web3-proxy/web3_proxy/src/frontend/rpc_proxy_http.rs

//! Take a user's HTTP JSON-RPC requests and either respond from local data or proxy the request to a backend rpc server.

use super::authorization::{ip_is_authorized, key_is_authorized};
use super::errors::FrontendResult;
use crate::{app::Web3ProxyApp, jsonrpc::JsonRpcRequestEnum};
use axum::extract::Path;
use axum::headers::{Origin, Referer, UserAgent};
use axum::TypedHeader;
use axum::{response::IntoResponse, Extension, Json};
use axum_client_ip::ClientIp;
use axum_macros::debug_handler;
use itertools::Itertools;
use std::sync::Arc;

/// POST /rpc -- Public entrypoint for HTTP JSON-RPC requests. Web3 wallets use this.
/// Defaults to rate limiting by IP address, but can also read the Authorization header for a bearer token.
/// If possible, please use a WebSocket instead.
#[debug_handler]
pub async fn proxy_web3_rpc(
    Extension(app): Extension<Arc<Web3ProxyApp>>,
    ClientIp(ip): ClientIp,
    origin: Option<TypedHeader<Origin>>,
    Json(payload): Json<JsonRpcRequestEnum>,
) -> FrontendResult {
    // TODO: do we care about keeping the TypedHeader wrapper?
    let origin = origin.map(|x| x.0);

    // TODO: move ip_is_authorized/key_is_authorized into proxy_web3_rpc
    let f = tokio::spawn(async move {
        let (authorization, _semaphore) = ip_is_authorized(&app, ip, origin).await?;

        let authorization = Arc::new(authorization);

        app.proxy_web3_rpc(authorization, payload).await
    });

    let (response, rpcs) = f.await??;

    let mut response = Json(&response).into_response();

    let headers = response.headers_mut();

    // TODO: special string if no rpcs were used (cache hit)?
    let rpcs: String = rpcs.into_iter().map(|x| x.name.clone()).join(",");

    headers.insert(
        "W3P-RPCs",
        rpcs.parse().expect("W3P-RPCS should always parse"),
    );

    Ok(response)
}

/// Authenticated entrypoint for HTTP JSON-RPC requests. Web3 wallets use this.
/// Rate limit and billing based on the api key in the url.
/// Can optionally authorized based on origin, referer, or user agent.
/// If possible, please use a WebSocket instead.
#[debug_handler]
pub async fn proxy_web3_rpc_with_key(
    Extension(app): Extension<Arc<Web3ProxyApp>>,
    ClientIp(ip): ClientIp,
    origin: Option<TypedHeader<Origin>>,
    referer: Option<TypedHeader<Referer>>,
    user_agent: Option<TypedHeader<UserAgent>>,
    Path(rpc_key): Path<String>,
    Json(payload): Json<JsonRpcRequestEnum>,
) -> FrontendResult {
    let rpc_key = rpc_key.parse()?;

    // keep the semaphore until the end of the response
    let (authorization, _semaphore) = key_is_authorized(
        &app,
        rpc_key,
        ip,
        origin.map(|x| x.0),
        referer.map(|x| x.0),
        user_agent.map(|x| x.0),
    )
    .await?;

    let authorization = Arc::new(authorization);

    // the request can take a while, so we spawn so that we can start serving another request
    // TODO: spawn even earlier?
    let f = tokio::spawn(async move { app.proxy_web3_rpc(authorization, payload).await });

    // if this is an error, we are likely shutting down
    let response = f.await??;

    Ok(Json(&response).into_response())
}
more docs 2022-10-18 00:47:58 +03:00			`//! Take a user's HTTP JSON-RPC requests and either respond from local data or proxy the request to a backend rpc server.`

remove unused variables 2022-10-20 23:26:14 +03:00			`use super::authorization::{ip_is_authorized, key_is_authorized};`
delete unused code after the rate limit refactor 2022-08-21 12:44:53 +03:00			`use super::errors::FrontendResult;`
error refactor for user endpoints 2022-08-16 22:29:00 +03:00			`use crate::{app::Web3ProxyApp, jsonrpc::JsonRpcRequestEnum};`
create a struct for authenticated requests that we need for per-key stats 2022-09-22 22:57:21 +03:00			`use axum::extract::Path;`
remove unused variables 2022-10-20 23:26:14 +03:00			`use axum::headers::{Origin, Referer, UserAgent};`
better metrics and spawn 2022-09-09 00:01:36 +03:00			`use axum::TypedHeader;`
dry cache code 2022-09-07 06:54:16 +03:00			`use axum::{response::IntoResponse, Extension, Json};`
connection pooling 2022-07-07 06:22:09 +03:00			`use axum_client_ip::ClientIp;`
more debug and placeholders 2022-10-20 01:26:33 +03:00			`use axum_macros::debug_handler;`
add backend nodes to the rpc response headers only do this in dev? 2022-12-20 08:37:12 +03:00			`use itertools::Itertools;`
split frontend code up 2022-06-05 22:58:47 +03:00			`use std::sync::Arc;`

more docs 2022-10-18 00:47:58 +03:00			`/// POST /rpc -- Public entrypoint for HTTP JSON-RPC requests. Web3 wallets use this.`
			`/// Defaults to rate limiting by IP address, but can also read the Authorization header for a bearer token.`
			`/// If possible, please use a WebSocket instead.`
more debug and placeholders 2022-10-20 01:26:33 +03:00			`#[debug_handler]`
check for bearer token on /rpc 2022-09-24 07:31:06 +03:00			`pub async fn proxy_web3_rpc(`
connection pooling 2022-07-07 06:22:09 +03:00			`Extension(app): Extension<Arc<Web3ProxyApp>>,`
			`ClientIp(ip): ClientIp,`
allow origins on public entrypoints 2022-10-21 23:59:05 +03:00			`origin: Option<TypedHeader<Origin>>,`
better metrics and spawn 2022-09-09 00:01:36 +03:00			`Json(payload): Json<JsonRpcRequestEnum>,`
dry rate_limit_by_x 2022-08-21 12:39:38 +03:00			`) -> FrontendResult {`
simplify authorization types so we can pass them deeper easily 2022-11-08 22:58:11 +03:00			`// TODO: do we care about keeping the TypedHeader wrapper?`
			`let origin = origin.map(\|x\| x.0);`

add backend nodes to the rpc response headers only do this in dev? 2022-12-20 08:37:12 +03:00			`// TODO: move ip_is_authorized/key_is_authorized into proxy_web3_rpc`
			`let f = tokio::spawn(async move {`
			`let (authorization, _semaphore) = ip_is_authorized(&app, ip, origin).await?;`
pass authorized_request through a bunch of places 2022-09-22 23:27:14 +03:00
add backend nodes to the rpc response headers only do this in dev? 2022-12-20 08:37:12 +03:00			`let authorization = Arc::new(authorization);`
pass authorized_request through a bunch of places 2022-09-22 23:27:14 +03:00
add backend nodes to the rpc response headers only do this in dev? 2022-12-20 08:37:12 +03:00			`app.proxy_web3_rpc(authorization, payload).await`
			`});`
tower-request-id 2022-08-16 03:33:26 +03:00
add backend nodes to the rpc response headers only do this in dev? 2022-12-20 08:37:12 +03:00			`let (response, rpcs) = f.await??;`
dry rate_limit_by_x 2022-08-21 12:39:38 +03:00
add backend nodes to the rpc response headers only do this in dev? 2022-12-20 08:37:12 +03:00			`let mut response = Json(&response).into_response();`

			`let headers = response.headers_mut();`

			`// TODO: special string if no rpcs were used (cache hit)?`
			`let rpcs: String = rpcs.into_iter().map(\|x\| x.name.clone()).join(",");`

			`headers.insert(`
			`"W3P-RPCs",`
			`rpcs.parse().expect("W3P-RPCS should always parse"),`
			`);`

			`Ok(response)`
rate limiting on user key 2022-08-04 04:10:27 +03:00			`}`
connection pooling 2022-07-07 06:22:09 +03:00
more docs 2022-10-18 00:47:58 +03:00			`/// Authenticated entrypoint for HTTP JSON-RPC requests. Web3 wallets use this.`
			`/// Rate limit and billing based on the api key in the url.`
			`/// Can optionally authorized based on origin, referer, or user agent.`
			`/// If possible, please use a WebSocket instead.`
more debug and placeholders 2022-10-20 01:26:33 +03:00			`#[debug_handler]`
check for bearer token on /rpc 2022-09-24 07:31:06 +03:00			`pub async fn proxy_web3_rpc_with_key(`
rate limiting on user key 2022-08-04 04:10:27 +03:00			`Extension(app): Extension<Arc<Web3ProxyApp>>,`
wip 2022-09-22 02:50:55 +03:00			`ClientIp(ip): ClientIp,`
ip, origin, referer, and user agent checks 2022-09-23 08:22:33 +03:00			`origin: Option<TypedHeader<Origin>>,`
wip 2022-09-22 02:50:55 +03:00			`referer: Option<TypedHeader<Referer>>,`
better metrics and spawn 2022-09-09 00:01:36 +03:00			`user_agent: Option<TypedHeader<UserAgent>>,`
rename api_key to rpc_key 2022-10-27 03:12:42 +03:00			`Path(rpc_key): Path<String>,`
move pending logins to the database 2022-12-14 05:13:23 +03:00			`Json(payload): Json<JsonRpcRequestEnum>,`
dry rate_limit_by_x 2022-08-21 12:39:38 +03:00			`) -> FrontendResult {`
rename api_key to rpc_key 2022-10-27 03:12:42 +03:00			`let rpc_key = rpc_key.parse()?;`
ULID or UUID. Prefer ULID 2022-09-24 08:53:45 +03:00
simplify authorization types so we can pass them deeper easily 2022-11-08 22:58:11 +03:00			`// keep the semaphore until the end of the response`
			`let (authorization, _semaphore) = key_is_authorized(`
create a struct for authenticated requests that we need for per-key stats 2022-09-22 22:57:21 +03:00			`&app,`
rename api_key to rpc_key 2022-10-27 03:12:42 +03:00			`rpc_key,`
create a struct for authenticated requests that we need for per-key stats 2022-09-22 22:57:21 +03:00			`ip,`
ip, origin, referer, and user agent checks 2022-09-23 08:22:33 +03:00			`origin.map(\|x\| x.0),`
create a struct for authenticated requests that we need for per-key stats 2022-09-22 22:57:21 +03:00			`referer.map(\|x\| x.0),`
			`user_agent.map(\|x\| x.0),`
			`)`
			`.await?;`

simplify authorization types so we can pass them deeper easily 2022-11-08 22:58:11 +03:00			`let authorization = Arc::new(authorization);`
pass authorized_request through a bunch of places 2022-09-22 23:27:14 +03:00
more docs 2022-10-18 00:47:58 +03:00			`// the request can take a while, so we spawn so that we can start serving another request`
			`// TODO: spawn even earlier?`
move pending logins to the database 2022-12-14 05:13:23 +03:00			`let f = tokio::spawn(async move { app.proxy_web3_rpc(authorization, payload).await });`
instrument with spans and allow skipping jsonrpc 2022-08-16 07:56:01 +03:00
better stats aggregations 2022-11-03 02:14:16 +03:00			`// if this is an error, we are likely shutting down`
			`let response = f.await??;`
dry rate_limit_by_x 2022-08-21 12:39:38 +03:00
dry cache code 2022-09-07 06:54:16 +03:00			`Ok(Json(&response).into_response())`
split frontend code up 2022-06-05 22:58:47 +03:00			`}`