Merge pull request #1141 from ainblockchain/release/v1.0.12

Release/v1.0.12

Author: platfowner

client/middleware.js

@@ -1,15 +1,13 @@
+const logger = new (require('../logger'))('MIDDLEWARE');
+
 const _ = require('lodash');
 const express = require('express');
 const cors = require('cors');
 const ipWhitelist = require('ip-whitelist');
 const rateLimit = require('express-rate-limit');
-const matchUrl = require('match-url-wildcard');
 
 const { NodeConfigs } = require('../common/constants');
-const {
-  getRegexpList,
-  isWildcard
-} = require('../common/common-util');
+const CommonUtil = require('../common/common-util');
 const { JSON_RPC_SET_METHOD_SET } = require('../json_rpc/constants');
 
 class Middleware {
@@ -39,16 +37,19 @@ class Middleware {
     });
   }
 
+  // TODO(platfowner): Use dynamic origin (see https://www.npmjs.com/package/cors).
   corsLimiter() {
     return cors({ origin: NodeConfigs.CORS_WHITELIST === '*' ?
-        NodeConfigs.CORS_WHITELIST : getRegexpList(NodeConfigs.CORS_WHITELIST) });
+        NodeConfigs.CORS_WHITELIST : CommonUtil.getRegexpList(NodeConfigs.CORS_WHITELIST) });
   }
 
   ipWhitelistLimiter() {
+    const LOG_HEADER = 'ipWhitelistLimiter';
     return ipWhitelist((ip) => {
-      return isWildcard(NodeConfigs.DEV_CLIENT_API_IP_WHITELIST) ||
-          matchUrl(ip, NodeConfigs.DEV_CLIENT_API_IP_WHITELIST);
-    })
+      const isWhitelisted = CommonUtil.isWhitelistedIp(ip, NodeConfigs.DEV_CLIENT_API_IP_WHITELIST);
+      logger.info(`[${LOG_HEADER}] IP whitelisting check for [${ip}] ${isWhitelisted ? 'succeeded' : 'failed'}!`);
+      return isWhitelisted;
+    });
   }
 
   blockchainApiRateLimiter = (req, res, next) => {

client/protocol_versions.json

@@ -110,5 +110,8 @@
   },
   "1.0.11": {
     "min": "1.0.0"
+  },
+  "1.0.12": {
+    "min": "1.0.0"
   }
 }

common/common-util.js

@@ -4,6 +4,8 @@ const stringify = require('fast-json-stable-stringify');
 const jsonDiff = require('json-diff');
 const ainUtil = require('@ainblockchain/ain-util');
 const _ = require('lodash');
+const matchUrl = require('match-url-wildcard');
+const ip = require('ip');
 const {
   FailedTxPrecheckCodeSet,
   FunctionResultCode,
@@ -943,6 +945,30 @@ class CommonUtil {
     return CommonUtil.isWildcard(value) ? value : value.split(',');
   }
 
+  static isWhitelistedUrl(url, whitelist) {
+    if (CommonUtil.isWildcard(whitelist)) return true;
+    if (!CommonUtil.isArray(whitelist)) return false;
+    return matchUrl(url, whitelist);
+  }
+
+  static isWhitelistedIp(ipAddr, whitelist) {
+    if (CommonUtil.isWildcard(whitelist)) return true;
+    if (!CommonUtil.isArray(whitelist)) return false;
+    if (!CommonUtil.isValidIpV4(ipAddr) && !CommonUtil.isValidIpV6(ipAddr)) {
+      return false;
+    }
+    for (const listItem of whitelist) {
+      try {
+        if (ip.isEqual(ipAddr, listItem)) {
+          return true;
+        }
+      } catch {
+        continue;
+      }
+    }
+    return false;
+  }
+
   static countMaxOccurrences(list) {
     if (!CommonUtil.isArray(list)) {
       return 0;

config_client_api_ip_whitelist.sh

@@ -0,0 +1,109 @@
+#!/bin/bash
+
+function usage() {
+    printf "\n"
+    printf "Usage: bash config_client_api_ip_whitelist.sh [dev|staging|sandbox|exp|spring|summer|mainnet] [get|add|remove] [<IP Address>]\n"
+    printf "Example: bash config_client_api_ip_whitelist.sh dev get\n"
+    printf "Example: bash config_client_api_ip_whitelist.sh dev add 32.190.239.181\n"
+    printf "Example: bash config_client_api_ip_whitelist.sh dev add '*'\n"
+    printf "Example: bash config_client_api_ip_whitelist.sh dev remove 32.190.239.181\n"
+    printf "\n"
+    exit
+}
+
+if [[ $# -lt 2 ]] || [[ $# -gt 3 ]]; then
+    usage
+fi
+printf "\n[[[[[ config_client_api_ip_whitelist.sh ]]]]]\n\n"
+
+if [[ "$1" = 'dev' ]] || [[ "$1" = 'staging' ]] || [[ "$1" = 'sandbox' ]] || [[ "$1" = 'exp' ]] || [[ "$1" = 'spring' ]] || [[ "$1" = 'summer' ]] || [[ "$1" = 'mainnet' ]]; then
+    SEASON="$1"
+else
+    printf "Invalid <Project/Season> argument: $1\n"
+    usage
+fi
+printf "SEASON=$SEASON\n"
+
+if [[ "$2" = 'get' ]]; then
+    COMMAND="$2"
+    IP_ADDR="$3"
+    if [[ ! "$IP_ADDR" = "" ]]; then
+        printf "\nInvalid argument: $IP_ADDR\n"
+        usage
+    fi
+elif [[ "$2" = 'add' ]] || [[ "$2" = 'remove' ]]; then
+    COMMAND="$2"
+    IP_ADDR="$3"
+    if [[ "$IP_ADDR" = "" ]]; then
+        printf "\nInvalid <IP Address> argument: $IP_ADDR\n"
+        usage
+    fi
+else
+    printf "Invalid <Command> argument: $2\n"
+    usage
+fi
+printf "COMMAND=$COMMAND\n"
+printf "IP_ADDR=$IP_ADDR\n"
+
+# Get confirmation.
+if [[ "$SEASON" = "mainnet" ]]; then
+    printf "\n"
+    printf "Do you want to proceed for $SEASON? Enter [mainnet]: "
+    read CONFIRM
+    printf "\n\n"
+    if [[ ! $CONFIRM = "mainnet" ]]
+    then
+        [[ "$0" = "$BASH_SOURCE" ]] && exit 1 || return 1 # handle exits from shell or function but don't exit interactive shell
+    fi
+else
+    printf "\n"
+    read -p "Do you want to proceed for $SEASON? [y/N]: " -n 1 -r
+    printf "\n\n"
+    if [[ ! $REPLY =~ ^[Yy]$ ]]; then
+        [[ "$0" = "$BASH_SOURCE" ]] && exit 1 || return 1 # handle exits from shell or function but don't exit interactive shell
+    fi
+fi
+
+# Read node ip addresses
+IFS=$'\n' read -d '' -r -a IP_ADDR_LIST < ./ip_addresses/$SEASON.txt
+
+# Get keystore password
+printf "Enter password: "
+read -s PASSWORD
+printf "\n\n"
+if [[ $SEASON = "mainnet" ]]; then
+    KEYSTORE_DIR="mainnet_prod_keys"
+elif [[ $SEASON = "spring" ]] || [[ $SEASON = "summer" ]]; then
+    KEYSTORE_DIR="testnet_prod_keys"
+else
+    KEYSTORE_DIR="testnet_dev_staging_keys"
+fi
+
+if [[ $COMMAND = "add" ]]; then
+    COMMAND_NODE_JS_FILE="addToDevClientApiIpWhitelist.js"
+elif [[ $COMMAND = "remove" ]]; then
+    COMMAND_NODE_JS_FILE="removeFromDevClientApiIpWhitelist.js"
+else
+    COMMAND_NODE_JS_FILE="getDevClientApiIpWhitelist.js"
+fi
+
+function config_node() {
+    local node_index="$1"
+    local node_ip_addr=${IP_ADDR_LIST[${node_index}]}
+
+    printf "\n\n<<< Configuring ip whitelist of node $node_index ($node_ip_addr) >>>\n\n"
+
+    KEYSTORE_FILE_PATH="$KEYSTORE_DIR/keystore_node_$node_index.json"
+    CONFIG_NODE_CMD="node tools/api-access/$COMMAND_NODE_JS_FILE $node_ip_addr 0 keystore $KEYSTORE_FILE_PATH"
+    if [[ ! $COMMAND = "get" ]]; then
+        CONFIG_NODE_CMD="$CONFIG_NODE_CMD '$IP_ADDR'"
+    fi
+
+    printf "\n"
+    printf "CONFIG_NODE_CMD=$CONFIG_NODE_CMD\n\n"
+    eval "echo $PASSWORD | $CONFIG_NODE_CMD"
+}
+
+for j in `seq $(( 0 )) $(( 9 ))`; do
+    config_node "$j"
+done

config_node_param.sh

@@ -0,0 +1,119 @@
+#!/bin/bash
+
+function usage() {
+    printf "\n"
+    printf "Usage: bash config_node_param.sh [dev|staging|sandbox|exp|spring|summer|mainnet] [get|add|remove] <Param> [<Value>]\n"
+    printf "Example: bash config_node_param.sh dev get DEV_CLIENT_API_IP_WHITELIST\n"
+    printf "Example: bash config_node_param.sh dev add DEV_CLIENT_API_IP_WHITELIST 32.190.239.181\n"
+    printf "Example: bash config_node_param.sh dev add DEV_CLIENT_API_IP_WHITELIST '*'\n"
+    printf "Example: bash config_node_param.sh dev remove DEV_CLIENT_API_IP_WHITELIST 32.190.239.181\n"
+    printf "Example: bash config_node_param.sh dev set DEV_CLIENT_API_IP_WHITELIST '*'\n"
+    printf "\n"
+    exit
+}
+
+if [[ $# -lt 3 ]] || [[ $# -gt 4 ]]; then
+    usage
+fi
+printf "\n[[[[[ config_node_param.sh ]]]]]\n\n"
+
+if [[ "$1" = 'dev' ]] || [[ "$1" = 'staging' ]] || [[ "$1" = 'sandbox' ]] || [[ "$1" = 'exp' ]] || [[ "$1" = 'spring' ]] || [[ "$1" = 'summer' ]] || [[ "$1" = 'mainnet' ]]; then
+    SEASON="$1"
+else
+    printf "Invalid <Project/Season> argument: $1\n"
+    usage
+fi
+printf "SEASON=$SEASON\n"
+
+if [[ "$2" = 'get' ]]; then
+    COMMAND="$2"
+    PARAM="$3"
+    VALUE="$4"
+    if [[ ! "$VALUE" = "" ]]; then
+        printf "\nInvalid argument: $VALUE\n"
+        usage
+    fi
+elif [[ "$2" = 'add' ]] || [[ "$2" = 'remove' ]] || [[ "$2" = 'set' ]]; then
+    COMMAND="$2"
+    PARAM="$3"
+    VALUE="$4"
+    if [[ "$PARAM" = "" ]]; then
+        printf "\nInvalid <Param> argument: $PARAM\n"
+        usage
+    fi
+    if [[ "$VALUE" = "" ]]; then
+        printf "\nInvalid <Value> argument: $VALUE\n"
+        usage
+    fi
+else
+    printf "Invalid <Command> argument: $2\n"
+    usage
+fi
+printf "COMMAND=$COMMAND\n"
+printf "PARAM=$PARAM\n"
+printf "VALUE=$VALUE\n"
+
+# Get confirmation.
+if [[ "$SEASON" = "mainnet" ]]; then
+    printf "\n"
+    printf "Do you want to proceed for $SEASON? Enter [mainnet]: "
+    read CONFIRM
+    printf "\n\n"
+    if [[ ! $CONFIRM = "mainnet" ]]
+    then
+        [[ "$0" = "$BASH_SOURCE" ]] && exit 1 || return 1 # handle exits from shell or function but don't exit interactive shell
+    fi
+else
+    printf "\n"
+    read -p "Do you want to proceed for $SEASON? [y/N]: " -n 1 -r
+    printf "\n\n"
+    if [[ ! $REPLY =~ ^[Yy]$ ]]; then
+        [[ "$0" = "$BASH_SOURCE" ]] && exit 1 || return 1 # handle exits from shell or function but don't exit interactive shell
+    fi
+fi
+
+# Read node ip addresses
+IFS=$'\n' read -d '' -r -a IP_ADDR_LIST < ./ip_addresses/$SEASON.txt
+
+# Get keystore password
+printf "Enter password: "
+read -s PASSWORD
+printf "\n\n"
+if [[ $SEASON = "mainnet" ]]; then
+    KEYSTORE_DIR="mainnet_prod_keys"
+elif [[ $SEASON = "spring" ]] || [[ $SEASON = "summer" ]]; then
+    KEYSTORE_DIR="testnet_prod_keys"
+else
+    KEYSTORE_DIR="testnet_dev_staging_keys"
+fi
+
+if [[ $COMMAND = "add" ]]; then
+    COMMAND_NODE_JS_FILE="addToWhitelistNodeParam.js"
+elif [[ $COMMAND = "remove" ]]; then
+    COMMAND_NODE_JS_FILE="removeFromWhitelistNodeParam.js"
+elif [[ $COMMAND = "set" ]]; then
+    COMMAND_NODE_JS_FILE="setNodeParam.js"
+else
+    COMMAND_NODE_JS_FILE="getNodeParam.js"
+fi
+
+function config_node() {
+    local node_index="$1"
+    local node_ip_addr=${IP_ADDR_LIST[${node_index}]}
+
+    printf "\n\n<<< Configuring ip whitelist of node $node_index ($node_ip_addr) >>>\n\n"
+
+    KEYSTORE_FILE_PATH="$KEYSTORE_DIR/keystore_node_$node_index.json"
+    CONFIG_NODE_CMD="node tools/api-access/$COMMAND_NODE_JS_FILE $node_ip_addr 0 keystore $KEYSTORE_FILE_PATH $PARAM"
+    if [[ ! $COMMAND = "get" ]]; then
+        CONFIG_NODE_CMD="$CONFIG_NODE_CMD '$VALUE'"
+    fi
+
+    printf "\n"
+    printf "CONFIG_NODE_CMD=$CONFIG_NODE_CMD\n\n"
+    eval "echo $PASSWORD | $CONFIG_NODE_CMD"
+}
+
+for j in `seq $(( 0 )) $(( 9 ))`; do
+    config_node "$j"
+done

db/functions.js

@@ -2,7 +2,6 @@ const logger = new (require('../logger'))('FUNCTIONS');
 
 const axios = require('axios');
 const _ = require('lodash');
-const matchUrl = require('match-url-wildcard');
 const Accounts = require('web3-eth-accounts');
 const stringify = require('fast-json-stable-stringify');
 const {
@@ -238,7 +237,7 @@ class Functions {
           }
         } else if (functionEntry.function_type === FunctionTypes.REST) {
           if (NodeConfigs.ENABLE_REST_FUNCTION_CALL && functionEntry.function_url &&
-            matchUrl(functionEntry.function_url, this.db.getRestFunctionsUrlWhitelist())) {
+            CommonUtil.isWhitelistedUrl(functionEntry.function_url, this.db.getRestFunctionsUrlWhitelist())) {
             if (DevFlags.enableRichFunctionLogging) {
               logger.info(
                   `  ==> Triggering REST function [[ ${functionEntry.function_id} ]] of ` +

deploy_blockchain_incremental_gcp.sh

@@ -175,7 +175,7 @@ function deploy_tracker() {
     if [[ $SETUP_OPTION = "--setup" ]]; then
         # 2. Set up tracker
         printf "\n\n[[[ Setting up tracker ]]]\n\n"
-        SETUP_CMD="gcloud compute ssh $TRACKER_TARGET_ADDR --command '. setup_blockchain_ubuntu.sh' --project $PROJECT_ID --zone $TRACKER_ZONE"
+        SETUP_CMD="gcloud compute ssh $TRACKER_TARGET_ADDR --command 'cd ./ain-blockchain; . setup_blockchain_ubuntu.sh' --project $PROJECT_ID --zone $TRACKER_ZONE"
         printf "SETUP_CMD=$SETUP_CMD\n\n"
         eval $SETUP_CMD
     fi

package.json

@@ -1,7 +1,7 @@
 {
   "name": "ain-blockchain",
   "description": "AI Network Blockchain",
-  "version": "1.0.11",
+  "version": "1.0.12",
   "private": true,
   "license": "MIT",
   "author": "dev@ainetwork.ai",