateKey)), nil
|
2019-07-23 20:23:44 +00:00
|
|
|
}
|
2019-10-11 00:31:06 +00:00
|
|
|
|
2019-10-11 03:16:12 +00:00
|
|
|
func ConfigBootstrap(peers []string) func() (dtypes.BootstrapPeers, error) {
|
|
|
|
return func() (dtypes.BootstrapPeers, error) {
|
|
|
|
return addrutil.ParseAddresses(context.TODO(), peers)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func BuiltinBootstrap() (dtypes.BootstrapPeers, error) {
|
|
|
|
return build.BuiltinBootstrap()
|
|
|
|
}
|
2020-06-08 09:31:33 +00:00
|
|
|
|
2020-07-22 21:46:36 +00:00
|
|
|
func DrandBootstrap(d dtypes.DrandConfig) (dtypes.DrandBootstrap, error) {
|
2020-08-27 17:00:42 +00:00
|
|
|
// TODO: retry resolving, don't fail if at least one resolve succeeds
|
2020-08-27 15:50:16 +00:00
|
|
|
addrs, err := addrutil.ParseAddresses(context.TODO(), d.Relays)
|
|
|
|
if err != nil {
|
|
|
|
log.Errorf("reoslving drand relays addresses: %+v", err)
|
|
|
|
return nil, nil
|
|
|
|
}
|
|
|
|
return addrs, nil
|
2020-06-08 09:31:33 +00:00
|
|
|
}
|
2020-06-22 22:38:36 +00:00
|
|
|
|
|
|
|
func SetupJournal(lr repo.LockedRepo) error {
|
|
|
|
return journal.InitializeSystemJournal(filepath.Join(lr.Path(), "journal"))
|
|
|
|
}
|