Skip to content

Commit

Permalink
Merge pull request #1141 from ainblockchain/release/v1.0.12
Browse files Browse the repository at this point in the history 
Release/v1.0.12
  • Loading branch information
@platfowner
platfowner authored Mar 30, 2023
2 parents f251a5c + 6dade7c commit 16fb4a3
Show file tree
Hide file tree
Showing 16 changed files with 414 additions and 22 deletions.
19 changes: 10 additions & 9 deletions client/middleware.js
View file
Original file line number Diff line number Diff line change
@@ -1,15 +1,13 @@
const logger = new (require('../logger'))('MIDDLEWARE');

const _ = require('lodash');
const express = require('express');
const cors = require('cors');
const ipWhitelist = require('ip-whitelist');
const rateLimit = require('express-rate-limit');
const matchUrl = require('match-url-wildcard');

const { NodeConfigs } = require('../common/constants');
const {
getRegexpList,
isWildcard
} = require('../common/common-util');
const CommonUtil = require('../common/common-util');
const { JSON_RPC_SET_METHOD_SET } = require('../json_rpc/constants');

class Middleware {
Expand Down Expand Up @@ -39,16 +37,19 @@ class Middleware {
});
}

// TODO(platfowner): Use dynamic origin (see https://www.npmjs.com/package/cors).
corsLimiter() {
return cors({ origin: NodeConfigs.CORS_WHITELIST === '*' ?
NodeConfigs.CORS_WHITELIST : getRegexpList(NodeConfigs.CORS_WHITELIST) });
NodeConfigs.CORS_WHITELIST : CommonUtil.getRegexpList(NodeConfigs.CORS_WHITELIST) });
}

ipWhitelistLimiter() {
const LOG_HEADER = 'ipWhitelistLimiter';
return ipWhitelist((ip) => {
return isWildcard(NodeConfigs.DEV_CLIENT_API_IP_WHITELIST) ||
matchUrl(ip, NodeConfigs.DEV_CLIENT_API_IP_WHITELIST);
})
const isWhitelisted = CommonUtil.isWhitelistedIp(ip, NodeConfigs.DEV_CLIENT_API_IP_WHITELIST);
logger.info(`[${LOG_HEADER}] IP whitelisting check for [${ip}] ${isWhitelisted ? 'succeeded' : 'failed'}!`);
return isWhitelisted;
});
}

blockchainApiRateLimiter = (req, res, next) => {
Expand Down
3 changes: 3 additions & 0 deletions client/protocol_versions.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -110,5 +110,8 @@
},
"1.0.11": {
"min": "1.0.0"
},
"1.0.12": {
"min": "1.0.0"
}
}
26 changes: 26 additions & 0 deletions common/common-util.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,8 @@ const stringify = require('fast-json-stable-stringify');
const jsonDiff = require('json-diff');
const ainUtil = require('@ainblockchain/ain-util');
const _ = require('lodash');
const matchUrl = require('match-url-wildcard');
const ip = require('ip');
const {
FailedTxPrecheckCodeSet,
FunctionResultCode,
Expand Down Expand Up @@ -943,6 +945,30 @@ class CommonUtil {
return CommonUtil.isWildcard(value) ? value : value.split(',');
}

static isWhitelistedUrl(url, whitelist) {
if (CommonUtil.isWildcard(whitelist)) return true;
if (!CommonUtil.isArray(whitelist)) return false;
return matchUrl(url, whitelist);
}

static isWhitelistedIp(ipAddr, whitelist) {
if (CommonUtil.isWildcard(whitelist)) return true;
if (!CommonUtil.isArray(whitelist)) return false;
if (!CommonUtil.isValidIpV4(ipAddr) && !CommonUtil.isValidIpV6(ipAddr)) {
return false;
}
for (const listItem of whitelist) {
try {
if (ip.isEqual(ipAddr, listItem)) {
return true;
}
} catch {
continue;
}
}
return false;
}

static countMaxOccurrences(list) {
if (!CommonUtil.isArray(list)) {
return 0;
Expand Down
109 changes: 109 additions & 0 deletions config_client_api_ip_whitelist.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,109 @@
#!/bin/bash

function usage() {
printf "\n"
printf "Usage: bash config_client_api_ip_whitelist.sh [dev|staging|sandbox|exp|spring|summer|mainnet] [get|add|remove] [<IP Address>]\n"
printf "Example: bash config_client_api_ip_whitelist.sh dev get\n"
printf "Example: bash config_client_api_ip_whitelist.sh dev add 32.190.239.181\n"
printf "Example: bash config_client_api_ip_whitelist.sh dev add '*'\n"
printf "Example: bash config_client_api_ip_whitelist.sh dev remove 32.190.239.181\n"
printf "\n"
exit
}

if [[ $# -lt 2 ]] || [[ $# -gt 3 ]]; then
usage
fi
printf "\n[[[[[ config_client_api_ip_whitelist.sh ]]]]]\n\n"

if [[ "$1" = 'dev' ]] || [[ "$1" = 'staging' ]] || [[ "$1" = 'sandbox' ]] || [[ "$1" = 'exp' ]] || [[ "$1" = 'spring' ]] || [[ "$1" = 'summer' ]] || [[ "$1" = 'mainnet' ]]; then
SEASON="$1"
else
printf "Invalid <Project/Season> argument: $1\n"
usage
fi
printf "SEASON=$SEASON\n"

if [[ "$2" = 'get' ]]; then
COMMAND="$2"
IP_ADDR="$3"
if [[ ! "$IP_ADDR" = "" ]]; then
printf "\nInvalid argument: $IP_ADDR\n"
usage
fi
elif [[ "$2" = 'add' ]] || [[ "$2" = 'remove' ]]; then
COMMAND="$2"
IP_ADDR="$3"
if [[ "$IP_ADDR" = "" ]]; then
printf "\nInvalid <IP Address> argument: $IP_ADDR\n"
usage
fi
else
printf "Invalid <Command> argument: $2\n"
usage
fi
printf "COMMAND=$COMMAND\n"
printf "IP_ADDR=$IP_ADDR\n"

# Get confirmation.
if [[ "$SEASON" = "mainnet" ]]; then
printf "\n"
printf "Do you want to proceed for $SEASON? Enter [mainnet]: "
read CONFIRM
printf "\n\n"
if [[ ! $CONFIRM = "mainnet" ]]
then
[[ "$0" = "$BASH_SOURCE" ]] && exit 1 || return 1 # handle exits from shell or function but don't exit interactive shell
fi
else
printf "\n"
read -p "Do you want to proceed for $SEASON? [y/N]: " -n 1 -r
printf "\n\n"
if [[ ! $REPLY =~ ^[Yy]$ ]]; then
[[ "$0" = "$BASH_SOURCE" ]] && exit 1 || return 1 # handle exits from shell or function but don't exit interactive shell
fi
fi

# Read node ip addresses
IFS=$'\n' read -d '' -r -a IP_ADDR_LIST < ./ip_addresses/$SEASON.txt

# Get keystore password
printf "Enter password: "
read -s PASSWORD
printf "\n\n"
if [[ $SEASON = "mainnet" ]]; then
KEYSTORE_DIR="mainnet_prod_keys"
elif [[ $SEASON = "spring" ]] || [[ $SEASON = "summer" ]]; then
KEYSTORE_DIR="testnet_prod_keys"
else
KEYSTORE_DIR="testnet_dev_staging_keys"
fi

if [[ $COMMAND = "add" ]]; then
COMMAND_NODE_JS_FILE="addToDevClientApiIpWhitelist.js"
elif [[ $COMMAND = "remove" ]]; then
COMMAND_NODE_JS_FILE="removeFromDevClientApiIpWhitelist.js"
else
COMMAND_NODE_JS_FILE="getDevClientApiIpWhitelist.js"
fi

function config_node() {
local node_index="$1"
local node_ip_addr=${IP_ADDR_LIST[${node_index}]}

printf "\n\n<<< Configuring ip whitelist of node $node_index ($node_ip_addr) >>>\n\n"

KEYSTORE_FILE_PATH="$KEYSTORE_DIR/keystore_node_$node_index.json"
CONFIG_NODE_CMD="node tools/api-access/$COMMAND_NODE_JS_FILE $node_ip_addr 0 keystore $KEYSTORE_FILE_PATH"
if [[ ! $COMMAND = "get" ]]; then
CONFIG_NODE_CMD="$CONFIG_NODE_CMD '$IP_ADDR'"
fi

printf "\n"
printf "CONFIG_NODE_CMD=$CONFIG_NODE_CMD\n\n"
eval "echo $PASSWORD | $CONFIG_NODE_CMD"
}

for j in `seq $(( 0 )) $(( 9 ))`; do
config_node "$j"
done
119 changes: 119 additions & 0 deletions config_node_param.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,119 @@
#!/bin/bash

function usage() {
printf "\n"
printf "Usage: bash config_node_param.sh [dev|staging|sandbox|exp|spring|summer|mainnet] [get|add|remove] <Param> [<Value>]\n"
printf "Example: bash config_node_param.sh dev get DEV_CLIENT_API_IP_WHITELIST\n"
printf "Example: bash config_node_param.sh dev add DEV_CLIENT_API_IP_WHITELIST 32.190.239.181\n"
printf "Example: bash config_node_param.sh dev add DEV_CLIENT_API_IP_WHITELIST '*'\n"
printf "Example: bash config_node_param.sh dev remove DEV_CLIENT_API_IP_WHITELIST 32.190.239.181\n"
printf "Example: bash config_node_param.sh dev set DEV_CLIENT_API_IP_WHITELIST '*'\n"
printf "\n"
exit
}

if [[ $# -lt 3 ]] || [[ $# -gt 4 ]]; then
usage
fi
printf "\n[[[[[ config_node_param.sh ]]]]]\n\n"

if [[ "$1" = 'dev' ]] || [[ "$1" = 'staging' ]] || [[ "$1" = 'sandbox' ]] || [[ "$1" = 'exp' ]] || [[ "$1" = 'spring' ]] || [[ "$1" = 'summer' ]] || [[ "$1" = 'mainnet' ]]; then
SEASON="$1"
else
printf "Invalid <Project/Season> argument: $1\n"
usage
fi
printf "SEASON=$SEASON\n"

if [[ "$2" = 'get' ]]; then
COMMAND="$2"
PARAM="$3"
VALUE="$4"
if [[ ! "$VALUE" = "" ]]; then
printf "\nInvalid argument: $VALUE\n"
usage
fi
elif [[ "$2" = 'add' ]] || [[ "$2" = 'remove' ]] || [[ "$2" = 'set' ]]; then
COMMAND="$2"
PARAM="$3"
VALUE="$4"
if [[ "$PARAM" = "" ]]; then
printf "\nInvalid <Param> argument: $PARAM\n"
usage
fi
if [[ "$VALUE" = "" ]]; then
printf "\nInvalid <Value> argument: $VALUE\n"
usage
fi
else
printf "Invalid <Command> argument: $2\n"
usage
fi
printf "COMMAND=$COMMAND\n"
printf "PARAM=$PARAM\n"
printf "VALUE=$VALUE\n"

# Get confirmation.
if [[ "$SEASON" = "mainnet" ]]; then
printf "\n"
printf "Do you want to proceed for $SEASON? Enter [mainnet]: "
read CONFIRM
printf "\n\n"
if [[ ! $CONFIRM = "mainnet" ]]
then
[[ "$0" = "$BASH_SOURCE" ]] && exit 1 || return 1 # handle exits from shell or function but don't exit interactive shell
fi
else
printf "\n"
read -p "Do you want to proceed for $SEASON? [y/N]: " -n 1 -r
printf "\n\n"
if [[ ! $REPLY =~ ^[Yy]$ ]]; then
[[ "$0" = "$BASH_SOURCE" ]] && exit 1 || return 1 # handle exits from shell or function but don't exit interactive shell
fi
fi

# Read node ip addresses
IFS=$'\n' read -d '' -r -a IP_ADDR_LIST < ./ip_addresses/$SEASON.txt

# Get keystore password
printf "Enter password: "
read -s PASSWORD
printf "\n\n"
if [[ $SEASON = "mainnet" ]]; then
KEYSTORE_DIR="mainnet_prod_keys"
elif [[ $SEASON = "spring" ]] || [[ $SEASON = "summer" ]]; then
KEYSTORE_DIR="testnet_prod_keys"
else
KEYSTORE_DIR="testnet_dev_staging_keys"
fi

if [[ $COMMAND = "add" ]]; then
COMMAND_NODE_JS_FILE="addToWhitelistNodeParam.js"
elif [[ $COMMAND = "remove" ]]; then
COMMAND_NODE_JS_FILE="removeFromWhitelistNodeParam.js"
elif [[ $COMMAND = "set" ]]; then
COMMAND_NODE_JS_FILE="setNodeParam.js"
else
COMMAND_NODE_JS_FILE="getNodeParam.js"
fi

function config_node() {
local node_index="$1"
local node_ip_addr=${IP_ADDR_LIST[${node_index}]}

printf "\n\n<<< Configuring ip whitelist of node $node_index ($node_ip_addr) >>>\n\n"

KEYSTORE_FILE_PATH="$KEYSTORE_DIR/keystore_node_$node_index.json"
CONFIG_NODE_CMD="node tools/api-access/$COMMAND_NODE_JS_FILE $node_ip_addr 0 keystore $KEYSTORE_FILE_PATH $PARAM"
if [[ ! $COMMAND = "get" ]]; then
CONFIG_NODE_CMD="$CONFIG_NODE_CMD '$VALUE'"
fi

printf "\n"
printf "CONFIG_NODE_CMD=$CONFIG_NODE_CMD\n\n"
eval "echo $PASSWORD | $CONFIG_NODE_CMD"
}

for j in `seq $(( 0 )) $(( 9 ))`; do
config_node "$j"
done
3 changes: 1 addition & 2 deletions db/functions.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,6 @@ const logger = new (require('../logger'))('FUNCTIONS');

const axios = require('axios');
const _ = require('lodash');
const matchUrl = require('match-url-wildcard');
const Accounts = require('web3-eth-accounts');
const stringify = require('fast-json-stable-stringify');
const {
Expand Down Expand Up @@ -238,7 +237,7 @@ class Functions {
}
} else if (functionEntry.function_type === FunctionTypes.REST) {
if (NodeConfigs.ENABLE_REST_FUNCTION_CALL && functionEntry.function_url &&
matchUrl(functionEntry.function_url, this.db.getRestFunctionsUrlWhitelist())) {
CommonUtil.isWhitelistedUrl(functionEntry.function_url, this.db.getRestFunctionsUrlWhitelist())) {
if (DevFlags.enableRichFunctionLogging) {
logger.info(
` ==> Triggering REST function [[ ${functionEntry.function_id} ]] of ` +
Expand Down
2 changes: 1 addition & 1 deletion deploy_blockchain_incremental_gcp.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -175,7 +175,7 @@ function deploy_tracker() {
if [[ $SETUP_OPTION = "--setup" ]]; then
# 2. Set up tracker
printf "\n\n[[[ Setting up tracker ]]]\n\n"
SETUP_CMD="gcloud compute ssh $TRACKER_TARGET_ADDR --command '. setup_blockchain_ubuntu.sh' --project $PROJECT_ID --zone $TRACKER_ZONE"
SETUP_CMD="gcloud compute ssh $TRACKER_TARGET_ADDR --command 'cd ./ain-blockchain; . setup_blockchain_ubuntu.sh' --project $PROJECT_ID --zone $TRACKER_ZONE"
printf "SETUP_CMD=$SETUP_CMD\n\n"
eval $SETUP_CMD
fi
Expand Down
2 changes: 1 addition & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"name": "ain-blockchain",
"description": "AI Network Blockchain",
"version": "1.0.11",
"version": "1.0.12",
"private": true,
"license": "MIT",
"author": "[email protected]",
Expand Down
Loading

0 comments on commit 16fb4a3

Please sign in to comment.