-
Notifications
You must be signed in to change notification settings - Fork 804
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[#5851] Add error messages on authentication failures with username and password #6212
Conversation
|
Signed-off-by: David Lutzardo <jdlutzardo@izertis.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
looks good, please add a test to verify the fix
...a/org/hyperledger/besu/ethereum/api/jsonrpc/authentication/DefaultAuthenticationService.java
Outdated
Show resolved
Hide resolved
Signed-off-by: David Lutzardo <jdlutzardo@izertis.com>
Signed-off-by: David Lutzardo <jdlutzardo@izertis.com>
New test has been created. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for adding the tests, just made 2 suggestions to also check the content of the response body.
I see that other unit tests are not checking the body, but probably it make sense to be more specific and avoid future regressions
...api/src/test/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcHttpServiceLoginTest.java
Outdated
Show resolved
Hide resolved
...api/src/test/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcHttpServiceLoginTest.java
Outdated
Show resolved
Hide resolved
Signed-off-by: David Lutzardo <jdlutzardo@izertis.com>
…sonrpc/JsonRpcHttpServiceLoginTest.java Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: David Lutzardo <jdlutzardo@izertis.com>
…sonrpc/JsonRpcHttpServiceLoginTest.java Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: David Lutzardo <jdlutzardo@izertis.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, just add a CHANGELOG entry
use containsIgnoringCase Signed-off-by: David Lutzardo <jdlutzardo@izertis.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Use containsIgnoreCase to validate content of the response.
Merged main branch, and run CI |
Signed-off-by: David Lutzardo <jdlutzardo@izertis.com>
CHANGELOG updated. |
… username and password (hyperledger#6212) * Add error messages on authentication failures with username and password Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add a constant for the 'password' Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add test to check empty login and check response in body is not empty Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Correct format (spotless) Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update ethereum/api/src/test/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcHttpServiceLoginTest.java Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update ethereum/api/src/test/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcHttpServiceLoginTest.java Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update JsonRpcHttpServiceLoginTest.java use containsIgnoringCase Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add a CHANGELOG entry for PR 6212 Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> --------- Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: Justin Florentine <justin+github@florentine.us>
… username and password (hyperledger#6212) * Add error messages on authentication failures with username and password Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add a constant for the 'password' Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add test to check empty login and check response in body is not empty Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Correct format (spotless) Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update ethereum/api/src/test/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcHttpServiceLoginTest.java Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update ethereum/api/src/test/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcHttpServiceLoginTest.java Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update JsonRpcHttpServiceLoginTest.java use containsIgnoringCase Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add a CHANGELOG entry for PR 6212 Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> --------- Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net>
… username and password (hyperledger#6212) * Add error messages on authentication failures with username and password Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add a constant for the 'password' Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add test to check empty login and check response in body is not empty Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Correct format (spotless) Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update ethereum/api/src/test/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcHttpServiceLoginTest.java Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update ethereum/api/src/test/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcHttpServiceLoginTest.java Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update JsonRpcHttpServiceLoginTest.java use containsIgnoringCase Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add a CHANGELOG entry for PR 6212 Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> --------- Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: Justin Florentine <justin+github@florentine.us>
… username and password (hyperledger#6212) * Add error messages on authentication failures with username and password Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add a constant for the 'password' Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add test to check empty login and check response in body is not empty Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Correct format (spotless) Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update ethereum/api/src/test/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcHttpServiceLoginTest.java Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update ethereum/api/src/test/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcHttpServiceLoginTest.java Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update JsonRpcHttpServiceLoginTest.java use containsIgnoringCase Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add a CHANGELOG entry for PR 6212 Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> --------- Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: jflo <justin+github@florentine.us>
* New cli options to limit rewards return by eth_feeHistory (#6202) * [#5851] Add error messages on authentication failures with username and password (#6212) * Add a constant for the 'password' * Add error messages on authentication failures with username and password Signed-off-by: Justin Florentine <justin+github@florentine.us> Signed-off-by: jflo <justin+github@florentine.us> Signed-off-by: Gabriel-Trintinalia <gabriel.trintinalia@consensys.net> Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add test to check empty login and check response in body is not empty Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Correct format (spotless) Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update ethereum/api/src/test/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcHttpServiceLoginTest.java Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update ethereum/api/src/test/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcHttpServiceLoginTest.java Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update JsonRpcHttpServiceLoginTest.java use containsIgnoringCase Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add a CHANGELOG entry for PR 6212 Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> --------- Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: jflo <justin+github@florentine.us> * Add RockDB Subcommand for printing usage per column family (#6185) * Add RockDB Subcommand for printing usage per column family Signed-off-by: Simon Dudley <simon.dudley@consensys.net> * changed output to follow a MD table notation. Signed-off-by: Gabriel Fukushima <gabrielfukushima@gmail.com> --------- Signed-off-by: Gabriel Fukushima <gabrielfukushima@gmail.com> Co-authored-by: Gabriel Fukushima <gabrielfukushima@gmail.com> Signed-off-by: jflo <justin+github@florentine.us> * Deprecation warning if Forest pruning is enabled (#6230) Signed-off-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: jflo <justin+github@florentine.us> * Fix the annoying "Errors occurred while build effective model" during builds (#6241) Signed-off-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: jflo <justin+github@florentine.us> * Run ATs sequentially (#6244) Signed-off-by: Gabriel Fukushima <gabrielfukushima@gmail.com> Signed-off-by: jflo <justin+github@florentine.us> * fix: double calls to trace{Start,End}Transaction (#6247) Signed-off-by: delehef <franklin.delehelle@odena.eu> Signed-off-by: jflo <justin+github@florentine.us> * migrate to junit5 (#6234) Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: jflo <justin+github@florentine.us> * fixes for problems discovered in main (#6248) Signed-off-by: garyschulte <garyschulte@gmail.com> Signed-off-by: jflo <justin+github@florentine.us> * Pki - migrate to junit 5 (#6235) * migrate to junit5 Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> * fix: double calls to trace{Start,End}Transaction (#6247) Signed-off-by: Franklin Delehelle <franklin.delehelle@odena.eu> * migrate to junit5 (#6234) Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> * fixes for problems discovered in main (#6248) Signed-off-by: garyschulte <garyschulte@gmail.com> * fixed test comparing size of collection Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> --------- Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: Franklin Delehelle <franklin.delehelle@odena.eu> Signed-off-by: garyschulte <garyschulte@gmail.com> Co-authored-by: delehef <franklin.delehelle@odena.eu> Co-authored-by: garyschulte <garyschulte@gmail.com> Signed-off-by: jflo <justin+github@florentine.us> * junit 5 ftw (#6253) Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: jflo <justin+github@florentine.us> * removed unnecessary use of static temp dir (#6251) * don't use static tempdir Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> --------- Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: jflo <justin+github@florentine.us> * Remove parallelism usage from mainnet AT (#6252) * Remove parallelism usage from mainnet AT Signed-off-by: Gabriel Fukushima <gabrielfukushima@gmail.com> * Increase parallelism usage from mainnet AT Signed-off-by: Gabriel Fukushima <gabrielfukushima@gmail.com> * Add the split command back Signed-off-by: Gabriel Fukushima <gabrielfukushima@gmail.com> --------- Signed-off-by: Gabriel Fukushima <gabrielfukushima@gmail.com> Signed-off-by: jflo <justin+github@florentine.us> * fix log params (#6254) Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> Co-authored-by: Stefan Pingel <16143240+pinges@users.noreply.github.com> Signed-off-by: jflo <justin+github@florentine.us> * add dependency on jar task (#6255) Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: jflo <justin+github@florentine.us> * Fix and test that the BlockAwareOperationTracer methods are invoked the correct number of times (#6259) * Test that the BlockAwareOperationTracer are invoked the correct number of times * Remove redundant calls to traceEndBlock Signed-off-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: jflo <justin+github@florentine.us> * [RPC] Use apiConfiguration to limit gasPrice in eth_getGasPrice (#6243) Signed-off-by: Gabriel-Trintinalia <gabriel.trintinalia@consensys.net> Signed-off-by: jflo <justin+github@florentine.us> * log bootnodes and static nodes list at debug level (#6273) * log bootnodes and static nodes list at debug level Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> * log if zero bootnodes Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> * null safeguards Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> --------- Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: jflo <justin+github@florentine.us> * junit 5 (#6256) Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: jflo <justin+github@florentine.us> * Non bft group ats junit 5 (#6260) * migrate to junit 5 Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> --------- Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: jflo <justin+github@florentine.us> * Txparse subcommand implementation (#6268) * txparse subcommand Signed-off-by: garyschulte <garyschulte@gmail.com> Co-authored-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: jflo <justin+github@florentine.us> * [MINOR] migrate remaining Crypto tests to junit 5 (#6280) * update crypto tests to junit5 * fixed temp file * removed vintage junit dep Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> --------- Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: jflo <justin+github@florentine.us> * add a fix to load correctly the storage trie in the Bonsai WorldState (#6205) revert some modification that was made to pass tests #5686 and fix this tests by loading the storage with EMPTY_TRIE_HASH if we detect that it has been cleared before pushing the new slots after recreation. --------- Signed-off-by: Karim TAAM <karim.t2am@gmail.com> Signed-off-by: matkt <karim.t2am@gmail.com> Signed-off-by: jflo <justin+github@florentine.us> * Sequenced pool synonym for legacy pool (#6274) * Sequenced pool synonym for legacy pool Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Class rename Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Spotless fixes Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Add SEQUENCED to config overview test Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> * Update CHANGELOG.md Co-authored-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: Matt Whitehead <matthew1001@hotmail.com> * add a fix to load correctly the storage trie in the Bonsai WorldState (#6205) revert some modification that was made to pass tests #5686 and fix this tests by loading the storage with EMPTY_TRIE_HASH if we detect that it has been cleared before pushing the new slots after recreation. --------- Signed-off-by: Karim TAAM <karim.t2am@gmail.com> --------- Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> Signed-off-by: Matt Whitehead <matthew1001@hotmail.com> Signed-off-by: Karim TAAM <karim.t2am@gmail.com> Co-authored-by: Sally MacFarlane <macfarla.github@gmail.com> Co-authored-by: matkt <karim.t2am@gmail.com> Signed-off-by: jflo <justin+github@florentine.us> * ETC mainnet 'Spiral' activation block (#6267) * Set ENR tree for DNS discovery for ETC mainnet network Signed-off-by: Diego López León <dieguitoll@gmail.com> * Set activation block number for ECIP-1109 on ETC mainnet Signed-off-by: Diego López León <dieguitoll@gmail.com> --------- Signed-off-by: Diego López León <dieguitoll@gmail.com> Signed-off-by: jflo <justin+github@florentine.us> * uprev to version 23.10.3-RC3 Signed-off-by: jflo <justin+github@florentine.us> --------- Signed-off-by: Justin Florentine <justin+github@florentine.us> Signed-off-by: jflo <justin+github@florentine.us> Signed-off-by: Gabriel-Trintinalia <gabriel.trintinalia@consensys.net> Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> Signed-off-by: Gabriel Fukushima <gabrielfukushima@gmail.com> Signed-off-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: delehef <franklin.delehelle@odena.eu> Signed-off-by: Sally MacFarlane <macfarla.github@gmail.com> Signed-off-by: garyschulte <garyschulte@gmail.com> Signed-off-by: Franklin Delehelle <franklin.delehelle@odena.eu> Signed-off-by: Karim TAAM <karim.t2am@gmail.com> Signed-off-by: matkt <karim.t2am@gmail.com> Signed-off-by: Matthew Whitehead <matthew1001@gmail.com> Signed-off-by: Matt Whitehead <matthew1001@hotmail.com> Signed-off-by: Diego López León <dieguitoll@gmail.com> Co-authored-by: Gabriel-Trintinalia <gabriel.trintinalia@consensys.net> Co-authored-by: David Lutzardo <jdlutzardo@izertis.com> Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Co-authored-by: Simon Dudley <simon.dudley@consensys.net> Co-authored-by: Gabriel Fukushima <gabrielfukushima@gmail.com> Co-authored-by: delehef <franklin.delehelle@odena.eu> Co-authored-by: Sally MacFarlane <macfarla.github@gmail.com> Co-authored-by: garyschulte <garyschulte@gmail.com> Co-authored-by: Stefan Pingel <16143240+pinges@users.noreply.github.com> Co-authored-by: matkt <karim.t2am@gmail.com> Co-authored-by: Matt Whitehead <matthew1001@gmail.com> Co-authored-by: Diego López León <dieguitoll@gmail.com>
… username and password (hyperledger#6212) * Add error messages on authentication failures with username and password Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add a constant for the 'password' Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add test to check empty login and check response in body is not empty Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Correct format (spotless) Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update ethereum/api/src/test/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcHttpServiceLoginTest.java Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update ethereum/api/src/test/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcHttpServiceLoginTest.java Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update JsonRpcHttpServiceLoginTest.java use containsIgnoringCase Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add a CHANGELOG entry for PR 6212 Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> --------- Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: Gabriel Fukushima <gabrielfukushima@gmail.com>
… username and password (hyperledger#6212) * Add error messages on authentication failures with username and password Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add a constant for the 'password' Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add test to check empty login and check response in body is not empty Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Correct format (spotless) Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update ethereum/api/src/test/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcHttpServiceLoginTest.java Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update ethereum/api/src/test/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcHttpServiceLoginTest.java Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Update JsonRpcHttpServiceLoginTest.java use containsIgnoringCase Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> * Add a CHANGELOG entry for PR 6212 Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> --------- Signed-off-by: David Lutzardo <jdlutzardo@izertis.com> Co-authored-by: Fabio Di Fabio <fabio.difabio@consensys.net> Signed-off-by: jflo <justin+github@florentine.us>
PR description
Include in body message in response 400
Fixed Issue(s)
fixes #5851