Replace CredentialsService with SignerService (#602)

Author: jbern0rd

CHANGELOG.md

@@ -8,6 +8,7 @@ All notable changes to this project will be documented in this file.
 
 - Add `iexec-core-library` dependency and use it. (#595)
 - Create `ConfigServerClient` instance and use it instead of `BlockchainAdapterApiClient`. (#596)
+- Replace `CredentialsService` with `SignerService`. (#602)
 
 ### Bug fixes
 

build.gradle

@@ -13,6 +13,7 @@ group = 'com.iexec.worker'
 ext {
     springCloudVersion = '2021.0.8'
     commonsMathsVersion = '3.6.1'
+    testContainersVersion = '1.19.3'
 }
 
 if (!project.hasProperty('gitBranch')) {
@@ -115,6 +116,9 @@ testing {
 
                 // awaitility
                 implementation "org.awaitility:awaitility"
+
+                // testcontainers
+                implementation "org.testcontainers:junit-jupiter:$testContainersVersion"
             }
         }
     }

gradle.properties

@@ -1,7 +1,7 @@
 version=8.4.0
 iexecCommonVersion=8.4.0-NEXT-SNAPSHOT
 iexecCommonsContainersVersion=1.2.1
-iexecCommonsPocoVersion=3.2.0
+iexecCommonsPocoVersion=4.0.0-NEXT-SNAPSHOT
 iexecResultVersion=8.4.0
 iexecSmsVersion=8.5.1-NEXT-SNAPSHOT
 iexecCoreVersion=8.4.1-NEXT-SNAPSHOT

src/main/java/com/iexec/worker/chain/CredentialsService.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2020-2023 IEXEC BLOCKCHAIN TECH
+ * Copyright 2020-2024 IEXEC BLOCKCHAIN TECH
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,10 +16,10 @@
 
 package com.iexec.worker.chain;
 
-import com.iexec.common.utils.EthAddress;
 import com.iexec.commons.poco.security.Signature;
 import com.iexec.commons.poco.tee.TeeEnclaveChallengeSignature;
 import com.iexec.commons.poco.utils.BytesUtils;
+import com.iexec.commons.poco.utils.EthAddress;
 import com.iexec.commons.poco.utils.SignatureUtils;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.stereotype.Service;
@@ -39,23 +39,23 @@ public boolean isVerifiedEnclaveSignature(String chainTaskId,
         String baseErrorMessage =
                 "Cannot verify enclave signature with invalid ";
         if (!BytesUtils.isNonZeroedBytes32(resultHash)) {
-            log.error(baseErrorMessage + "result hash [chainTaskId:{}, " +
-                    "resultHash:{}]", chainTaskId, resultHash);
+            log.error(baseErrorMessage + "result hash [chainTaskId:{}, resultHash:{}]",
+                    chainTaskId, resultHash);
             return false;
         }
         if (!BytesUtils.isNonZeroedBytes32(resultSeal)) {
-            log.error(baseErrorMessage + "result seal [chainTaskId:{}, " +
-                    "resultSeal:{}]", chainTaskId, resultSeal);
+            log.error(baseErrorMessage + "result seal [chainTaskId:{}, resultSeal:{}]",
+                    chainTaskId, resultSeal);
             return false;
         }
         if (!SignatureUtils.isSignature(enclaveSignature)) {
-            log.error(baseErrorMessage + "enclave signature [chainTaskId:{}, " +
-                    "enclaveSignature:{}]", chainTaskId, enclaveSignature);
+            log.error(baseErrorMessage + "enclave signature [chainTaskId:{}, enclaveSignature:{}]",
+                    chainTaskId, enclaveSignature);
             return false;
         }
         if (!EthAddress.validate(enclaveChallenge)) {
-            log.error(baseErrorMessage + "enclave challenge [chainTaskId:{}, " +
-                    "enclaveChallenge:{}]", chainTaskId, enclaveChallenge);
+            log.error(baseErrorMessage + "enclave challenge [chainTaskId:{}, enclaveChallenge:{}]",
+                    chainTaskId, enclaveChallenge);
             return false;
         }
 

src/main/java/com/iexec/worker/chain/EnclaveAuthorizationService.java

@@ -48,20 +48,20 @@
 public class IexecHubService extends IexecHubAbstractService implements Purgeable {
 
     private static final String PENDING_RECEIPT_STATUS = "pending";
-    private final CredentialsService credentialsService;
+    private final SignerService signerService;
     private final ThreadPoolExecutor executor;
     private final Web3jService web3jService;
 
     @Autowired
-    public IexecHubService(CredentialsService credentialsService,
+    public IexecHubService(SignerService signerService,
                            Web3jService web3jService,
                            ConfigServerConfigurationService configServerConfigurationService) {
-        super(credentialsService.getCredentials(),
+        super(signerService.getCredentials(),
                 web3jService,
                 configServerConfigurationService.getIexecHubContractAddress(),
                 1,
                 5);
-        this.credentialsService = credentialsService;
+        this.signerService = signerService;
         this.web3jService = web3jService;
         this.executor = (ThreadPoolExecutor) Executors.newFixedThreadPool(1);
     }
@@ -89,7 +89,7 @@ private IexecHubContract.TaskContributeEventResponse sendContributeTransaction(C
         List<IexecHubContract.TaskContributeEventResponse> contributeEvents =
                 IexecHubContract.getTaskContributeEvents(contributeReceipt).stream()
                         .filter(event -> Objects.equals(bytesToString(event.taskid), chainTaskId)
-                                && Objects.equals(event.worker, credentialsService.getCredentials().getAddress()))
+                                && Objects.equals(event.worker, signerService.getAddress()))
                         .collect(Collectors.toList());
         log.debug("contributeEvents count {} [chainTaskId: {}]", contributeEvents.size(), chainTaskId);
 
@@ -124,7 +124,7 @@ private IexecHubContract.TaskRevealEventResponse sendRevealTransaction(String ch
         List<IexecHubContract.TaskRevealEventResponse> revealEvents =
                 IexecHubContract.getTaskRevealEvents(revealReceipt).stream()
                         .filter(event -> Objects.equals(bytesToString(event.taskid), chainTaskId)
-                                && Objects.equals(event.worker, credentialsService.getCredentials().getAddress()))
+                                && Objects.equals(event.worker, signerService.getAddress()))
                         .collect(Collectors.toList());
         log.debug("revealEvents count {} [chainTaskId:{}]", revealEvents.size(), chainTaskId);
 
@@ -239,15 +239,15 @@ private boolean isStatusValidOnChainAfterPendingReceipt(String chainTaskId, Chai
     // endregion
 
     Optional<ChainContribution> getChainContribution(String chainTaskId) {
-        return getChainContribution(chainTaskId, credentialsService.getCredentials().getAddress());
+        return getChainContribution(chainTaskId, signerService.getAddress());
     }
 
     Optional<ChainAccount> getChainAccount() {
-        return getChainAccount(credentialsService.getCredentials().getAddress());
+        return getChainAccount(signerService.getAddress());
     }
 
     public boolean hasEnoughGas() {
-        return web3jService.hasEnoughGas(credentialsService.getCredentials().getAddress());
+        return web3jService.hasEnoughGas(signerService.getAddress());
     }
 
     public long getLatestBlockNumber() {

src/main/java/com/iexec/worker/chain/IexecHubService.java

@@ -0,0 +1,41 @@
+/*
+ * Copyright 2024 IEXEC BLOCKCHAIN TECH
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.iexec.worker.chain;
+
+import com.iexec.commons.poco.chain.SignerService;
+import lombok.Value;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.boot.context.properties.ConstructorBinding;
+import org.springframework.context.annotation.Bean;
+
+@Value
+@ConstructorBinding
+@ConfigurationProperties(prefix = "wallet")
+public class WalletConfiguration {
+    String encryptedFilePath;
+    String password;
+
+    @Bean
+    SignerService signerService(Web3jService web3jService) throws Exception {
+        return new SignerService(web3jService.getWeb3j(), web3jService.getChainId(), password, encryptedFilePath);
+    }
+
+    @Bean
+    public String workerWalletAddress(SignerService signerService) {
+        return signerService.getAddress();
+    }
+}

src/main/java/com/iexec/worker/chain/WalletConfiguration.java

@@ -18,10 +18,10 @@
 
 import com.iexec.common.config.ConfigServerClient;
 import com.iexec.common.config.ConfigServerClientBuilder;
+import com.iexec.core.api.SchedulerClient;
 import com.iexec.core.config.PublicConfiguration;
 import com.iexec.resultproxy.api.ResultProxyClient;
 import com.iexec.resultproxy.api.ResultProxyClientBuilder;
-import com.iexec.worker.feign.CustomCoreFeignClient;
 import feign.Logger;
 import lombok.Getter;
 import org.apache.commons.lang3.StringUtils;
@@ -34,8 +34,8 @@ public class PublicConfigurationService {
 
     private final PublicConfiguration publicConfiguration;
 
-    public PublicConfigurationService(CustomCoreFeignClient customCoreFeignClient) {
-        this.publicConfiguration = customCoreFeignClient.getPublicConfiguration();
+    public PublicConfigurationService(SchedulerClient schedulerClient) {
+        this.publicConfiguration = schedulerClient.getPublicConfiguration();
     }
 
     public String getSchedulerPublicAddress() {

src/main/java/com/iexec/worker/config/PublicConfigurationService.java

@@ -19,7 +19,6 @@
 import com.iexec.common.config.WorkerModel;
 import com.iexec.common.replicate.ReplicateStatusUpdate;
 import com.iexec.core.api.SchedulerClient;
-import com.iexec.core.config.PublicConfiguration;
 import com.iexec.core.notification.TaskNotification;
 import com.iexec.core.notification.TaskNotificationType;
 import com.iexec.core.replicate.ReplicateTaskSummary;
@@ -75,12 +74,6 @@ public String getCoreVersion() {
                 "getCoreVersion", null, null);
     }
 
-    public PublicConfiguration getPublicConfiguration() {
-        return makeHttpCall(
-                jwtToken -> coreClient.getPublicConfiguration(),
-                "getPublicConfiguration", null, null);
-    }
-
     //TODO: Make registerWorker return Worker
     public void registerWorker(WorkerModel model) {
         makeHttpCall(

src/main/java/com/iexec/worker/feign/CustomCoreFeignClient.java

@@ -16,10 +16,10 @@
 
 package com.iexec.worker.feign;
 
+import com.iexec.commons.poco.chain.SignerService;
 import com.iexec.commons.poco.security.Signature;
 import com.iexec.commons.poco.utils.SignatureUtils;
 import com.iexec.core.api.SchedulerClient;
-import com.iexec.worker.chain.CredentialsService;
 import feign.FeignException;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
@@ -36,12 +36,12 @@ public class LoginService {
     static final String TOKEN_PREFIX = "Bearer ";
     private String jwtToken;
 
-    private final CredentialsService credentialsService;
+    private final SignerService signerService;
     private final SchedulerClient coreClient;
     private final ReentrantLock lock = new ReentrantLock();
 
-    LoginService(CredentialsService credentialsService, SchedulerClient coreClient) {
-        this.credentialsService = credentialsService;
+    LoginService(SignerService signerService, SchedulerClient coreClient) {
+        this.signerService = signerService;
         this.coreClient = coreClient;
     }
 
@@ -68,8 +68,8 @@ public String login() {
             final String oldToken = jwtToken;
             expireToken();
 
-            String workerAddress = credentialsService.getCredentials().getAddress();
-            ECKeyPair ecKeyPair = credentialsService.getCredentials().getEcKeyPair();
+            final String workerAddress = signerService.getCredentials().getAddress();
+            final ECKeyPair ecKeyPair = signerService.getCredentials().getEcKeyPair();
 
             final String challenge;
             try {
@@ -83,7 +83,7 @@ public String login() {
                 return "";
             }
 
-            Signature signature = SignatureUtils.hashAndSign(challenge, workerAddress, ecKeyPair);
+            final Signature signature = SignatureUtils.hashAndSign(challenge, ecKeyPair);
             final String token;
             try {
                 token = coreClient.login(workerAddress, signature);