username/password authentication - errors not presented to user #5851
Labels
bug
Something isn't working
good first issue
Good for newcomers
P4
Low (ex: Node doesn't start up when the configuration file has unexpected "end-of-line" character)
RPC
snack
Smaller coding task - less than a day for an experienced dev
TeamChupa
GH issues worked on by Chupacabara Team
TeamGroot
GH issues worked on by Groot Team
TeamRevenant
GH issues worked on by Revenant Team
ux
Comments
non-fungible-nelson
added
snack
fab-10
added a commit
that referenced
this issue
Dec 4, 2023
…nd password (#6212) * Add error messages on authentication failures with username and password Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add a constant for the 'password' Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add test to check empty login and check response in body is not empty Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Correct format (spotless) Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update ethereum/api/src/test/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcHttpServiceLoginTest.java Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update ethereum/api/src/test/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcHttpServiceLoginTest.java Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update JsonRpcHttpServiceLoginTest.java use containsIgnoringCase Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add a CHANGELOG entry for PR 6212 Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> --------- Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net>
jflo
pushed a commit
to jflo/besu
that referenced
this issue
Dec 4, 2023
… username and password (hyperledger#6212) * Add error messages on authentication failures with username and password Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add a constant for the 'password' Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add test to check empty login and check response in body is not empty Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Correct format (spotless) Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update ethereum/api/src/test/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcHttpServiceLoginTest.java Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update ethereum/api/src/test/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcHttpServiceLoginTest.java Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update JsonRpcHttpServiceLoginTest.java use containsIgnoringCase Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add a CHANGELOG entry for PR 6212 Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> --------- Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: Justin Florentine <justin+github@florentine.us>
jflo
pushed a commit
to jflo/besu
that referenced
this issue
Dec 4, 2023
… username and password (hyperledger#6212) * Add error messages on authentication failures with username and password Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add a constant for the 'password' Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add test to check empty login and check response in body is not empty Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Correct format (spotless) Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update ethereum/api/src/test/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcHttpServiceLoginTest.java Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update ethereum/api/src/test/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcHttpServiceLoginTest.java Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update JsonRpcHttpServiceLoginTest.java use containsIgnoringCase Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add a CHANGELOG entry for PR 6212 Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> --------- Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net>
jflo
pushed a commit
to jflo/besu
that referenced
this issue
Dec 4, 2023
… username and password (hyperledger#6212) * Add error messages on authentication failures with username and password Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add a constant for the 'password' Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add test to check empty login and check response in body is not empty Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Correct format (spotless) Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update ethereum/api/src/test/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcHttpServiceLoginTest.java Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update ethereum/api/src/test/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcHttpServiceLoginTest.java Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update JsonRpcHttpServiceLoginTest.java use containsIgnoringCase Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add a CHANGELOG entry for PR 6212 Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> --------- Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: Justin Florentine <justin+github@florentine.us>
jflo
pushed a commit
to jflo/besu
that referenced
this issue
Dec 12, 2023
… username and password (hyperledger#6212) * Add error messages on authentication failures with username and password Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add a constant for the 'password' Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add test to check empty login and check response in body is not empty Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Correct format (spotless) Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update ethereum/api/src/test/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcHttpServiceLoginTest.java Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update ethereum/api/src/test/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcHttpServiceLoginTest.java Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update JsonRpcHttpServiceLoginTest.java use containsIgnoringCase Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add a CHANGELOG entry for PR 6212 Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> --------- Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: jflo <justin+github@florentine.us>
jflo
added a commit
that referenced
this issue
Dec 12, 2023
* New cli options to limit rewards return by eth_feeHistory (#6202) * [#5851] Add error messages on authentication failures with username and password (#6212) * Add a constant for the 'password' * Add error messages on authentication failures with username and password Signed-off-by: Justin Florentine <justin+github@florentine.us> Signed-off-by: jflo <justin+github@florentine.us> Signed-off-by: Gabriel-Trintinalia <gabriel.trintinalia@consensys.net> Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add test to check empty login and check response in body is not empty Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Correct format (spotless) Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update ethereum/api/src/test/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcHttpServiceLoginTest.java Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update ethereum/api/src/test/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcHttpServiceLoginTest.java Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update JsonRpcHttpServiceLoginTest.java use containsIgnoringCase Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add a CHANGELOG entry for PR 6212 Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> --------- Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: jflo <justin+github@florentine.us> * Add RockDB Subcommand for printing usage per column family (#6185) * Add RockDB Subcommand for printing usage per column family Signed-off-by: Simon Dudley <simon.dudley@consensys.net> * changed output to follow a MD table notation. Signed-off-by: Gabriel Fukushima <gabrielfukushima@gmail.com> --------- Signed-off-by: Gabriel Fukushima <gabrielfukushima@gmail.com> Co-authored-by: Gabriel Fukushima <gabrielfukushima@gmail.com> Signed-off-by: jflo <justin+github@florentine.us> * Deprecation warning if Forest pruning is enabled (#6230) Signed-off-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: jflo <justin+github@florentine.us> * Fix the annoying "Errors occurred while build effective model" during builds (#6241) Signed-off-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: jflo <justin+github@florentine.us> * Run ATs sequentially (#6244) Signed-off-by: Gabriel Fukushima <gabrielfukushima@gmail.com> Signed-off-by: jflo <justin+github@florentine.us> * fix: double calls to trace{Start,End}Transaction (#6247) Signed-off-by: delehef <franklin.delehelle@odena.eu> Signed-off-by: jflo <justin+github@florentine.us> * migrate to junit5 (#6234) Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: jflo <justin+github@florentine.us> * fixes for problems discovered in main (#6248) Signed-off-by: garyschulte <garyschulte@gmail.com> Signed-off-by: jflo <justin+github@florentine.us> * Pki - migrate to junit 5 (#6235) * migrate to junit5 Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> * fix: double calls to trace{Start,End}Transaction (#6247) Signed-off-by: Franklin Delehelle <franklin.delehelle@odena.eu> * migrate to junit5 (#6234) Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> * fixes for problems discovered in main (#6248) Signed-off-by: garyschulte <garyschulte@gmail.com> * fixed test comparing size of collection Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> --------- Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: Franklin Delehelle <franklin.delehelle@odena.eu> Signed-off-by: garyschulte <garyschulte@gmail.com> Co-authored-by: delehef <franklin.delehelle@odena.eu> Co-authored-by: garyschulte <garyschulte@gmail.com> Signed-off-by: jflo <justin+github@florentine.us> * junit 5 ftw (#6253) Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: jflo <justin+github@florentine.us> * removed unnecessary use of static temp dir (#6251) * don't use static tempdir Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> --------- Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: jflo <justin+github@florentine.us> * Remove parallelism usage from mainnet AT (#6252) * Remove parallelism usage from mainnet AT Signed-off-by: Gabriel Fukushima <gabrielfukushima@gmail.com> * Increase parallelism usage from mainnet AT Signed-off-by: Gabriel Fukushima <gabrielfukushima@gmail.com> * Add the split command back Signed-off-by: Gabriel Fukushima <gabrielfukushima@gmail.com> --------- Signed-off-by: Gabriel Fukushima <gabrielfukushima@gmail.com> Signed-off-by: jflo <justin+github@florentine.us> * fix log params (#6254) Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> Co-authored-by: Stefan Pingel <16143240+pinges@users.noreply.github.com> Signed-off-by: jflo <justin+github@florentine.us> * add dependency on jar task (#6255) Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: jflo <justin+github@florentine.us> * Fix and test that the BlockAwareOperationTracer methods are invoked the correct number of times (#6259) * Test that the BlockAwareOperationTracer are invoked the correct number of times * Remove redundant calls to traceEndBlock Signed-off-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: jflo <justin+github@florentine.us> * [RPC] Use apiConfiguration to limit gasPrice in eth_getGasPrice (#6243) Signed-off-by: Gabriel-Trintinalia <gabriel.trintinalia@consensys.net> Signed-off-by: jflo <justin+github@florentine.us> * log bootnodes and static nodes list at debug level (#6273) * log bootnodes and static nodes list at debug level Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> * log if zero bootnodes Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> * null safeguards Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> --------- Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: jflo <justin+github@florentine.us> * junit 5 (#6256) Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: jflo <justin+github@florentine.us> * Non bft group ats junit 5 (#6260) * migrate to junit 5 Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> --------- Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: jflo <justin+github@florentine.us> * Txparse subcommand implementation (#6268) * txparse subcommand Signed-off-by: garyschulte <garyschulte@gmail.com> Co-authored-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: jflo <justin+github@florentine.us> * [MINOR] migrate remaining Crypto tests to junit 5 (#6280) * update crypto tests to junit5 * fixed temp file * removed vintage junit dep Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> --------- Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: jflo <justin+github@florentine.us> * add a fix to load correctly the storage trie in the Bonsai WorldState (#6205) revert some modification that was made to pass tests #5686 and fix this tests by loading the storage with EMPTY_TRIE_HASH if we detect that it has been cleared before pushing the new slots after recreation. --------- Signed-off-by: Karim TAAM <karim.t2am@gmail.com> Signed-off-by: matkt <karim.t2am@gmail.com> Signed-off-by: jflo <justin+github@florentine.us> * Sequenced pool synonym for legacy pool (#6274) * Sequenced pool synonym for legacy pool Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Class rename Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Spotless fixes Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Add SEQUENCED to config overview test Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Update CHANGELOG.md Co-authored-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: Matt Whitehead <matthew1001@hotmail.com> * add a fix to load correctly the storage trie in the Bonsai WorldState (#6205) revert some modification that was made to pass tests #5686 and fix this tests by loading the storage with EMPTY_TRIE_HASH if we detect that it has been cleared before pushing the new slots after recreation. --------- Signed-off-by: Karim TAAM <karim.t2am@gmail.com> --------- Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> Signed-off-by: Matt Whitehead <matthew1001@hotmail.com> Signed-off-by: Karim TAAM <karim.t2am@gmail.com> Co-authored-by: Sally MacFarlane <macfarla.github@gmail.com> Co-authored-by: matkt <karim.t2am@gmail.com> Signed-off-by: jflo <justin+github@florentine.us> * ETC mainnet 'Spiral' activation block (#6267) * Set ENR tree for DNS discovery for ETC mainnet network Signed-off-by: Diego López León <dieguitoll@gmail.com> * Set activation block number for ECIP-1109 on ETC mainnet Signed-off-by: Diego López León <dieguitoll@gmail.com> --------- Signed-off-by: Diego López León <dieguitoll@gmail.com> Signed-off-by: jflo <justin+github@florentine.us> * uprev to version 23.10.3-RC3 Signed-off-by: jflo <justin+github@florentine.us> --------- Signed-off-by: Justin Florentine <justin+github@florentine.us> Signed-off-by: jflo <justin+github@florentine.us> Signed-off-by: Gabriel-Trintinalia <gabriel.trintinalia@consensys.net> Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> Signed-off-by: Gabriel Fukushima <gabrielfukushima@gmail.com> Signed-off-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: delehef <franklin.delehelle@odena.eu> Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: garyschulte <garyschulte@gmail.com> Signed-off-by: Franklin Delehelle <franklin.delehelle@odena.eu> Signed-off-by: Karim TAAM <karim.t2am@gmail.com> Signed-off-by: matkt <karim.t2am@gmail.com> Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> Signed-off-by: Matt Whitehead <matthew1001@hotmail.com> Signed-off-by: Diego López León <dieguitoll@gmail.com> Co-authored-by: Gabriel-Trintinalia <gabriel.trintinalia@consensys.net> Co-authored-by: David Lutzardo <jdlutzardo@izertis.com> Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Co-authored-by: Simon Dudley <simon.dudley@consensys.net> Co-authored-by: Gabriel Fukushima <gabrielfukushima@gmail.com> Co-authored-by: delehef <franklin.delehelle@odena.eu> Co-authored-by: Sally MacFarlane <macfarla.github@gmail.com> Co-authored-by: garyschulte <garyschulte@gmail.com> Co-authored-by: Stefan Pingel <16143240+pinges@users.noreply.github.com> Co-authored-by: matkt <karim.t2am@gmail.com> Co-authored-by: Matt Whitehead <matthew1001@gmail.com> Co-authored-by: Diego López León <dieguitoll@gmail.com>
gfukushima
pushed a commit
to gfukushima/besu
that referenced
this issue
Dec 15, 2023
… username and password (hyperledger#6212) * Add error messages on authentication failures with username and password Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add a constant for the 'password' Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add test to check empty login and check response in body is not empty Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Correct format (spotless) Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update ethereum/api/src/test/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcHttpServiceLoginTest.java Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update ethereum/api/src/test/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcHttpServiceLoginTest.java Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update JsonRpcHttpServiceLoginTest.java use containsIgnoringCase Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add a CHANGELOG entry for PR 6212 Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> --------- Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: Gabriel Fukushima <gabrielfukushima@gmail.com>
jflo
pushed a commit
to jflo/besu
that referenced
this issue
Dec 18, 2023
… username and password (hyperledger#6212) * Add error messages on authentication failures with username and password Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add a constant for the 'password' Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add test to check empty login and check response in body is not empty Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Correct format (spotless) Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update ethereum/api/src/test/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcHttpServiceLoginTest.java Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update ethereum/api/src/test/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcHttpServiceLoginTest.java Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update JsonRpcHttpServiceLoginTest.java use containsIgnoringCase Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add a CHANGELOG entry for PR 6212 Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> --------- Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: jflo <justin+github@florentine.us>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
eg if you get your password wrong, you get an empty response rather than "Invalid password".
Stepping through it with a debugger I can see the "Invalid password" error but it gets lost somewhere
latest besu
following instructions here to setup username/password auth https://besu.hyperledger.org/stable/public-networks/how-to/use-besu-api/authenticate#json-rpc-permissions
The text was updated successfully, but these errors were encountered: