Merge pull request #209 from iExecBlockchainComputing/access-token-and-feign-retry

james-toussaint · web-flow · commit 76aafba480c1 · 2019-06-10T15:29:02.000+02:00
Access token and feign retry
diff --git a/src/main/java/com/iexec/worker/feign/CustomFeignClient.java b/src/main/java/com/iexec/worker/feign/CustomFeignClient.java
@@ -6,18 +6,13 @@
 import com.iexec.common.notification.TaskNotification;
 import com.iexec.common.replicate.ReplicateDetails;
 import com.iexec.common.replicate.ReplicateStatus;
-import com.iexec.common.security.Signature;
-import com.iexec.common.utils.SignatureUtils;
-import com.iexec.worker.chain.CredentialsService;
 import com.iexec.worker.config.CoreConfigurationService;
+import com.iexec.worker.security.TokenService;
 import feign.FeignException;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.http.HttpStatus;
 import org.springframework.stereotype.Service;
-import org.web3j.crypto.ECKeyPair;
 
-import java.util.ArrayList;
-import java.util.Collections;
 import java.util.List;
 import java.util.Optional;
 
@@ -26,187 +21,143 @@
 @Slf4j
 public class CustomFeignClient {
 
-
     private static final int RETRY_TIME = 5000;
-    private static final String TOKEN_PREFIX = "Bearer ";
     private final String coreURL;
-    private String currentToken;
-
+    private TokenService tokenService;
     private CoreClient coreClient;
     private WorkerClient workerClient;
     private ReplicateClient replicateClient;
-    private CredentialsService credentialsService;
 
     public CustomFeignClient(CoreClient coreClient,
                              WorkerClient workerClient,
                              ReplicateClient replicateClient,
-                             CredentialsService credentialsService,
-                             CoreConfigurationService coreConfigurationService) {
+                             CoreConfigurationService coreConfigurationService,
+                             TokenService tokenService) {
         this.coreClient = coreClient;
         this.workerClient = workerClient;
         this.replicateClient = replicateClient;
-        this.credentialsService = credentialsService;
         this.coreURL = coreConfigurationService.getUrl();
-        this.currentToken = "";
+        this.tokenService = tokenService;
     }
 
-    public PublicConfiguration getPublicConfiguration() {
+    //TODO: Make a generic method for REST API calls (Unauthorized, Retry, ..)
+    public String ping() {
         try {
-            return workerClient.getPublicConfiguration();
+            return workerClient.ping(tokenService.getToken());
         } catch (FeignException e) {
-            if (e.status() == 0) {
-                log.error("Failed to getPublicConfiguration, will retry");
-                sleep();
-                return getPublicConfiguration();
+            if (HttpStatus.valueOf(e.status()).equals(HttpStatus.UNAUTHORIZED)) {
+                tokenService.expireToken();
+            } else {
+                log.error("Failed to ping (will retry) [instance:{}, status:{}]", coreURL, e.status());
             }
+            sleep();
+            return ping();
         }
-        return null;
     }
 
-    public String getCoreVersion() {
+    public PublicConfiguration getPublicConfiguration() {
         try {
-            return coreClient.getCoreVersion();
+            return workerClient.getPublicConfiguration();
         } catch (FeignException e) {
-            if (e.status() == 0) {
-                log.error("Failed to getCoreVersion, will retry");
-                sleep();
-                return getCoreVersion();
+            if (HttpStatus.valueOf(e.status()).equals(HttpStatus.UNAUTHORIZED)) {
+                tokenService.expireToken();
+            } else {
+                log.error("Failed to getPublicConfiguration (will retry) [instance:{}, status:{}]", coreURL, e.status());
             }
+            sleep();
+            return getPublicConfiguration();
         }
-        return null;
     }
 
-    public String ping() {
+    public String getCoreVersion() {
         try {
-            return workerClient.ping(getToken());
+            return coreClient.getCoreVersion();
         } catch (FeignException e) {
-            if (e.status() == 0) {
-                log.error("Failed to ping [instance:{}]", coreURL);
-            } else if (HttpStatus.valueOf(e.status()).equals(HttpStatus.UNAUTHORIZED)) {
-                generateNewToken();
-                return workerClient.ping(getToken());
+            if (HttpStatus.valueOf(e.status()).equals(HttpStatus.UNAUTHORIZED)) {
+                tokenService.expireToken();
+            } else {
+                log.error("Failed to getCoreVersion (will retry) [instance:{}, status:{}]", coreURL, e.status());
             }
+            sleep();
+            return getCoreVersion();
         }
-
-        return "";
     }
 
+    //TODO: Make registerWorker return Worker
     public void registerWorker(WorkerConfigurationModel model) {
         try {
-            workerClient.registerWorker(getToken(), model);
+            workerClient.registerWorker(tokenService.getToken(), model);
         } catch (FeignException e) {
-            if (e.status() == 0) {
-                log.error("Failed to registerWorker, will retry [instance:{}]", coreURL);
-                sleep();
-                registerWorker(model);
-            } else if (HttpStatus.valueOf(e.status()).equals(HttpStatus.UNAUTHORIZED)) {
-                generateNewToken();
-                workerClient.registerWorker(getToken(), model);
+            if (HttpStatus.valueOf(e.status()).equals(HttpStatus.UNAUTHORIZED)) {
+                tokenService.expireToken();
+            } else {
+                log.error("Failed to registerWorker (will retry) [instance:{}, status:{}]", coreURL, e.status());
             }
+            sleep();
+            registerWorker(model);
         }
     }
 
     public List<TaskNotification> getMissedTaskNotifications(long lastAvailableBlockNumber) {
-        List<TaskNotification> interruptedReplicates = new ArrayList<>();
-
         try {
-            interruptedReplicates = replicateClient.getMissedTaskNotifications(lastAvailableBlockNumber, getToken());
+            return replicateClient.getMissedTaskNotifications(lastAvailableBlockNumber, tokenService.getToken());
         } catch (FeignException e) {
-            if (e.status() == HttpStatus.UNAUTHORIZED.value()) {
-                generateNewToken();
-                interruptedReplicates = replicateClient.getMissedTaskNotifications(lastAvailableBlockNumber, getToken());
+            if (HttpStatus.valueOf(e.status()).equals(HttpStatus.UNAUTHORIZED)) {
+                tokenService.expireToken();
             } else {
-                log.error("Failed to get interrupted replicates [instance:{}]", coreURL);
-                e.printStackTrace();
+                log.error("Failed to getMissedTaskNotifications (will retry) [instance:{}, status:{}]", coreURL, e.status());
             }
+            sleep();
+            return getMissedTaskNotifications(lastAvailableBlockNumber);
         }
-
-        return interruptedReplicates;
     }
 
     public List<String> getTasksInProgress() {
         try {
-            return workerClient.getCurrentTasks(getToken());
+            return workerClient.getCurrentTasks(tokenService.getToken());
         } catch (FeignException e) {
-            if (e.status() == 0) {
-                log.error("Failed to get tasks in progress, will retry [instance:{}]", coreURL);
-                sleep();
-            } else if (HttpStatus.valueOf(e.status()).equals(HttpStatus.UNAUTHORIZED)) {
-                generateNewToken();
-                return workerClient.getCurrentTasks(getToken());
+            if (HttpStatus.valueOf(e.status()).equals(HttpStatus.UNAUTHORIZED)) {
+                tokenService.expireToken();
+            } else {
+                log.error("Failed to getTasksInProgress (will retry) [instance:{}, status:{}]", coreURL, e.status());
             }
+            sleep();
+            return getTasksInProgress();
         }
-
-        return Collections.emptyList();
     }
 
     public Optional<ContributionAuthorization> getAvailableReplicate(long lastAvailableBlockNumber) {
-        ContributionAuthorization contributionAuth = null;
-
         try {
-            contributionAuth = replicateClient.getAvailableReplicate(lastAvailableBlockNumber, getToken());
+            ContributionAuthorization contributionAuth = replicateClient.getAvailableReplicate(lastAvailableBlockNumber, tokenService.getToken());
+            return contributionAuth == null ? Optional.empty() : Optional.of(contributionAuth);
         } catch (FeignException e) {
-            if (e.status() == HttpStatus.UNAUTHORIZED.value()) {
-                generateNewToken();
-                contributionAuth = replicateClient.getAvailableReplicate(lastAvailableBlockNumber, getToken());
+            if (HttpStatus.valueOf(e.status()).equals(HttpStatus.UNAUTHORIZED)) {
+                tokenService.expireToken();
             } else {
-                log.error("Failed to get an available replicate [instance:{}]", coreURL);
-                e.printStackTrace();
+                log.error("Failed to getAvailableReplicate (will retry) [instance:{}, status:{}]", coreURL, e.status());
             }
+            sleep();
+            return getAvailableReplicate(lastAvailableBlockNumber);
         }
-
-        return contributionAuth == null ? Optional.empty() : Optional.of(contributionAuth);
     }
 
     public void updateReplicateStatus(String chainTaskId, ReplicateStatus status) {
         updateReplicateStatus(chainTaskId, status, ReplicateDetails.builder().build());
     }
 
     public void updateReplicateStatus(String chainTaskId, ReplicateStatus status, ReplicateDetails details) {
-        log.info(status.toString() + " [chainTaskId:{}]", chainTaskId);
-
         try {
-            replicateClient.updateReplicateStatus(chainTaskId, status, getToken(), details);
+            replicateClient.updateReplicateStatus(chainTaskId, status, tokenService.getToken(), details);
+            log.info(status.toString() + " [chainTaskId:{}]", chainTaskId);
         } catch (FeignException e) {
-            if (e.status() == 0) {
-                log.error("Failed to updateReplicateStatus, will retry [instance:{}]", coreURL);
-                sleep();
-                updateReplicateStatus(chainTaskId, status, details);
-                return;
-            }
-
             if (HttpStatus.valueOf(e.status()).equals(HttpStatus.UNAUTHORIZED)) {
-                generateNewToken();
-                log.info(status.toString() + " [chainTaskId:{}]", chainTaskId);
-                replicateClient.updateReplicateStatus(chainTaskId, status, getToken(), details);
-            }
-        }
-    }
-
-    private String getChallenge(String workerAddress) {
-        try {
-            return workerClient.getChallenge(workerAddress);
-        } catch (FeignException e) {
-            if (e.status() == 0) {
-                log.error("Failed to get core challenge, will retry [instance:{}]", coreURL);
-                sleep();
-                return getChallenge(workerAddress);
-            }
-        }
-        return null;
-    }
-
-    private String login(String workerAddress, Signature signature) {
-        try {
-            return workerClient.login(workerAddress, signature);
-        } catch (FeignException e) {
-            if (e.status() == 0) {
-                log.error("Failed to login, will retry [instance:{}]", coreURL);
-                sleep();
-                return login(workerAddress, signature);
+                tokenService.expireToken();
+            } else {
+                log.error("Failed to updateReplicateStatus (will retry) [instance:{}, status:{}]", coreURL, e.status());
             }
+            sleep();
+            updateReplicateStatus(chainTaskId, status, details);
         }
-        return null;
     }
 
     private void sleep() {
@@ -216,26 +167,4 @@ private void sleep() {
         }
     }
 
-    private String getToken() {
-        if (currentToken.isEmpty()) {
-            String workerAddress = credentialsService.getCredentials().getAddress();
-            ECKeyPair ecKeyPair = credentialsService.getCredentials().getEcKeyPair();
-            String challenge = getChallenge(workerAddress);
-
-            Signature signature = SignatureUtils.hashAndSign(challenge, workerAddress, ecKeyPair);
-            currentToken = TOKEN_PREFIX + login(workerAddress, signature);
-        }
-
-        return currentToken;
-    }
-
-    private void expireToken() {
-        currentToken = "";
-    }
-
-    private String generateNewToken() {
-        expireToken();
-        return getToken();
-    }
-
 }
diff --git a/src/main/java/com/iexec/worker/feign/WorkerClient.java b/src/main/java/com/iexec/worker/feign/WorkerClient.java
@@ -27,8 +27,8 @@ void registerWorker(@RequestHeader("Authorization") String bearerToken,
     List<String> getCurrentTasks(@RequestHeader("Authorization") String bearerToken) throws FeignException;
 
     @PostMapping("/workers/login")
-    String login(@RequestParam(name = "walletAddress") String walletAddress,
-                 @RequestBody Signature authorization) throws FeignException;
+    String getAccessToken(@RequestParam(name = "walletAddress") String walletAddress,
+                          @RequestBody Signature authorization) throws FeignException;
 
     @GetMapping("/workers/challenge")
     String getChallenge(@RequestParam(name = "walletAddress") String walletAddress) throws FeignException;
diff --git a/src/main/java/com/iexec/worker/security/TokenService.java b/src/main/java/com/iexec/worker/security/TokenService.java
@@ -0,0 +1,85 @@
+package com.iexec.worker.security;
+
+import com.iexec.common.security.Signature;
+import com.iexec.common.utils.SignatureUtils;
+import com.iexec.worker.chain.CredentialsService;
+import com.iexec.worker.feign.WorkerClient;
+import feign.FeignException;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.http.HttpStatus;
+import org.springframework.stereotype.Service;
+import org.web3j.crypto.ECKeyPair;
+
+@Slf4j
+@Service
+public class TokenService {
+
+    private static final String TOKEN_PREFIX = "Bearer ";
+    private static final long RETRY_TIME = 5000;
+    private final CredentialsService credentialsService;
+    private final WorkerClient workerClient;
+    private String currentToken;
+
+    public TokenService(CredentialsService credentialsService,
+                        WorkerClient workerClient) {
+        this.credentialsService = credentialsService;
+        this.workerClient = workerClient;
+        expireToken();
+    }
+
+    public void expireToken() {
+        currentToken = "";
+    }
+
+    public String getToken() {
+        if (currentToken.isEmpty()) {
+            String workerAddress = credentialsService.getCredentials().getAddress();
+            ECKeyPair ecKeyPair = credentialsService.getCredentials().getEcKeyPair();
+            String challenge = getChallenge(workerAddress);
+            if (challenge.isEmpty()) {
+                log.error("Challenge should not be empty [challenge:{}]", challenge);
+            }
+
+            Signature signature = SignatureUtils.hashAndSign(challenge, workerAddress, ecKeyPair);
+            String token = getAccessToken(workerAddress, signature);
+            if (!token.isEmpty()) {
+                currentToken = TOKEN_PREFIX + token;
+            } else {
+                log.error("Access token should not be empty [token:{}]", token);
+            }
+        }
+        return currentToken;
+    }
+
+    private String getChallenge(String workerAddress) {
+        try {
+            return workerClient.getChallenge(workerAddress);
+        } catch (FeignException e) {
+            log.error("Failed to getChallenge (will retry) [status:{}]", e.status());
+            sleep();
+            return getChallenge(workerAddress);
+        }
+    }
+
+    private String getAccessToken(String workerAddress, Signature signature) {
+        try {
+            return workerClient.getAccessToken(workerAddress, signature);
+        } catch (FeignException e) {
+            if (HttpStatus.valueOf(e.status()).equals(HttpStatus.UNAUTHORIZED)) {
+                expireToken();
+            } else {
+                log.error("Failed to getAccessToken (will retry) [status:{}]", e.status());
+            }
+            sleep();
+            return getAccessToken(workerAddress, signature);
+        }
+    }
+
+    private void sleep() {
+        try {
+            Thread.sleep(RETRY_TIME);
+        } catch (InterruptedException e) {
+        }
+    }
+
+}
