grassrootseconomics/openethereum
8
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

SystemUIs authorization (#1233)

Browse Source 
* Initial implementation of AuthCodeStore for SystemUIs

* SystemUIs authorization

* Renaming SystemUI -> SignerUI

* Fixing clippy warnings

* Lowering time threshold

* Bumping sysui

* Fixing test
This commit is contained in:
Tomasz Drwięga
2016-06-07 17:21:19 +02:00
committed by Gav Wood
parent e6d141e14f
commit f61ee1a5f1
12 changed files with 316 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
parity/cli.rs
View File

@@ -26,6 +26,7 @@ Usage:
parity account (new | list) [options]
parity import [ <file> ] [options]
parity export [ <file> ] [options]
parity signer new-token [options]
parity [options]
Protocol Options:
@@ -100,9 +101,11 @@ API and Console Options:
[default: $HOME/.parity/dapps]
--signer Enable Trusted Signer WebSocket endpoint used by
System UIs.
Signer UIs.
--signer-port PORT Specify the port of Trusted Signer server
[default: 8180].
--signer-path PATH Specify directory where Signer UIs tokens should
be stored. [default: $HOME/.parity/signer]
Sealing/Mining Options:
--force-sealing Force the node to author new blocks as if it were
@@ -205,6 +208,8 @@ pub struct Args {
pub cmd_list: bool,
pub cmd_export: bool,
pub cmd_import: bool,
pub cmd_signer: bool,
pub cmd_new_token: bool,
pub arg_pid_file: String,
pub arg_file: Option<String>,
pub flag_chain: String,
@@ -244,6 +249,7 @@ pub struct Args {
pub flag_dapps_path: String,
pub flag_signer: bool,
pub flag_signer_port: u16,
pub flag_signer_path: String,
pub flag_force_sealing: bool,
pub flag_author: String,
pub flag_usd_per_tx: String,

5
parity/configuration.rs
View File

@@ -41,6 +41,7 @@ pub struct Directories {
pub keys: String,
pub db: String,
pub dapps: String,
pub signer: String,
}
impl Configuration {
@@ -331,11 +332,15 @@ impl Configuration {
::std::fs::create_dir_all(&keys_path).unwrap_or_else(|e| die_with_io_error("main", e));
let dapps_path = Configuration::replace_home(&self.args.flag_dapps_path);
::std::fs::create_dir_all(&dapps_path).unwrap_or_else(|e| die_with_io_error("main", e));
let signer_path = Configuration::replace_home(&self.args.flag_signer_path);
::std::fs::create_dir_all(&signer_path).unwrap_or_else(|e| die_with_io_error("main", e));
Directories {
keys: keys_path,
db: db_path,
dapps: dapps_path,
signer: signer_path,
}
}

19
parity/main.rs
View File

@@ -93,7 +93,7 @@ use informant::Informant;
use die::*;
use cli::print_version;
use rpc::RpcServer;
use signer::SignerServer;
use signer::{SignerServer, new_token};
use dapps::WebappServer;
use io_handler::ClientIoHandler;
use configuration::Configuration;
@@ -137,6 +137,11 @@ fn execute(conf: Configuration) {
return;
}
if conf.args.cmd_signer {
execute_signer(conf);
return;
}
execute_client(conf, spec, client_config);
}
@@ -241,6 +246,7 @@ fn execute_client(conf: Configuration, spec: Spec, client_config: ClientConfig)
let signer_server = signer::start(signer::Configuration {
enabled: deps_for_rpc_apis.signer_enabled,
port: conf.args.flag_signer_port,
signer_path: conf.directories().signer,
}, signer::Dependencies {
panic_handler: panic_handler.clone(),
apis: deps_for_rpc_apis.clone(),
@@ -439,6 +445,17 @@ fn execute_import(conf: Configuration) {
client.flush_queue();
}
fn execute_signer(conf: Configuration) {
if !conf.args.cmd_new_token {
die!("Unknown command.");
}
let path = conf.directories().signer;
new_token(path).unwrap_or_else(|e| {
die!("Error generating token: {:?}", e)
});
}
fn execute_account_cli(conf: Configuration) {
use util::keys::store::SecretStore;
use rpassword::read_password;

37
parity/signer.rs
View File

@@ -14,21 +14,28 @@
// You should have received a copy of the GNU General Public License
// along with Parity. If not, see <http://www.gnu.org/licenses/>.
use std::io;
use std::path::PathBuf;
use std::sync::Arc;
use util::panics::{PanicHandler, ForwardPanic};
use util::keys::directory::restrict_permissions_owner;
use die::*;
use rpc_apis;
const CODES_FILENAME: &'static str = "authcodes";
#[cfg(feature = "ethcore-signer")]
use ethcore_signer as signer;
#[cfg(feature = "ethcore-signer")]
pub use ethcore_signer::Server as SignerServer;
#[cfg(not(feature = "ethcore-signer"))]
pub struct SignerServer;
pub struct Configuration {
pub enabled: bool,
pub port: u16,
pub signer_path: String,
}
pub struct Dependencies {
@@ -44,6 +51,25 @@ pub fn start(conf: Configuration, deps: Dependencies) -> Option<SignerServer> {
}
}
fn codes_path(path: String) -> PathBuf {
let mut p = PathBuf::from(path);
p.push(CODES_FILENAME);
let _ = restrict_permissions_owner(&p);
p
}
#[cfg(feature = "ethcore-signer")]
pub fn new_token(path: String) -> io::Result<()> {
let path = codes_path(path);
let mut codes = try!(signer::AuthCodes::from_file(&path));
let code = try!(codes.generate_new());
try!(codes.to_file(&path));
println!("New token has been generated. Copy the code below to your Signer UI:");
println!("{}", code);
Ok(())
}
#[cfg(feature = "ethcore-signer")]
fn do_start(conf: Configuration, deps: Dependencies) -> SignerServer {
let addr = format!("127.0.0.1:{}", conf.port).parse().unwrap_or_else(|_| {
@@ -51,7 +77,10 @@ fn do_start(conf: Configuration, deps: Dependencies) -> SignerServer {
});
let start_result = {
let server = signer::ServerBuilder::new(deps.apis.signer_queue.clone());
let server = signer::ServerBuilder::new(
deps.apis.signer_queue.clone(),
codes_path(conf.signer_path),
);
let server = rpc_apis::setup_rpc(server, deps.apis, rpc_apis::ApiSet::SafeContext);
server.start(addr)
};
@@ -67,8 +96,12 @@ fn do_start(conf: Configuration, deps: Dependencies) -> SignerServer {
}
#[cfg(not(feature = "ethcore-signer"))]
fn do_start(conf: Configuration) -> ! {
fn do_start(_conf: Configuration) -> ! {
die!("Your Parity version has been compiled without Trusted Signer support.")
}
#[cfg(not(feature = "ethcore-signer"))]
pub fn new_token(_path: String) -> ! {
die!("Your Parity version has been compiled without Trusted Signer support.")
}