prysm-pulse/cmd/beacon-chain/jwt/jwt.go

package jwt

import (
	"errors"
	"path/filepath"

	"github.com/ethereum/go-ethereum/common/hexutil"
	"github.com/prysmaticlabs/prysm/v5/cmd"
	"github.com/prysmaticlabs/prysm/v5/crypto/rand"
	"github.com/prysmaticlabs/prysm/v5/io/file"
	"github.com/sirupsen/logrus"
	"github.com/urfave/cli/v2"
)

const (
	secretFileName = "jwt.hex"
)

var Commands = &cli.Command{
	Name:        "generate-auth-secret",
	Usage:       "creates a random, 32 byte hex string in a plaintext file to be used for authenticating JSON-RPC requests. If no --output-file flag is defined, the file will be created in the current working directory",
	Description: `creates a random, 32 byte hex string in a plaintext file to be used for authenticating JSON-RPC requests. If no --output-file flag is defined, the file will be created in the current working directory`,
	Flags: cmd.WrapFlags([]cli.Flag{
		cmd.JwtOutputFileFlag,
	}),
	Action: func(cliCtx *cli.Context) error {
		if err := generateAuthSecretInFile(cliCtx); err != nil {
			logrus.WithError(err).Fatal("Could not generate jwt")
		}
		return nil
	},
}

func generateAuthSecretInFile(c *cli.Context) error {
	fileName := secretFileName
	specifiedFilePath := c.String(cmd.JwtOutputFileFlag.Name)
	if len(specifiedFilePath) > 0 {
		fileName = specifiedFilePath
	}
	var err error
	fileName, err = file.ExpandPath(fileName)
	if err != nil {
		return err
	}
	fileDir := filepath.Dir(fileName)
	exists, err := file.HasDir(fileDir)
	if err != nil {
		return err
	}
	if !exists {
		if err := file.MkdirAll(fileDir); err != nil {
			return err
		}
	}
	secret, err := generateRandomHexString()
	if err != nil {
		return err
	}
	if err := file.WriteFile(fileName, []byte(secret)); err != nil {
		return err
	}
	logrus.Infof("Successfully wrote JSON-RPC authentication secret to file %s", fileName)
	return nil
}

func generateRandomHexString() (string, error) {
	secret := make([]byte, 32)
	randGen := rand.NewGenerator()
	n, err := randGen.Read(secret)
	if err != nil {
		return "", err
	} else if n <= 0 {
		return "", errors.New("rand: unexpected length")
	}
	return hexutil.Encode(secret), nil
}
Implement generate-auth-secret on beacon node CLI (#10733) * s * s * typo * typo * s * s * fixes based on PR feedback * PR feedback * reverting log changes * adding flag per feedback * conventions * main fixes * Update cmd/beacon-chain/jwt/jwt.go Co-authored-by: Raul Jordan <raul@prysmaticlabs.com> * Update cmd/beacon-chain/jwt/jwt.go Co-authored-by: Raul Jordan <raul@prysmaticlabs.com> * Update cmd/flags.go Co-authored-by: Raul Jordan <raul@prysmaticlabs.com> * s * tests * test attempt * test * Update cmd/beacon-chain/jwt/jwt.go Co-authored-by: Preston Van Loon <preston@prysmaticlabs.com> * err fix * s * further simplify * cleanup * namefix * tests pass * gaz * rem deadcode * Gaz * shorthand * naming * test pass * dedup * success * Ignore jwt.hex file * logrus * feedback * junk * Also check that no file was written * local run config * small fix * jwt * testfix * s * disabling test * reverting main changes * main revert * removing temp folder * comment * gaz * clarity * rem Co-authored-by: Raul Jordan <raul@prysmaticlabs.com> Co-authored-by: Preston Van Loon <preston@prysmaticlabs.com> Co-authored-by: prylabs-bulldozer[bot] <58059840+prylabs-bulldozer[bot]@users.noreply.github.com> Co-authored-by: Kasey Kirkham <kasey@users.noreply.github.com> 2022-06-07 07:37:12 +00:00			`package jwt`

			`import (`
			`"errors"`
			`"path/filepath"`

			`"github.com/ethereum/go-ethereum/common/hexutil"`
Update to V5 (#13622) * First take at updating everything to v5 * Patch gRPC gateway to use prysm v5 Fix patch * Update go ssz --------- Co-authored-by: Preston Van Loon <pvanloon@offchainlabs.com> 2024-02-15 05:46:47 +00:00			`"github.com/prysmaticlabs/prysm/v5/cmd"`
			`"github.com/prysmaticlabs/prysm/v5/crypto/rand"`
			`"github.com/prysmaticlabs/prysm/v5/io/file"`
Implement generate-auth-secret on beacon node CLI (#10733) * s * s * typo * typo * s * s * fixes based on PR feedback * PR feedback * reverting log changes * adding flag per feedback * conventions * main fixes * Update cmd/beacon-chain/jwt/jwt.go Co-authored-by: Raul Jordan <raul@prysmaticlabs.com> * Update cmd/beacon-chain/jwt/jwt.go Co-authored-by: Raul Jordan <raul@prysmaticlabs.com> * Update cmd/flags.go Co-authored-by: Raul Jordan <raul@prysmaticlabs.com> * s * tests * test attempt * test * Update cmd/beacon-chain/jwt/jwt.go Co-authored-by: Preston Van Loon <preston@prysmaticlabs.com> * err fix * s * further simplify * cleanup * namefix * tests pass * gaz * rem deadcode * Gaz * shorthand * naming * test pass * dedup * success * Ignore jwt.hex file * logrus * feedback * junk * Also check that no file was written * local run config * small fix * jwt * testfix * s * disabling test * reverting main changes * main revert * removing temp folder * comment * gaz * clarity * rem Co-authored-by: Raul Jordan <raul@prysmaticlabs.com> Co-authored-by: Preston Van Loon <preston@prysmaticlabs.com> Co-authored-by: prylabs-bulldozer[bot] <58059840+prylabs-bulldozer[bot]@users.noreply.github.com> Co-authored-by: Kasey Kirkham <kasey@users.noreply.github.com> 2022-06-07 07:37:12 +00:00			`"github.com/sirupsen/logrus"`
			`"github.com/urfave/cli/v2"`
			`)`

			`const (`
			`secretFileName = "jwt.hex"`
			`)`

			`var Commands = &cli.Command{`
			`Name: "generate-auth-secret",`
			`Usage: "creates a random, 32 byte hex string in a plaintext file to be used for authenticating JSON-RPC requests. If no --output-file flag is defined, the file will be created in the current working directory",`
			Description: `creates a random, 32 byte hex string in a plaintext file to be used for authenticating JSON-RPC requests. If no --output-file flag is defined, the file will be created in the current working directory`,
			`Flags: cmd.WrapFlags([]cli.Flag{`
			`cmd.JwtOutputFileFlag,`
			`}),`
Adding exit codes to cli commands (#11735) * adding exit codes to cmd * adding in fatal logs to other cli actions Co-authored-by: Radosław Kapka <rkapka@wp.pl> 2022-12-13 12:13:33 +00:00			`Action: func(cliCtx *cli.Context) error {`
			`if err := generateAuthSecretInFile(cliCtx); err != nil {`
			`logrus.WithError(err).Fatal("Could not generate jwt")`
			`}`
			`return nil`
			`},`
Implement generate-auth-secret on beacon node CLI (#10733) * s * s * typo * typo * s * s * fixes based on PR feedback * PR feedback * reverting log changes * adding flag per feedback * conventions * main fixes * Update cmd/beacon-chain/jwt/jwt.go Co-authored-by: Raul Jordan <raul@prysmaticlabs.com> * Update cmd/beacon-chain/jwt/jwt.go Co-authored-by: Raul Jordan <raul@prysmaticlabs.com> * Update cmd/flags.go Co-authored-by: Raul Jordan <raul@prysmaticlabs.com> * s * tests * test attempt * test * Update cmd/beacon-chain/jwt/jwt.go Co-authored-by: Preston Van Loon <preston@prysmaticlabs.com> * err fix * s * further simplify * cleanup * namefix * tests pass * gaz * rem deadcode * Gaz * shorthand * naming * test pass * dedup * success * Ignore jwt.hex file * logrus * feedback * junk * Also check that no file was written * local run config * small fix * jwt * testfix * s * disabling test * reverting main changes * main revert * removing temp folder * comment * gaz * clarity * rem Co-authored-by: Raul Jordan <raul@prysmaticlabs.com> Co-authored-by: Preston Van Loon <preston@prysmaticlabs.com> Co-authored-by: prylabs-bulldozer[bot] <58059840+prylabs-bulldozer[bot]@users.noreply.github.com> Co-authored-by: Kasey Kirkham <kasey@users.noreply.github.com> 2022-06-07 07:37:12 +00:00			`}`

			`func generateAuthSecretInFile(c *cli.Context) error {`
			`fileName := secretFileName`
			`specifiedFilePath := c.String(cmd.JwtOutputFileFlag.Name)`
			`if len(specifiedFilePath) > 0 {`
			`fileName = specifiedFilePath`
			`}`
			`var err error`
			`fileName, err = file.ExpandPath(fileName)`
			`if err != nil {`
			`return err`
			`}`
			`fileDir := filepath.Dir(fileName)`
			`exists, err := file.HasDir(fileDir)`
			`if err != nil {`
			`return err`
			`}`
			`if !exists {`
			`if err := file.MkdirAll(fileDir); err != nil {`
			`return err`
			`}`
			`}`
			`secret, err := generateRandomHexString()`
			`if err != nil {`
			`return err`
			`}`
			`if err := file.WriteFile(fileName, []byte(secret)); err != nil {`
			`return err`
			`}`
			`logrus.Infof("Successfully wrote JSON-RPC authentication secret to file %s", fileName)`
			`return nil`
			`}`

			`func generateRandomHexString() (string, error) {`
			`secret := make([]byte, 32)`
			`randGen := rand.NewGenerator()`
			`n, err := randGen.Read(secret)`
			`if err != nil {`
			`return "", err`
			`} else if n <= 0 {`
			`return "", errors.New("rand: unexpected length")`
			`}`
			`return hexutil.Encode(secret), nil`
			`}`