diff options
| -rw-r--r-- | .gitignore | 1 | ||||
| -rw-r--r-- | secrets/gradecoin_rsa | 27 | ||||
| -rw-r--r-- | secrets/gradecoin_rsa.pub | 9 | ||||
| -rw-r--r-- | src/auth.rs | 2 | ||||
| -rw-r--r-- | src/custom_filters.rs | 2 | ||||
| -rw-r--r-- | src/handlers.rs | 9 | ||||
| -rw-r--r-- | src/routes.rs | 11 | ||||
| -rw-r--r-- | src/schema.rs | 4 |
8 files changed, 50 insertions, 15 deletions
| @@ -1,4 +1,3 @@ | |||
| 1 | /target | 1 | /target |
| 2 | /secrets | ||
| 3 | tags.lock | 2 | tags.lock |
| 4 | tags.temp | 3 | tags.temp |
diff --git a/secrets/gradecoin_rsa b/secrets/gradecoin_rsa new file mode 100644 index 0000000..f00685c --- /dev/null +++ b/secrets/gradecoin_rsa | |||
| @@ -0,0 +1,27 @@ | |||
| 1 | -----BEGIN RSA PRIVATE KEY----- | ||
| 2 | MIIEpAIBAAKCAQEA4nU0G4WjkmcQUx0hq6LQuV5Q+ACmUFL/OjoYMDwC/O/6pCd1 | ||
| 3 | UZgCfgHN2xEffDPznzcTn8OiFRxr4oWyBinyrUpnY4mhy0SQUwoeCw7YkcHAyhCj | ||
| 4 | NT74aR/ohX0MCj0qRRdbt5ZQXM/GC3HJuXE1ptSuhFgQxziItamn8maoJ6JUSVEX | ||
| 5 | VO1NOrrjoM3r7Q+BK2B+sX4/bLZ+VG5g1q2nEbFdTHS6pHqtZNHQndTmEKwRfh0R | ||
| 6 | YtzEzOXuO6e1gQY42Tujkof40dhGCIU7TeIGGHwdFxy1niLkXwtHNjV7lnIOkTbx | ||
| 7 | 6+sSPamRfQAlZqUWM2Lf5o+7h3qWP3ENB138sQIDAQABAoIBAD23nYTmrganag6M | ||
| 8 | wPFrBSGP79c3Lhx0EjUHQjJbGKFgsdltG48qM3ut+DF9ACy0Z+/7bbC7+39vaIOq | ||
| 9 | 1jLR2d6aiYTaLKseO4s2FawD1sgamvU3BZPsXn0gAhnnU5Gyy8Nas1dccvhoc9wI | ||
| 10 | neaZUPrvucQ90AzLfo6r9yacDbYHB1lOyomApUvpJxOgHISGEtc9qGPDrdH19aF0 | ||
| 11 | 8fCv2bbQRh+TChgN3IB0o5w0wXaI7YAyAouAv/AzHCoEMpt7OGjFTkjh/ujlPL9O | ||
| 12 | +FLuJNsQRHDN0gJo2pcvwGwDCsioMixQ9bZ7ZrUu2BNpEQygyeSbj9ZI1iRvhosO | ||
| 13 | JU3rwEECgYEA9MppTYA6A9WQbCCwPH1QMpUAmPNVSWVhUVag4lGOEhdCDRcz9ook | ||
| 14 | DohQMKctiEB1luKuvDokxo0uMOfMO9/YwjsRB7qjQip7Th1zMJIjD+A+juLzHK4r | ||
| 15 | /RiRtWYGAnF8mptDvE+93JsPb3C/lQLvIhio5GQYWBqPJu6SpeosIskCgYEA7NPi | ||
| 16 | Gbffzr2UQhW8BNKmctEEh8yFRVojFo3wwwWxSNUVXGSmSm31CL+Q8h817R+2OkPV | ||
| 17 | 1ZMUOBU4UJiqFt28kIvTDFqbAJlJQGCpY2mY7OLQiD2A+TVLcFrHmoCaPfCAK1Qd | ||
| 18 | hQ0PmFK7Mf8qClpA3E5chop/WfKQfiu46sZv1qkCgYAhGdXPcw1lQ1W6KVlrdI6J | ||
| 19 | qHhiNlVMDXdxZkNvFxQdAiQeXQrbxaZGiMw/J/wSNpUwCAsUzM/4QVMDrfSCDCzl | ||
| 20 | ZtNQtj4pTlFKKNVQthIjrXEIJUw2jp7IJLBfVSJu5iWxSlmId0f3MsiNizN81N69 | ||
| 21 | P5Rm/doE3+KHoy8VXGsHcQKBgQCkNh62enqjHWypjex6450qS6f6iWN3PRLLVsw0 | ||
| 22 | TcQpniZblCaBwVCAKmRUnjOEIdL2/4ZLutnwMTaFG/YEOOfAylMiY8jKV38lNmD9 | ||
| 23 | X4D78CFr9klxgvS2CRwSE03f2NzmLkLxuKaxldvaxPTfjMkgeO1LFMlNExYBhkuH | ||
| 24 | 7uQpUQKBgQCKX6qMNh2gSdgG7qyxfTFZ4y5EGOBoKe/dE+IcVF3Vnh6DZVbCAbBL | ||
| 25 | 5EdFWZSrCnDjA4xiKW55mwp95Ud9EZsZAb13L8V9t82eK+UDBoWlb7VRNYpda/x1 | ||
| 26 | 5/i4qQJ28x2UNJDStpYFpnp4Ba1lvXjKngIbDPkjU+hbBJ+BNGAIeg== | ||
| 27 | -----END RSA PRIVATE KEY----- | ||
diff --git a/secrets/gradecoin_rsa.pub b/secrets/gradecoin_rsa.pub new file mode 100644 index 0000000..697f313 --- /dev/null +++ b/secrets/gradecoin_rsa.pub | |||
| @@ -0,0 +1,9 @@ | |||
| 1 | -----BEGIN PUBLIC KEY----- | ||
| 2 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4nU0G4WjkmcQUx0hq6LQ | ||
| 3 | uV5Q+ACmUFL/OjoYMDwC/O/6pCd1UZgCfgHN2xEffDPznzcTn8OiFRxr4oWyBiny | ||
| 4 | rUpnY4mhy0SQUwoeCw7YkcHAyhCjNT74aR/ohX0MCj0qRRdbt5ZQXM/GC3HJuXE1 | ||
| 5 | ptSuhFgQxziItamn8maoJ6JUSVEXVO1NOrrjoM3r7Q+BK2B+sX4/bLZ+VG5g1q2n | ||
| 6 | EbFdTHS6pHqtZNHQndTmEKwRfh0RYtzEzOXuO6e1gQY42Tujkof40dhGCIU7TeIG | ||
| 7 | GHwdFxy1niLkXwtHNjV7lnIOkTbx6+sSPamRfQAlZqUWM2Lf5o+7h3qWP3ENB138 | ||
| 8 | sQIDAQAB | ||
| 9 | -----END PUBLIC KEY----- | ||
diff --git a/src/auth.rs b/src/auth.rs index 65d639b..51b2e6a 100644 --- a/src/auth.rs +++ b/src/auth.rs | |||
| @@ -90,7 +90,7 @@ async fn authorize( | |||
| 90 | let decoded = decode::<Claims>( | 90 | let decoded = decode::<Claims>( |
| 91 | &jwt, | 91 | &jwt, |
| 92 | // TODO: what key are we using here? pass db/pw store here to get the claimant's public key <10-04-21, yigit> // | 92 | // TODO: what key are we using here? pass db/pw store here to get the claimant's public key <10-04-21, yigit> // |
| 93 | &DecodingKey::from_rsa_pem(PUBLIC_KEY_PEM.as_bytes()).unwrap(), | 93 | &DecodingKey::from_rsa_pem(db.users.read().get(&source).unwrap().pubkey.as_bytes()).unwrap(), |
| 94 | &Validation::new(Algorithm::HS512), | 94 | &Validation::new(Algorithm::HS512), |
| 95 | ) | 95 | ) |
| 96 | .map_err(|_| reject::custom(Error::JWTTokenError)) | 96 | .map_err(|_| reject::custom(Error::JWTTokenError)) |
diff --git a/src/custom_filters.rs b/src/custom_filters.rs index 8c36d02..1d65c69 100644 --- a/src/custom_filters.rs +++ b/src/custom_filters.rs | |||
| @@ -12,7 +12,7 @@ pub fn with_db(db: Db) -> impl Filter<Extract = (Db,), Error = Infallible> + Clo | |||
| 12 | 12 | ||
| 13 | // Accept only json encoded Transaction body and reject big payloads | 13 | // Accept only json encoded Transaction body and reject big payloads |
| 14 | pub fn transaction_json_body() -> impl Filter<Extract = (Transaction,), Error = Rejection> + Clone { | 14 | pub fn transaction_json_body() -> impl Filter<Extract = (Transaction,), Error = Rejection> + Clone { |
| 15 | warp::body::content_length_limit(1024 * 32).and(warp::body::json()) | 15 | warp::body::content_length_limit(1024 * 32).and(warp::filters::body::json()) |
| 16 | } | 16 | } |
| 17 | 17 | ||
| 18 | // Accept only json encoded Transaction body and reject big payloads | 18 | // Accept only json encoded Transaction body and reject big payloads |
diff --git a/src/handlers.rs b/src/handlers.rs index 0bcbd49..a9c0315 100644 --- a/src/handlers.rs +++ b/src/handlers.rs | |||
| @@ -1,10 +1,11 @@ | |||
| 1 | use crate::auth::Pubkey; | ||
| 1 | /// API handlers, the ends of each filter chain | 2 | /// API handlers, the ends of each filter chain |
| 2 | use log::debug; // this is more useful than debug! learn how to use this | 3 | use log::debug; // this is more useful than debug! learn how to use this |
| 3 | use parking_lot::RwLockUpgradableReadGuard; | 4 | use parking_lot::RwLockUpgradableReadGuard; |
| 4 | use std::convert::Infallible; | 5 | use std::convert::Infallible; |
| 5 | use warp::{http::StatusCode, reply}; | 6 | use warp::filters::BoxedFilter; |
| 6 | use warp::reject::Rejection; | 7 | use warp::reject::Rejection; |
| 7 | use crate::auth::Pubkey; | 8 | use warp::{http::StatusCode, reply}; |
| 8 | 9 | ||
| 9 | use crate::schema::{Block, Db, Transaction}; | 10 | use crate::schema::{Block, Db, Transaction}; |
| 10 | 11 | ||
| @@ -63,11 +64,10 @@ pub async fn propose_transaction( | |||
| 63 | /// POST /transaction, authenticated | 64 | /// POST /transaction, authenticated |
| 64 | /// The transaction arrived in this method has been authored by the public key in the source | 65 | /// The transaction arrived in this method has been authored by the public key in the source |
| 65 | pub async fn propose_authenticated_transaction( | 66 | pub async fn propose_authenticated_transaction( |
| 66 | pubkey: Pubkey, | 67 | pubkey: BoxedFilter<(Pubkey,)>, |
| 67 | new_transaction: Transaction, | 68 | new_transaction: Transaction, |
| 68 | db: Db, | 69 | db: Db, |
| 69 | ) -> Result<impl warp::Reply, warp::Rejection> { | 70 | ) -> Result<impl warp::Reply, warp::Rejection> { |
| 70 | |||
| 71 | // auth logic | 71 | // auth logic |
| 72 | debug!("new transaction request {:?}", new_transaction); | 72 | debug!("new transaction request {:?}", new_transaction); |
| 73 | 73 | ||
| @@ -79,7 +79,6 @@ pub async fn propose_authenticated_transaction( | |||
| 79 | Ok(StatusCode::CREATED) | 79 | Ok(StatusCode::CREATED) |
| 80 | } | 80 | } |
| 81 | 81 | ||
| 82 | |||
| 83 | /// POST /block | 82 | /// POST /block |
| 84 | /// Proposes a new block for the next round | 83 | /// Proposes a new block for the next round |
| 85 | /// Can reject the block | 84 | /// Can reject the block |
diff --git a/src/routes.rs b/src/routes.rs index 871fd9c..b389919 100644 --- a/src/routes.rs +++ b/src/routes.rs | |||
| @@ -8,7 +8,8 @@ use crate::schema::{Db, Transaction}; | |||
| 8 | /// Root, all routes combined | 8 | /// Root, all routes combined |
| 9 | pub fn consensus_routes(db: Db) -> impl Filter<Extract = impl Reply, Error = Rejection> + Clone { | 9 | pub fn consensus_routes(db: Db) -> impl Filter<Extract = impl Reply, Error = Rejection> + Clone { |
| 10 | transaction_list(db.clone()) | 10 | transaction_list(db.clone()) |
| 11 | .or(transaction_propose(db.clone())) | 11 | // .or(transaction_propose(db.clone())) |
| 12 | .or(authenticated_transaction_propose(db.clone())) | ||
| 12 | .or(block_propose(db.clone())) | 13 | .or(block_propose(db.clone())) |
| 13 | .or(block_list(db.clone())) | 14 | .or(block_list(db.clone())) |
| 14 | } | 15 | } |
| @@ -51,16 +52,16 @@ pub fn authenticated_transaction_propose( | |||
| 51 | // // header/jwt logic to propose_transaction but that doesn't feel right either | 52 | // // header/jwt logic to propose_transaction but that doesn't feel right either |
| 52 | // // good luck <10-04-21, yigit> // | 53 | // // good luck <10-04-21, yigit> // |
| 53 | 54 | ||
| 55 | let db1 = db.clone(); | ||
| 54 | warp::path("transaction") | 56 | warp::path("transaction") |
| 55 | .and(warp::path::end()) | 57 | .and(warp::path::end()) |
| 56 | .and(warp::post()) | 58 | .and(warp::post()) |
| 57 | .and(custom_filters::transaction_json_body()) // returns transaction | 59 | .and(custom_filters::transaction_json_body()) // returns transaction |
| 58 | .map(|t: Transaction| { | 60 | .map(move |t: Transaction| { |
| 59 | // what do these do? | 61 | with_auth(db1.clone(), t).boxed() |
| 60 | with_auth(db.clone(), t) | ||
| 61 | }) | 62 | }) |
| 62 | .and(custom_filters::transaction_json_body()) // returns transaction | 63 | .and(custom_filters::transaction_json_body()) // returns transaction |
| 63 | .and(custom_filters::with_db(db)) // wraps db | 64 | .and(custom_filters::with_db(db.clone())) // wraps db |
| 64 | .and_then(handlers::propose_authenticated_transaction) // uses db, transaction and authenticated | 65 | .and_then(handlers::propose_authenticated_transaction) // uses db, transaction and authenticated |
| 65 | } | 66 | } |
| 66 | 67 | ||
diff --git a/src/schema.rs b/src/schema.rs index f680bbf..46d49cd 100644 --- a/src/schema.rs +++ b/src/schema.rs | |||
| @@ -72,8 +72,8 @@ pub struct Block { | |||
| 72 | 72 | ||
| 73 | #[derive(Serialize, Deserialize, Debug)] | 73 | #[derive(Serialize, Deserialize, Debug)] |
| 74 | pub struct User { | 74 | pub struct User { |
| 75 | username: String, | 75 | pub username: String, |
| 76 | token: String | 76 | pub pubkey: String |
| 77 | } | 77 | } |
| 78 | 78 | ||
| 79 | // TODO: write schema tests using the original repo <09-04-21, yigit> // | 79 | // TODO: write schema tests using the original repo <09-04-21, yigit> // |