From c839360836a1d79caca5f7062efb1dd16087c131 Mon Sep 17 00:00:00 2001 From: James Kwon <96548424+hongil0316@users.noreply.github.com> Date: Fri, 14 Jun 2024 10:59:51 -0400 Subject: [PATCH] Creating a new script to ban nodes (#30) --- scripts/README.md | 38 ++++++++++++++++++++++++++ scripts/ban-node/main.go | 59 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 97 insertions(+) create mode 100644 scripts/README.md create mode 100644 scripts/ban-node/main.go diff --git a/scripts/README.md b/scripts/README.md new file mode 100644 index 0000000..3773e95 --- /dev/null +++ b/scripts/README.md @@ -0,0 +1,38 @@ +# Scripts + +## Create JWT Token + +This script is used to create JWT Token representing an existing user which can then be used to invoke the API Server as an alternative authentication method to firebase auth. + +```bash +export JWT_SECRET +go run ./scripts/create-jwt-token --user-id "" +``` + +Notes: + +1. You need to use the same values as the [JWT_SECRET](./../docker-compose.yml#L20) environment variables defined for the API Server. +2. By default, the token will [expire in 30 days](./create-jwt-token/main.go#L14), which can be overriden using `--expiry` flag. + +## Ban a Publisher + +This script is used to invoke ban publisher API using jwt token as authentication. + +```bash +go run ./scripts/ban-publisher \ + --base-url "" \ + --token "" \ + --publisher-id "" +``` + +## Ban a Node + +This script is used to invoke ban publisher API using jwt token as authentication. + +```bash +go run ./scripts/ban-node \ + --base-url "" \ + --token "" \ + --publisher-id "" + --node-id "" +``` diff --git a/scripts/ban-node/main.go b/scripts/ban-node/main.go new file mode 100644 index 0000000..98a0ba6 --- /dev/null +++ b/scripts/ban-node/main.go @@ -0,0 +1,59 @@ +package main + +import ( + "flag" + "fmt" + "io" + "log" + "net/http" + "net/url" + "os" +) + +var pubID = flag.String("publisher-id", "", "Pubisher ID of the node") +var nodeID = flag.String("node-id", "", "Node ID to be banned") +var token = flag.String("token", os.Getenv("JWT_TOKEN"), "JWT token to use for authentication") +var baseURL = flag.String("base-url", os.Getenv("REGISTRY_BASE_URL"), "Base url of registry service") + +func main() { + flag.Parse() + + if pubID == nil || *pubID == "" { + flag.PrintDefaults() + log.Fatalf("Flag `--publisher-id` must be set to non-empty string.\n") + } + if nodeID == nil || *nodeID == "" { + flag.PrintDefaults() + log.Fatalf("Flag `--node-id` must be set to non-empty string.\n") + } + if token == nil || *token == "" { + flag.PrintDefaults() + log.Fatalf("Flag `--token` or environment variable `JWT_TOKEN` must be set to non-empty string.\n") + } + if baseURL == nil || *baseURL == "" { + flag.PrintDefaults() + log.Fatalf("Flag `--base-url` or environment variable `BASE_URL` must be set to non-empty string.\n") + } + + u, err := url.Parse(*baseURL) + if err != nil { + log.Fatalf("Invalid base url :%v .\n", err) + } + u = u.JoinPath("publishers", *pubID, "nodes", *nodeID, "ban") + + req, _ := http.NewRequest(http.MethodPost, u.String(), nil) + req.Header.Set("Authorization", "Bearer "+*token) + res, err := http.DefaultClient.Do(req) + if err != nil { + log.Fatalf("Failed to send HTTP request :%v\n", err) + } + b, err := io.ReadAll(res.Body) + if err != nil { + log.Fatalf("Failed to read HTTP response :%v\n", err) + } + if res.StatusCode > 299 { + log.Fatalf("Received non-success response: \nStatus: %d\nBody: \n\n%v\n", res.StatusCode, string(b)) + } + fmt.Printf("Publisher's node '%s' has been banned\n", *pubID) + +}