From 82d6200548385c15f07bbf106437a5af4090953c Mon Sep 17 00:00:00 2001 From: Matthew Clarke Date: Wed, 3 Jan 2024 10:32:55 +0000 Subject: [PATCH 1/2] add bearer token option for auth Signed-off-by: Matthew Clarke --- cmd/run.go | 4 +++- internal/conf/conf.go | 18 +++++++++++++++--- internal/perf/perf.go | 6 +++++- 3 files changed, 23 insertions(+), 5 deletions(-) diff --git a/cmd/run.go b/cmd/run.go index e67c0ae..76f110a 100644 --- a/cmd/run.go +++ b/cmd/run.go @@ -170,10 +170,12 @@ func generateRunnerConfigFromInstance(instance *conf.InstanceConfig, perfConfig if perfConfig.Nodes[instance.ManualNodeIndex].AuthUsername != "" { runnerConfig.WebSocket.AuthUsername = perfConfig.Nodes[instance.ManualNodeIndex].AuthUsername } - if perfConfig.Nodes[instance.ManualNodeIndex].AuthPassword != "" { runnerConfig.WebSocket.AuthPassword = perfConfig.Nodes[instance.ManualNodeIndex].AuthPassword } + if perfConfig.Nodes[instance.ManualNodeIndex].AuthToken != "" { + runnerConfig.WebSocket.AuthToken = perfConfig.Nodes[instance.ManualNodeIndex].AuthToken + } } else { // Read endpoint information from the stack JSON log.Infof("Running test against stack \"%s\"\n", perfConfig.StackJSONPath) diff --git a/internal/conf/conf.go b/internal/conf/conf.go index 17a3998..c9e202f 100644 --- a/internal/conf/conf.go +++ b/internal/conf/conf.go @@ -18,6 +18,7 @@ package conf import ( "crypto/tls" + "fmt" "net/url" "time" @@ -97,6 +98,7 @@ type NodeConfig struct { APIEndpoint string `json:"apiEndpoint,omitempty" yaml:"apiEndpoint,omitempty"` AuthUsername string `json:"authUsername,omitempty" yaml:"authUsername,omitempty"` AuthPassword string `json:"authPassword,omitempty" yaml:"authPassword,omitempty"` + AuthToken string `json:"authToken,omitempty" yaml:"authToken,omitempty"` } type MessageOptions struct { @@ -135,6 +137,7 @@ type FireFlyWsConfig struct { HeartbeatInterval time.Duration `mapstructure:"heartbeatInterval" json:"heartbeatInterval" yaml:"heartbeatInterval"` AuthUsername string `mapstructure:"authUsername" json:"authUsername" yaml:"authUsername"` AuthPassword string `mapstructure:"authPassword" json:"authPassword" yaml:"authPassword"` + AuthToken string `mapstructure:"authToken" json:"authToken" yaml:"authToken"` DisableTLSVerification bool `mapstructure:"disableTLSVerification" json:"disableTLSVerification" yaml:"disableTLSVerification"` ConnectionTimeout time.Duration `mapstructure:"connectionTimeout" json:"connectionTimeout" yaml:"connectionTimeout"` } @@ -142,7 +145,7 @@ type FireFlyWsConfig struct { func GenerateWSConfig(nodeURL string, conf *FireFlyWsConfig) *wsclient.WSConfig { t, _ := url.QueryUnescape(conf.WSPath) - return &wsclient.WSConfig{ + wsConfig := wsclient.WSConfig{ HTTPURL: nodeURL, WSKeyPath: t, ReadBufferSize: conf.ReadBufferSize, @@ -151,13 +154,22 @@ func GenerateWSConfig(nodeURL string, conf *FireFlyWsConfig) *wsclient.WSConfig MaximumDelay: conf.MaximumDelay, InitialConnectAttempts: conf.InitialConnectAttempts, HeartbeatInterval: conf.HeartbeatInterval, - AuthUsername: conf.AuthUsername, - AuthPassword: conf.AuthPassword, ConnectionTimeout: conf.ConnectionTimeout, TLSClientConfig: &tls.Config{ InsecureSkipVerify: conf.DisableTLSVerification, }, } + + if conf.AuthToken != "" { + wsConfig.HTTPHeaders = fftypes.JSONObject{ + "Authorization": fmt.Sprintf("Bearer %s", conf.AuthToken), + } + } else { + wsConfig.AuthUsername = conf.AuthUsername + wsConfig.AuthPassword = conf.AuthPassword + } + + return &wsConfig } var ( diff --git a/internal/perf/perf.go b/internal/perf/perf.go index 10d3458..dd4d1e2 100644 --- a/internal/perf/perf.go +++ b/internal/perf/perf.go @@ -271,7 +271,11 @@ func New(config *conf.RunnerConfig, reportBuilder *util.Report) PerfRunner { func (pr *perfRunner) Init() (err error) { pr.client = getFFClient(pr.sender) - pr.client.SetBasicAuth(pr.cfg.WebSocket.AuthUsername, pr.cfg.WebSocket.AuthPassword) + if pr.cfg.WebSocket.AuthToken != "" { + pr.client.Header.Set("Authorization", fmt.Sprintf("Bearer %s", pr.cfg.WebSocket.AuthToken)) + } else { + pr.client.SetBasicAuth(pr.cfg.WebSocket.AuthUsername, pr.cfg.WebSocket.AuthPassword) + } // Set request retry with backoff pr.client. SetRetryCount(10). From a325ca815fbf167a658f79626668d5717451b4be Mon Sep 17 00:00:00 2001 From: Matthew Clarke Date: Sun, 14 Jan 2024 16:26:59 +0000 Subject: [PATCH 2/2] update readme for authToken Signed-off-by: Matthew Clarke --- README.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/README.md b/README.md index 62eca13..7f328c6 100644 --- a/README.md +++ b/README.md @@ -65,6 +65,13 @@ Currently the types of test that can be run against a remote node are limited to it most suitable for test types `token_mint`, `custom_ethereum_contract` and `custom_fabric_contract` since these don't need responses to be received from other members of the FireFly network. +To provide authentication when authenticating against a node endpoint, you can provide either of the following credentials in the `instances.yaml` under each `node` entry: + +- bearer token - set the access token as the `authToken` value +- basic auth - set the username and password as the `authUsername` and `authPassword` values + +> `authToken` takes precedence over `authUsername` and `authPassword` values + As a result, running the CLI consists of providing an `instances.yaml` file describe the test configuration and an instance index or name indicating which instance the process should run: