1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
use std::io;
use std::sync::Arc;
use std::path::PathBuf;
use ansi_term::Colour;
use io::{ForwardPanic, PanicHandler};
use util::path::restrict_permissions_owner;
use rpc_apis;
use ethcore_signer as signer;
use dir::default_data_path;
use helpers::replace_home;
use jsonrpc_core::reactor::{RpcHandler, Remote};
pub use ethcore_signer::Server as SignerServer;
const CODES_FILENAME: &'static str = "authcodes";
#[derive(Debug, PartialEq, Clone)]
pub struct Configuration {
pub enabled: bool,
pub port: u16,
pub interface: String,
pub signer_path: String,
pub skip_origin_validation: bool,
}
impl Default for Configuration {
fn default() -> Self {
let data_dir = default_data_path();
Configuration {
enabled: true,
port: 8180,
interface: "127.0.0.1".into(),
signer_path: replace_home(&data_dir, "$BASE/signer"),
skip_origin_validation: false,
}
}
}
pub struct Dependencies {
pub panic_handler: Arc<PanicHandler>,
pub apis: Arc<rpc_apis::Dependencies>,
pub remote: Remote,
}
pub struct NewToken {
pub token: String,
pub url: String,
pub message: String,
}
pub fn start(conf: Configuration, deps: Dependencies) -> Result<Option<SignerServer>, String> {
if !conf.enabled {
Ok(None)
} else {
Ok(Some(do_start(conf, deps)?))
}
}
fn codes_path(path: String) -> PathBuf {
let mut p = PathBuf::from(path);
p.push(CODES_FILENAME);
let _ = restrict_permissions_owner(&p, true, false);
p
}
pub fn execute(cmd: Configuration) -> Result<String, String> {
Ok(generate_token_and_url(&cmd)?.message)
}
pub fn generate_token_and_url(conf: &Configuration) -> Result<NewToken, String> {
let code = generate_new_token(conf.signer_path.clone()).map_err(|err| format!("Error generating token: {:?}", err))?;
let auth_url = format!("http://{}:{}/#/auth?token={}", conf.interface, conf.port, code);
Ok(NewToken {
token: code.clone(),
url: auth_url.clone(),
message: format!(
r#"
Open: {}
to authorize your browser.
Or use the generated token:
{}"#,
Colour::White.bold().paint(auth_url),
code
)
})
}
pub fn generate_new_token(path: String) -> io::Result<String> {
let path = codes_path(path);
let mut codes = signer::AuthCodes::from_file(&path)?;
codes.clear_garbage();
let code = codes.generate_new()?;
codes.to_file(&path)?;
trace!("New key code created: {}", Colour::White.bold().paint(&code[..]));
Ok(code)
}
fn do_start(conf: Configuration, deps: Dependencies) -> Result<SignerServer, String> {
let addr = format!("{}:{}", conf.interface, conf.port)
.parse()
.map_err(|_| format!("Invalid port specified: {}", conf.port))?;
let start_result = {
let server = signer::ServerBuilder::new(
deps.apis.signer_service.queue(),
codes_path(conf.signer_path),
);
if conf.skip_origin_validation {
warn!("{}", Colour::Red.bold().paint("*** INSECURE *** Running Trusted Signer with no origin validation."));
info!("If you do not intend this, exit now.");
}
let server = server.skip_origin_validation(conf.skip_origin_validation);
let apis = rpc_apis::setup_rpc(Default::default(), deps.apis, rpc_apis::ApiSet::SafeContext);
let handler = RpcHandler::new(Arc::new(apis), deps.remote);
server.start(addr, handler)
};
match start_result {
Err(signer::ServerError::IoError(err)) => match err.kind() {
io::ErrorKind::AddrInUse => Err(format!("Trusted UI address {} is already in use, make sure that another instance of an Ethereum client is not running or change the address using the --ui-port and --ui-interface options.", addr)),
_ => Err(format!("Trusted Signer io error: {}", err)),
},
Err(e) => Err(format!("Trusted Signer Error: {:?}", e)),
Ok(server) => {
deps.panic_handler.forward_from(&server);
Ok(server)
},
}
}