SecurityModule plugin point (#42)

* Propagate accessToken from all HTTP requests to rpc context

* Add security module plug-point

* Additional test coverage

* Enforcement points

* Better comments

* Allow plugins to be loaded from file

* Rename file

* HD Wallet support (#45)

* Update to geth 1.9.10 and allow hd-u0a1b2c3de-1234 format to from addr on REST

* Add plug-point for HDWallet key signing

* Extra coverage

* Fix gas estimation for HD Wallet signed TX

* Ensure addressbook and hdwallet to kafka conf

* Rename confusingly named func

* Update cmd/plugins.go

Co-Authored-By: Vinod Damle <vdamle@users.noreply.github.com>

Co-authored-by: Vinod Damle <vdamle@users.noreply.github.com>

Signed-off-by: Peter Broadhurst <peter.broadhurst@kaleido.io>

Makefile

@@ -4,10 +4,13 @@ BINARY_UNIX=$(BINARY_NAME)-tux
 BINARY_MAC=$(BINARY_NAME)-mac
 BINARY_WIN=$(BINARY_NAME)-win
 
+.DELETE_ON_ERROR:
+GOFILES := $(shell find . -name '*.go' -print)
+
 all: deps build test
 build: 
 		$(VGO) build -ldflags "-X main.buildDate=`date -u +\"%Y-%m-%dT%H:%M:%SZ\"` -X main.buildVersion=$(BUILD_VERSION)" -tags=prod -o $(BINARY_NAME) -v
-coverage.txt:
+coverage.txt: $(GOFILES)
 		$(VGO) test  ./... -cover -coverprofile=coverage.txt -covermode=atomic
 test: coverage.txt
 clean: 

cmd/ethconnect.go

@@ -20,7 +20,6 @@ import (
 	"io/ioutil"
 	"os"
 	"strings"
-	"time"
 
 	"gopkg.in/yaml.v2"
 
@@ -30,6 +29,7 @@ import (
 	"github.com/kaleido-io/ethconnect/internal/kldutils"
 	log "github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
+	prefixed "github.com/x-cray/logrus-prefixed-formatter"
 )
 
 // ServerConfig is the parent YAML structure that configures ethconnect
@@ -39,13 +39,15 @@ type ServerConfig struct {
 	KafkaBridges map[string]*kldkafka.KafkaBridgeConf `json:"kafka"`
 	Webhooks     map[string]*kldrest.RESTGatewayConf  `json:"webhooks"`
 	RESTGateways map[string]*kldrest.RESTGatewayConf  `json:"rest"`
+	Plugins      PluginConfig                         `json:"plugins"`
 }
 
 func initLogging(debugLevel int) {
-	log.SetFormatter(&log.TextFormatter{
-		FullTimestamp:   true,
-		TimestampFormat: time.RFC3339,
+	log.SetFormatter(&prefixed.TextFormatter{
+		TimestampFormat: "2006-01-02T15:04:05.000Z07:00",
 		DisableSorting:  true,
+		ForceFormatting: true,
+		FullTimestamp:   true,
 	})
 	switch debugLevel {
 	case 0:
@@ -127,6 +129,10 @@ func readServerConfig() (serverConfig *ServerConfig, err error) {
 		err = fmt.Errorf("Failed to process YAML config from %s: %s", serverCmdConfig.Filename, err)
 		return
 	}
+
+	// Load any plugins
+	loadPlugins(&serverConfig.Plugins)
+
 	return
 }
 

cmd/plugins.go

@@ -0,0 +1,63 @@
+// Copyright 2019 Kaleido
+
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+
+//     http://www.apache.org/licenses/LICENSE-2.0
+
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package cmd
+
+import (
+	"fmt"
+	"plugin"
+
+	"github.com/kaleido-io/ethconnect/internal/kldauth"
+	"github.com/kaleido-io/ethconnect/pkg/kldplugins"
+	log "github.com/sirupsen/logrus"
+)
+
+// PluginConfig is the JSON configuration for loading plugins
+type PluginConfig struct {
+	SecurityModulePlugin string `json:"securityModule"`
+}
+
+func loadPlugins(conf *PluginConfig) error {
+	if err := loadSecurityModulePlugin(conf); err != nil {
+		return err
+	}
+	return nil
+}
+
+func loadSecurityModulePlugin(conf *PluginConfig) error {
+
+	modulePath := conf.SecurityModulePlugin
+	if modulePath == "" {
+		return nil
+	}
+
+	log.Debugf("Loading SecurityModule plugin '%s'", modulePath)
+	smPlugin, err := plugin.Open(modulePath)
+	if err != nil {
+		return fmt.Errorf("Failed to load plugin: %s", err)
+	}
+
+	smSymbol, err := smPlugin.Lookup("SecurityModule")
+	if err != nil || smSymbol == nil {
+		return fmt.Errorf("Failed to load 'SecurityModule' symbol from '%s': %s", modulePath, err)
+	}
+
+	sm, ok := smSymbol.(kldplugins.SecurityModule)
+	if !ok {
+		return fmt.Errorf("Failed to cast symbol from '%s' to 'kldplugins.SecurityModule'", modulePath)
+	}
+
+	kldauth.RegisterSecurityModule(sm)
+	return nil
+}

codecov.yml

@@ -3,3 +3,7 @@ coverage:
     patch:
       default:
         threshold: 0.1%
+  ignore:
+  - "internal/kldkafka/mock_sarama" # Generated mock
+  - "internal/kldauth/kldauthtest" # Mock
+  - "cmd/plugins.go" # Not testable with UTs

go.mod

@@ -3,15 +3,17 @@ module github.com/kaleido-io/ethconnect
 require (
 	github.com/DataDog/zstd v1.4.1 // indirect
 	github.com/Shopify/sarama v1.24.1
+	github.com/VictoriaMetrics/fastcache v1.5.7 // indirect
+	github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc
 	github.com/allegro/bigcache v1.2.1 // indirect
-	github.com/aristanetworks/goarista v0.0.0-20191106175434-873d404c7f40 // indirect
+	github.com/aristanetworks/goarista v0.0.0-20200127212030-841b2df0a347 // indirect
 	github.com/btcsuite/btcd v0.20.1-beta // indirect
 	github.com/deckarep/golang-set v1.7.1 // indirect
 	github.com/docker/docker v1.13.1 // indirect
 	github.com/dsnet/compress v0.0.1 // indirect
 	github.com/eapache/go-resiliency v1.2.0 // indirect
 	github.com/elastic/gosigar v0.10.5 // indirect
-	github.com/ethereum/go-ethereum v1.9.6
+	github.com/ethereum/go-ethereum v1.9.10
 	github.com/fjl/memsize v0.0.0-20180929194037-2a09253e352a // indirect
 	github.com/globalsign/mgo v0.0.0-20181015135952-eeefdecb41b8
 	github.com/go-openapi/jsonreference v0.19.3
@@ -21,7 +23,6 @@ require (
 	github.com/hashicorp/golang-lru v0.5.1 // indirect
 	github.com/huin/goupnp v1.0.0 // indirect
 	github.com/icza/dyno v0.0.0-20180601094105-0c96289f9585
-	github.com/jackpal/go-nat-pmp v1.0.1 // indirect
 	github.com/jcmturner/gofork v1.0.0 // indirect
 	github.com/julienschmidt/httprouter v1.3.0
 	github.com/karalabe/hid v0.0.0-20181128192157-d815e0c1a2e2 // indirect
@@ -30,36 +31,33 @@ require (
 	github.com/mailru/easyjson v0.7.0 // indirect
 	github.com/mattn/go-colorable v0.1.1 // indirect
 	github.com/mattn/go-isatty v0.0.7 // indirect
+	github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b // indirect
 	github.com/mholt/archiver v3.1.1+incompatible
 	github.com/mitchellh/mapstructure v1.1.2
 	github.com/nu7hatch/gouuid v0.0.0-20131221200532-179d4d0c4d8d
 	github.com/nwaples/rardecode v1.0.0 // indirect
-	github.com/opentracing/opentracing-go v1.1.0 // indirect
 	github.com/pborman/uuid v1.2.0 // indirect
 	github.com/pierrec/lz4 v2.3.0+incompatible // indirect
-	github.com/pkg/errors v0.8.1 // indirect
+	github.com/pkg/errors v0.9.1 // indirect
 	github.com/rcrowley/go-metrics v0.0.0-20190826022208-cac0b30c2563 // indirect
 	github.com/rjeczalik/notify v0.9.2 // indirect
 	github.com/rs/cors v1.7.0 // indirect
 	github.com/sirupsen/logrus v1.4.2
 	github.com/spf13/cobra v0.0.5
 	github.com/spf13/pflag v1.0.5 // indirect
 	github.com/sqs/goreturns v0.0.0-20181028201513-538ac6014518 // indirect
-	github.com/steakknife/bloomfilter v0.0.0-20180922174646-6819c0d2a570 // indirect
-	github.com/steakknife/hamming v0.0.0-20180906055917-c99c65617cd3 // indirect
-	github.com/stretchr/testify v1.3.0
-	github.com/syndtr/goleveldb v1.0.0
+	github.com/stretchr/testify v1.4.0
+	github.com/syndtr/goleveldb v1.0.1-0.20190923125748-758128399b1d
 	github.com/tidwall/gjson v1.3.4
 	github.com/uber/jaeger-client-go v2.16.0+incompatible // indirect
 	github.com/uber/jaeger-lib v2.0.0+incompatible // indirect
+	github.com/x-cray/logrus-prefixed-formatter v0.5.2
 	github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 // indirect
 	go.uber.org/atomic v1.4.0
-	golang.org/x/crypto v0.0.0-20191112222119-e1110fd1c708 // indirect
+	golang.org/x/crypto v0.0.0-20200128174031-69ecbb4d6d5d // indirect
 	golang.org/x/net v0.0.0-20191112182307-2180aed22343 // indirect
-	golang.org/x/sys v0.0.0-20191115151921-52ab43148777 // indirect
+	golang.org/x/sys v0.0.0-20200124204421-9fbb57f87de9 // indirect
 	gopkg.in/jcmturner/gokrb5.v7 v7.3.0 // indirect
-	gopkg.in/natefinch/npipe.v2 v2.0.0-20160621034901-c1b8fa8bdcce // indirect
-	gopkg.in/urfave/cli.v1 v1.20.0 // indirect
 	gopkg.in/yaml.v2 v2.2.5
 )