Merge pull request #9245

8e80585 functional_tests: test HTTP digest auth (jeffro256)

tests/functional_tests/functional_tests_rpc.py

@@ -12,8 +12,8 @@ import os
 USAGE = 'usage: functional_tests_rpc.py <python> <srcdir> <builddir> [<tests-to-run> | all]'
 DEFAULT_TESTS = [
   'address_book', 'bans', 'blockchain', 'cold_signing', 'daemon_info', 'get_output_distribution',
-  'integrated_address', 'k_anonymity', 'mining', 'multisig', 'p2p', 'proofs', 'rpc_payment',
-  'sign_message', 'transfer', 'txpool', 'uri', 'validate_address', 'wallet'
+  'http_digest_auth', 'integrated_address', 'k_anonymity', 'mining', 'multisig', 'p2p', 'proofs',
+  'rpc_payment', 'sign_message', 'transfer', 'txpool', 'uri', 'validate_address', 'wallet'
 ]
 try:
   python = sys.argv[1]
@@ -41,12 +41,12 @@ except:
 # a main offline monerod, does most of the tests
 # a restricted RPC monerod setup with RPC payment
 # two local online monerods connected to each other
-N_MONERODS = 4
+N_MONERODS = 5
 
 # 4 wallets connected to the main offline monerod
 # 1 wallet connected to the first local online monerod
 # 1 offline wallet
-N_WALLETS = 6
+N_WALLETS = 7
 
 WALLET_DIRECTORY = builddir + "/functional-tests-directory"
 FUNCTIONAL_TESTS_DIRECTORY = builddir + "/tests/functional_tests"
@@ -58,15 +58,17 @@ monerod_extra = [
   ["--rpc-payment-address", "44SKxxLQw929wRF6BA9paQ1EWFshNnKhXM3qz6Mo3JGDE2YG3xyzVutMStEicxbQGRfrYvAAYxH6Fe8rnD56EaNwUiqhcwR", "--rpc-payment-difficulty", str(DIFFICULTY), "--rpc-payment-credits", "5000", "--offline"],
   ["--add-exclusive-node", "127.0.0.1:18283"],
   ["--add-exclusive-node", "127.0.0.1:18282"],
+  ["--rpc-login", "md5_lover:Z1ON0101", "--offline"],
 ]
-wallet_base = [builddir + "/bin/monero-wallet-rpc", "--wallet-dir", WALLET_DIRECTORY, "--rpc-bind-port", "wallet_port", "--disable-rpc-login", "--rpc-ssl", "disabled", "--daemon-ssl", "disabled", "--log-level", "1", "--allow-mismatched-daemon-version"]
+wallet_base = [builddir + "/bin/monero-wallet-rpc", "--wallet-dir", WALLET_DIRECTORY, "--rpc-bind-port", "wallet_port", "--rpc-ssl", "disabled", "--daemon-ssl", "disabled", "--log-level", "1", "--allow-mismatched-daemon-version"]
 wallet_extra = [
-  ["--daemon-port", "18180"],
-  ["--daemon-port", "18180"],
-  ["--daemon-port", "18180"],
-  ["--daemon-port", "18180"],
-  ["--daemon-port", "18182"],
-  ["--offline"],
+  ["--daemon-port", "18180", "--disable-rpc-login"],
+  ["--daemon-port", "18180", "--disable-rpc-login"],
+  ["--daemon-port", "18180", "--disable-rpc-login"],
+  ["--daemon-port", "18180", "--disable-rpc-login"],
+  ["--daemon-port", "18182", "--disable-rpc-login"],
+  ["--offline", "--disable-rpc-login"],
+  ["--daemon-port", "18184", "--daemon-login", "md5_lover:Z1ON0101", "--rpc-login", "kyle:reveille"],
 ]
 
 command_lines = []

tests/functional_tests/http_digest_auth.py

@@ -0,0 +1,110 @@
+#!/usr/bin/env python3
+
+# Copyright (c) 2024, The Monero Project
+# 
+# All rights reserved.
+# 
+# Redistribution and use in source and binary forms, with or without modification, are
+# permitted provided that the following conditions are met:
+# 
+# 1. Redistributions of source code must retain the above copyright notice, this list of
+#    conditions and the following disclaimer.
+# 
+# 2. Redistributions in binary form must reproduce the above copyright notice, this list
+#    of conditions and the following disclaimer in the documentation and/or other
+#    materials provided with the distribution.
+# 
+# 3. Neither the name of the copyright holder nor the names of its contributors may be
+#    used to endorse or promote products derived from this software without specific
+#    prior written permission.
+# 
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+# EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
+# THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
+# THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+from framework.daemon import Daemon
+from framework.wallet import Wallet
+
+import time
+
+
+DAEMON_IDX = 4
+DAEMON_USER = "md5_lover"
+DAEMON_PASS = "Z1ON0101"
+WALLET_IDX = 6
+WALLET_USER = "kyle"
+WALLET_PASS = "reveille"
+WALLET_SEED = "velvet lymph giddy number token physics poetry unquoted nibs useful sabotage limits \
+               benches lifestyle eden nitrogen anvil fewest avoid batch vials washing fences goat unquoted"
+
+class HttpDigestAuthTest():
+    def run_test(self):
+        self.test_daemon_login_required()
+        self.test_wallet_login_required()
+
+        self.make_daemon_conn()
+        self.create_wallet()
+
+        self.mine_through_wallet()
+
+    def test_daemon_login_required(self):
+        print('Attempting to connect to daemon loginless with RPC digest authentication required...')
+        bad_daemon = Daemon(idx = DAEMON_IDX)
+        try:
+            res = bad_daemon.get_height()
+            assert(False)
+        except:
+            pass
+    
+    def test_wallet_login_required(self):
+        print('Attempting to connect to wallet server loginless with RPC digest authentication required...')
+        bad_wallet = Wallet(idx = WALLET_IDX)
+        try:
+            res = bad_wallet.get_balance()
+            assert(False)
+        except:
+            pass
+
+    def make_daemon_conn(self):
+        print('Connecting to daemon with RPC digest authentication required...')
+        self.daemon = Daemon(idx = DAEMON_IDX, username = DAEMON_USER, password = DAEMON_PASS)
+        res = self.daemon.get_height()
+        self.daemon.pop_blocks(res.height - 1)
+        self.daemon.flush_txpool()
+
+    def create_wallet(self):
+        print('Connecting to wallet server with RPC digest authentication required...')
+        self.wallet = Wallet(idx = WALLET_IDX, username = WALLET_USER, password = WALLET_PASS)
+        # close the wallet if any, will throw if none is loaded
+        try: self.wallet.close_wallet()
+        except: pass
+        res = self.wallet.restore_deterministic_wallet(seed = WALLET_SEED)
+
+    def mine_through_wallet(self):
+        print('Telling login-required daemon to start mining through login-required wallet server...')
+        start_height = self.daemon.get_height().height
+        self.wallet.start_mining(2)
+
+        print("Waiting a few seconds for mining to occur...")
+        for tries in range(20):
+            time.sleep(1)
+
+            stop_height = self.daemon.get_height().height
+            if stop_height > start_height:
+                break
+
+        print('Telling login-required daemon to stop mining through login-required wallet server...')
+        self.wallet.stop_mining()
+
+        num_blocks_mined = stop_height - start_height
+        assert num_blocks_mined > 0
+        print('Mined {} blocks!'.format(num_blocks_mined))
+
+if __name__ == '__main__':
+    HttpDigestAuthTest().run_test()

utils/python-rpc/framework/daemon.py

@@ -33,11 +33,12 @@ from .rpc import JSONRPC
 
 class Daemon(object):
 
-    def __init__(self, protocol='http', host='127.0.0.1', port=0, idx=0, restricted_rpc = False):
+    def __init__(self, protocol='http', host='127.0.0.1', port=0, idx=0, restricted_rpc = False, username=None, password=None):
         base = 18480 if restricted_rpc else 18180
         self.host = host
         self.port = port
-        self.rpc = JSONRPC('{protocol}://{host}:{port}'.format(protocol=protocol, host=host, port=port if port else base+idx))
+        self.rpc = JSONRPC('{protocol}://{host}:{port}'.format(protocol=protocol, host=host, port=port if port else base+idx),
+            username, password)
 
     def getblocktemplate(self, address, prev_block = "", client = ""):
         getblocktemplate = {

utils/python-rpc/framework/rpc.py

@@ -28,6 +28,7 @@
 # THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
 import requests
+from requests.auth import HTTPDigestAuth
 import json
 
 class Response(dict):
@@ -60,14 +61,17 @@ class Response(dict):
         return True
 
 class JSONRPC(object):
-    def __init__(self, url):
+    def __init__(self, url, username=None, password=None):
         self.url = url
+        self.username = username
+        self.password = password
 
     def send_request(self, path, inputs, result_field = None):
         res = requests.post(
             self.url + path,
             data=json.dumps(inputs),
-            headers={'content-type': 'application/json'})
+            headers={'content-type': 'application/json'},
+            auth=HTTPDigestAuth(self.username, self.password) if self.username is not None else None)
         res = res.json()
         
         assert 'error' not in res, res

utils/python-rpc/framework/wallet.py

@@ -33,10 +33,11 @@ from .rpc import JSONRPC
 
 class Wallet(object):
 
-    def __init__(self, protocol='http', host='127.0.0.1', port=0, idx=0):
+    def __init__(self, protocol='http', host='127.0.0.1', port=0, idx=0, username=None, password=None):
         self.host = host
         self.port = port
-        self.rpc = JSONRPC('{protocol}://{host}:{port}'.format(protocol=protocol, host=host, port=port if port else 18090+idx))
+        self.rpc = JSONRPC('{protocol}://{host}:{port}'.format(protocol=protocol, host=host,
+            port=port if port else 18090+idx), username, password)
 
     def transfer(self, destinations, account_index = 0, subaddr_indices = [], priority = 0, ring_size = 0, unlock_time = 0, payment_id = '', get_tx_key = True, do_not_relay = False, get_tx_hex = False, get_tx_metadata = False, subtract_fee_from_outputs = []):
         transfer = {