From e44e30766d55a0f4e25c0f9d6d8662fc27a1f854 Mon Sep 17 00:00:00 2001 From: Marius van der Wijden Date: Fri, 25 Feb 2022 10:41:13 +0100 Subject: [PATCH] node: make authenticated port configurable --- cmd/utils/flags.go | 11 ++++++++++- node/config.go | 5 ++++- node/defaults.go | 2 ++ node/node.go | 4 ++-- 4 files changed, 18 insertions(+), 4 deletions(-) diff --git a/cmd/utils/flags.go b/cmd/utils/flags.go index 1c3d5c8bdc360..1c27ba179a5b4 100644 --- a/cmd/utils/flags.go +++ b/cmd/utils/flags.go @@ -520,7 +520,7 @@ var ( } JWTSecretFlag = cli.StringFlag{ Name: "jwt-secret", - Usage: "JWT secret to use for authenticated RPC endpoints", + Usage: "JWT secret (or path to a jwt secret) to use for authenticated RPC endpoints", } // Logging and debug settings EthStatsURLFlag = cli.StringFlag{ @@ -558,6 +558,11 @@ var ( Usage: "HTTP-RPC server listening port", Value: node.DefaultHTTPPort, } + HTTPAuthPortFlag = cli.IntFlag{ + Name: "http.authport", + Usage: "HTTP-RPC server listening port for authenticated api's", + Value: node.DefaultAuthPort, + } HTTPCORSDomainFlag = cli.StringFlag{ Name: "http.corsdomain", Usage: "Comma separated list of domains from which to accept cross origin requests (browser enforced)", @@ -955,6 +960,10 @@ func setHTTP(ctx *cli.Context, cfg *node.Config) { cfg.HTTPPort = ctx.GlobalInt(HTTPPortFlag.Name) } + if ctx.GlobalIsSet(HTTPAuthPortFlag.Name) { + cfg.AuthPort = ctx.GlobalInt(HTTPAuthPortFlag.Name) + } + if ctx.GlobalIsSet(HTTPCORSDomainFlag.Name) { cfg.HTTPCors = SplitAndTrim(ctx.GlobalString(HTTPCORSDomainFlag.Name)) } diff --git a/node/config.go b/node/config.go index de7d56db391da..4a12fa6abafd5 100644 --- a/node/config.go +++ b/node/config.go @@ -113,6 +113,9 @@ type Config struct { // for ephemeral nodes). HTTPPort int `toml:",omitempty"` + // Authport is the port number on which the authenticated API is provided. + AuthPort int `toml:",omitempty"` + // HTTPCors is the Cross-Origin Resource Sharing header to send to requesting // clients. Please be aware that CORS is a browser enforced security, it's fully // useless for custom HTTP clients. @@ -252,7 +255,7 @@ func (c *Config) HTTPEndpoint() string { // DefaultHTTPEndpoint returns the HTTP endpoint used by default. func DefaultHTTPEndpoint() string { - config := &Config{HTTPHost: DefaultHTTPHost, HTTPPort: DefaultHTTPPort} + config := &Config{HTTPHost: DefaultHTTPHost, HTTPPort: DefaultHTTPPort, AuthPort: DefaultAuthPort} return config.HTTPEndpoint() } diff --git a/node/defaults.go b/node/defaults.go index c685dde5d1275..76e99ffa0c1a3 100644 --- a/node/defaults.go +++ b/node/defaults.go @@ -34,12 +34,14 @@ const ( DefaultWSPort = 8546 // Default TCP port for the websocket RPC server DefaultGraphQLHost = "localhost" // Default host interface for the GraphQL server DefaultGraphQLPort = 8547 // Default TCP port for the GraphQL server + DefaultAuthPort = 8551 // Default port for the authenticated apis ) // DefaultConfig contains reasonable default settings. var DefaultConfig = Config{ DataDir: DefaultDataDir(), HTTPPort: DefaultHTTPPort, + AuthPort: DefaultAuthPort, HTTPModules: []string{"net", "web3"}, HTTPVirtualHosts: []string{"localhost"}, HTTPTimeouts: rpc.DefaultHTTPTimeouts, diff --git a/node/node.go b/node/node.go index 9d4d2053c2bb5..01cc67497380d 100644 --- a/node/node.go +++ b/node/node.go @@ -443,7 +443,7 @@ func (n *Node) startRPC() error { } // Configure authenticated HTTP (if needed). if len(open) != len(all) { - if err := initHttp(n.httpAuth, all, 8551, jwtSecret); err != nil { + if err := initHttp(n.httpAuth, all, n.config.AuthPort, jwtSecret); err != nil { return err } } @@ -456,7 +456,7 @@ func (n *Node) startRPC() error { } // authenticated if len(open) != len(all) { - if err := initWS(all, 8551, jwtSecret); err != nil { + if err := initWS(all, n.config.AuthPort, jwtSecret); err != nil { return err } }