mirrors/dendrite
1
0
Fork 0
mirror of https://github.com/matrix-org/dendrite.git synced 2026-01-16 18:43:10 -06:00
Code Issues Packages Projects Releases Wiki Activity

Fix dendrite config to use env for chain_id and enable_authz (#49)

Browse source 
* Fix config to support env variables
This commit is contained in:
Tak Wai Wong 2022-10-25 20:56:36 -07:00 committed by GitHub
parent 8d2033418e
commit c4afa77636
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
11 changed files with 64 additions and 34 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
clientapi/auth/login_publickey_ethereum.go
View file

@ -129,7 +129,7 @@ func (pk LoginPublicKeyEthereum) ValidateLoginResponse() (bool, *jsonerror.Matri
} }
// Error if the chainId is not supported by the server. // Error if the chainId is not supported by the server.
if pk.config.PublicKeyAuthentication.Ethereum.ChainID != message.GetChainID() { if pk.config.PublicKeyAuthentication.Ethereum.GetChainID() != message.GetChainID() {
return false, jsonerror.Forbidden("chainId") return false, jsonerror.Forbidden("chainId")
} }

7
clientapi/auth/login_publickey_ethereum_test.go
View file

@ -18,6 +18,7 @@ import (
"context" "context"
"fmt" "fmt"
"net/http" "net/http"
"strconv"
"strings" "strings"
"testing" "testing"
@ -43,9 +44,9 @@ func createLoginContext(_ *testing.T) *loginContext {
PasswordAuthenticationDisabled: true, PasswordAuthenticationDisabled: true,
PublicKeyAuthentication: config.PublicKeyAuthentication{ PublicKeyAuthentication: config.PublicKeyAuthentication{
Ethereum: config.EthereumAuthConfig{ Ethereum: config.EthereumAuthConfig{
Enabled: true, Enabled: true,
Version: 1, Version: 1,
ChainID: testutil.EthereumTestNetworkId, ConfigChainID: strconv.Itoa(testutil.EthereumTestNetworkId),
}, },
}, },
} }

2
clientapi/authorization/authorization.go
View file

@ -10,7 +10,7 @@ import (
func NewAuthorization(cfg *config.ClientAPI, rsAPI roomserver.ClientRoomserverAPI) authorization.Authorization { func NewAuthorization(cfg *config.ClientAPI, rsAPI roomserver.ClientRoomserverAPI) authorization.Authorization {
// Load authorization manager for Zion // Load authorization manager for Zion
if cfg.PublicKeyAuthentication.Ethereum.EnableAuthz { if cfg.PublicKeyAuthentication.Ethereum.GetEnableAuthZ() {
auth, err := zion.NewZionAuthorization(cfg, rsAPI) auth, err := zion.NewZionAuthorization(cfg, rsAPI)
if err != nil { if err != nil {

7
clientapi/routing/register_publickey_test.go
View file

@ -19,6 +19,7 @@ import (
"encoding/json" "encoding/json"
"fmt" "fmt"
"net/http" "net/http"
"strconv"
"strings" "strings"
"testing" "testing"
@ -48,9 +49,9 @@ func createRegisterContext(_ *testing.T) *registerContext {
PasswordAuthenticationDisabled: true, PasswordAuthenticationDisabled: true,
PublicKeyAuthentication: config.PublicKeyAuthentication{ PublicKeyAuthentication: config.PublicKeyAuthentication{
Ethereum: config.EthereumAuthConfig{ Ethereum: config.EthereumAuthConfig{
Enabled: true, Enabled: true,
Version: 1, Version: 1,
ChainID: testutil.EthereumTestNetworkId, ConfigChainID: strconv.Itoa(testutil.EthereumTestNetworkId),
}, },
}, },
} }

2
dendrite-sample.monolith.yaml
View file

@ -179,7 +179,7 @@ client_api:
enabled: false enabled: false
version: 1 version: 1
chain_id: 31337 chain_id: 31337
networkUrl: "http://127.0.0.1:8545" network_url: "http://127.0.0.1:8545"
# Whether to require reCAPTCHA for registration. If you have enabled registration # Whether to require reCAPTCHA for registration. If you have enabled registration
# then this is HIGHLY RECOMMENDED to reduce the risk of your homeserver being used # then this is HIGHLY RECOMMENDED to reduce the risk of your homeserver being used

2
dendrite-sample.polylith.yaml
View file

@ -175,7 +175,7 @@ client_api:
enabled: false enabled: false
version: 1 version: 1
chain_id: 31337 chain_id: 31337
networkUrl: "http://127.0.0.1:8545" network_url: "http://127.0.0.1:8545"
# Whether to require reCAPTCHA for registration. If you have enabled registration # Whether to require reCAPTCHA for registration. If you have enabled registration
# then this is HIGHLY RECOMMENDED to reduce the risk of your homeserver being used # then this is HIGHLY RECOMMENDED to reduce the risk of your homeserver being used

5
dendrite-zion.yaml
View file

@ -186,9 +186,8 @@ client_api:
ethereum: ethereum:
enabled: true enabled: true
version: 1 version: 1
chain_id: 5 chain_id: ${CHAIN_ID}
deployment_chain_id: ${CHAIN_ID} network_url: ${BLOCKCHAIN_PROVIDER_URL}
networkUrl: ${BLOCKCHAIN_PROVIDER_URL}
enable_authz: ${ENABLE_AUTHZ} enable_authz: ${ENABLE_AUTHZ}
# Whether to require reCAPTCHA for registration. # Whether to require reCAPTCHA for registration.

27
setup/config/config.go
View file

@ -23,7 +23,6 @@ import (
"os" "os"
"path/filepath" "path/filepath"
"regexp" "regexp"
"strconv"
"strings" "strings"
"github.com/joho/godotenv" "github.com/joho/godotenv"
@ -587,7 +586,9 @@ Replace selected config with environment variables
*/ */
func (config *Dendrite) replaceWithEnvVariables() { func (config *Dendrite) replaceWithEnvVariables() {
// Replace selected fields with env variables // If env variable is set, get the value from the env
// variable and replace it in each supported field.
err := godotenv.Load(".env") err := godotenv.Load(".env")
if err != nil { if err != nil {
logrus.Errorln("error loading .env file", err) logrus.Errorln("error loading .env file", err)
@ -604,23 +605,21 @@ func (config *Dendrite) replaceWithEnvVariables() {
), ),
) )
// If env variable is set, convert the deployment chain IDs from the env
// variable into []int and replace the ChainIDs field.
if config.ClientAPI.PublicKeyAuthentication.Ethereum.Enabled { if config.ClientAPI.PublicKeyAuthentication.Ethereum.Enabled {
strChainId := replaceWithEnvVariables(config.ClientAPI.PublicKeyAuthentication.Ethereum.DeploymentChainID) config.ClientAPI.PublicKeyAuthentication.Ethereum.ConfigChainID =
if strChainId != "" { replaceWithEnvVariables(config.ClientAPI.PublicKeyAuthentication.Ethereum.ConfigChainID)
id, err := strconv.Atoi(strings.TrimSpace(strChainId))
if err == nil {
config.ClientAPI.PublicKeyAuthentication.Ethereum.ChainID = id
}
}
config.ClientAPI.PublicKeyAuthentication.Ethereum.NetworkUrl = replaceWithEnvVariables(config.ClientAPI.PublicKeyAuthentication.Ethereum.NetworkUrl) config.ClientAPI.PublicKeyAuthentication.Ethereum.NetworkUrl =
replaceWithEnvVariables(config.ClientAPI.PublicKeyAuthentication.Ethereum.NetworkUrl)
config.ClientAPI.PublicKeyAuthentication.Ethereum.ConfigEnableAuthz =
replaceWithEnvVariables(config.ClientAPI.PublicKeyAuthentication.Ethereum.ConfigEnableAuthz)
logrus.Infof( logrus.Infof(
"Supported Ethereum chain ID=%d, network URL=%s", "Supported Ethereum chain_id=%v, network_url=%v, enable_authz=%v",
config.ClientAPI.PublicKeyAuthentication.Ethereum.ChainID, config.ClientAPI.PublicKeyAuthentication.Ethereum.ConfigChainID,
config.ClientAPI.PublicKeyAuthentication.Ethereum.NetworkUrl, config.ClientAPI.PublicKeyAuthentication.Ethereum.NetworkUrl,
config.ClientAPI.PublicKeyAuthentication.Ethereum.ConfigEnableAuthz,
) )
} }
} }

40
setup/config/config_publickey.go
View file

@ -1,6 +1,9 @@
package config package config
import ( import (
"strconv"
"strings"
"github.com/matrix-org/dendrite/clientapi/auth/authtypes" "github.com/matrix-org/dendrite/clientapi/auth/authtypes"
) )
@ -20,10 +23,37 @@ func (p EthereumAuthParams) GetParams() interface{} {
type EthereumAuthConfig struct { type EthereumAuthConfig struct {
Enabled bool `yaml:"enabled"` Enabled bool `yaml:"enabled"`
Version uint `yaml:"version"` Version uint `yaml:"version"`
ChainID int `yaml:"chain_id"` NetworkUrl string `yaml:"network_url"` // Blockchain network provider URL
DeploymentChainID string `yaml:"deployment_chain_id"` // For deployment: use env variable string to override the chain ID. ConfigChainID string `yaml:"chain_id"` // Blockchain chain ID. Env variable can replace this property.
NetworkUrl string `yaml:"networkUrl"` // Blockchain network provider URL ConfigEnableAuthz string `yaml:"enable_authz"` // Enable / disable authorization during development. Will be removed when feature is done.
EnableAuthz bool `yaml:"enable_authz"` // Flag to enable / disable authorization during development chainID int
enableAuthz bool
}
func (c *EthereumAuthConfig) GetChainID() int {
if c.ConfigChainID != "" {
v := strings.TrimSpace(c.ConfigChainID)
id, err := strconv.Atoi(v)
if err == nil {
c.chainID = id
}
// No need to do this again.
c.ConfigChainID = ""
}
return c.chainID
}
func (c *EthereumAuthConfig) GetEnableAuthZ() bool {
if c.ConfigEnableAuthz != "" {
v := strings.TrimSpace(c.ConfigEnableAuthz)
boolValue, err := strconv.ParseBool(v)
if err == nil {
c.enableAuthz = boolValue
}
// No need to do this again.
c.ConfigEnableAuthz = ""
}
return c.enableAuthz
} }
type PublicKeyAuthentication struct { type PublicKeyAuthentication struct {
@ -48,7 +78,7 @@ func (pk *PublicKeyAuthentication) GetPublicKeyRegistrationParams() map[string]i
if pk.Ethereum.Enabled { if pk.Ethereum.Enabled {
p := EthereumAuthParams{ p := EthereumAuthParams{
Version: pk.Ethereum.Version, Version: pk.Ethereum.Version,
ChainID: pk.Ethereum.ChainID, ChainID: pk.Ethereum.GetChainID(),
} }
params[authtypes.LoginTypePublicKeyEthereum] = p params[authtypes.LoginTypePublicKeyEthereum] = p
} }

2
test/publickey_utils.go
View file

@ -27,7 +27,7 @@ import (
"github.com/spruceid/siwe-go" "github.com/spruceid/siwe-go"
) )
const EthereumTestNetworkId = 1337 // Localhost chain ID const EthereumTestNetworkId int = 31337 // Localhost chain ID
const TestServerName = "localhost" const TestServerName = "localhost"
type EthereumTestWallet struct { type EthereumTestWallet struct {

2
zion/zion_authorization.go
View file

@ -36,7 +36,7 @@ func NewZionAuthorization(
var auth ZionAuthorization var auth ZionAuthorization
auth.chainId = cfg.PublicKeyAuthentication.Ethereum.ChainID auth.chainId = cfg.PublicKeyAuthentication.Ethereum.GetChainID()
auth.store = NewStore(rsAPI) auth.store = NewStore(rsAPI)
switch auth.chainId { switch auth.chainId {