use of org.hyperledger.besu.ethereum.api.jsonrpc.internal.response.JsonRpcUnauthorizedResponse in project besu by hyperledger.
the class MultiTenancyRpcMethodDecorator method response.
@Override
public JsonRpcResponse response(final JsonRpcRequestContext requestContext) {
final Optional<User> user = requestContext.getUser();
final Object id = requestContext.getRequest().getId();
if (user.isEmpty()) {
LOG.error("Request does not contain an authorization token");
return new JsonRpcUnauthorizedResponse(id, JsonRpcError.UNAUTHORIZED);
} else if (MultiTenancyUserUtil.privacyUserId(user).isEmpty()) {
LOG.error("Request token does not contain an enclave public key");
return new JsonRpcErrorResponse(id, JsonRpcError.INVALID_REQUEST);
} else {
return rpcMethod.response(requestContext);
}
}
use of org.hyperledger.besu.ethereum.api.jsonrpc.internal.response.JsonRpcUnauthorizedResponse in project besu by hyperledger.
the class MultiTenancyRpcMethodDecoratorTest method failsWhenHasNoToken.
@Test
public void failsWhenHasNoToken() {
final JsonRpcRequestContext rpcRequestContext = new JsonRpcRequestContext(rpcRequest);
final MultiTenancyRpcMethodDecorator tokenRpcDecorator = new MultiTenancyRpcMethodDecorator(jsonRpcMethod);
when(jsonRpcMethod.getName()).thenReturn("delegate");
assertThat(tokenRpcDecorator.getName()).isEqualTo("delegate");
final JsonRpcResponse response = tokenRpcDecorator.response(rpcRequestContext);
assertThat(response.getType()).isEqualTo(JsonRpcResponseType.UNAUTHORIZED);
final JsonRpcUnauthorizedResponse errorResponse = (JsonRpcUnauthorizedResponse) response;
assertThat(errorResponse.getError()).isEqualTo(JsonRpcError.UNAUTHORIZED);
}
use of org.hyperledger.besu.ethereum.api.jsonrpc.internal.response.JsonRpcUnauthorizedResponse in project besu by hyperledger.
the class WebSocketRequestHandler method process.
private JsonRpcResponse process(final Optional<AuthenticationService> authenticationService, final ServerWebSocket websocket, final Optional<User> user, final WebSocketRpcRequest requestBody, final Collection<String> noAuthApiMethods) {
if (!methods.containsKey(requestBody.getMethod())) {
LOG.debug("Can't find method {}", requestBody.getMethod());
return new JsonRpcErrorResponse(requestBody.getId(), JsonRpcError.METHOD_NOT_FOUND);
}
final JsonRpcMethod method = methods.get(requestBody.getMethod());
try {
LOG.debug("WS-RPC request -> {}", requestBody.getMethod());
requestBody.setConnectionId(websocket.textHandlerID());
if (authenticationService.isEmpty() || (authenticationService.isPresent() && authenticationService.get().isPermitted(user, method, noAuthApiMethods))) {
final JsonRpcRequestContext requestContext = new JsonRpcRequestContext(requestBody, user, new IsAliveHandler(ethScheduler, timeoutSec));
return method.response(requestContext);
} else {
return new JsonRpcUnauthorizedResponse(requestBody.getId(), JsonRpcError.UNAUTHORIZED);
}
} catch (final InvalidJsonRpcParameters e) {
LOG.debug("Invalid Params", e);
return new JsonRpcErrorResponse(requestBody.getId(), JsonRpcError.INVALID_PARAMS);
} catch (final RpcMethodTimeoutException e) {
LOG.error(JsonRpcError.TIMEOUT_ERROR.getMessage(), e);
return new JsonRpcErrorResponse(requestBody.getId(), JsonRpcError.TIMEOUT_ERROR);
} catch (final Exception e) {
LOG.error(JsonRpcError.INTERNAL_ERROR.getMessage(), e);
return new JsonRpcErrorResponse(requestBody.getId(), JsonRpcError.INTERNAL_ERROR);
}
}
Aggregations