Merge pull request #5196 from filecoin-project/feat/tanlang/unify-Aut…

…h-client

Feat/tanlang/unify auth client

app/node/builder.go

@@ -5,6 +5,7 @@ import (
 	"fmt"
 	"time"
 
+	"github.com/filecoin-project/venus-auth/jwtclient"
 	"github.com/filecoin-project/venus/app/submodule/dagservice"
 	"github.com/filecoin-project/venus/app/submodule/network"
 
@@ -27,7 +28,6 @@ import (
 	chain2 "github.com/filecoin-project/venus/pkg/chain"
 	"github.com/filecoin-project/venus/pkg/clock"
 	"github.com/filecoin-project/venus/pkg/journal"
-	"github.com/filecoin-project/venus/pkg/jwtauth"
 	"github.com/filecoin-project/venus/pkg/paychmgr"
 	"github.com/filecoin-project/venus/pkg/repo"
 	"github.com/filecoin-project/venus/pkg/util/ffiwrapper"
@@ -186,15 +186,20 @@ func (b *Builder) build(ctx context.Context) (*Node, error) {
 		return nil, errors.Wrap(err, "add service failed ")
 	}
 
+	var client *jwtclient.AuthClient
 	cfg := nd.repo.Config()
 	if len(cfg.API.VenusAuthURL) > 0 {
-		nd.remoteAuth = jwtauth.NewRemoteAuth(cfg.API.VenusAuthURL)
+		client, err = jwtclient.NewAuthClient(cfg.API.VenusAuthURL)
+		if err != nil {
+			return nil, fmt.Errorf("failed to create remote jwt auth client: %w", err)
+		}
+		nd.remoteAuth = jwtclient.WarpIJwtAuthClient(client)
 	}
 
 	var ratelimiter *ratelimit.RateLimiter
-	if nd.remoteAuth != nil && cfg.RateLimitCfg.Enable {
+	if client != nil && cfg.RateLimitCfg.Enable {
 		if ratelimiter, err = ratelimit.NewRateLimitHandler(cfg.RateLimitCfg.Endpoint,
-			nil, &jwtauth.ValueFromCtx{}, nd.remoteAuth, logging.Logger("rate-limit")); err != nil {
+			nil, &ValueFromCtx{}, jwtclient.WarpLimitFinder(client), logging.Logger("rate-limit")); err != nil {
 			return nil, fmt.Errorf("request rate-limit is enabled, but create rate-limit handler failed:%w", err)
 		}
 		_ = logging.SetLogLevel("rate-limit", "warn")
@@ -204,3 +209,12 @@ func (b *Builder) build(ctx context.Context) (*Node, error) {
 	nd.jsonRPCService = apiBuilder.Build("v0", ratelimiter)
 	return nd, nil
 }
+
+type ValueFromCtx struct{}
+
+func (vfc *ValueFromCtx) AccFromCtx(ctx context.Context) (string, bool) {
+	return jwtclient.CtxGetName(ctx)
+}
+func (vfc *ValueFromCtx) HostFromCtx(ctx context.Context) (string, bool) {
+	return jwtclient.CtxGetTokenLocation(ctx)
+}

app/node/node.go

@@ -11,7 +11,7 @@ import (
 	"contrib.go.opencensus.io/exporter/jaeger"
 	"github.com/awnumar/memguard"
 	"github.com/filecoin-project/go-jsonrpc"
-	"github.com/filecoin-project/venus-auth/cmd/jwtclient"
+	"github.com/filecoin-project/venus-auth/jwtclient"
 	"github.com/filecoin-project/venus/app/submodule/blockstore"
 	chain2 "github.com/filecoin-project/venus/app/submodule/chain"
 	configModule "github.com/filecoin-project/venus/app/submodule/config"
@@ -31,7 +31,6 @@ import (
 	"github.com/filecoin-project/venus/pkg/config"
 	_ "github.com/filecoin-project/venus/pkg/crypto/bls"  // enable bls signatures
 	_ "github.com/filecoin-project/venus/pkg/crypto/secp" // enable secp signatures
-	"github.com/filecoin-project/venus/pkg/jwtauth"
 	"github.com/filecoin-project/venus/pkg/metrics"
 	"github.com/filecoin-project/venus/pkg/repo"
 	cmds "github.com/ipfs/go-ipfs-cmds"
@@ -100,7 +99,7 @@ type Node struct {
 	jsonRPCService, jsonRPCServiceV1 *jsonrpc.RPCServer
 
 	jaegerExporter *jaeger.Exporter
-	remoteAuth     *jwtauth.RemoteAuth
+	remoteAuth     jwtclient.IJwtAuthClient
 }
 
 func (node *Node) Chain() *chain2.ChainSubmodule {
@@ -261,9 +260,13 @@ func (node *Node) RunRPCAndWait(ctx context.Context, rootCmdDaemon *cmds.Command
 		return err
 	}
 
-	localVerifer, err := jwtauth.NewJwtAuth(node.repo)
+	localVerifer, token, err := jwtclient.NewLocalAuthClient()
 	if err != nil {
-		return err
+		return fmt.Errorf("failed to generate local auth client: %s", err)
+	}
+	err = node.repo.SetAPIToken(token)
+	if err != nil {
+		return fmt.Errorf("set token fail: %w", err)
 	}
 
 	authMux := jwtclient.NewAuthMux(localVerifer, node.remoteAuth, mux)

app/node/test/api.go

@@ -55,6 +55,7 @@ func (a *NodeAPI) Run(ctx context.Context) (client *Client, stop func()) {
 
 	token, err := a.node.Repo().APIToken()
 	require.NoError(a.tb, err)
+	require.NotEmpty(a.tb, token, "empty token")
 	return &Client{addr, token, a.tb}, func() {
 		cancel()
 	}

app/node/test/builder.go

@@ -4,8 +4,6 @@ import (
 	"context"
 	"testing"
 
-	"github.com/filecoin-project/venus/pkg/jwtauth"
-
 	"github.com/filecoin-project/venus/pkg/wallet"
 
 	"github.com/stretchr/testify/require"
@@ -98,8 +96,7 @@ func (b *NodeBuilder) Build(ctx context.Context) *node.Node {
 	// Initialize the node.
 	repoConfigOpts, err := node.OptionsFromRepo(repo)
 	b.requireNoError(err)
-	_, err = jwtauth.NewJwtAuth(repo)
-	b.requireNoError(err)
+
 	nd, err := node.New(ctx, append(repoConfigOpts, b.builderOpts...)...)
 	b.requireNoError(err)
 	return nd

go.mod

@@ -42,9 +42,8 @@ require (
 	github.com/filecoin-project/specs-actors/v8 v8.0.1
 	github.com/filecoin-project/specs-storage v0.4.1
 	github.com/filecoin-project/test-vectors/schema v0.0.5
-	github.com/filecoin-project/venus-auth v1.6.0
+	github.com/filecoin-project/venus-auth v1.6.1-0.20220818060206-3313af6a9ba1
 	github.com/fxamacker/cbor/v2 v2.4.0
-	github.com/gbrlsnchs/jwt/v3 v3.0.1
 	github.com/go-errors/errors v1.0.1
 	github.com/go-kit/kit v0.12.0
 	github.com/golang/mock v1.6.0
@@ -155,6 +154,7 @@ require (
 	github.com/flynn/noise v1.0.0 // indirect
 	github.com/francoispqt/gojay v1.2.13 // indirect
 	github.com/fsnotify/fsnotify v1.5.1 // indirect
+	github.com/gbrlsnchs/jwt/v3 v3.0.1 // indirect
 	github.com/gin-contrib/sse v0.1.0 // indirect
 	github.com/gin-gonic/gin v1.7.0 // indirect
 	github.com/go-kit/log v0.2.0 // indirect

go.sum

@@ -57,6 +57,8 @@ github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03
 github.com/BurntSushi/toml v0.4.1 h1:GaI7EiDXDRfa8VshkTj7Fym7ha+y8/XxIgD2okUIjLw=
 github.com/BurntSushi/toml v0.4.1/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ=
 github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
+github.com/DATA-DOG/go-sqlmock v1.5.0 h1:Shsta01QNfFxHCfpW6YH2STWB0MudeXXEWMr20OEh60=
+github.com/DATA-DOG/go-sqlmock v1.5.0/go.mod h1:f/Ixk793poVmq4qj/V1dPUg2JEAKC73Q5eFN3EC/SaM=
 github.com/DataDog/datadog-go v3.2.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ=
 github.com/DataDog/zstd v1.4.1 h1:3oxKN3wbHibqx897utPC2LTQU4J+IHWWJO+glkAkpFM=
 github.com/DataDog/zstd v1.4.1/go.mod h1:1jcaCB/ufaK+sKp1NBhlGmpz41jOoPQ35bpF36t7BBo=
@@ -407,8 +409,8 @@ github.com/filecoin-project/storetheindex v0.3.5 h1:KoS9TvjPm6zIZfUH8atAHJbVHOO7
 github.com/filecoin-project/storetheindex v0.3.5/go.mod h1:0r3d0kSpK63O6AvLr1CjAINLi+nWD49clzcnKV+GLpI=
 github.com/filecoin-project/test-vectors/schema v0.0.5 h1:w3zHQhzM4pYxJDl21avXjOKBLF8egrvwUwjpT8TquDg=
 github.com/filecoin-project/test-vectors/schema v0.0.5/go.mod h1:iQ9QXLpYWL3m7warwvK1JC/pTri8mnfEmKygNDqqY6E=
-github.com/filecoin-project/venus-auth v1.6.0 h1:DLl7q5g1eh6UTpp98MLpRWAI79k6TUw1Myh/RLeaFpU=
-github.com/filecoin-project/venus-auth v1.6.0/go.mod h1:x/Cv3zz9z5O+/uqIKgYtk5UsL7nYu+CtiPjyVQ8Lywg=
+github.com/filecoin-project/venus-auth v1.6.1-0.20220818060206-3313af6a9ba1 h1:05GqP2sgTlGDLLSmMgkdz/1RgYBwnKDf08Qj5OrcjvU=
+github.com/filecoin-project/venus-auth v1.6.1-0.20220818060206-3313af6a9ba1/go.mod h1:eqjx1U5sJ/3bqqc3PDJutap9A1GAO4fXVt25J6Sm9Fk=
 github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI435gkrCt3MPfRiAkVrwSbHsst4LCFVfpJc=
 github.com/flynn/noise v0.0.0-20180327030543-2492fe189ae6/go.mod h1:1i71OnUq3iUe1ma7Lr6yG6/rjvM3emb6yoL7xLFzcVQ=
 github.com/flynn/noise v1.0.0 h1:DlTHqmzmvcEiKj+4RYo/imoswx/4r6iBlCMfVtrMXpQ=