diff --git a/cmd/lotus-storage-miner/run.go b/cmd/lotus-storage-miner/run.go index 20bf5defd..3daf9a911 100644 --- a/cmd/lotus-storage-miner/run.go +++ b/cmd/lotus-storage-miner/run.go @@ -155,7 +155,7 @@ var runCmd = &cli.Command{ log.Infof("Remote version %s", v) // Instantiate the miner node handler. - handler, err := node.MinerHandler(minerapi) + handler, err := node.MinerHandler(minerapi, true) if err != nil { return xerrors.Errorf("failed to instantiate rpc handler: %w", err) } diff --git a/cmd/lotus/daemon.go b/cmd/lotus/daemon.go index a6222433b..0504c3418 100644 --- a/cmd/lotus/daemon.go +++ b/cmd/lotus/daemon.go @@ -363,7 +363,7 @@ var DaemonCmd = &cli.Command{ } // Instantiate the full node handler. - h, err := node.FullNodeHandler(api, serverOptions...) + h, err := node.FullNodeHandler(api, true, serverOptions...) if err != nil { return fmt.Errorf("failed to instantiate rpc handler: %s", err) } diff --git a/itests/kit/node_builder.go b/itests/kit/node_builder.go index 38b8123b0..3780a7669 100644 --- a/itests/kit/node_builder.go +++ b/itests/kit/node_builder.go @@ -11,7 +11,6 @@ import ( "testing" "time" - "github.com/filecoin-project/go-jsonrpc/auth" "github.com/filecoin-project/go-state-types/network" "github.com/filecoin-project/go-address" @@ -629,18 +628,13 @@ func CreateRPCServer(t *testing.T, handler http.Handler) (*httptest.Server, mult } func fullRpc(t *testing.T, nd TestFullNode) TestFullNode { - tok, err := nd.AuthNew(context.Background(), []auth.Permission{"admin", "read", "write", "sign"}) - require.NoError(t, err) - - handler, err := node.FullNodeHandler(nd.FullNode) + handler, err := node.FullNodeHandler(nd.FullNode, false) require.NoError(t, err) srv, maddr := CreateRPCServer(t, handler) var ret TestFullNode - cl, stop, err := client.NewFullNodeRPCV1(context.Background(), "ws://"+srv.Listener.Addr().String()+"/rpc/v1", map[string][]string{ - "Authorization": {"Bearer " + string(tok)}, - }) + cl, stop, err := client.NewFullNodeRPCV1(context.Background(), "ws://"+srv.Listener.Addr().String()+"/rpc/v1", nil) require.NoError(t, err) t.Cleanup(stop) ret.ListenAddr, ret.FullNode = maddr, cl @@ -649,18 +643,13 @@ func fullRpc(t *testing.T, nd TestFullNode) TestFullNode { } func storerRpc(t *testing.T, nd TestMiner) TestMiner { - tok, err := nd.AuthNew(context.Background(), []auth.Permission{"admin", "read", "write"}) - require.NoError(t, err) - - handler, err := node.MinerHandler(nd.StorageMiner) + handler, err := node.MinerHandler(nd.StorageMiner, false) require.NoError(t, err) srv, maddr := CreateRPCServer(t, handler) var ret TestMiner - cl, stop, err := client.NewStorageMinerRPCV0(context.Background(), "ws://"+srv.Listener.Addr().String()+"/rpc/v0", map[string][]string{ - "Authorization": {"Bearer " + string(tok)}, - }) + cl, stop, err := client.NewStorageMinerRPCV0(context.Background(), "ws://"+srv.Listener.Addr().String()+"/rpc/v0", nil) require.NoError(t, err) t.Cleanup(stop) diff --git a/node/rpc.go b/node/rpc.go index d5df7da1e..9b84792bb 100644 --- a/node/rpc.go +++ b/node/rpc.go @@ -62,32 +62,40 @@ func ServeRPC(h http.Handler, id string, addr multiaddr.Multiaddr) (StopFunc, er } // FullNodeHandler returns a full node handler, to be mounted as-is on the server. -func FullNodeHandler(a v1api.FullNode, opts ...jsonrpc.ServerOption) (http.Handler, error) { +func FullNodeHandler(a v1api.FullNode, permissioned bool, opts ...jsonrpc.ServerOption) (http.Handler, error) { m := mux.NewRouter() serveRpc := func(path string, hnd interface{}) { rpcServer := jsonrpc.NewServer(opts...) rpcServer.Register("Filecoin", hnd) - ah := &auth.Handler{ - Verify: a.AuthVerify, - Next: rpcServer.ServeHTTP, + var handler http.Handler = rpcServer + if permissioned { + handler = &auth.Handler{Verify: a.AuthVerify, Next: rpcServer.ServeHTTP} } - m.Handle(path, ah) + m.Handle(path, handler) } - pma := api.PermissionedFullAPI(metrics.MetricedFullAPI(a)) - - serveRpc("/rpc/v1", pma) - serveRpc("/rpc/v0", &v0api.WrapperV1Full{FullNode: pma}) - - importAH := &auth.Handler{ - Verify: a.AuthVerify, - Next: handleImport(a.(*impl.FullNodeAPI)), + fnapi := metrics.MetricedFullAPI(a) + if permissioned { + fnapi = api.PermissionedFullAPI(fnapi) } - m.Handle("/rest/v0/import", importAH) + serveRpc("/rpc/v1", fnapi) + serveRpc("/rpc/v0", &v0api.WrapperV1Full{FullNode: fnapi}) + + // Import handler + handleImportFunc := handleImport(a.(*impl.FullNodeAPI)) + if permissioned { + importAH := &auth.Handler{ + Verify: a.AuthVerify, + Next: handleImportFunc, + } + m.Handle("/rest/v0/import", importAH) + } else { + m.HandleFunc("/rest/v0/import", handleImportFunc) + } // debugging m.Handle("/debug/metrics", metrics.Exporter()) @@ -101,11 +109,16 @@ func FullNodeHandler(a v1api.FullNode, opts ...jsonrpc.ServerOption) (http.Handl } // MinerHandler returns a miner handler, to be mounted as-is on the server. -func MinerHandler(a api.StorageMiner) (http.Handler, error) { +func MinerHandler(a api.StorageMiner, permissioned bool) (http.Handler, error) { m := mux.NewRouter() + mapi := metrics.MetricedStorMinerAPI(a) + if permissioned { + mapi = api.PermissionedStorMinerAPI(mapi) + } + rpcServer := jsonrpc.NewServer() - rpcServer.Register("Filecoin", api.PermissionedStorMinerAPI(metrics.MetricedStorMinerAPI(a))) + rpcServer.Register("Filecoin", mapi) m.Handle("/rpc/v0", rpcServer) m.PathPrefix("/remote").HandlerFunc(a.(*impl.StorageMinerAPI).ServeRemote) @@ -114,11 +127,14 @@ func MinerHandler(a api.StorageMiner) (http.Handler, error) { m.Handle("/debug/metrics", metrics.Exporter()) m.PathPrefix("/").Handler(http.DefaultServeMux) // pprof + if !permissioned { + return rpcServer, nil + } + ah := &auth.Handler{ Verify: a.AuthVerify, Next: m.ServeHTTP, } - return ah, nil }