mirror of
https://github.com/sigp/lighthouse.git
synced 2026-07-04 13:24:39 +00:00
Add --jwt-secret-path to lcli mock-el (#8864)
Co-Authored-By: Jimmy Chen <jchen.tc@gmail.com>
This commit is contained in:
@@ -492,10 +492,20 @@ fn main() {
|
|||||||
.long("jwt-output-path")
|
.long("jwt-output-path")
|
||||||
.value_name("PATH")
|
.value_name("PATH")
|
||||||
.action(ArgAction::Set)
|
.action(ArgAction::Set)
|
||||||
.required(true)
|
.required_unless_present("jwt-secret-path")
|
||||||
|
.conflicts_with("jwt-secret-path")
|
||||||
.help("Path to write the JWT secret.")
|
.help("Path to write the JWT secret.")
|
||||||
.display_order(0)
|
.display_order(0)
|
||||||
)
|
)
|
||||||
|
.arg(
|
||||||
|
Arg::new("jwt-secret-path")
|
||||||
|
.long("jwt-secret-path")
|
||||||
|
.value_name("PATH")
|
||||||
|
.action(ArgAction::Set)
|
||||||
|
.help("Path to an existing hex-encoded JWT secret file. \
|
||||||
|
When provided, this secret is used instead of the default.")
|
||||||
|
.display_order(0)
|
||||||
|
)
|
||||||
.arg(
|
.arg(
|
||||||
Arg::new("listen-address")
|
Arg::new("listen-address")
|
||||||
.long("listen-address")
|
.long("listen-address")
|
||||||
|
|||||||
@@ -2,7 +2,7 @@ use clap::ArgMatches;
|
|||||||
use clap_utils::{parse_optional, parse_required};
|
use clap_utils::{parse_optional, parse_required};
|
||||||
use environment::Environment;
|
use environment::Environment;
|
||||||
use execution_layer::{
|
use execution_layer::{
|
||||||
auth::JwtKey,
|
auth::{JwtKey, strip_prefix},
|
||||||
test_utils::{
|
test_utils::{
|
||||||
Config, DEFAULT_JWT_SECRET, DEFAULT_TERMINAL_BLOCK, MockExecutionConfig, MockServer,
|
Config, DEFAULT_JWT_SECRET, DEFAULT_TERMINAL_BLOCK, MockExecutionConfig, MockServer,
|
||||||
},
|
},
|
||||||
@@ -13,7 +13,8 @@ use std::sync::Arc;
|
|||||||
use types::*;
|
use types::*;
|
||||||
|
|
||||||
pub fn run<E: EthSpec>(mut env: Environment<E>, matches: &ArgMatches) -> Result<(), String> {
|
pub fn run<E: EthSpec>(mut env: Environment<E>, matches: &ArgMatches) -> Result<(), String> {
|
||||||
let jwt_path: PathBuf = parse_required(matches, "jwt-output-path")?;
|
let jwt_output_path: Option<PathBuf> = parse_optional(matches, "jwt-output-path")?;
|
||||||
|
let jwt_secret_path: Option<PathBuf> = parse_optional(matches, "jwt-secret-path")?;
|
||||||
let listen_addr: Ipv4Addr = parse_required(matches, "listen-address")?;
|
let listen_addr: Ipv4Addr = parse_required(matches, "listen-address")?;
|
||||||
let listen_port: u16 = parse_required(matches, "listen-port")?;
|
let listen_port: u16 = parse_required(matches, "listen-port")?;
|
||||||
let all_payloads_valid: bool = parse_required(matches, "all-payloads-valid")?;
|
let all_payloads_valid: bool = parse_required(matches, "all-payloads-valid")?;
|
||||||
@@ -25,8 +26,23 @@ pub fn run<E: EthSpec>(mut env: Environment<E>, matches: &ArgMatches) -> Result<
|
|||||||
|
|
||||||
let handle = env.core_context().executor.handle().unwrap();
|
let handle = env.core_context().executor.handle().unwrap();
|
||||||
let spec = Arc::new(E::default_spec());
|
let spec = Arc::new(E::default_spec());
|
||||||
let jwt_key = JwtKey::from_slice(&DEFAULT_JWT_SECRET).unwrap();
|
|
||||||
std::fs::write(jwt_path, hex::encode(DEFAULT_JWT_SECRET)).unwrap();
|
let jwt_key = if let Some(secret_path) = jwt_secret_path {
|
||||||
|
let hex_str = std::fs::read_to_string(&secret_path)
|
||||||
|
.map_err(|e| format!("Failed to read JWT secret file: {}", e))?;
|
||||||
|
let secret_bytes = hex::decode(strip_prefix(hex_str.trim()))
|
||||||
|
.map_err(|e| format!("Invalid hex in JWT secret file: {}", e))?;
|
||||||
|
JwtKey::from_slice(&secret_bytes)
|
||||||
|
.map_err(|e| format!("Invalid JWT secret length (expected 32 bytes): {}", e))?
|
||||||
|
} else if let Some(jwt_path) = jwt_output_path {
|
||||||
|
let jwt_key = JwtKey::from_slice(&DEFAULT_JWT_SECRET)
|
||||||
|
.map_err(|e| format!("Default JWT secret invalid: {}", e))?;
|
||||||
|
std::fs::write(jwt_path, hex::encode(jwt_key.as_bytes()))
|
||||||
|
.map_err(|e| format!("Failed to write JWT secret to output path: {}", e))?;
|
||||||
|
jwt_key
|
||||||
|
} else {
|
||||||
|
return Err("either --jwt-secret-path or --jwt-output-path must be provided".to_string());
|
||||||
|
};
|
||||||
|
|
||||||
let config = MockExecutionConfig {
|
let config = MockExecutionConfig {
|
||||||
server_config: Config {
|
server_config: Config {
|
||||||
|
|||||||
Reference in New Issue
Block a user