AtHeartEngineer/linea-besu
1
0
Fork 0
mirror of https://github.com/vacp2p/linea-besu.git synced 2026-01-09 15:37:54 -05:00
Code Issues Packages Projects Releases Wiki Activity

Fix the cleanup of subprocesses after each AT (#8306)

Browse Source 
Signed-off-by: Fabio Di Fabio <fabio.difabio@consensys.net>
This commit is contained in:
Fabio Di Fabio
2025-02-16 00:58:24 +01:00
committed by GitHub
parent 88b66709e0
commit ccb23ab9a0
14 changed files with 196 additions and 293 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
acceptance-tests/dsl/src/main/java/org/hyperledger/besu/tests/acceptance/dsl/node/ProcessBesuNodeRunner.java
View File

@@ -48,6 +48,7 @@ import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.TimeUnit;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -529,8 +530,7 @@ public class ProcessBesuNodeRunner implements BesuNodeRunner {
return;
}
process
.descendants()
Stream.concat(process.descendants(), Stream.of(process.toHandle()))
.peek(
processHandle ->
LOG.info("Killing {} process, pid {}", processHandle.info(), processHandle.pid()))

2
acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/bftsoak/BftMiningSoakTest.java
View File

@@ -30,6 +30,7 @@ import java.time.temporal.ChronoUnit;
import com.fasterxml.jackson.databind.node.ObjectNode;
import org.assertj.core.api.Assertions;
import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.params.ParameterizedTest;
import org.junit.jupiter.params.provider.MethodSource;
@@ -344,6 +345,7 @@ public class BftMiningSoakTest extends ParameterizedBftTestBase {
Thread.sleep(TEN_SECONDS);
}
@AfterEach
@Override
public void tearDownAcceptanceTestBase() {
cluster.stop();

2
acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/bootstrap/ClusterNoDiscoveryAcceptanceTest.java
View File

@@ -20,6 +20,7 @@ import org.hyperledger.besu.tests.acceptance.dsl.node.cluster.Cluster;
import org.hyperledger.besu.tests.acceptance.dsl.node.cluster.ClusterConfiguration;
import org.hyperledger.besu.tests.acceptance.dsl.node.cluster.ClusterConfigurationBuilder;
import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
@@ -44,6 +45,7 @@ public class ClusterNoDiscoveryAcceptanceTest extends AcceptanceTestBase {
fullNode.verify(net.awaitPeerCount(0));
}
@AfterEach
@Override
public void tearDownAcceptanceTestBase() {
noDiscoveryCluster.stop();

2
acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/bootstrap/ClusterThreadNodeRunnerAcceptanceTest.java
View File

@@ -31,6 +31,7 @@ import org.hyperledger.besu.tests.acceptance.dsl.node.cluster.ClusterConfigurati
import java.util.List;
import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
@@ -79,6 +80,7 @@ public class ClusterThreadNodeRunnerAcceptanceTest extends AcceptanceTestBase {
miner.verify(recipient.balanceEquals(2));
}
@AfterEach
@Override
public void tearDownAcceptanceTestBase() {
noDiscoveryCluster.stop();

2
acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/bootstrap/P2pDisabledAcceptanceTest.java
View File

@@ -20,6 +20,7 @@ import org.hyperledger.besu.tests.acceptance.dsl.node.cluster.Cluster;
import org.hyperledger.besu.tests.acceptance.dsl.node.cluster.ClusterConfiguration;
import org.hyperledger.besu.tests.acceptance.dsl.node.cluster.ClusterConfigurationBuilder;
import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
@@ -37,6 +38,7 @@ public class P2pDisabledAcceptanceTest extends AcceptanceTestBase {
p2pDisabledCluster.start(node);
}
@AfterEach
@Override
public void tearDownAcceptanceTestBase() {
p2pDisabledCluster.stop();

2
acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/crypto/SECP256R1AcceptanceTest.java
View File

@@ -31,6 +31,7 @@ import org.hyperledger.besu.tests.acceptance.dsl.node.cluster.ClusterConfigurati
import java.util.List;
import org.apache.tuweni.bytes.Bytes32;
import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
@@ -93,6 +94,7 @@ public class SECP256R1AcceptanceTest extends AcceptanceTestBase {
noDiscoveryCluster.verify(recipient.balanceEquals(5));
}
@AfterEach
@Override
public void tearDownAcceptanceTestBase() {
super.tearDownAcceptanceTestBase();

168
acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/jsonrpc/AbstractJsonRpcAuthenticationAcceptanceTest.java Normal file
View File

@@ -0,0 +1,168 @@
/*
* Copyright contributors to Besu.
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on
* an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the
* specific language governing permissions and limitations under the License.
*
* SPDX-License-Identifier: Apache-2.0
*/
package org.hyperledger.besu.tests.acceptance.jsonrpc;
import org.hyperledger.besu.tests.acceptance.dsl.AcceptanceTestBase;
import org.hyperledger.besu.tests.acceptance.dsl.node.BesuNode;
import org.hyperledger.besu.tests.acceptance.dsl.node.cluster.Cluster;
import java.util.Arrays;
import java.util.List;
import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.Test;
public abstract class AbstractJsonRpcAuthenticationAcceptanceTest extends AcceptanceTestBase {
protected Cluster authenticatedCluster;
protected BesuNode nodeUsingAuthFile;
protected BesuNode nodeUsingRsaJwtPublicKey;
protected BesuNode nodeUsingEcdsaJwtPublicKey;
protected BesuNode nodeUsingAuthFileWithNoAuthApi;
protected static final String AUTH_FILE = "authentication/auth.toml";
// token with payload{"iat": 1516239022,"exp": 4729363200,"permissions": ["net:peerCount"]}
protected static final String RSA_TOKEN_ALLOWING_NET_PEER_COUNT =
"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE1MTYyMzkwMjIsImV4cCI6NDcyOTM2MzIwMCwicGVybWl"
+ "zc2lvbnMiOlsibmV0OnBlZXJDb3VudCJdfQ.Y6mNV0nvjzOdqAgMgxknFAOUTKoeRAo4aifNgNrWtuXbJJgz6-"
+ "H_0GvLgjlToohPiDZbBJXJJlgb4zzLLB-sRtFnGoPaMgz_d_6z958GjFD7x_Fl0HW-WrTjRNenZNfTyD86OEAf"
+ "XHy-7N3OYY2a5yeDbppTJy6nnHTq9hY-ad22-oWL1RbK3T_hnUJII_uXCZ9bJggSfu5m-NNUrm3TeqdnQzIaIz"
+ "DqHlL0wNZwVPB4cFGN7zKghReBpkRJ8OFlxexQ491Q5eSpuYquhef-yGCIaMfy7GVtpDSD3Y-hjOErr7gUNCUh"
+ "1wlc3Rb7ru_0qNgCWTBPJeRK32GppYotwQ";
protected static final String ECDSA_TOKEN_ALLOWING_NET_PEER_COUNT =
"eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE1MTYyMzkwMjIsImV4cCI6NDcyOTM2MzIwMCwicGVybWlz"
+ "c2lvbnMiOlsibmV0OnBlZXJDb3VudCJdfQ.pWXniN6XQ7G8b1nawy8sviPCMxrfbcI6c7UFzeXm26CMGMUEZxiC"
+ "JjRntB8ueuZcsxnGlEhCHt-KngpFEmx5TA";
protected static final List<String> NO_AUTH_API_METHODS = Arrays.asList("net_services");
@Test
public void shouldFailLoginWithWrongCredentials() {
nodeUsingAuthFile.verify(login.failure("user", "badpassword"));
nodeUsingAuthFileWithNoAuthApi.verify(login.failure("user", "badpassword"));
}
@Test
public void shouldSucceedLoginWithCorrectCredentials() {
nodeUsingAuthFile.verify(login.success("user", "pegasys"));
nodeUsingAuthFileWithNoAuthApi.verify(login.success("user", "pegasys"));
}
@Test
public void jsonRpcMethodShouldSucceedWithAuthenticatedUserAndPermission() {
String token =
nodeUsingAuthFile.execute(
permissioningTransactions.createSuccessfulLogin("user", "pegasys"));
nodeUsingAuthFile.useAuthenticationTokenInHeaderForJsonRpc(token);
nodeUsingAuthFile.verify(net.awaitPeerCount(3));
token =
nodeUsingAuthFileWithNoAuthApi.execute(
permissioningTransactions.createSuccessfulLogin("user", "pegasys"));
nodeUsingAuthFileWithNoAuthApi.useAuthenticationTokenInHeaderForJsonRpc(token);
nodeUsingAuthFileWithNoAuthApi.verify(net.awaitPeerCount(3));
}
@Test
public void jsonRpcMethodShouldFailOnNonPermittedMethod() {
String token =
nodeUsingAuthFile.execute(
permissioningTransactions.createSuccessfulLogin("user", "pegasys"));
nodeUsingAuthFile.useAuthenticationTokenInHeaderForJsonRpc(token);
nodeUsingAuthFile.verify(net.netVersionUnauthorized());
nodeUsingAuthFile.verify(net.netServicesUnauthorized());
token =
nodeUsingAuthFileWithNoAuthApi.execute(
permissioningTransactions.createSuccessfulLogin("user", "pegasys"));
nodeUsingAuthFileWithNoAuthApi.useAuthenticationTokenInHeaderForJsonRpc(token);
nodeUsingAuthFileWithNoAuthApi.verify(net.netVersionUnauthorized());
}
@Test
public void jsonRpcMethodsNotIncludedInNoAuthListShouldFailWithoutToken() {
nodeUsingAuthFile.verify(net.netVersionUnauthorized());
nodeUsingAuthFileWithNoAuthApi.verify(net.netVersionUnauthorized());
}
@Test
public void noAuthJsonRpcMethodShouldSucceedWithoutToken() {
nodeUsingAuthFileWithNoAuthApi.verify(net.netServicesAllActive());
}
@Test
public void noAuthJsonRpcConfiguredNodeShouldWorkAsIntended() {
// No token -> all methods other than specified no auth methods should fail
nodeUsingAuthFileWithNoAuthApi.verify(net.netVersionUnauthorized());
nodeUsingAuthFileWithNoAuthApi.verify(net.netServicesAllActive());
// Should behave the same with valid token
String token =
nodeUsingAuthFileWithNoAuthApi.execute(
permissioningTransactions.createSuccessfulLogin("user", "pegasys"));
nodeUsingAuthFileWithNoAuthApi.useAuthenticationTokenInHeaderForJsonRpc(token);
nodeUsingAuthFileWithNoAuthApi.verify(net.netVersionUnauthorized());
nodeUsingAuthFileWithNoAuthApi.verify(net.netServicesAllActive());
nodeUsingAuthFileWithNoAuthApi.verify(net.awaitPeerCount(3));
}
@Test
public void externalRsaJwtPublicKeyUsedOnJsonRpcMethodShouldSucceed() {
nodeUsingRsaJwtPublicKey.useAuthenticationTokenInHeaderForJsonRpc(
RSA_TOKEN_ALLOWING_NET_PEER_COUNT);
nodeUsingRsaJwtPublicKey.verify(net.awaitPeerCount(3));
}
@Test
public void externalRsaJwtPublicKeyUsedOnJsonRpcMethodShouldFailOnNonPermittedMethod() {
nodeUsingRsaJwtPublicKey.useAuthenticationTokenInHeaderForJsonRpc(
RSA_TOKEN_ALLOWING_NET_PEER_COUNT);
nodeUsingRsaJwtPublicKey.verify(net.netVersionUnauthorized());
nodeUsingRsaJwtPublicKey.verify(net.netServicesUnauthorized());
}
@Test
public void externalEcdsaJwtPublicKeyUsedOnJsonRpcMethodShouldSucceed() {
nodeUsingEcdsaJwtPublicKey.useAuthenticationTokenInHeaderForJsonRpc(
ECDSA_TOKEN_ALLOWING_NET_PEER_COUNT);
nodeUsingEcdsaJwtPublicKey.verify(net.awaitPeerCount(3));
}
@Test
public void externalEcdsaJwtPublicKeyUsedOnJsonRpcMethodShouldFailOnNonPermittedMethod() {
nodeUsingEcdsaJwtPublicKey.useAuthenticationTokenInHeaderForJsonRpc(
ECDSA_TOKEN_ALLOWING_NET_PEER_COUNT);
nodeUsingEcdsaJwtPublicKey.verify(net.netVersionUnauthorized());
nodeUsingEcdsaJwtPublicKey.verify(net.netServicesUnauthorized());
}
@Test
public void jsonRpcMethodShouldFailWhenThereIsNoToken() {
nodeUsingRsaJwtPublicKey.verify(net.netVersionUnauthorized());
nodeUsingRsaJwtPublicKey.verify(net.netServicesUnauthorized());
}
@Test
public void loginShouldBeDisabledWhenUsingExternalJwtPublicKey() {
nodeUsingRsaJwtPublicKey.verify(login.disabled());
}
@AfterEach
@Override
public void tearDownAcceptanceTestBase() {
authenticatedCluster.stop();
super.tearDownAcceptanceTestBase();
}
}

147
acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/jsonrpc/JsonRpcHttpAuthenticationAcceptanceTest.java
View File

@@ -14,43 +14,17 @@
*/
package org.hyperledger.besu.tests.acceptance.jsonrpc;
import org.hyperledger.besu.tests.acceptance.dsl.AcceptanceTestBase;
import org.hyperledger.besu.tests.acceptance.dsl.node.BesuNode;
import org.hyperledger.besu.tests.acceptance.dsl.node.cluster.Cluster;
import org.hyperledger.besu.tests.acceptance.dsl.node.cluster.ClusterConfiguration;
import org.hyperledger.besu.tests.acceptance.dsl.node.cluster.ClusterConfigurationBuilder;
import java.io.IOException;
import java.net.URISyntaxException;
import java.util.Arrays;
import java.util.List;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
public class JsonRpcHttpAuthenticationAcceptanceTest extends AcceptanceTestBase {
private Cluster authenticatedCluster;
private BesuNode nodeUsingAuthFile;
private BesuNode nodeUsingRsaJwtPublicKey;
private BesuNode nodeUsingEcdsaJwtPublicKey;
private BesuNode nodeUsingAuthFileWithNoAuthApi;
private static final String AUTH_FILE = "authentication/auth.toml";
// token with payload{"iat": 1516239022,"exp": 4729363200,"permissions": ["net:peerCount"]}
private static final String RSA_TOKEN_ALLOWING_NET_PEER_COUNT =
"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE1MTYyMzkwMjIsImV4cCI6NDcyOTM2MzIwMCwicGVybWl"
+ "zc2lvbnMiOlsibmV0OnBlZXJDb3VudCJdfQ.Y6mNV0nvjzOdqAgMgxknFAOUTKoeRAo4aifNgNrWtuXbJJgz6-"
+ "H_0GvLgjlToohPiDZbBJXJJlgb4zzLLB-sRtFnGoPaMgz_d_6z958GjFD7x_Fl0HW-WrTjRNenZNfTyD86OEAf"
+ "XHy-7N3OYY2a5yeDbppTJy6nnHTq9hY-ad22-oWL1RbK3T_hnUJII_uXCZ9bJggSfu5m-NNUrm3TeqdnQzIaIz"
+ "DqHlL0wNZwVPB4cFGN7zKghReBpkRJ8OFlxexQ491Q5eSpuYquhef-yGCIaMfy7GVtpDSD3Y-hjOErr7gUNCUh"
+ "1wlc3Rb7ru_0qNgCWTBPJeRK32GppYotwQ";
private static final String ECDSA_TOKEN_ALLOWING_NET_PEER_COUNT =
"eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE1MTYyMzkwMjIsImV4cCI6NDcyOTM2MzIwMCwicGVybWlz"
+ "c2lvbnMiOlsibmV0OnBlZXJDb3VudCJdfQ.pWXniN6XQ7G8b1nawy8sviPCMxrfbcI6c7UFzeXm26CMGMUEZxiC"
+ "JjRntB8ueuZcsxnGlEhCHt-KngpFEmx5TA";
private static final List<String> NO_AUTH_API_METHODS = Arrays.asList("net_services");
public class JsonRpcHttpAuthenticationAcceptanceTest
extends AbstractJsonRpcAuthenticationAcceptanceTest {
@BeforeEach
public void setUp() throws IOException, URISyntaxException {
@@ -75,121 +49,4 @@ public class JsonRpcHttpAuthenticationAcceptanceTest extends AcceptanceTestBase
nodeUsingEcdsaJwtPublicKey.verify(login.awaitResponse("user", "badpassword"));
nodeUsingAuthFileWithNoAuthApi.verify(login.awaitResponse("user", "badpassword"));
}
@Test
public void shouldFailLoginWithWrongCredentials() {
nodeUsingAuthFile.verify(login.failure("user", "badpassword"));
nodeUsingAuthFileWithNoAuthApi.verify(login.failure("user", "badpassword"));
}
@Test
public void shouldSucceedLoginWithCorrectCredentials() {
nodeUsingAuthFile.verify(login.success("user", "pegasys"));
nodeUsingAuthFileWithNoAuthApi.verify(login.success("user", "pegasys"));
}
@Test
public void jsonRpcMethodShouldSucceedWithAuthenticatedUserAndPermission() {
String token =
nodeUsingAuthFile.execute(
permissioningTransactions.createSuccessfulLogin("user", "pegasys"));
nodeUsingAuthFile.useAuthenticationTokenInHeaderForJsonRpc(token);
nodeUsingAuthFile.verify(net.awaitPeerCount(3));
token =
nodeUsingAuthFileWithNoAuthApi.execute(
permissioningTransactions.createSuccessfulLogin("user", "pegasys"));
nodeUsingAuthFileWithNoAuthApi.useAuthenticationTokenInHeaderForJsonRpc(token);
nodeUsingAuthFileWithNoAuthApi.verify(net.awaitPeerCount(3));
}
@Test
public void jsonRpcMethodShouldFailOnNonPermittedMethod() {
String token =
nodeUsingAuthFile.execute(
permissioningTransactions.createSuccessfulLogin("user", "pegasys"));
nodeUsingAuthFile.useAuthenticationTokenInHeaderForJsonRpc(token);
nodeUsingAuthFile.verify(net.netVersionUnauthorized());
nodeUsingAuthFile.verify(net.netServicesUnauthorized());
token =
nodeUsingAuthFileWithNoAuthApi.execute(
permissioningTransactions.createSuccessfulLogin("user", "pegasys"));
nodeUsingAuthFileWithNoAuthApi.useAuthenticationTokenInHeaderForJsonRpc(token);
nodeUsingAuthFileWithNoAuthApi.verify(net.netVersionUnauthorized());
}
@Test
public void jsonRpcMethodsNotIncludedInNoAuthListShouldFailWithoutToken() {
nodeUsingAuthFile.verify(net.netVersionUnauthorized());
nodeUsingAuthFileWithNoAuthApi.verify(net.netVersionUnauthorized());
}
@Test
public void noAuthJsonRpcMethodShouldSucceedWithoutToken() {
nodeUsingAuthFileWithNoAuthApi.verify(net.netServicesAllActive());
}
@Test
public void noAuthJsonRpcConfiguredNodeShouldWorkAsIntended() {
// No token -> all methods other than specified no auth methods should fail
nodeUsingAuthFileWithNoAuthApi.verify(net.netVersionUnauthorized());
nodeUsingAuthFileWithNoAuthApi.verify(net.netServicesAllActive());
// Should behave the same with valid token
String token =
nodeUsingAuthFileWithNoAuthApi.execute(
permissioningTransactions.createSuccessfulLogin("user", "pegasys"));
nodeUsingAuthFileWithNoAuthApi.useAuthenticationTokenInHeaderForJsonRpc(token);
nodeUsingAuthFileWithNoAuthApi.verify(net.netVersionUnauthorized());
nodeUsingAuthFileWithNoAuthApi.verify(net.netServicesAllActive());
nodeUsingAuthFileWithNoAuthApi.verify(net.awaitPeerCount(3));
}
@Test
public void externalRsaJwtPublicKeyUsedOnJsonRpcMethodShouldSucceed() {
nodeUsingRsaJwtPublicKey.useAuthenticationTokenInHeaderForJsonRpc(
RSA_TOKEN_ALLOWING_NET_PEER_COUNT);
nodeUsingRsaJwtPublicKey.verify(net.awaitPeerCount(3));
}
@Test
public void externalRsaJwtPublicKeyUsedOnJsonRpcMethodShouldFailOnNonPermittedMethod() {
nodeUsingRsaJwtPublicKey.useAuthenticationTokenInHeaderForJsonRpc(
RSA_TOKEN_ALLOWING_NET_PEER_COUNT);
nodeUsingRsaJwtPublicKey.verify(net.netVersionUnauthorized());
nodeUsingRsaJwtPublicKey.verify(net.netServicesUnauthorized());
}
@Test
public void externalEcdsaJwtPublicKeyUsedOnJsonRpcMethodShouldSucceed() {
nodeUsingEcdsaJwtPublicKey.useAuthenticationTokenInHeaderForJsonRpc(
ECDSA_TOKEN_ALLOWING_NET_PEER_COUNT);
nodeUsingEcdsaJwtPublicKey.verify(net.awaitPeerCount(3));
}
@Test
public void externalEcdsaJwtPublicKeyUsedOnJsonRpcMethodShouldFailOnNonPermittedMethod() {
nodeUsingEcdsaJwtPublicKey.useAuthenticationTokenInHeaderForJsonRpc(
ECDSA_TOKEN_ALLOWING_NET_PEER_COUNT);
nodeUsingEcdsaJwtPublicKey.verify(net.netVersionUnauthorized());
nodeUsingEcdsaJwtPublicKey.verify(net.netServicesUnauthorized());
}
@Test
public void jsonRpcMethodShouldFailWhenThereIsNoToken() {
nodeUsingRsaJwtPublicKey.verify(net.netVersionUnauthorized());
nodeUsingRsaJwtPublicKey.verify(net.netServicesUnauthorized());
}
@Test
public void loginShouldBeDisabledWhenUsingExternalJwtPublicKey() {
nodeUsingRsaJwtPublicKey.verify(login.disabled());
}
@Override
public void tearDownAcceptanceTestBase() {
authenticatedCluster.stop();
super.tearDownAcceptanceTestBase();
}
}

147
acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/jsonrpc/JsonRpcWebsocketAuthenticationAcceptanceTest.java
View File

@@ -14,43 +14,17 @@
*/
package org.hyperledger.besu.tests.acceptance.jsonrpc;
import org.hyperledger.besu.tests.acceptance.dsl.AcceptanceTestBase;
import org.hyperledger.besu.tests.acceptance.dsl.node.BesuNode;
import org.hyperledger.besu.tests.acceptance.dsl.node.cluster.Cluster;
import org.hyperledger.besu.tests.acceptance.dsl.node.cluster.ClusterConfiguration;
import org.hyperledger.besu.tests.acceptance.dsl.node.cluster.ClusterConfigurationBuilder;
import java.io.IOException;
import java.net.URISyntaxException;
import java.util.Arrays;
import java.util.List;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
public class JsonRpcWebsocketAuthenticationAcceptanceTest extends AcceptanceTestBase {
private BesuNode nodeUsingAuthFile;
private BesuNode nodeUsingRsaJwtPublicKey;
private BesuNode nodeUsingEcdsaJwtPublicKey;
private BesuNode nodeUsingAuthFileWithNoAuthApi;
private Cluster authenticatedCluster;
private static final String AUTH_FILE = "authentication/auth.toml";
private static final List<String> NO_AUTH_API_METHODS = Arrays.asList("net_services");
// token with payload{"iat": 1516239022,"exp": 4729363200,"permissions": ["net:peerCount"]}
private static final String RSA_TOKEN_ALLOWING_NET_PEER_COUNT =
"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE1MTYyMzkwMjIsImV4cCI6NDcyOTM2MzIwMCwicGVybWl"
+ "zc2lvbnMiOlsibmV0OnBlZXJDb3VudCJdfQ.Y6mNV0nvjzOdqAgMgxknFAOUTKoeRAo4aifNgNrWtuXbJJgz6-"
+ "H_0GvLgjlToohPiDZbBJXJJlgb4zzLLB-sRtFnGoPaMgz_d_6z958GjFD7x_Fl0HW-WrTjRNenZNfTyD86OEAf"
+ "XHy-7N3OYY2a5yeDbppTJy6nnHTq9hY-ad22-oWL1RbK3T_hnUJII_uXCZ9bJggSfu5m-NNUrm3TeqdnQzIaIz"
+ "DqHlL0wNZwVPB4cFGN7zKghReBpkRJ8OFlxexQ491Q5eSpuYquhef-yGCIaMfy7GVtpDSD3Y-hjOErr7gUNCUh"
+ "1wlc3Rb7ru_0qNgCWTBPJeRK32GppYotwQ";
private static final String ECDSA_TOKEN_ALLOWING_NET_PEER_COUNT =
"eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE1MTYyMzkwMjIsImV4cCI6NDcyOTM2MzIwMCwicGVybWlz"
+ "c2lvbnMiOlsibmV0OnBlZXJDb3VudCJdfQ.pWXniN6XQ7G8b1nawy8sviPCMxrfbcI6c7UFzeXm26CMGMUEZxiC"
+ "JjRntB8ueuZcsxnGlEhCHt-KngpFEmx5TA";
public class JsonRpcWebsocketAuthenticationAcceptanceTest
extends AbstractJsonRpcAuthenticationAcceptanceTest {
@BeforeEach
public void setUp() throws IOException, URISyntaxException {
@@ -78,121 +52,4 @@ public class JsonRpcWebsocketAuthenticationAcceptanceTest extends AcceptanceTest
nodeUsingEcdsaJwtPublicKey.verify(login.awaitResponse("user", "badpassword"));
nodeUsingAuthFileWithNoAuthApi.verify(login.awaitResponse("user", "badpassword"));
}
@Test
public void shouldFailLoginWithWrongCredentials() {
nodeUsingAuthFile.verify(login.failure("user", "badpassword"));
nodeUsingAuthFileWithNoAuthApi.verify(login.failure("user", "badpassword"));
}
@Test
public void shouldSucceedLoginWithCorrectCredentials() {
nodeUsingAuthFile.verify(login.success("user", "pegasys"));
nodeUsingAuthFileWithNoAuthApi.verify(login.success("user", "pegasys"));
}
@Test
public void jsonRpcMethodShouldSucceedWithAuthenticatedUserAndPermission() {
String token =
nodeUsingAuthFile.execute(
permissioningTransactions.createSuccessfulLogin("user", "pegasys"));
nodeUsingAuthFile.useAuthenticationTokenInHeaderForJsonRpc(token);
nodeUsingAuthFile.verify(net.awaitPeerCount(3));
token =
nodeUsingAuthFileWithNoAuthApi.execute(
permissioningTransactions.createSuccessfulLogin("user", "pegasys"));
nodeUsingAuthFileWithNoAuthApi.useAuthenticationTokenInHeaderForJsonRpc(token);
nodeUsingAuthFileWithNoAuthApi.verify(net.awaitPeerCount(3));
}
@Test
public void jsonRpcMethodShouldFailOnNonPermittedMethod() {
String token =
nodeUsingAuthFile.execute(
permissioningTransactions.createSuccessfulLogin("user", "pegasys"));
nodeUsingAuthFile.useAuthenticationTokenInHeaderForJsonRpc(token);
nodeUsingAuthFile.verify(net.netVersionUnauthorized());
nodeUsingAuthFile.verify(net.netServicesUnauthorized());
token =
nodeUsingAuthFileWithNoAuthApi.execute(
permissioningTransactions.createSuccessfulLogin("user", "pegasys"));
nodeUsingAuthFileWithNoAuthApi.useAuthenticationTokenInHeaderForJsonRpc(token);
nodeUsingAuthFileWithNoAuthApi.verify(net.netVersionUnauthorized());
}
@Test
public void jsonRpcMethodsNotIncludedInNoAuthListShouldFailWithoutToken() {
nodeUsingAuthFile.verify(net.netVersionUnauthorized());
nodeUsingAuthFileWithNoAuthApi.verify(net.netVersionUnauthorized());
}
@Test
public void noAuthJsonRpcMethodShouldSucceedWithoutToken() {
nodeUsingAuthFileWithNoAuthApi.verify(net.netServicesAllActive());
}
@Test
public void noAuthJsonRpcConfiguredNodeShouldWorkAsIntended() {
// No token -> all methods other than specified no auth methods should fail
nodeUsingAuthFileWithNoAuthApi.verify(net.netVersionUnauthorized());
nodeUsingAuthFileWithNoAuthApi.verify(net.netServicesAllActive());
// Should behave the same with valid token
String token =
nodeUsingAuthFileWithNoAuthApi.execute(
permissioningTransactions.createSuccessfulLogin("user", "pegasys"));
nodeUsingAuthFileWithNoAuthApi.useAuthenticationTokenInHeaderForJsonRpc(token);
nodeUsingAuthFileWithNoAuthApi.verify(net.netVersionUnauthorized());
nodeUsingAuthFileWithNoAuthApi.verify(net.netServicesAllActive());
nodeUsingAuthFileWithNoAuthApi.verify(net.awaitPeerCount(3));
}
@Test
public void externalRsaJwtPublicKeyUsedOnJsonRpcMethodShouldSucceed() {
nodeUsingRsaJwtPublicKey.useAuthenticationTokenInHeaderForJsonRpc(
RSA_TOKEN_ALLOWING_NET_PEER_COUNT);
nodeUsingRsaJwtPublicKey.verify(net.awaitPeerCount(3));
}
@Test
public void externalRsaJwtPublicKeyUsedOnJsonRpcMethodShouldFailOnNonPermittedMethod() {
nodeUsingRsaJwtPublicKey.useAuthenticationTokenInHeaderForJsonRpc(
RSA_TOKEN_ALLOWING_NET_PEER_COUNT);
nodeUsingRsaJwtPublicKey.verify(net.netVersionUnauthorized());
nodeUsingAuthFile.verify(net.netServicesUnauthorized());
}
@Test
public void externalEcdsaJwtPublicKeyUsedOnJsonRpcMethodShouldSucceed() {
nodeUsingEcdsaJwtPublicKey.useAuthenticationTokenInHeaderForJsonRpc(
ECDSA_TOKEN_ALLOWING_NET_PEER_COUNT);
nodeUsingEcdsaJwtPublicKey.verify(net.awaitPeerCount(3));
}
@Test
public void externalEcdsaJwtPublicKeyUsedOnJsonRpcMethodShouldFailOnNonPermittedMethod() {
nodeUsingEcdsaJwtPublicKey.useAuthenticationTokenInHeaderForJsonRpc(
ECDSA_TOKEN_ALLOWING_NET_PEER_COUNT);
nodeUsingEcdsaJwtPublicKey.verify(net.netVersionUnauthorized());
nodeUsingEcdsaJwtPublicKey.verify(net.netServicesUnauthorized());
}
@Test
public void jsonRpcMethodShouldFailWhenThereIsNoToken() {
nodeUsingRsaJwtPublicKey.verify(net.netVersionUnauthorized());
nodeUsingRsaJwtPublicKey.verify(net.netServicesUnauthorized());
}
@Test
public void loginShouldBeDisabledWhenUsingExternalJwtPublicKey() {
nodeUsingRsaJwtPublicKey.verify(login.disabled());
}
@Override
public void tearDownAcceptanceTestBase() {
authenticatedCluster.stop();
super.tearDownAcceptanceTestBase();
}
}

3
acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/permissioning/AccountSmartContractPermissioningAcceptanceTestBase.java
View File

@@ -30,6 +30,8 @@ import org.hyperledger.besu.tests.acceptance.dsl.transaction.perm.AccountSmartCo
import java.io.IOException;
import java.util.List;
import org.junit.jupiter.api.AfterEach;
class AccountSmartContractPermissioningAcceptanceTestBase extends AcceptanceTestBase {
private final AccountSmartContractPermissioningTransactions smartContractAccountPermissioning;
@@ -77,6 +79,7 @@ class AccountSmartContractPermissioningAcceptanceTestBase extends AcceptanceTest
}
}
@AfterEach
@Override
public void tearDownAcceptanceTestBase() {
permissionedCluster.stop();

2
acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/permissioning/NodeLocalConfigPermissioningAcceptanceTest.java
View File

@@ -20,6 +20,7 @@ import org.hyperledger.besu.tests.acceptance.dsl.node.cluster.Cluster;
import org.hyperledger.besu.tests.acceptance.dsl.node.cluster.ClusterConfiguration;
import org.hyperledger.besu.tests.acceptance.dsl.node.cluster.ClusterConfigurationBuilder;
import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
@@ -80,6 +81,7 @@ public class NodeLocalConfigPermissioningAcceptanceTest extends AcceptanceTestBa
permissionedNode.verify(net.awaitPeerCount(3));
}
@AfterEach
@Override
public void tearDownAcceptanceTestBase() {
permissionedCluster.stop();

3
acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/permissioning/NodeSmartContractPermissioningAcceptanceTestBase.java
View File

@@ -28,6 +28,8 @@ import org.hyperledger.besu.tests.acceptance.dsl.transaction.perm.NodeSmartContr
import java.io.IOException;
import org.junit.jupiter.api.AfterEach;
class NodeSmartContractPermissioningAcceptanceTestBase extends AcceptanceTestBase {
private final NodeSmartContractPermissioningTransactions smartContractNodePermissioning;
@@ -97,6 +99,7 @@ class NodeSmartContractPermissioningAcceptanceTestBase extends AcceptanceTestBas
}
}
@AfterEach
@Override
public void tearDownAcceptanceTestBase() {
permissionedCluster.stop();

3
acceptance-tests/tests/src/test/java/org/hyperledger/besu/tests/acceptance/permissioning/NodeSmartContractPermissioningV2AcceptanceTestBase.java
View File

@@ -29,6 +29,8 @@ import org.hyperledger.besu.tests.acceptance.dsl.transaction.perm.NodeSmartContr
import java.io.IOException;
import org.junit.jupiter.api.AfterEach;
class NodeSmartContractPermissioningV2AcceptanceTestBase extends AcceptanceTestBase {
private final NodeSmartContractPermissioningV2Transactions smartContractNodePermissioningV2;
@@ -93,6 +95,7 @@ class NodeSmartContractPermissioningV2AcceptanceTestBase extends AcceptanceTestB
}
}
@AfterEach
@Override
public void tearDownAcceptanceTestBase() {
permissionedCluster.stop();