Search in sources :

Example 1 with DefaultAuthenticationService

use of org.hyperledger.besu.ethereum.api.jsonrpc.authentication.DefaultAuthenticationService in project besu by hyperledger.

the class JsonRpcHttpService method buildRouter.

private Router buildRouter() {
    // Handle json rpc requests
    final Router router = Router.router(vertx);
    router.route().handler(this::createSpan);
    // Verify Host header to avoid rebind attack.
    router.route().handler(checkAllowlistHostHeader());
    router.route().handler(CorsHandler.create(buildCorsRegexFromConfig()).allowedHeader("*").allowedHeader("content-type"));
    router.route().handler(BodyHandler.create().setUploadsDirectory(dataDir.resolve("uploads").toString()).setDeleteUploadedFilesOnEnd(true));
    router.route("/").method(HttpMethod.GET).handler(this::handleEmptyRequest);
    router.route(HealthService.LIVENESS_PATH).method(HttpMethod.GET).handler(livenessService::handleRequest);
    router.route(HealthService.READINESS_PATH).method(HttpMethod.GET).handler(readinessService::handleRequest);
    Route mainRoute = router.route("/").method(HttpMethod.POST).produces(APPLICATION_JSON);
    if (authenticationService.isPresent()) {
        mainRoute.handler(HandlerFactory.authentication(authenticationService.get(), config.getNoAuthRpcApis()));
    }
    mainRoute.handler(HandlerFactory.jsonRpcParser()).handler(HandlerFactory.timeout(new TimeoutOptions(config.getHttpTimeoutSec()), rpcMethods));
    if (authenticationService.isPresent()) {
        mainRoute.blockingHandler(HandlerFactory.jsonRpcExecutor(new JsonRpcExecutor(new AuthenticatedJsonRpcProcessor(new TimedJsonRpcProcessor(new TracedJsonRpcProcessor(new BaseJsonRpcProcessor()), requestTimer), authenticationService.get(), config.getNoAuthRpcApis()), rpcMethods), tracer));
    } else {
        mainRoute.blockingHandler(HandlerFactory.jsonRpcExecutor(new JsonRpcExecutor(new TimedJsonRpcProcessor(new TracedJsonRpcProcessor(new BaseJsonRpcProcessor()), requestTimer), rpcMethods), tracer));
    }
    if (authenticationService.isPresent()) {
        router.route("/login").method(HttpMethod.POST).produces(APPLICATION_JSON).handler(authenticationService.get()::handleLogin);
    } else {
        router.route("/login").method(HttpMethod.POST).produces(APPLICATION_JSON).handler(DefaultAuthenticationService::handleDisabledLogin);
    }
    return router;
}
Also used : BaseJsonRpcProcessor(org.hyperledger.besu.ethereum.api.jsonrpc.execution.BaseJsonRpcProcessor) TracedJsonRpcProcessor(org.hyperledger.besu.ethereum.api.jsonrpc.execution.TracedJsonRpcProcessor) Router(io.vertx.ext.web.Router) TimedJsonRpcProcessor(org.hyperledger.besu.ethereum.api.jsonrpc.execution.TimedJsonRpcProcessor) TimeoutOptions(org.hyperledger.besu.ethereum.api.handlers.TimeoutOptions) JsonRpcExecutor(org.hyperledger.besu.ethereum.api.jsonrpc.execution.JsonRpcExecutor) AuthenticatedJsonRpcProcessor(org.hyperledger.besu.ethereum.api.jsonrpc.execution.AuthenticatedJsonRpcProcessor) DefaultAuthenticationService(org.hyperledger.besu.ethereum.api.jsonrpc.authentication.DefaultAuthenticationService) Route(io.vertx.ext.web.Route)

Example 2 with DefaultAuthenticationService

use of org.hyperledger.besu.ethereum.api.jsonrpc.authentication.DefaultAuthenticationService in project besu by hyperledger.

the class JsonRpcService method buildRouter.

private Router buildRouter() {
    // Handle json rpc requests
    final Router router = Router.router(vertx);
    router.route().handler(this::createSpan);
    // Verify Host header to avoid rebind attack.
    router.route().handler(denyRouteToBlockedHost());
    router.route().handler(CorsHandler.create(buildCorsRegexFromConfig()).allowedHeader("*").allowedHeader("content-type"));
    router.route().handler(BodyHandler.create().setUploadsDirectory(dataDir.resolve("uploads").toString()).setDeleteUploadedFilesOnEnd(true));
    router.route("/").method(HttpMethod.GET).handler(this::handleEmptyRequest);
    router.route(HealthService.LIVENESS_PATH).method(HttpMethod.GET).handler(livenessService::handleRequest);
    router.route(HealthService.READINESS_PATH).method(HttpMethod.GET).handler(readinessService::handleRequest);
    Route mainRoute = router.route("/").method(HttpMethod.POST).produces(APPLICATION_JSON);
    if (authenticationService.isPresent()) {
        mainRoute.handler(HandlerFactory.authentication(authenticationService.get(), config.getNoAuthRpcApis()));
    }
    mainRoute.handler(HandlerFactory.jsonRpcParser()).handler(HandlerFactory.timeout(new TimeoutOptions(config.getHttpTimeoutSec()), rpcMethods));
    if (authenticationService.isPresent()) {
        mainRoute.blockingHandler(HandlerFactory.jsonRpcExecutor(new JsonRpcExecutor(new AuthenticatedJsonRpcProcessor(new TimedJsonRpcProcessor(new TracedJsonRpcProcessor(new BaseJsonRpcProcessor()), requestTimer), authenticationService.get(), config.getNoAuthRpcApis()), rpcMethods), tracer));
    } else {
        mainRoute.blockingHandler(HandlerFactory.jsonRpcExecutor(new JsonRpcExecutor(new TimedJsonRpcProcessor(new TracedJsonRpcProcessor(new BaseJsonRpcProcessor()), requestTimer), rpcMethods), tracer));
    }
    if (authenticationService.isPresent()) {
        router.route("/login").method(HttpMethod.POST).produces(APPLICATION_JSON).handler(authenticationService.get()::handleLogin);
    } else {
        router.route("/login").method(HttpMethod.POST).produces(APPLICATION_JSON).handler(DefaultAuthenticationService::handleDisabledLogin);
    }
    return router;
}
Also used : BaseJsonRpcProcessor(org.hyperledger.besu.ethereum.api.jsonrpc.execution.BaseJsonRpcProcessor) TracedJsonRpcProcessor(org.hyperledger.besu.ethereum.api.jsonrpc.execution.TracedJsonRpcProcessor) Router(io.vertx.ext.web.Router) TimedJsonRpcProcessor(org.hyperledger.besu.ethereum.api.jsonrpc.execution.TimedJsonRpcProcessor) TimeoutOptions(org.hyperledger.besu.ethereum.api.handlers.TimeoutOptions) JsonRpcExecutor(org.hyperledger.besu.ethereum.api.jsonrpc.execution.JsonRpcExecutor) AuthenticatedJsonRpcProcessor(org.hyperledger.besu.ethereum.api.jsonrpc.execution.AuthenticatedJsonRpcProcessor) DefaultAuthenticationService(org.hyperledger.besu.ethereum.api.jsonrpc.authentication.DefaultAuthenticationService) Route(io.vertx.ext.web.Route)

Example 3 with DefaultAuthenticationService

use of org.hyperledger.besu.ethereum.api.jsonrpc.authentication.DefaultAuthenticationService in project besu by hyperledger.

the class WebSocketService method httpHandler.

private Handler<HttpServerRequest> httpHandler() {
    final Router router = Router.router(vertx);
    // Verify Host header to avoid rebind attack.
    router.route().handler(checkAllowlistHostHeader());
    if (authenticationService.isPresent()) {
        router.route("/login").handler(BodyHandler.create());
        router.post("/login").produces(APPLICATION_JSON).handler(authenticationService.get()::handleLogin);
    } else {
        router.post("/login").produces(APPLICATION_JSON).handler(DefaultAuthenticationService::handleDisabledLogin);
    }
    router.route().handler(WebSocketService::handleHttpNotSupported);
    return router;
}
Also used : Router(io.vertx.ext.web.Router) DefaultAuthenticationService(org.hyperledger.besu.ethereum.api.jsonrpc.authentication.DefaultAuthenticationService)

Aggregations

Router (io.vertx.ext.web.Router)3 DefaultAuthenticationService (org.hyperledger.besu.ethereum.api.jsonrpc.authentication.DefaultAuthenticationService)3 Route (io.vertx.ext.web.Route)2 TimeoutOptions (org.hyperledger.besu.ethereum.api.handlers.TimeoutOptions)2 AuthenticatedJsonRpcProcessor (org.hyperledger.besu.ethereum.api.jsonrpc.execution.AuthenticatedJsonRpcProcessor)2 BaseJsonRpcProcessor (org.hyperledger.besu.ethereum.api.jsonrpc.execution.BaseJsonRpcProcessor)2 JsonRpcExecutor (org.hyperledger.besu.ethereum.api.jsonrpc.execution.JsonRpcExecutor)2 TimedJsonRpcProcessor (org.hyperledger.besu.ethereum.api.jsonrpc.execution.TimedJsonRpcProcessor)2 TracedJsonRpcProcessor (org.hyperledger.besu.ethereum.api.jsonrpc.execution.TracedJsonRpcProcessor)2