diff --git a/go/proxyd/integration_tests/validation_test.go b/go/proxyd/integration_tests/validation_test.go index 442ecaab9c..6f0653df2c 100644 --- a/go/proxyd/integration_tests/validation_test.go +++ b/go/proxyd/integration_tests/validation_test.go @@ -13,94 +13,94 @@ const ( notWhitelistedResponse = `{"jsonrpc":"2.0","error":{"code":-32001,"message":"rpc method is not whitelisted custom message"},"id":999}` parseErrResponse = `{"jsonrpc":"2.0","error":{"code":-32700,"message":"parse error"},"id":null}` invalidJSONRPCVersionResponse = `{"error":{"code":-32601,"message":"invalid JSON-RPC version"},"id":null,"jsonrpc":"2.0"}` - //invalidIDResponse = `{"error":{"code":-32601,"message":"invalid ID"},"id":null,"jsonrpc":"2.0"}` - invalidMethodResponse = `{"error":{"code":-32601,"message":"no method specified"},"id":null,"jsonrpc":"2.0"}` - invalidBatchLenResponse = `{"error":{"code":-32601,"message":"must specify at least one batch call"},"id":null,"jsonrpc":"2.0"}` + invalidIDResponse = `{"error":{"code":-32601,"message":"invalid ID"},"id":null,"jsonrpc":"2.0"}` + invalidMethodResponse = `{"error":{"code":-32601,"message":"no method specified"},"id":null,"jsonrpc":"2.0"}` + invalidBatchLenResponse = `{"error":{"code":-32601,"message":"must specify at least one batch call"},"id":null,"jsonrpc":"2.0"}` ) -// func TestSingleRPCValidation(t *testing.T) { -// goodBackend := NewMockBackend(BatchedResponseHandler(200, goodResponse)) -// defer goodBackend.Close() +func TestSingleRPCValidation(t *testing.T) { + goodBackend := NewMockBackend(BatchedResponseHandler(200, goodResponse)) + defer goodBackend.Close() -// require.NoError(t, os.Setenv("GOOD_BACKEND_RPC_URL", goodBackend.URL())) + require.NoError(t, os.Setenv("GOOD_BACKEND_RPC_URL", goodBackend.URL())) -// config := ReadConfig("whitelist") -// client := NewProxydClient("http://127.0.0.1:8545") -// shutdown, err := proxyd.Start(config) -// require.NoError(t, err) -// defer shutdown() + config := ReadConfig("whitelist") + client := NewProxydClient("http://127.0.0.1:8545") + shutdown, err := proxyd.Start(config) + require.NoError(t, err) + defer shutdown() -// tests := []struct { -// name string -// body string -// res string -// code int -// }{ -// { -// "body not JSON", -// "this ain't an RPC call", -// parseErrResponse, -// 400, -// }, -// { -// "body not RPC", -// "{\"not\": \"rpc\"}", -// invalidJSONRPCVersionResponse, -// 400, -// }, -// // { -// // "body missing RPC ID", -// // "{\"jsonrpc\": \"2.0\", \"method\": \"subtract\", \"params\": [42, 23]}", -// // invalidIDResponse, -// // 400, -// // }, -// { -// "body has array ID", -// "{\"jsonrpc\": \"2.0\", \"method\": \"subtract\", \"params\": [42, 23], \"id\": []}", -// invalidIDResponse, -// 400, -// }, -// { -// "body has object ID", -// "{\"jsonrpc\": \"2.0\", \"method\": \"subtract\", \"params\": [42, 23], \"id\": {}}", -// invalidIDResponse, -// 400, -// }, -// { -// "bad method", -// "{\"jsonrpc\": \"2.0\", \"method\": 7, \"params\": [42, 23], \"id\": 1}", -// parseErrResponse, -// 400, -// }, -// { -// "bad JSON-RPC", -// "{\"jsonrpc\": \"1.0\", \"method\": \"subtract\", \"params\": [42, 23], \"id\": 1}", -// invalidJSONRPCVersionResponse, -// 400, -// }, -// { -// "omitted method", -// "{\"jsonrpc\": \"2.0\", \"params\": [42, 23], \"id\": 1}", -// invalidMethodResponse, -// 400, -// }, -// { -// "not whitelisted method", -// "{\"jsonrpc\": \"2.0\", \"method\": \"subtract\", \"params\": [42, 23], \"id\": 999}", -// notWhitelistedResponse, -// 403, -// }, -// } -// for _, tt := range tests { -// t.Run(tt.name, func(t *testing.T) { -// res, code, err := client.SendRequest([]byte(tt.body)) -// require.NoError(t, err) -// RequireEqualJSON(t, []byte(tt.res), res) -// require.Equal(t, tt.code, code) -// require.Equal(t, 0, len(goodBackend.Requests())) -// }) -// } -// } + tests := []struct { + name string + body string + res string + code int + }{ + { + "body not JSON", + "this ain't an RPC call", + parseErrResponse, + 400, + }, + { + "body not RPC", + "{\"not\": \"rpc\"}", + invalidJSONRPCVersionResponse, + 400, + }, + { + "body missing RPC ID", + "{\"jsonrpc\": \"2.0\", \"method\": \"subtract\", \"params\": [42, 23]}", + invalidIDResponse, + 400, + }, + { + "body has array ID", + "{\"jsonrpc\": \"2.0\", \"method\": \"subtract\", \"params\": [42, 23], \"id\": []}", + invalidIDResponse, + 400, + }, + { + "body has object ID", + "{\"jsonrpc\": \"2.0\", \"method\": \"subtract\", \"params\": [42, 23], \"id\": {}}", + invalidIDResponse, + 400, + }, + { + "bad method", + "{\"jsonrpc\": \"2.0\", \"method\": 7, \"params\": [42, 23], \"id\": 1}", + parseErrResponse, + 400, + }, + { + "bad JSON-RPC", + "{\"jsonrpc\": \"1.0\", \"method\": \"subtract\", \"params\": [42, 23], \"id\": 1}", + invalidJSONRPCVersionResponse, + 400, + }, + { + "omitted method", + "{\"jsonrpc\": \"2.0\", \"params\": [42, 23], \"id\": 1}", + invalidMethodResponse, + 400, + }, + { + "not whitelisted method", + "{\"jsonrpc\": \"2.0\", \"method\": \"subtract\", \"params\": [42, 23], \"id\": 999}", + notWhitelistedResponse, + 403, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + res, code, err := client.SendRequest([]byte(tt.body)) + require.NoError(t, err) + RequireEqualJSON(t, []byte(tt.res), res) + require.Equal(t, tt.code, code) + require.Equal(t, 0, len(goodBackend.Requests())) + }) + } +} func TestBatchRPCValidation(t *testing.T) { goodBackend := NewMockBackend(BatchedResponseHandler(200, goodResponse)) @@ -149,27 +149,27 @@ func TestBatchRPCValidation(t *testing.T) { 200, 0, }, - // { - // "body missing RPC ID", - // "[{\"jsonrpc\": \"2.0\", \"method\": \"subtract\", \"params\": [42, 23]}]", - // asArray(invalidIDResponse), - // 200, - // 0, - // }, - // { - // "body has array ID", - // "[{\"jsonrpc\": \"2.0\", \"method\": \"subtract\", \"params\": [42, 23], \"id\": []}]", - // asArray(invalidIDResponse), - // 200, - // 0, - // }, - // { - // "body has object ID", - // "[{\"jsonrpc\": \"2.0\", \"method\": \"subtract\", \"params\": [42, 23], \"id\": {}}]", - // asArray(invalidIDResponse), - // 200, - // 0, - // }, + { + "body missing RPC ID", + "[{\"jsonrpc\": \"2.0\", \"method\": \"subtract\", \"params\": [42, 23]}]", + asArray(invalidIDResponse), + 200, + 0, + }, + { + "body has array ID", + "[{\"jsonrpc\": \"2.0\", \"method\": \"subtract\", \"params\": [42, 23], \"id\": []}]", + asArray(invalidIDResponse), + 200, + 0, + }, + { + "body has object ID", + "[{\"jsonrpc\": \"2.0\", \"method\": \"subtract\", \"params\": [42, 23], \"id\": {}}]", + asArray(invalidIDResponse), + 200, + 0, + }, // this happens because we can't deserialize the method into a non // string value, and it blows up the parsing for the whole request. { diff --git a/go/proxyd/rpc.go b/go/proxyd/rpc.go index e8cee18d60..0c30d6439d 100644 --- a/go/proxyd/rpc.go +++ b/go/proxyd/rpc.go @@ -125,10 +125,9 @@ func ValidateRPCReq(req *RPCReq) error { return ErrInvalidRequest("no method specified") } - // cosmic universe - // if !IsValidID(req.ID) { - // return ErrInvalidRequest("invalid ID") - // } + if !IsValidID(req.ID) { + return ErrInvalidRequest("invalid ID") + } return nil }