From 97dc86e7420dafba67815f6478a8cd97cce7ff4a Mon Sep 17 00:00:00 2001
From: Shem Leong <leongyzs@gmail.com>
Date: Tue, 30 Aug 2022 07:34:29 +0800
Subject: [PATCH] Support passing of headers to all Engine API calls (#11330)

* Support passing of headers to all Engine API calls

* Update execution headers example

Co-authored-by: Raul Jordan <raul@prysmaticlabs.com>
---
 beacon-chain/execution/options.go        |  8 ++++++++
 beacon-chain/execution/rpc_connection.go | 11 +++++++++++
 beacon-chain/execution/service.go        |  1 +
 cmd/beacon-chain/execution/options.go    |  2 ++
 cmd/beacon-chain/flags/base.go           |  6 ++++++
 cmd/beacon-chain/main.go                 |  1 +
 cmd/beacon-chain/usage.go                |  1 +
 7 files changed, 30 insertions(+)

diff --git a/beacon-chain/execution/options.go b/beacon-chain/execution/options.go
index 466ee4e4f0..ec4748eac5 100644
--- a/beacon-chain/execution/options.go
+++ b/beacon-chain/execution/options.go
@@ -36,6 +36,14 @@ func WithHttpEndpointAndJWTSecret(endpointString string, secret []byte) Option {
 	}
 }
 
+// WithHeaders adds headers to the execution node JSON-RPC requests.
+func WithHeaders(headers []string) Option {
+	return func(s *Service) error {
+		s.cfg.headers = headers
+		return nil
+	}
+}
+
 // WithDepositContractAddress for the deposit contract.
 func WithDepositContractAddress(addr common.Address) Option {
 	return func(s *Service) error {
diff --git a/beacon-chain/execution/rpc_connection.go b/beacon-chain/execution/rpc_connection.go
index 9e53d92d22..f82f21b8ad 100644
--- a/beacon-chain/execution/rpc_connection.go
+++ b/beacon-chain/execution/rpc_connection.go
@@ -4,6 +4,7 @@ import (
 	"context"
 	"fmt"
 	"net/url"
+	"strings"
 	"time"
 
 	"github.com/ethereum/go-ethereum/ethclient"
@@ -128,6 +129,16 @@ func (s *Service) newRPCClientWithAuth(ctx context.Context, endpoint network.End
 		}
 		client.SetHeader("Authorization", header)
 	}
+	for _, h := range s.cfg.headers {
+		if h != "" {
+			keyValue := strings.Split(h, "=")
+			if len(keyValue) < 2 {
+				log.Warnf("Incorrect HTTP header flag format. Skipping %v", keyValue[0])
+				continue
+			}
+			client.SetHeader(keyValue[0], strings.Join(keyValue[1:], "="))
+		}
+	}
 	return client, nil
 }
 
diff --git a/beacon-chain/execution/service.go b/beacon-chain/execution/service.go
index f4b33d2b2f..0fae3572bd 100644
--- a/beacon-chain/execution/service.go
+++ b/beacon-chain/execution/service.go
@@ -128,6 +128,7 @@ type config struct {
 	eth1HeaderReqLimit      uint64
 	beaconNodeStatsUpdater  BeaconNodeStatsUpdater
 	currHttpEndpoint        network.Endpoint
+	headers                 []string
 	finalizedStateAtStartup state.BeaconState
 }
 
diff --git a/cmd/beacon-chain/execution/options.go b/cmd/beacon-chain/execution/options.go
index a53981125a..add7ea1d8a 100644
--- a/cmd/beacon-chain/execution/options.go
+++ b/cmd/beacon-chain/execution/options.go
@@ -23,9 +23,11 @@ func FlagOptions(c *cli.Context) ([]execution.Option, error) {
 	if err != nil {
 		return nil, errors.Wrap(err, "could not read JWT secret file for authenticating execution API")
 	}
+	headers := strings.Split(c.String(flags.ExecutionEngineHeaders.Name), ",")
 	opts := []execution.Option{
 		execution.WithHttpEndpoint(endpoint),
 		execution.WithEth1HeaderRequestLimit(c.Uint64(flags.Eth1HeaderReqLimit.Name)),
+		execution.WithHeaders(headers),
 	}
 	if len(jwtSecret) > 0 {
 		opts = append(opts, execution.WithHttpEndpointAndJWTSecret(endpoint, jwtSecret))
diff --git a/cmd/beacon-chain/flags/base.go b/cmd/beacon-chain/flags/base.go
index 53efad638a..6080deae80 100644
--- a/cmd/beacon-chain/flags/base.go
+++ b/cmd/beacon-chain/flags/base.go
@@ -32,6 +32,12 @@ var (
 		Usage: "An execution client http endpoint. Can contain auth header as well in the format",
 		Value: "http://localhost:8551",
 	}
+	// ExecutionEngineHeaders defines a list of HTTP headers to send with all execution client requests.
+	ExecutionEngineHeaders = &cli.StringFlag{
+		Name: "execution-headers",
+		Usage: "A comma separated list of key value pairs to pass as HTTP headers for all execution " +
+			"client calls. Example: --execution-headers=key1=value1,key2=value2",
+	}
 	// Deprecated: HTTPWeb3ProviderFlag is a deprecated flag and is an alias for the ExecutionEngineEndpoint flag.
 	HTTPWeb3ProviderFlag = &cli.StringFlag{
 		Name:   "http-web3provider",
diff --git a/cmd/beacon-chain/main.go b/cmd/beacon-chain/main.go
index 92609c7e28..8126777a3d 100644
--- a/cmd/beacon-chain/main.go
+++ b/cmd/beacon-chain/main.go
@@ -38,6 +38,7 @@ import (
 var appFlags = []cli.Flag{
 	flags.DepositContractFlag,
 	flags.ExecutionEngineEndpoint,
+	flags.ExecutionEngineHeaders,
 	flags.HTTPWeb3ProviderFlag,
 	flags.ExecutionJWTSecretFlag,
 	flags.RPCHost,
diff --git a/cmd/beacon-chain/usage.go b/cmd/beacon-chain/usage.go
index dc568b6bbc..17a43d1f56 100644
--- a/cmd/beacon-chain/usage.go
+++ b/cmd/beacon-chain/usage.go
@@ -107,6 +107,7 @@ var appHelpFlagGroups = []flagGroup{
 			flags.GRPCGatewayPort,
 			flags.GPRCGatewayCorsDomain,
 			flags.ExecutionEngineEndpoint,
+			flags.ExecutionEngineHeaders,
 			flags.HTTPWeb3ProviderFlag,
 			flags.ExecutionJWTSecretFlag,
 			flags.SetGCPercent,