From 90729be426761d55afa4454351311d9773c0e344 Mon Sep 17 00:00:00 2001 From: hxlaf Date: Fri, 20 Aug 2021 11:49:55 -0500 Subject: [PATCH] fix: add tls option for iroha --- .../src/main/json/openapi.json | 5 +++ .../generated/openapi/typescript-axios/api.ts | 6 +++ .../plugin-ledger-connector-iroha.ts | 13 ++++--- .../iroha-iroha-transfer-example.test.ts | 7 ++++ .../run-transaction-endpoint-v1.test.ts | 39 +++++++++++++++++++ .../typescript/iroha/iroha-test-ledger.ts | 22 ++++++++++- 6 files changed, 86 insertions(+), 6 deletions(-) diff --git a/packages/cactus-plugin-ledger-connector-iroha/src/main/json/openapi.json b/packages/cactus-plugin-ledger-connector-iroha/src/main/json/openapi.json index 87526d1f71d..2b99054d8e0 100644 --- a/packages/cactus-plugin-ledger-connector-iroha/src/main/json/openapi.json +++ b/packages/cactus-plugin-ledger-connector-iroha/src/main/json/openapi.json @@ -221,6 +221,11 @@ "timeoutLimit": { "type": "number", "nullable": false + }, + "tls": { + "type": "boolean", + "nullable": false, + "description": "Can only be set to false for an insecure grpc connection." } } }, diff --git a/packages/cactus-plugin-ledger-connector-iroha/src/main/typescript/generated/openapi/typescript-axios/api.ts b/packages/cactus-plugin-ledger-connector-iroha/src/main/typescript/generated/openapi/typescript-axios/api.ts index 781ff028481..2fe0aa53887 100644 --- a/packages/cactus-plugin-ledger-connector-iroha/src/main/typescript/generated/openapi/typescript-axios/api.ts +++ b/packages/cactus-plugin-ledger-connector-iroha/src/main/typescript/generated/openapi/typescript-axios/api.ts @@ -91,6 +91,12 @@ export interface IrohaBaseConfig { * @memberof IrohaBaseConfig */ timeoutLimit?: number; + /** + * Can only be set to false for an insecure grpc connection. + * @type {boolean} + * @memberof IrohaBaseConfig + */ + tls?: boolean; } /** * diff --git a/packages/cactus-plugin-ledger-connector-iroha/src/main/typescript/plugin-ledger-connector-iroha.ts b/packages/cactus-plugin-ledger-connector-iroha/src/main/typescript/plugin-ledger-connector-iroha.ts index 691fd1bd657..7e1a03dc6c5 100644 --- a/packages/cactus-plugin-ledger-connector-iroha/src/main/typescript/plugin-ledger-connector-iroha.ts +++ b/packages/cactus-plugin-ledger-connector-iroha/src/main/typescript/plugin-ledger-connector-iroha.ts @@ -209,15 +209,18 @@ export class PluginLedgerConnectorIroha } const irohaHostPort = `${baseConfig.irohaHost}:${baseConfig.irohaPort}`; + let grpcCredentials; + if (baseConfig.tls) { + throw new RuntimeError("TLS option is not supported"); + } else { + grpcCredentials = grpc.credentials.createInsecure(); + } const commandService = new CommandService( irohaHostPort, //TODO:do something in the production environment - grpc.credentials.createInsecure(), - ); - const queryService = new QueryService( - irohaHostPort, - grpc.credentials.createInsecure(), + grpcCredentials, ); + const queryService = new QueryService(irohaHostPort, grpcCredentials); const commandOptions = { privateKeys: baseConfig.privKey, //need an array of keys for command creatorAccountId: baseConfig.creatorAccountId, diff --git a/packages/cactus-plugin-ledger-connector-iroha/src/test/typescript/integration/iroha-iroha-transfer-example.test.ts b/packages/cactus-plugin-ledger-connector-iroha/src/test/typescript/integration/iroha-iroha-transfer-example.test.ts index 1b1ab074898..0d6b7c8f308 100644 --- a/packages/cactus-plugin-ledger-connector-iroha/src/test/typescript/integration/iroha-iroha-transfer-example.test.ts +++ b/packages/cactus-plugin-ledger-connector-iroha/src/test/typescript/integration/iroha-iroha-transfer-example.test.ts @@ -180,6 +180,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv1], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [asset, domain1, 3], }; @@ -212,6 +213,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv2], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [asset, domain2, 3], }; @@ -232,6 +234,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv1], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [assetID1, "100.000"], }; @@ -254,6 +257,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv1], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [assetID1, "30.000"], }; @@ -274,6 +278,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv2], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [assetID2, "30.000"], }; @@ -294,6 +299,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv1], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [adminID1, 10, assetID1], }; @@ -320,6 +326,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv2], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [adminID2, 10, assetID2], }; diff --git a/packages/cactus-plugin-ledger-connector-iroha/src/test/typescript/integration/run-transaction-endpoint-v1.test.ts b/packages/cactus-plugin-ledger-connector-iroha/src/test/typescript/integration/run-transaction-endpoint-v1.test.ts index bf70e107817..47f41395511 100644 --- a/packages/cactus-plugin-ledger-connector-iroha/src/test/typescript/integration/run-transaction-endpoint-v1.test.ts +++ b/packages/cactus-plugin-ledger-connector-iroha/src/test/typescript/integration/run-transaction-endpoint-v1.test.ts @@ -137,6 +137,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [user, domain, userPub], }; @@ -157,6 +158,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [adminID], }; @@ -184,6 +186,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [newDomain, moneyCreatorRole], }; @@ -210,6 +213,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [asset, domain, 3], }; @@ -230,6 +234,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [assetID], }; @@ -254,6 +259,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [assetID, "123.123"], }; @@ -275,6 +281,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [adminID, userID, assetID, txDescription, "57.75"], }; @@ -297,6 +304,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [adminID, 100, assetID], }; @@ -323,6 +331,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [userID, 100, assetID], }; @@ -349,6 +358,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [assetID, "30.123"], }; @@ -369,6 +379,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [adminID, 100, assetID], }; @@ -395,6 +406,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [adminID], }; @@ -417,6 +429,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [adminID, adminPubB], }; @@ -437,6 +450,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [adminID], }; @@ -458,6 +472,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [adminID, adminPubB], }; @@ -478,6 +493,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [adminID], }; @@ -498,6 +514,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [], }; @@ -524,6 +541,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [moneyCreatorRole], }; @@ -550,6 +568,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv], quorum: 1, timeoutLimit: 5000, + tls: false, }, /** * param[0] needs to be an array of transactions @@ -578,6 +597,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [adminID, 100, firstTxHash], }; @@ -617,6 +637,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [adminID, assetID, 100, undefined], }; @@ -653,6 +674,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [], }; @@ -679,6 +701,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [1], }; @@ -707,6 +730,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [userID, moneyCreatorRole], }; @@ -727,6 +751,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [userID, moneyCreatorRole], }; @@ -748,6 +773,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [testRole, [6, 7]], }; @@ -768,6 +794,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [userID, "CAN_CALL_ENGINE_ON_MY_BEHALF"], }; @@ -788,6 +815,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [userID, "CAN_CALL_ENGINE_ON_MY_BEHALF"], }; @@ -808,6 +836,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [userID, "age", "18"], }; @@ -828,6 +857,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [userID, "age", adminID, 1, "age", adminID], }; @@ -850,6 +880,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [userID, "age", "118", "18"], //change age from 18 to 118 }; @@ -870,6 +901,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [userID, "age", adminID, 1, "age", adminID], }; @@ -892,6 +924,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [firstTxHash], }; @@ -911,6 +944,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [key, value], }; @@ -939,6 +973,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [undefined, adminID, callee, input], }; @@ -966,6 +1001,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [5, undefined], }; @@ -989,6 +1025,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [adminID, adminPubC], }; @@ -1009,6 +1046,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv], quorum: 1, timeoutLimit: 5000, + tls: false, }, params: [adminID, 2], }; @@ -1037,6 +1075,7 @@ test(testCase, async (t: Test) => { privKey: [adminPriv, adminPrivC], quorum: 2, timeoutLimit: 5000, + tls: false, }, params: [peerAddr, nodePubB], }; diff --git a/packages/cactus-test-tooling/src/main/typescript/iroha/iroha-test-ledger.ts b/packages/cactus-test-tooling/src/main/typescript/iroha/iroha-test-ledger.ts index 3f50666037b..6eb5287abe9 100644 --- a/packages/cactus-test-tooling/src/main/typescript/iroha/iroha-test-ledger.ts +++ b/packages/cactus-test-tooling/src/main/typescript/iroha/iroha-test-ledger.ts @@ -20,6 +20,9 @@ export interface IIrohaTestLedgerOptions { readonly adminPub?: string; readonly nodePriv?: string; readonly nodePub?: string; + readonly tlsCert?: string; + readonly tlsKey?: string; + readonly toriiTlsPort?: number; readonly postgresHost: string; readonly postgresPort: number; readonly imageVersion?: string; @@ -40,7 +43,10 @@ export const IROHA_TEST_LEDGER_DEFAULT_OPTIONS = Object.freeze({ adminPub: " ", nodePriv: " ", nodePub: " ", + tlsCert: " ", + tlsKey: " ", rpcToriiPort: 50051, + toriiTlsPort: 55552, envVars: [ "IROHA_POSTGRES_USER=postgres", "IROHA_POSTGRES_PASSWORD=my-secret-password", @@ -57,11 +63,14 @@ export const IROHA_TEST_LEDGER_OPTIONS_JOI_SCHEMA: Joi.Schema = Joi.object().key adminPub: Joi.string().min(1).max(64).required(), nodePriv: Joi.string().min(1).max(64).required(), nodePub: Joi.string().min(1).max(64).required(), + tlsCert: Joi.string().min(1).required(), + tlsKey: Joi.string().min(1).required(), + toriiTlsPort: Joi.number().port().required(), postgresPort: Joi.number().port().required(), postgresHost: Joi.string().hostname().required(), imageVersion: Joi.string().min(5).required(), imageName: Joi.string().min(1).required(), - rpcToriiPort: Joi.number().min(1024).max(65535).required(), + rpcToriiPort: Joi.number().port().required(), envVars: Joi.array().allow(null).required(), }, ); @@ -78,6 +87,9 @@ export class IrohaTestLedger implements ITestLedger { public readonly adminPub: string; public readonly nodePriv: string; public readonly nodePub: string; + public readonly tlsCert?: string; + public readonly tlsKey?: string; + public readonly toriiTlsPort?: number; private readonly log: Logger; private container: Container | undefined; @@ -110,6 +122,11 @@ export class IrohaTestLedger implements ITestLedger { this.envVars = options.envVars || [ ...IROHA_TEST_LEDGER_DEFAULT_OPTIONS.envVars, ]; + this.tlsCert = options.tlsCert || IROHA_TEST_LEDGER_DEFAULT_OPTIONS.tlsCert; + this.tlsKey = options.tlsKey || IROHA_TEST_LEDGER_DEFAULT_OPTIONS.tlsKey; + this.toriiTlsPort = + options.toriiTlsPort || IROHA_TEST_LEDGER_DEFAULT_OPTIONS.toriiTlsPort; + this.envVars.push(`IROHA_POSTGRES_HOST=${this.postgresHost}`); this.envVars.push(`IROHA_POSTGRES_PORT=${this.postgresPort}`); this.envVars.push(`ADMIN_PRIV=${this.adminPriv}`); @@ -412,6 +429,9 @@ export class IrohaTestLedger implements ITestLedger { adminPub: this.adminPub, nodePriv: this.nodePriv, nodePub: this.nodePub, + tlsCert: this.tlsCert, + tlsKey: this.tlsKey, + toriiTlsPort: this.toriiTlsPort, postgresHost: this.postgresHost, postgresPort: this.postgresPort, imageVersion: this.imageVersion,