erigon-pulse/node/rpcstack_test.go
2023-09-12 12:18:47 +07:00

344 lines
10 KiB
Go

// Copyright 2020 The go-ethereum Authors
// This file is part of the go-ethereum library.
//
// The go-ethereum library is free software: you can redistribute it and/or modify
// it under the terms of the GNU Lesser General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// The go-ethereum library is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Lesser General Public License for more details.
//
// You should have received a copy of the GNU Lesser General Public License
// along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>.
package node
import (
"bytes"
"fmt"
"github.com/ledgerwatch/erigon-lib/common"
"io"
"net/http"
"net/url"
"strconv"
"strings"
"testing"
"github.com/gorilla/websocket"
"github.com/ledgerwatch/erigon/rpc"
"github.com/ledgerwatch/erigon/rpc/rpccfg"
"github.com/ledgerwatch/erigon/turbo/testlog"
"github.com/ledgerwatch/log/v3"
"github.com/stretchr/testify/assert"
)
// TestCorsHandler makes sure CORS are properly handled on the http server.
func TestCorsHandler(t *testing.T) {
srv := createAndStartServer(t, &httpConfig{CorsAllowedOrigins: []string{"test", "test.com"}}, false, &wsConfig{})
defer srv.stop()
url := "http://" + srv.listenAddr()
resp := rpcRequest(t, url, "origin", "test.com")
defer resp.Body.Close()
assert.Equal(t, "test.com", resp.Header.Get("Access-Control-Allow-Origin"))
resp2 := rpcRequest(t, url, "origin", "bad")
defer resp2.Body.Close()
assert.Equal(t, "", resp2.Header.Get("Access-Control-Allow-Origin"))
}
// TestVhosts makes sure vhosts is properly handled on the http server.
func TestVhosts(t *testing.T) {
srv := createAndStartServer(t, &httpConfig{Vhosts: []string{"test"}}, false, &wsConfig{})
defer srv.stop()
url := "http://" + srv.listenAddr()
resp := rpcRequest(t, url, "host", "test")
defer resp.Body.Close()
assert.Equal(t, resp.StatusCode, http.StatusOK)
resp2 := rpcRequest(t, url, "host", "bad")
defer resp2.Body.Close()
assert.Equal(t, resp2.StatusCode, http.StatusForbidden)
}
// TestVhostsAny makes sure vhosts any is properly handled on the http server.
func TestVhostsAny(t *testing.T) {
srv := createAndStartServer(t, &httpConfig{Vhosts: []string{"any"}}, false, &wsConfig{})
defer srv.stop()
url := "http://" + srv.listenAddr()
resp := rpcRequest(t, url, "host", "test")
defer resp.Body.Close()
assert.Equal(t, resp.StatusCode, http.StatusOK)
resp2 := rpcRequest(t, url, "host", "bad")
defer resp2.Body.Close()
assert.Equal(t, resp.StatusCode, http.StatusOK)
}
type originTest struct {
spec string
expOk []string
expFail []string
}
// TestWebsocketOrigins makes sure the websocket origins are properly handled on the websocket server.
func TestWebsocketOrigins(t *testing.T) {
tests := []originTest{
{
spec: "*", // allow all
expOk: []string{"", "http://test", "https://test", "http://test:8540", "https://test:8540",
"http://test.com", "https://foo.test", "http://testa", "http://atestb:8540", "https://atestb:8540"},
},
{
spec: "test",
expOk: []string{"http://test", "https://test", "http://test:8540", "https://test:8540"},
expFail: []string{"http://test.com", "https://foo.test", "http://testa", "http://atestb:8540", "https://atestb:8540"},
},
// scheme tests
{
spec: "https://test",
expOk: []string{"https://test", "https://test:9999"},
expFail: []string{
"test", // no scheme, required by spec
"http://test", // wrong scheme
"http://test.foo", "https://a.test.x", // subdomain variatoins
"http://testx:8540", "https://xtest:8540"},
},
// ip tests
{
spec: "https://12.34.56.78",
expOk: []string{"https://12.34.56.78", "https://12.34.56.78:8540"},
expFail: []string{
"http://12.34.56.78", // wrong scheme
"http://12.34.56.78:443", // wrong scheme
"http://1.12.34.56.78", // wrong 'domain name'
"http://12.34.56.78.a", // wrong 'domain name'
"https://87.65.43.21", "http://87.65.43.21:8540", "https://87.65.43.21:8540"},
},
// port tests
{
spec: "test:8540",
expOk: []string{"http://test:8540", "https://test:8540"},
expFail: []string{
"http://test", "https://test", // spec says port required
"http://test:8541", "https://test:8541", // wrong port
"http://bad", "https://bad", "http://bad:8540", "https://bad:8540"},
},
// scheme and port
{
spec: "https://test:8540",
expOk: []string{"https://test:8540"},
expFail: []string{
"https://test", // missing port
"http://test", // missing port, + wrong scheme
"http://test:8540", // wrong scheme
"http://test:8541", "https://test:8541", // wrong port
"http://bad", "https://bad", "http://bad:8540", "https://bad:8540"},
},
// several allowed origins
{
spec: "localhost,http://127.0.0.1",
expOk: []string{"localhost", "http://localhost", "https://localhost:8443",
"http://127.0.0.1", "http://127.0.0.1:8080"},
expFail: []string{
"https://127.0.0.1", // wrong scheme
"http://bad", "https://bad", "http://bad:8540", "https://bad:8540"},
},
}
for _, tc := range tests {
srv := createAndStartServer(t, &httpConfig{}, true, &wsConfig{Origins: common.CliString2Array(tc.spec)})
url := fmt.Sprintf("ws://%v", srv.listenAddr())
for _, origin := range tc.expOk {
if err := wsRequest(t, url, origin); err != nil {
t.Errorf("spec '%v', origin '%v': expected ok, got %v", tc.spec, origin, err)
}
}
for _, origin := range tc.expFail {
if err := wsRequest(t, url, origin); err == nil {
t.Errorf("spec '%v', origin '%v': expected not to allow, got ok", tc.spec, origin)
}
}
srv.stop()
}
}
// TestIsWebsocket tests if an incoming websocket upgrade request is handled properly.
func TestIsWebsocket(t *testing.T) {
r, _ := http.NewRequest("GET", "/", nil)
assert.False(t, isWebsocket(r))
r.Header.Set("upgrade", "websocket")
assert.False(t, isWebsocket(r))
r.Header.Set("connection", "upgrade")
assert.True(t, isWebsocket(r))
r.Header.Set("connection", "upgrade,keep-alive")
assert.True(t, isWebsocket(r))
r.Header.Set("connection", " UPGRADE,keep-alive")
assert.True(t, isWebsocket(r))
}
func Test_checkPath(t *testing.T) {
tests := []struct {
req *http.Request
prefix string
expected bool
}{
{
req: &http.Request{URL: &url.URL{Path: "/test"}},
prefix: "/test",
expected: true,
},
{
req: &http.Request{URL: &url.URL{Path: "/testing"}},
prefix: "/test",
expected: true,
},
{
req: &http.Request{URL: &url.URL{Path: "/"}},
prefix: "/test",
expected: false,
},
{
req: &http.Request{URL: &url.URL{Path: "/fail"}},
prefix: "/test",
expected: false,
},
{
req: &http.Request{URL: &url.URL{Path: "/"}},
prefix: "",
expected: true,
},
{
req: &http.Request{URL: &url.URL{Path: "/fail"}},
prefix: "",
expected: false,
},
{
req: &http.Request{URL: &url.URL{Path: "/"}},
prefix: "/",
expected: true,
},
{
req: &http.Request{URL: &url.URL{Path: "/testing"}},
prefix: "/",
expected: true,
},
}
for i, tt := range tests {
t.Run(strconv.Itoa(i), func(t *testing.T) {
assert.Equal(t, tt.expected, checkPath(tt.req, tt.prefix)) //nolint:scopelint
})
}
}
func createAndStartServer(t *testing.T, conf *httpConfig, ws bool, wsConf *wsConfig) *httpServer {
t.Helper()
srv := newHTTPServer(testlog.Logger(t, log.LvlError), rpccfg.DefaultHTTPTimeouts)
assert.NoError(t, srv.enableRPC(nil, *conf, nil))
if ws {
assert.NoError(t, srv.enableWS(nil, *wsConf, nil))
}
assert.NoError(t, srv.setListenAddr("localhost", 0))
assert.NoError(t, srv.start())
return srv
}
func createAndStartServerWithAllowList(t *testing.T, conf httpConfig, ws bool, wsConf wsConfig) *httpServer {
t.Helper()
srv := newHTTPServer(testlog.Logger(t, log.LvlError), rpccfg.DefaultHTTPTimeouts)
allowList := rpc.AllowList(map[string]struct{}{"net_version": {}}) //don't allow RPC modules
assert.NoError(t, srv.enableRPC(nil, conf, allowList))
if ws {
assert.NoError(t, srv.enableWS(nil, wsConf, allowList))
}
assert.NoError(t, srv.setListenAddr("localhost", 0))
assert.NoError(t, srv.start())
return srv
}
// wsRequest attempts to open a WebSocket connection to the given URL.
func wsRequest(t *testing.T, url, browserOrigin string) error {
t.Helper()
t.Logf("checking WebSocket on %s (origin %q)", url, browserOrigin)
headers := make(http.Header)
if browserOrigin != "" {
headers.Set("Origin", browserOrigin)
}
//nolint
conn, _, err := websocket.DefaultDialer.Dial(url, headers)
if conn != nil {
conn.Close()
}
return err
}
func TestAllowList(t *testing.T) {
srv := createAndStartServerWithAllowList(t, httpConfig{}, false, wsConfig{})
defer srv.stop()
assert.False(t, testCustomRequest(t, srv, "rpc_modules"))
}
func testCustomRequest(t *testing.T, srv *httpServer, method string) bool {
body := bytes.NewReader([]byte(fmt.Sprintf(`{"jsonrpc":"2.0","id":1,"method":"%s"}`, method)))
req, _ := http.NewRequest("POST", "http://"+srv.listenAddr(), body)
req.Header.Set("content-type", "application/json")
client := http.DefaultClient
resp, err := client.Do(req)
if err != nil {
return false
}
defer resp.Body.Close()
respBody, err := io.ReadAll(resp.Body)
assert.NoError(t, err)
return !strings.Contains(string(respBody), "error")
}
// rpcRequest performs a JSON-RPC request to the given URL.
func rpcRequest(t *testing.T, url string, extraHeaders ...string) *http.Response {
t.Helper()
// Create the request.
body := bytes.NewReader([]byte(`{"jsonrpc":"2.0","id":1,"method":"rpc_modules","params":[]}`))
req, err := http.NewRequest("POST", url, body)
if err != nil {
t.Fatal("could not create http request:", err)
}
req.Header.Set("content-type", "application/json")
// Apply extra headers.
if len(extraHeaders)%2 != 0 {
panic("odd extraHeaders length")
}
for i := 0; i < len(extraHeaders); i += 2 {
key, value := extraHeaders[i], extraHeaders[i+1]
if strings.EqualFold(key, "host") {
req.Host = value
} else {
req.Header.Set(key, value)
}
}
// Perform the request.
t.Logf("checking RPC/HTTP on %s %v", url, extraHeaders)
resp, err := http.DefaultClient.Do(req)
if err != nil {
t.Fatal(err)
}
return resp
}