refining

noel2004 · noel2004 · commit 272150365772 · 2025-09-09T20:10:18.000+09:00
diff --git a/coordinator/internal/config/proxy_config.go b/coordinator/internal/config/proxy_config.go
@@ -45,7 +45,6 @@ type UpStream struct {
 type ProxyConfig struct {
 	ProxyManager *ProxyManager        `json:"proxy_manager"`
 	ProxyName    string               `json:"proxy_name"`
-	Auth         *Auth                `json:"auth"`
 	Coordinators map[string]*UpStream `json:"coondiators"`
 }
 
diff --git a/coordinator/internal/controller/proxy/auth.go b/coordinator/internal/controller/proxy/auth.go
@@ -29,9 +29,13 @@ const ProverTypesKey = "prover_types"
 const SignatureKey = "prover_signature"
 
 // NewAuthController returns an LoginController instance
-func NewAuthController(cfg *config.ProxyConfig, clients Clients, vf *verifier.Verifier, proverMgr *ProverManager) *AuthController {
+func NewAuthController(cfg *config.ProxyConfig, clients Clients, proverMgr *ProverManager) *AuthController {
 
-	loginLogic := auth.NewLoginLogicWithSimpleDEduplicator(cfg.ProxyManager.Verifier, vf)
+	// use a dummy Verifier to create login logic (we do not use any information in verifier)
+	dummyVf := verifier.Verifier{
+		OpenVMVkMap: make(map[string]struct{}),
+	}
+	loginLogic := auth.NewLoginLogicWithSimpleDeduplicator(cfg.ProxyManager.Verifier, &dummyVf)
 
 	authController := &AuthController{
 		apiLogin:  api.NewAuthControllerWithLogic(loginLogic),
diff --git a/coordinator/internal/controller/proxy/client.go b/coordinator/internal/controller/proxy/client.go
@@ -30,6 +30,16 @@ func newUpClient(cfg *config.UpStream) *upClient {
 	}
 }
 
+func (c *upClient) Token() string {
+	return c.loginToken
+}
+
+// need a parsable schema defination
+type loginSchema struct {
+	Time  string `json:"time"`
+	Token string `json:"token"`
+}
+
 // FullLogin performs the complete login process: get challenge then login
 func (c *upClient) Login(ctx context.Context, genLogin func(string) (*types.LoginParameter, error)) (*types.LoginSchema, error) {
 	// Step 1: Get challenge
@@ -44,22 +54,24 @@ func (c *upClient) Login(ctx context.Context, genLogin func(string) (*types.Logi
 	if err != nil {
 		return nil, fmt.Errorf("failed to get challenge: %w", err)
 	}
-	defer challengeResp.Body.Close()
 
-	if challengeResp.StatusCode != http.StatusOK {
-		return nil, fmt.Errorf("challenge request failed with status: %d", challengeResp.StatusCode)
+	parsedResp, err := handleHttpResp(challengeResp)
+	if err != nil {
+		return nil, err
+	} else if parsedResp.ErrCode != 0 {
+		return nil, fmt.Errorf("challenge failed: %d (%s)", parsedResp.ErrCode, parsedResp.ErrMsg)
 	}
 
-	// Step 2: Parse challenge response
-	var loginSchema types.LoginSchema
-	if err := json.NewDecoder(challengeResp.Body).Decode(&loginSchema); err != nil {
+	// Ste p2: Parse challenge response
+	var challengeSchema loginSchema
+	if err := parsedResp.DecodeData(&challengeSchema); err != nil {
 		return nil, fmt.Errorf("failed to parse challenge response: %w", err)
 	}
 
 	// Step 3: Use the token from challenge as Bearer token for login
 	url = fmt.Sprintf("%s/coordinator/v1/login", c.baseURL)
 
-	param, err := genLogin(loginSchema.Token)
+	param, err := genLogin(challengeSchema.Token)
 	if err != nil {
 		return nil, fmt.Errorf("failed to setup login parameter: %w", err)
 	}
@@ -75,26 +87,32 @@ func (c *upClient) Login(ctx context.Context, genLogin func(string) (*types.Logi
 	}
 
 	req.Header.Set("Content-Type", "application/json")
-	req.Header.Set("Authorization", "Bearer "+loginSchema.Token)
+	req.Header.Set("Authorization", "Bearer "+challengeSchema.Token)
 
 	loginResp, err := c.httpClient.Do(req)
 	if err != nil {
 		return nil, fmt.Errorf("failed to perform login request: %w", err)
 	}
 
-	parsedResp, err := handleHttpResp(loginResp)
+	parsedResp, err = handleHttpResp(loginResp)
 	if err != nil {
 		return nil, err
+	} else if parsedResp.ErrCode != 0 {
+		return nil, fmt.Errorf("login failed: %d (%s)", parsedResp.ErrCode, parsedResp.ErrMsg)
 	}
 
-	var loginResult types.LoginSchema
+	var loginResult loginSchema
 	err = parsedResp.DecodeData(&loginResult)
 	if err != nil {
 		return nil, fmt.Errorf("login parsing data fail: %v", err)
 	}
 	c.loginToken = loginResult.Token
-	return &loginResult, nil
 
+	// TODO: we need to parse time if we start making use of it
+
+	return &types.LoginSchema{
+		Token: loginResult.Token,
+	}, nil
 }
 
 func handleHttpResp(resp *http.Response) (*ctypes.Response, error) {
diff --git a/coordinator/internal/controller/proxy/client_manager.go b/coordinator/internal/controller/proxy/client_manager.go
@@ -126,7 +126,8 @@ func (cliMgr *ClientManager) Client(ctx context.Context) *upClient {
 		// Set new completion context and launch login goroutine
 		ctx, completionDone := context.WithCancel(context.TODO())
 		loginCli := newUpClient(cliMgr.cfg)
-		cliMgr.cachedCli.completionCtx = context.WithValue(ctx, "cli", loginCli)
+		completionCtx = context.WithValue(ctx, "cli", loginCli)
+		cliMgr.cachedCli.completionCtx = completionCtx
 
 		// Launch keep-login goroutine
 		go func() {
@@ -138,40 +139,6 @@ func (cliMgr *ClientManager) Client(ctx context.Context) *upClient {
 			cliMgr.cachedCli.cli = loginCli
 			cliMgr.cachedCli.completionCtx = nil
 
-			// Launch waiting thread to clear cached client before expiration
-			// go func() {
-			// 	now := time.Now()
-			// 	clearTime := expiredT.Add(-10 * time.Second) // 10s before expiration
-
-			// 	// If clear time is too soon (less than 10s from now), set it to 10s from now
-			// 	if clearTime.Before(now.Add(10 * time.Second)) {
-			// 		clearTime = now.Add(10 * time.Second)
-			// 		log.Error("token expiration time is too close, delaying clear time",
-			// 			"name", cliMgr.name,
-			// 			"expiredT", expiredT,
-			// 			"adjustedClearTime", clearTime)
-			// 	}
-
-			// 	waitDuration := time.Until(clearTime)
-			// 	log.Info("token expiration monitor started",
-			// 		"name", cliMgr.name,
-			// 		"expiredT", expiredT,
-			// 		"clearTime", clearTime,
-			// 		"waitDuration", waitDuration)
-
-			// 	timer := time.NewTimer(waitDuration)
-			// 	select {
-			// 	case <-ctx.Done():
-			// 		timer.Stop()
-			// 		log.Info("token expiration monitor cancelled", "name", cliMgr.name)
-			// 	case <-timer.C:
-			// 		log.Info("clearing cached client before token expiration",
-			// 			"name", cliMgr.name,
-			// 			"expiredT", expiredT)
-			// 		cliMgr.clearCachedCli(loginCli)
-			// 	}
-			// }()
-
 			cliMgr.cachedCli.Unlock()
 
 		}()
diff --git a/coordinator/internal/controller/proxy/controller.go b/coordinator/internal/controller/proxy/controller.go
@@ -2,10 +2,8 @@ package proxy
 
 import (
 	"github.com/prometheus/client_golang/prometheus"
-	"github.com/scroll-tech/go-ethereum/log"
 
 	"scroll-tech/coordinator/internal/config"
-	"scroll-tech/coordinator/internal/logic/verifier"
 )
 
 var (
@@ -26,13 +24,6 @@ func InitController(cfg *config.ProxyConfig, reg prometheus.Registerer) {
 	// normalize cfg
 	cfg.ProxyManager.Normalize()
 
-	vf, err := verifier.NewVerifier(cfg.ProxyManager.Verifier)
-	if err != nil {
-		panic("proof receiver new verifier failure")
-	}
-
-	log.Info("verifier created", "openVmVerifier", vf.OpenVMVkMap)
-
 	clients := make(map[string]Client)
 
 	for nm, upCfg := range cfg.Coordinators {
@@ -45,7 +36,7 @@ func InitController(cfg *config.ProxyConfig, reg prometheus.Registerer) {
 
 	proverManager := NewProverManager()
 
-	Auth = NewAuthController(cfg, clients, vf, proverManager)
+	Auth = NewAuthController(cfg, clients, proverManager)
 	GetTask = NewGetTaskController(cfg, clients, proverManager, reg)
 	SubmitProof = NewSubmitProofController(cfg, clients, proverManager, reg)
 }
diff --git a/coordinator/internal/logic/auth/login.go b/coordinator/internal/logic/auth/login.go
@@ -40,7 +40,7 @@ func (s *SimpleDeduplicator) InsertChallenge(ctx context.Context, challengeStrin
 }
 
 // NewLoginLogicWithSimpleDEduplicator new a LoginLogic, do not use db to deduplicate challege
-func NewLoginLogicWithSimpleDEduplicator(vcfg *config.VerifierConfig, vf *verifier.Verifier) *LoginLogic {
+func NewLoginLogicWithSimpleDeduplicator(vcfg *config.VerifierConfig, vf *verifier.Verifier) *LoginLogic {
 	return newLoginLogic(&SimpleDeduplicator{}, vcfg, vf)
 }
 
diff --git a/coordinator/internal/middleware/login_jwt.go b/coordinator/internal/middleware/login_jwt.go
@@ -21,13 +21,13 @@ func nonIdendityAuthorizator(data interface{}, _ *gin.Context) bool {
 }
 
 // LoginMiddleware jwt auth middleware
-func LoginMiddleware(conf *config.Config) *jwt.GinJWTMiddleware {
+func LoginMiddleware(auth *config.Auth) *jwt.GinJWTMiddleware {
 	jwtMiddleware, err := jwt.New(&jwt.GinJWTMiddleware{
 		PayloadFunc:     api.Auth.PayloadFunc,
 		IdentityHandler: api.Auth.IdentityHandler,
 		IdentityKey:     types.PublicKey,
-		Key:             []byte(conf.Auth.Secret),
-		Timeout:         time.Second * time.Duration(conf.Auth.LoginExpireDurationSec),
+		Key:             []byte(auth.Secret),
+		Timeout:         time.Second * time.Duration(auth.LoginExpireDurationSec),
 		Authenticator:   api.Auth.Login,
 		Authorizator:    nonIdendityAuthorizator,
 		Unauthorized:    unauthorized,
@@ -49,13 +49,13 @@ func LoginMiddleware(conf *config.Config) *jwt.GinJWTMiddleware {
 }
 
 // ProxyLoginMiddleware jwt auth middleware for proxy login
-func ProxyLoginMiddleware(conf *config.ProxyConfig) *jwt.GinJWTMiddleware {
+func ProxyLoginMiddleware(auth *config.Auth) *jwt.GinJWTMiddleware {
 	jwtMiddleware, err := jwt.New(&jwt.GinJWTMiddleware{
 		PayloadFunc:     api.Auth.PayloadFunc,
 		IdentityHandler: api.Auth.IdentityHandler,
 		IdentityKey:     types.PublicKey,
-		Key:             []byte(conf.Auth.Secret),
-		Timeout:         time.Second * time.Duration(conf.Auth.LoginExpireDurationSec),
+		Key:             []byte(auth.Secret),
+		Timeout:         time.Second * time.Duration(auth.LoginExpireDurationSec),
 		Authenticator:   proxy.Auth.Login,
 		Authorizator:    nonIdendityAuthorizator,
 		Unauthorized:    unauthorized,
diff --git a/coordinator/internal/route/route.go b/coordinator/internal/route/route.go
@@ -29,7 +29,7 @@ func v1(router *gin.RouterGroup, conf *config.Config) {
 	challengeMiddleware := middleware.ChallengeMiddleware(conf.Auth)
 	r.GET("/challenge", challengeMiddleware.LoginHandler)
 
-	loginMiddleware := middleware.LoginMiddleware(conf)
+	loginMiddleware := middleware.LoginMiddleware(conf.Auth)
 	r.POST("/login", challengeMiddleware.MiddlewareFunc(), loginMiddleware.LoginHandler)
 
 	// need jwt token api
@@ -41,13 +41,24 @@ func v1(router *gin.RouterGroup, conf *config.Config) {
 	}
 }
 
+// Route register route for coordinator
+func ProxyRoute(router *gin.Engine, cfg *config.ProxyConfig, reg prometheus.Registerer) {
+	router.Use(gin.Recovery())
+
+	observability.Use(router, "coordinator", reg)
+
+	r := router.Group("coordinator")
+
+	v1_proxy(r, cfg)
+}
+
 func v1_proxy(router *gin.RouterGroup, conf *config.ProxyConfig) {
 	r := router.Group("/v1")
 
-	challengeMiddleware := middleware.ChallengeMiddleware(conf.Auth)
+	challengeMiddleware := middleware.ChallengeMiddleware(conf.ProxyManager.Auth)
 	r.GET("/challenge", challengeMiddleware.LoginHandler)
 
-	loginMiddleware := middleware.ProxyLoginMiddleware(conf)
+	loginMiddleware := middleware.ProxyLoginMiddleware(conf.ProxyManager.Auth)
 	r.POST("/login", challengeMiddleware.MiddlewareFunc(), loginMiddleware.LoginHandler)
 
 	// need jwt token api

Original file line number	Diff line number	Diff line change
`@@ -45,7 +45,6 @@ type UpStream struct {`
`45`	`45`	`type ProxyConfig struct {`
`46`	`46`	ProxyManager *ProxyManager `json:"proxy_manager"`
`47`	`47`	ProxyName string `json:"proxy_name"`
`48`		- Auth *Auth `json:"auth"`
`49`	`48`	Coordinators map[string]*UpStream `json:"coondiators"`
`50`	`49`	`}`
`51`	`50`
Original file line number	Diff line number	Diff line change
`@@ -40,7 +40,7 @@ func (s *SimpleDeduplicator) InsertChallenge(ctx context.Context, challengeStrin`
`40`	`40`	`}`
`41`	`41`
`42`	`42`	`// NewLoginLogicWithSimpleDEduplicator new a LoginLogic, do not use db to deduplicate challege`
`43`		`-func NewLoginLogicWithSimpleDEduplicator(vcfg config.VerifierConfig, vf verifier.Verifier) *LoginLogic {`
	`43`	`+func NewLoginLogicWithSimpleDeduplicator(vcfg config.VerifierConfig, vf verifier.Verifier) *LoginLogic {`
`44`	`44`	`return newLoginLogic(&SimpleDeduplicator{}, vcfg, vf)`
`45`	`45`	`}`
`46`	`46`