Merge pull request #1387 from 0chain/update/sprint-1.13

Updated sprint-1.13 with staging

Author: dabasov

.github/workflows/system_tests.yml

@@ -13,7 +13,7 @@ on:
         required: true
       run_smoke_tests:
         description: 'Run subset of system tests (smoke tests) for faster feedback (NOT FOR PRS POINTED TO STAGING)'
-        default: 'false'
+        default: 'true'
         required: false
       test_file_filter:
         description: 'Comma separated list of test files to run (eg. zwalletcli_register_wallet_test.go, zwalletcli_send_and_balance_test.go). If supplied, the PR will NOT be notified of the test result'

code/go/0chain.net/blobbercore/challenge/protocol.go

@@ -303,7 +303,12 @@ func (cr *ChallengeEntity) LoadValidationTickets(ctx context.Context) error {
 			}
 			updateMapAndSlice(validatorID, i, &validationTicket)
 
-			numSuccess++
+			if validationTicket.Result {
+				numSuccess++
+			} else {
+				numFailed++
+			}
+
 		}(url, validator.ID, i)
 	}
 

code/go/0chain.net/blobbercore/handler/context.go

@@ -30,7 +30,8 @@ type Context struct {
 	// AllocationId optional. allocation id in request
 	AllocationId string
 	// Signature optional. signature in request
-	Signature string
+	Signature   string
+	SignatureV2 string
 
 	Allocation *allocation.Allocation
 
@@ -163,6 +164,7 @@ func WithTxHandler(handler func(ctx *Context) (interface{}, error)) func(w http.
 			ctx.ClientKey = r.Header.Get(common.ClientKeyHeader)
 			ctx.AllocationId = r.Header.Get(common.AllocationIdHeader)
 			ctx.Signature = r.Header.Get(common.ClientSignatureHeader)
+			ctx.SignatureV2 = r.Header.Get(common.ClientSignatureHeaderV2)
 
 			ctx, err := WithVerify(ctx, r)
 			statusCode = ctx.StatusCode
@@ -222,7 +224,7 @@ func WithVerify(ctx *Context, r *http.Request) (*Context, error) {
 
 		publicKey := alloc.OwnerPublicKey
 
-		valid, err := verifySignatureFromRequest(allocationTx, ctx.Signature, publicKey)
+		valid, err := verifySignatureFromRequest(allocationTx, ctx.Signature, ctx.SignatureV2, publicKey)
 
 		if !valid {
 			ctx.StatusCode = http.StatusBadRequest

code/go/0chain.net/blobbercore/handler/download_request_header.go

@@ -25,6 +25,7 @@ type DownloadRequestHeader struct {
 	VerifyDownload bool
 	DownloadMode   string
 	ConnectionID   string
+	Version        string
 }
 
 func FromDownloadRequest(allocationID string, req *http.Request, isRedeem bool) (*DownloadRequestHeader, error) {
@@ -103,6 +104,7 @@ func (dr *DownloadRequestHeader) Parse(isRedeem bool) error {
 
 	dr.DownloadMode = dr.Get("X-Mode")
 	dr.VerifyDownload = dr.Get("X-Verify-Download") == "true"
+	dr.Version = dr.Get("X-Version")
 	return nil
 }
 

code/go/0chain.net/blobbercore/handler/handler.go

@@ -311,6 +311,8 @@ func setupHandlerContext(ctx context.Context, r *http.Request) context.Context {
 
 	// signature is not requered for all requests, but if header is empty it won`t affect anything
 	ctx = context.WithValue(ctx, constants.ContextKeyClientSignatureHeaderKey, r.Header.Get(common.ClientSignatureHeader))
+	// signature V2
+	ctx = context.WithValue(ctx, constants.ContextKeyClientSignatureHeaderV2Key, r.Header.Get(common.ClientSignatureHeaderV2))
 	return ctx
 }
 
@@ -806,8 +808,9 @@ func RevokeShare(ctx context.Context, r *http.Request) (interface{}, error) {
 	}
 
 	sign := r.Header.Get(common.ClientSignatureHeader)
+	signV2 := r.Header.Get(common.ClientSignatureHeaderV2)
 
-	valid, err := verifySignatureFromRequest(allocationTx, sign, allocationObj.OwnerPublicKey)
+	valid, err := verifySignatureFromRequest(allocationTx, sign, signV2, allocationObj.OwnerPublicKey)
 	if !valid || err != nil {
 		return nil, common.NewError("invalid_signature", "Invalid signature")
 	}
@@ -867,8 +870,9 @@ func InsertShare(ctx context.Context, r *http.Request) (interface{}, error) {
 	}
 
 	sign := r.Header.Get(common.ClientSignatureHeader)
+	signV2 := r.Header.Get(common.ClientSignatureHeaderV2)
 
-	valid, err := verifySignatureFromRequest(allocationTx, sign, allocationObj.OwnerPublicKey)
+	valid, err := verifySignatureFromRequest(allocationTx, sign, signV2, allocationObj.OwnerPublicKey)
 	if !valid || err != nil {
 		return nil, common.NewError("invalid_signature", "Invalid signature")
 	}
@@ -958,8 +962,9 @@ func ListShare(ctx context.Context, r *http.Request) (interface{}, error) {
 	}
 
 	sign := r.Header.Get(common.ClientSignatureHeader)
+	signV2 := r.Header.Get(common.ClientSignatureHeaderV2)
 
-	valid, err := verifySignatureFromRequest(allocationTx, sign, allocationObj.OwnerPublicKey)
+	valid, err := verifySignatureFromRequest(allocationTx, sign, signV2, allocationObj.OwnerPublicKey)
 	if !valid || err != nil {
 		return nil, common.NewError("invalid_signature", "Invalid signature")
 	}

code/go/0chain.net/blobbercore/handler/handler_download_test.go

@@ -78,6 +78,7 @@ func TestHandlers_Download(t *testing.T) {
 	// setupEncryptionScheme()
 
 	router, handlers := setupDownloadHandlers()
+	signScheme := "bls0chain"
 
 	sch := zcncrypto.NewSignatureScheme("bls0chain")
 	//sch.Mnemonic = "expose culture dignity plastic digital couple promote best pool error brush upgrade correct art become lobster nature moment obtain trial multiply arch miss toe"
@@ -222,7 +223,7 @@ func TestHandlers_Download(t *testing.T) {
 					}
 
 					hash := encryption.Hash(alloc.Tx)
-					sign, err := sch.Sign(hash)
+					sign, err := ownerClient.Sign(hash, signScheme)
 					if err != nil {
 						t.Fatal(err)
 					}
@@ -291,7 +292,7 @@ func TestHandlers_Download(t *testing.T) {
 						t.Fatal(err)
 					}
 					hash := encryption.Hash(alloc.Tx)
-					sign, err := sch.Sign(hash)
+					sign, err := ownerClient.Sign(hash, signScheme)
 					if err != nil {
 						t.Fatal(err)
 					}
@@ -472,7 +473,7 @@ func TestHandlers_Download(t *testing.T) {
 						t.Fatal(err)
 					}
 					hash := encryption.Hash(alloc.Tx)
-					sign, err := sch.Sign(hash)
+					sign, err := guestClient.Sign(hash, signScheme)
 					if err != nil {
 						t.Fatal(err)
 					}
@@ -554,7 +555,7 @@ func TestHandlers_Download(t *testing.T) {
 						t.Fatal(err)
 					}
 					hash := encryption.Hash(alloc.Tx)
-					sign, err := sch.Sign(hash)
+					sign, err := guestClient.Sign(hash, signScheme)
 					if err != nil {
 						t.Fatal(err)
 					}
@@ -667,7 +668,7 @@ func TestHandlers_Download(t *testing.T) {
 					}
 
 					hash := encryption.Hash(alloc.Tx)
-					sign, err := sch.Sign(hash)
+					sign, err := guestClient.Sign(hash, signScheme)
 					if err != nil {
 						t.Fatal(err)
 					}
@@ -787,7 +788,7 @@ func TestHandlers_Download(t *testing.T) {
 					}
 
 					hash := encryption.Hash(alloc.Tx)
-					sign, err := sch.Sign(hash)
+					sign, err := guestClient.Sign(hash, signScheme)
 					if err != nil {
 						t.Fatal(err)
 					}
@@ -906,7 +907,7 @@ func TestHandlers_Download(t *testing.T) {
 					}
 
 					hash := encryption.Hash(alloc.Tx)
-					sign, err := sch.Sign(hash)
+					sign, err := guestClient.Sign(hash, signScheme)
 					if err != nil {
 						t.Fatal(err)
 					}

code/go/0chain.net/blobbercore/handler/object_operation_handler.go

@@ -267,15 +267,16 @@ func (fsh *StorageHandler) DownloadFile(ctx context.Context, r *http.Request) (i
 	// get client and allocation ids
 
 	var (
-		clientID     = ctx.Value(constants.ContextKeyClient).(string)
-		allocationTx = ctx.Value(constants.ContextKeyAllocation).(string)
-		allocationID = ctx.Value(constants.ContextKeyAllocationID).(string)
-		alloc        *allocation.Allocation
-		blobberID    = node.Self.ID
-		quotaManager = getQuotaManager()
+		clientID        = ctx.Value(constants.ContextKeyClient).(string)
+		clientPublicKey = ctx.Value(constants.ContextKeyClientKey).(string)
+		allocationTx    = ctx.Value(constants.ContextKeyAllocation).(string)
+		allocationID    = ctx.Value(constants.ContextKeyAllocationID).(string)
+		alloc           *allocation.Allocation
+		blobberID       = node.Self.ID
+		quotaManager    = getQuotaManager()
 	)
 
-	if clientID == "" {
+	if clientID == "" || clientPublicKey == "" {
 		return nil, common.NewError("download_file", "invalid client")
 	}
 
@@ -320,6 +321,12 @@ func (fsh *StorageHandler) DownloadFile(ctx context.Context, r *http.Request) (i
 		if dr.AuthToken == "" {
 			return nil, common.NewError("invalid_authticket", "authticket is required")
 		}
+		if dr.Version == "v2" {
+			valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), r.Header.Get(common.ClientSignatureHeaderV2), clientPublicKey)
+			if !valid || err != nil {
+				return nil, common.NewError("invalid_signature", "Invalid signature")
+			}
+		}
 		authTokenString, err := base64.StdEncoding.DecodeString(dr.AuthToken)
 		if err != nil {
 			return nil, common.NewError("invalid_authticket", err.Error())
@@ -343,6 +350,13 @@ func (fsh *StorageHandler) DownloadFile(ctx context.Context, r *http.Request) (i
 			return nil, common.NewErrorf("download_file", "the file is not available until: %v", shareInfo.AvailableAt.UTC().Format("2006-01-02T15:04:05"))
 		}
 
+	} else {
+		if dr.Version == "v2" {
+			valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), r.Header.Get(common.ClientSignatureHeaderV2), alloc.OwnerPublicKey)
+			if !valid || err != nil {
+				return nil, common.NewError("invalid_signature", "Invalid signature")
+			}
+		}
 	}
 
 	isReadFree := alloc.IsReadFree(blobberID)
@@ -464,7 +478,7 @@ func (fsh *StorageHandler) CreateConnection(ctx context.Context, r *http.Request
 		return nil, common.NewError("invalid_operation", "Operation needs to be performed by the owner or the payer of the allocation")
 	}
 
-	valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), allocationObj.OwnerPublicKey)
+	valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), r.Header.Get(common.ClientSignatureHeaderV2), allocationObj.OwnerPublicKey)
 	if !valid || err != nil {
 		return nil, common.NewError("invalid_signature", "Invalid signature")
 	}
@@ -766,8 +780,7 @@ func (fsh *StorageHandler) RenameObject(ctx context.Context, r *http.Request) (i
 
 	clientID := ctx.Value(constants.ContextKeyClient).(string)
 	_ = ctx.Value(constants.ContextKeyClientKey).(string)
-
-	valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), allocationObj.OwnerPublicKey)
+	valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), r.Header.Get(common.ClientSignatureHeaderV2), allocationObj.OwnerPublicKey)
 	if !valid || err != nil {
 		return nil, common.NewError("invalid_signature", "Invalid signature")
 	}
@@ -848,7 +861,7 @@ func (fsh *StorageHandler) CopyObject(ctx context.Context, r *http.Request) (int
 		return nil, common.NewError("prohibited_allocation_file_options", "Cannot copy data from this allocation.")
 	}
 
-	valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), allocationObj.OwnerPublicKey)
+	valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), r.Header.Get(common.ClientSignatureHeaderV2), allocationObj.OwnerPublicKey)
 	if !valid || err != nil {
 		return nil, common.NewError("invalid_signature", "Invalid signature")
 	}
@@ -957,8 +970,7 @@ func (fsh *StorageHandler) MoveObject(ctx context.Context, r *http.Request) (int
 		return nil, common.NewError("prohibited_allocation_file_options", "Cannot move data in this allocation.")
 	}
 
-	valid, err := verifySignatureFromRequest(
-		allocationTx, r.Header.Get(common.ClientSignatureHeader), allocationObj.OwnerPublicKey)
+	valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), r.Header.Get(common.ClientSignatureHeaderV2), allocationObj.OwnerPublicKey)
 	if !valid || err != nil {
 		return nil, common.NewError("invalid_signature", "Invalid signature")
 	}
@@ -1109,7 +1121,7 @@ func (fsh *StorageHandler) CreateDir(ctx context.Context, r *http.Request) (*all
 		return nil, common.NewError("invalid_parameters", "Invalid allocation id passed."+err.Error())
 	}
 
-	valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), allocationObj.OwnerPublicKey)
+	valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), r.Header.Get(common.ClientSignatureHeaderV2), allocationObj.OwnerPublicKey)
 	if !valid || err != nil {
 		return nil, common.NewError("invalid_signature", "Invalid signature")
 	}
@@ -1240,7 +1252,7 @@ func (fsh *StorageHandler) WriteFile(ctx context.Context, r *http.Request) (*all
 	st = time.Now()
 	publicKey := allocationObj.OwnerPublicKey
 
-	valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), publicKey)
+	valid, err := verifySignatureFromRequest(allocationTx, r.Header.Get(common.ClientSignatureHeader), r.Header.Get(common.ClientSignatureHeaderV2), publicKey)
 
 	if !valid || err != nil {
 		return nil, common.NewError("invalid_signature", "Invalid signature")

code/go/0chain.net/blobbercore/handler/object_operation_handler_test.go

@@ -11,6 +11,7 @@ import (
 	"net/http/httptest"
 	"time"
 
+	"github.com/0chain/blobber/code/go/0chain.net/core/encryption"
 	"github.com/0chain/blobber/code/go/0chain.net/core/transaction"
 
 	"github.com/0chain/blobber/code/go/0chain.net/blobbercore/reference"
@@ -114,6 +115,8 @@ func TestDownloadFile(t *testing.T) {
 		req.Header.Set("X-Block-Num", fmt.Sprintf("%d", p.inData.blockNum))
 		req.Header.Set("X-Num-Blocks", fmt.Sprintf("%d", p.inData.numBlocks))
 		req.Header.Set(common.AllocationIdHeader, mockAllocationId)
+		sign, _ := client.Sign(encryption.Hash(mockAllocationTx))
+		req.Header.Set("X-App-Client-Signature", sign)
 
 		if p.useAuthTicket {
 			authTicket := &marker.AuthTicket{