From ae39636cd2a08a053e8f888c2361c023a448c806 Mon Sep 17 00:00:00 2001 From: Bryan Stitt Date: Sun, 20 Nov 2022 14:37:12 -0800 Subject: [PATCH] fix some error status codes --- web3_proxy/src/frontend/rpc_proxy_ws.rs | 24 +++++++++++++++++------- 1 file changed, 17 insertions(+), 7 deletions(-) diff --git a/web3_proxy/src/frontend/rpc_proxy_ws.rs b/web3_proxy/src/frontend/rpc_proxy_ws.rs index 46423842..3d60c89f 100644 --- a/web3_proxy/src/frontend/rpc_proxy_ws.rs +++ b/web3_proxy/src/frontend/rpc_proxy_ws.rs @@ -72,7 +72,6 @@ pub async fn websocket_handler( /// Rate limit and billing based on the api key in the url. /// Can optionally authorized based on origin, referer, or user agent. #[debug_handler] - pub async fn websocket_handler_with_key( Extension(app): Extension>, ClientIp(ip): ClientIp, @@ -94,6 +93,9 @@ pub async fn websocket_handler_with_key( ) .await?; + // TODO: turn this logging down! + info!("websocket_handler_with_key {:?}", authorization); + let authorization = Arc::new(authorization); match ws_upgrade { @@ -102,15 +104,19 @@ pub async fn websocket_handler_with_key( } None => { // if no websocket upgrade, this is probably a user loading the url with their browser + + // TODO: rate limit here? key_is_authorized might be enough + match ( &app.config.redirect_public_url, &app.config.redirect_rpc_key_url, authorization.checks.rpc_key_id, ) { - (None, None, _) => Err(anyhow::anyhow!( - "redirect_rpc_key_url not set. only websockets work here" - ) - .into()), + (None, None, _) => Err(FrontendErrorResponse::StatusCode( + StatusCode::BAD_REQUEST, + "this page is for rpcs".to_string(), + None, + )), (Some(redirect_public_url), _, None) => { Ok(Redirect::to(redirect_public_url).into_response()) } @@ -118,8 +124,12 @@ pub async fn websocket_handler_with_key( let reg = Handlebars::new(); if authorization.checks.rpc_key_id.is_none() { - // TODO: i think this is impossible - Err(anyhow::anyhow!("only authenticated websockets work here").into()) + // i don't think this is possible + Err(FrontendErrorResponse::StatusCode( + StatusCode::UNAUTHORIZED, + "AUTHORIZATION header required".to_string(), + None, + )) } else { let redirect_rpc_key_url = reg .render_template(