Skip to content

Improve authorization checks for CN app APIs #2509

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 9 commits into
base: main
Choose a base branch
from
Open

Improve authorization checks for CN app APIs #2509

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
270cfc4
Refactor API authentication
rautenrieth-da Sep 18, 2025
ad5bb4b
do not use primary party
rautenrieth-da Oct 3, 2025
32257aa
Dump identities as admin user
rautenrieth-da Oct 6, 2025
f81eac2
Error response is now plain text
rautenrieth-da Oct 6, 2025
f66bfe8
Onboard alice
rautenrieth-da Oct 6, 2025
cd8bdc8
Fix and improve tests
rautenrieth-da Oct 6, 2025
fe92b4e
Fix cors
rautenrieth-da Oct 7, 2025
079d5dd
Split SV app auth
rautenrieth-da Oct 8, 2025
47a27ad
Add release notes
rautenrieth-da Oct 9, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions apps/app/src/main/scala/org/lfdecentralizedtrust/splice/console/ScanAppReference.scala
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,7 @@ import org.lfdecentralizedtrust.splice.codegen.java.splice.dsorules.{
DsoRules_CloseVoteRequestResult,
VoteRequest,
}
import org.lfdecentralizedtrust.splice.sv.admin.api.client.commands.HttpSvAdminAppClient
import org.lfdecentralizedtrust.splice.sv.admin.api.client.commands.HttpSvOperatorAppClient

import scala.jdk.OptionConverters.*
import java.time.Instant
Expand Down Expand Up @@ -645,7 +645,7 @@ abstract class ScanAppReference(
): Contract[VoteRequest.ContractId, VoteRequest] = {
consoleEnvironment.run {
httpCommand(
HttpSvAdminAppClient.LookupVoteRequest(trackingCid)()
HttpSvOperatorAppClient.LookupVoteRequest(trackingCid)()
)
}
}
Expand Down
64 changes: 35 additions & 29 deletions apps/app/src/main/scala/org/lfdecentralizedtrust/splice/console/SvAppReference.scala
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,12 +22,13 @@ import org.lfdecentralizedtrust.splice.http.v0.definitions
import org.lfdecentralizedtrust.splice.sv.{SvApp, SvAppBootstrap, SvAppClientConfig}
import org.lfdecentralizedtrust.splice.sv.admin.api.client.commands.{
HttpSvAdminAppClient,
HttpSvAppClient,
HttpSvOperatorAppClient,
HttpSvPublicAppClient,
}
import org.lfdecentralizedtrust.splice.sv.automation.{
DsoDelegateBasedAutomationService,
SvSvAutomationService,
SvDsoAutomationService,
SvSvAutomationService,
}
import org.lfdecentralizedtrust.splice.sv.config.SvAppBackendConfig
import org.lfdecentralizedtrust.splice.sv.migration.{DomainDataSnapshot, SynchronizerNodeIdentities}
Expand All @@ -54,46 +55,51 @@ abstract class SvAppReference(
def onboardValidator(validator: PartyId, secret: String, contactPoint: String): Unit =
consoleEnvironment.run {
httpCommand(
HttpSvAppClient.OnboardValidator(validator, secret, BuildInfo.compiledVersion, contactPoint)
HttpSvPublicAppClient.OnboardValidator(
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe even call it HttpSvNoAuthAppClient (don't know which one is scarier)

validator,
secret,
BuildInfo.compiledVersion,
contactPoint,
)
)
}

def startSvOnboarding(token: String): Unit =
consoleEnvironment.run {
httpCommand(HttpSvAppClient.StartSvOnboarding(token))
httpCommand(HttpSvPublicAppClient.StartSvOnboarding(token))
}

def getSvOnboardingStatus(candidate: PartyId): HttpSvAppClient.SvOnboardingStatus =
def getSvOnboardingStatus(candidate: PartyId): HttpSvPublicAppClient.SvOnboardingStatus =
consoleEnvironment.run {
httpCommand(HttpSvAppClient.getSvOnboardingStatus(candidate.toProtoPrimitive))
httpCommand(HttpSvPublicAppClient.getSvOnboardingStatus(candidate.toProtoPrimitive))
}

def getSvOnboardingStatus(candidate: String): HttpSvAppClient.SvOnboardingStatus =
def getSvOnboardingStatus(candidate: String): HttpSvPublicAppClient.SvOnboardingStatus =
consoleEnvironment.run {
httpCommand(HttpSvAppClient.getSvOnboardingStatus(candidate))
httpCommand(HttpSvPublicAppClient.getSvOnboardingStatus(candidate))
}

@Help.Summary("Prepare a validator onboarding and return an onboarding secret (via client API)")
def devNetOnboardValidatorPrepare(): String =
consoleEnvironment.run {
httpCommand(HttpSvAppClient.DevNetOnboardValidatorPrepare())
httpCommand(HttpSvPublicAppClient.DevNetOnboardValidatorPrepare())
}

def getDsoInfo(): HttpSvAppClient.DsoInfo =
def getDsoInfo(): HttpSvPublicAppClient.DsoInfo =
consoleEnvironment.run {
httpCommand(HttpSvAppClient.GetDsoInfo)
httpCommand(HttpSvPublicAppClient.GetDsoInfo)
}

@Help.Summary("Get the CometBFT node status")
def cometBftNodeStatus(): definitions.CometBftNodeStatusResponse =
consoleEnvironment.run {
httpCommand(HttpSvAppClient.GetCometBftNodeStatus())
httpCommand(HttpSvPublicAppClient.GetCometBftNodeStatus())
Copy link
Contributor

@ray-roestenburg-da ray-roestenburg-da Oct 10, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why is the node status public? (just curious)

}

@Help.Summary("Get the CometBFT node dump")
def cometBftNodeDebugDump(): definitions.CometBftNodeDumpResponse =
consoleEnvironment.run {
httpCommand(HttpSvAdminAppClient.GetCometBftNodeDump())
httpCommand(HttpSvOperatorAppClient.GetCometBftNodeDump())
}

@Help.Summary("Make a CometBFT Json RPC request")
Expand All @@ -103,17 +109,17 @@ abstract class SvAppReference(
params: Map[String, io.circe.Json] = Map.empty,
): definitions.CometBftJsonRpcResponse =
consoleEnvironment.run {
httpCommand(HttpSvAppClient.CometBftJsonRpcRequest(id, method, params))
httpCommand(HttpSvPublicAppClient.CometBftJsonRpcRequest(id, method, params))
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This also seems strange to be public?

}

def onboardSvPartyMigrationAuthorize(
participantId: ParticipantId,
candidateParty: PartyId,
): HttpSvAppClient.OnboardSvPartyMigrationAuthorizeResponse =
): HttpSvPublicAppClient.OnboardSvPartyMigrationAuthorizeResponse =
consoleEnvironment
.run {
httpCommand(
HttpSvAppClient.OnboardSvPartyMigrationAuthorize(
HttpSvPublicAppClient.OnboardSvPartyMigrationAuthorize(
participantId,
candidateParty,
)
Expand Down Expand Up @@ -174,7 +180,7 @@ abstract class SvAppReference(
)(implicit tc: TraceContext): Unit = {
consoleEnvironment.run {
httpCommand(
HttpSvAdminAppClient.CreateVoteRequest(
HttpSvOperatorAppClient.CreateVoteRequest(
requester,
action,
reasonUrl,
Expand All @@ -190,7 +196,7 @@ abstract class SvAppReference(
def listVoteRequests(): Seq[Contract[VoteRequest.ContractId, VoteRequest]] = {
consoleEnvironment.run {
httpCommand(
HttpSvAdminAppClient.ListVoteRequests
HttpSvOperatorAppClient.ListVoteRequests
)
}
}
Expand All @@ -212,7 +218,7 @@ abstract class SvAppReference(
): Contract[VoteRequest.ContractId, VoteRequest] = {
consoleEnvironment.run {
httpCommand(
HttpSvAdminAppClient.LookupVoteRequest(trackingCid)()
HttpSvOperatorAppClient.LookupVoteRequest(trackingCid)()
)
}
}
Expand All @@ -227,7 +233,7 @@ abstract class SvAppReference(
): Seq[DsoRules_CloseVoteRequestResult] = {
consoleEnvironment.run {
httpCommand(
HttpSvAdminAppClient.ListVoteRequestResults(
HttpSvOperatorAppClient.ListVoteRequestResults(
actionName,
accepted,
requester,
Expand All @@ -248,7 +254,7 @@ abstract class SvAppReference(
): Unit = {
consoleEnvironment.run {
httpCommand(
HttpSvAdminAppClient.CastVote(trackingCid, isAccepted, reasonUrl, reasonDescription)
HttpSvOperatorAppClient.CastVote(trackingCid, isAccepted, reasonUrl, reasonDescription)
)
}
}
Expand Down Expand Up @@ -338,31 +344,31 @@ class SvAppBackendReference(
def listOngoingValidatorOnboardings(): Seq[ValidatorOnboarding] =
consoleEnvironment.run {
httpCommand(
HttpSvAdminAppClient.ListOngoingValidatorOnboardings
HttpSvOperatorAppClient.ListOngoingValidatorOnboardings
)
}

@Help.Summary("Prepare a validator onboarding and return an onboarding secret (via admin API)")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is the comment still correct? (via admin API)

def prepareValidatorOnboarding(expiresIn: FiniteDuration, partyHint: Option[String]): String =
consoleEnvironment.run {
httpCommand(
HttpSvAdminAppClient.PrepareValidatorOnboarding(expiresIn, partyHint)
HttpSvOperatorAppClient.PrepareValidatorOnboarding(expiresIn, partyHint)
)
}

@Help.Summary("Update CC price vote (via admin API)")
def updateAmuletPriceVote(amuletPrice: BigDecimal): Unit =
consoleEnvironment.run {
httpCommand(
HttpSvAdminAppClient.UpdateAmuletPriceVote(amuletPrice)
HttpSvOperatorAppClient.UpdateAmuletPriceVote(amuletPrice)
)
}

@Help.Summary("List CC price vote (via admin API)")
def listAmuletPriceVotes(): Seq[Contract[cp.AmuletPriceVote.ContractId, cp.AmuletPriceVote]] = {
consoleEnvironment.run {
httpCommand(
HttpSvAdminAppClient.ListAmuletPriceVotes
HttpSvOperatorAppClient.ListAmuletPriceVotes
)
}
}
Expand All @@ -371,27 +377,27 @@ class SvAppBackendReference(
def listOpenMiningRounds(): Seq[Contract[OpenMiningRound.ContractId, OpenMiningRound]] = {
consoleEnvironment.run {
httpCommand(
HttpSvAdminAppClient.ListOpenMiningRounds
HttpSvOperatorAppClient.ListOpenMiningRounds
)
}
}

@Help.Summary("Get the CometBFT node debug dump")
def cometBftNodeDump(): definitions.CometBftNodeDumpResponse =
consoleEnvironment.run {
httpCommand(HttpSvAdminAppClient.GetCometBftNodeDump())
httpCommand(HttpSvOperatorAppClient.GetCometBftNodeDump())
}

@Help.Summary("Get the sequencer node status")
def sequencerNodeStatus(): NodeStatus[SpliceStatus] =
consoleEnvironment.run {
httpCommand(HttpSvAdminAppClient.GetSequencerNodeStatus())
httpCommand(HttpSvOperatorAppClient.GetSequencerNodeStatus())
}

@Help.Summary("Get the mediator node status")
def mediatorNodeStatus(): NodeStatus[SpliceStatus] =
consoleEnvironment.run {
httpCommand(HttpSvAdminAppClient.GetMediatorNodeStatus())
httpCommand(HttpSvOperatorAppClient.GetMediatorNodeStatus())
}

/** Remote participant this sv app is configured to interact with. */
Expand Down
15 changes: 5 additions & 10 deletions .../org/lfdecentralizedtrust/splice/integration/tests/BftScanConnectionIntegrationTest.scala
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -88,6 +88,9 @@ class BftScanConnectionIntegrationTest
)

aliceValidatorBackend.startSync()
onboardWalletUser(aliceValidatorWalletClient, aliceValidatorBackend)
val walletUserToken =
OAuth2BearerToken(aliceValidatorWalletClient.token.valueOrFail("No token found"))

val fakeCid = new TransferInstruction.ContractId("00" + s"01" * 31 + "42")

Expand All @@ -112,11 +115,7 @@ class BftScanConnectionIntegrationTest
.getTransferInstructionAcceptContext(
fakeCid.contractId,
GetChoiceContextRequest(None),
List(
Authorization(
OAuth2BearerToken(aliceValidatorBackend.token.valueOrFail("No token found"))
)
),
List(Authorization(walletUserToken)),
)
.value
.futureValue
Expand All @@ -138,11 +137,7 @@ class BftScanConnectionIntegrationTest
walletClient
.acceptTokenStandardTransfer(
fakeCid.contractId,
List(
Authorization(
OAuth2BearerToken(aliceValidatorBackend.token.valueOrFail("No token found"))
)
),
List(Authorization(walletUserToken)),
)
.value
.futureValue
Expand Down
4 changes: 2 additions & 2 deletions ...rc/test/scala/org/lfdecentralizedtrust/splice/integration/tests/ScanIntegrationTest.scala
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ import org.lfdecentralizedtrust.splice.integration.tests.SpliceTests.{
}
import org.lfdecentralizedtrust.splice.scan.config.BftSequencerConfig
import org.lfdecentralizedtrust.splice.store.Limit
import org.lfdecentralizedtrust.splice.sv.admin.api.client.commands.HttpSvAppClient
import org.lfdecentralizedtrust.splice.sv.admin.api.client.commands.HttpSvPublicAppClient
import org.lfdecentralizedtrust.splice.sv.automation.delegatebased.{
AdvanceOpenMiningRoundTrigger,
ExpireIssuingMiningRoundTrigger,
Expand Down Expand Up @@ -112,7 +112,7 @@ class ScanIntegrationTest extends IntegrationTest with WalletTestUtil with TimeT
"return dso info same as the sv app" in { implicit env =>
val scan = sv1ScanBackend.getDsoInfo()
inside(sv1Backend.getDsoInfo()) {
case HttpSvAppClient.DsoInfo(
case HttpSvPublicAppClient.DsoInfo(
svUser,
svParty,
dsoParty,
Expand Down
2 changes: 1 addition & 1 deletion ...a/org/lfdecentralizedtrust/splice/integration/tests/SvOnboardingAddlIntegrationTest.scala
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ import org.lfdecentralizedtrust.splice.sv.util.{SvOnboardingToken, SvUtil}
import com.digitalasset.canton.sequencing.GrpcSequencerConnection

import scala.jdk.OptionConverters.*
import org.lfdecentralizedtrust.splice.sv.admin.api.client.commands.HttpSvAppClient.SvOnboardingStatus
import org.lfdecentralizedtrust.splice.sv.admin.api.client.commands.HttpSvPublicAppClient.SvOnboardingStatus
import org.lfdecentralizedtrust.splice.util.{SvTestUtil, WalletTestUtil}
import com.digitalasset.canton.logging.SuppressionRule
import com.digitalasset.canton.topology.transaction.ParticipantPermission
Expand Down
4 changes: 3 additions & 1 deletion ...scala/org/lfdecentralizedtrust/splice/integration/tests/SvOnboardingIntegrationTest.scala
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,9 @@ class SvOnboardingIntegrationTest extends SvIntegrationTestBase {
.singleRequest(registerGet.withHeaders(tokenHeader(invalidUserToken)))
.futureValue
responseForInvalidUser.status should be(StatusCodes.Forbidden)
responseForInvalidUser.entity.getContentType().toString should be("application/json")
responseForInvalidUser.entity.getContentType().toString should be(
"application/json"
)
},
_.warningMessage should include(
"Authorization Failed"
Expand Down
Loading
Loading