refactor: Replace JwtSecret with alloy's version of it (#8299)

Co-authored-by: Matthias Seitz <matthias.seitz@outlook.de>
paradigmxyz · May 19, 2024 · db9c559 · db9c559
1 parent 3daec1d
commit db9c559
Show file tree

Hide file tree

Showing 11 changed files with 21 additions and 455 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/crates/node-core/src/args/rpc_server.rs b/crates/node-core/src/args/rpc_server.rs
@@ -493,7 +493,7 @@ impl RethRpcConfig for RpcServerArgs {
     }
 
     fn rpc_secret_key(&self) -> Option<JwtSecret> {
-        self.rpc_jwtsecret.clone()
+        self.rpc_jwtsecret
     }
 }
 

diff --git a/crates/node-core/src/utils.rs b/crates/node-core/src/utils.rs
@@ -12,7 +12,7 @@ use reth_interfaces::p2p::{
 use reth_network::NetworkManager;
 use reth_primitives::{BlockHashOrNumber, ChainSpec, HeadersDirection, SealedBlock, SealedHeader};
 use reth_provider::BlockReader;
-use reth_rpc_layer::{JwtError, JwtSecret};
+use reth_rpc_types::engine::{JwtError, JwtSecret};
 use std::{
     env::VarError,
     path::{Path, PathBuf},
@@ -33,7 +33,7 @@ pub fn get_or_create_jwt_secret_from_path(path: &Path) -> Result<JwtSecret, JwtE
         JwtSecret::from_file(path)
     } else {
         info!(target: "reth::cli", ?path, "Creating JWT auth secret file");
-        JwtSecret::try_create(path)
+        JwtSecret::try_create_random(path)
     }
 }
 

diff --git a/crates/rpc/rpc-builder/src/auth.rs b/crates/rpc/rpc-builder/src/auth.rs
@@ -133,7 +133,7 @@ where
 
     // Create auth middleware.
     let middleware =
-        tower::ServiceBuilder::new().layer(AuthLayer::new(JwtAuthValidator::new(secret.clone())));
+        tower::ServiceBuilder::new().layer(AuthLayer::new(JwtAuthValidator::new(secret)));
 
     // By default, both http and ws are enabled.
     let server = ServerBuilder::new()
@@ -184,8 +184,8 @@ impl AuthServerConfig {
         let Self { socket_addr, secret, server_config, ipc_server_config, ipc_endpoint } = self;
 
         // Create auth middleware.
-        let middleware = tower::ServiceBuilder::new()
-            .layer(AuthLayer::new(JwtAuthValidator::new(secret.clone())));
+        let middleware =
+            tower::ServiceBuilder::new().layer(AuthLayer::new(JwtAuthValidator::new(secret)));
 
         // By default, both http and ws are enabled.
         let server = server_config
@@ -403,7 +403,7 @@ impl AuthServerHandle {
         &self,
     ) -> jsonrpsee::http_client::HttpClient<AuthClientService<HttpBackend>> {
         // Create a middleware that adds a new JWT token to every request.
-        let secret_layer = AuthClientLayer::new(self.secret.clone());
+        let secret_layer = AuthClientLayer::new(self.secret);
         let middleware = tower::ServiceBuilder::default().layer(secret_layer);
         jsonrpsee::http_client::HttpClientBuilder::default()
             .set_http_middleware(middleware)

diff --git a/crates/rpc/rpc-builder/src/lib.rs b/crates/rpc/rpc-builder/src/lib.rs
@@ -1630,7 +1630,7 @@ impl RpcServerConfig {
 
     /// Creates the [AuthLayer] if any
     fn maybe_jwt_layer(&self) -> Option<AuthLayer<JwtAuthValidator>> {
-        self.jwt_secret.clone().map(|secret| AuthLayer::new(JwtAuthValidator::new(secret)))
+        self.jwt_secret.map(|secret| AuthLayer::new(JwtAuthValidator::new(secret)))
     }
 
     /// Builds the ws and http server(s).
@@ -1701,7 +1701,7 @@ impl RpcServerConfig {
                 http_local_addr: Some(addr),
                 ws_local_addr: Some(addr),
                 server: WsHttpServers::SamePort(server),
-                jwt_secret: self.jwt_secret.clone(),
+                jwt_secret: self.jwt_secret,
             })
         }
 
@@ -1760,7 +1760,7 @@ impl RpcServerConfig {
             http_local_addr,
             ws_local_addr,
             server: WsHttpServers::DifferentPort { http: http_server, ws: ws_server },
-            jwt_secret: self.jwt_secret.clone(),
+            jwt_secret: self.jwt_secret,
         })
     }
 
@@ -2062,7 +2062,7 @@ impl RpcServer {
     }
     /// Return the JwtSecret of the server
     pub fn jwt(&self) -> Option<JwtSecret> {
-        self.ws_http.jwt_secret.clone()
+        self.ws_http.jwt_secret
     }
 
     /// Returns the [`SocketAddr`] of the ws server if started.

diff --git a/crates/rpc/rpc-layer/Cargo.toml b/crates/rpc/rpc-layer/Cargo.toml
@@ -11,19 +11,14 @@ repository.workspace = true
 workspace = true
 
 [dependencies]
-reth-primitives.workspace = true
-reth-fs-util.workspace = true
+alloy-rpc-types-engine.workspace = true
 
 http.workspace = true
 hyper.workspace = true
 tower.workspace = true
 http-body.workspace = true
 pin-project.workspace = true
-jsonwebtoken = "8"
 
-rand.workspace = true
-serde.workspace = true
-thiserror.workspace = true
 tracing.workspace = true
 
 [dev-dependencies]

diff --git a/crates/rpc/rpc-layer/src/auth_client_layer.rs b/crates/rpc/rpc-layer/src/auth_client_layer.rs
@@ -24,7 +24,7 @@ impl<S> Layer<S> for AuthClientLayer {
     type Service = AuthClientService<S>;
 
     fn layer(&self, inner: S) -> Self::Service {
-        AuthClientService::new(self.secret.clone(), inner)
+        AuthClientService::new(self.secret, inner)
     }
 }
 

diff --git a/crates/rpc/rpc-layer/src/auth_layer.rs b/crates/rpc/rpc-layer/src/auth_layer.rs
@@ -155,6 +155,9 @@ where
 
 #[cfg(test)]
 mod tests {
+    use super::*;
+    use crate::JwtAuthValidator;
+    use alloy_rpc_types_engine::{Claims, JwtError, JwtSecret};
     use http::{header, Method, Request, StatusCode};
     use hyper::{body, Body};
     use jsonrpsee::{
@@ -166,9 +169,6 @@ mod tests {
         time::{SystemTime, UNIX_EPOCH},
     };
 
-    use super::AuthLayer;
-    use crate::{jwt_secret::Claims, JwtAuthValidator, JwtError, JwtSecret};
-
     const AUTH_PORT: u32 = 8551;
     const AUTH_ADDR: &str = "0.0.0.0";
     const SECRET: &str = "f79ae8046bc11c9927afe911db7143c51a806c4a537cc08e0d37140b0192f430";