github.com/n1ghtfa1l/go-vnt@v0.6.4-alpha.6/cmd/faucet/faucet.go (about) 1 // Copyright 2017 The go-ethereum Authors 2 // This file is part of go-ethereum. 3 // 4 // go-ethereum is free software: you can redistribute it and/or modify 5 // it under the terms of the GNU General Public License as published by 6 // the Free Software Foundation, either version 3 of the License, or 7 // (at your option) any later version. 8 // 9 // go-ethereum is distributed in the hope that it will be useful, 10 // but WITHOUT ANY WARRANTY; without even the implied warranty of 11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 // GNU General Public License for more details. 13 // 14 // You should have received a copy of the GNU General Public License 15 // along with go-ethereum. If not, see <http://www.gnu.org/licenses/>. 16 17 // faucet is a Vnt faucet backed by a light client. 18 package main 19 20 //go:generate go-bindata -nometadata -o website.go faucet.html 21 //go:generate gofmt -w -s website.go 22 23 import ( 24 "bytes" 25 "context" 26 "encoding/json" 27 "errors" 28 "flag" 29 "fmt" 30 "html/template" 31 "io/ioutil" 32 "math" 33 "math/big" 34 "net/http" 35 "net/url" 36 "os" 37 "path/filepath" 38 "regexp" 39 "strconv" 40 "strings" 41 "sync" 42 "time" 43 44 libp2p "github.com/libp2p/go-libp2p" 45 "github.com/vntchain/go-vnt/accounts" 46 "github.com/vntchain/go-vnt/accounts/keystore" 47 "github.com/vntchain/go-vnt/common" 48 "github.com/vntchain/go-vnt/core" 49 "github.com/vntchain/go-vnt/core/types" 50 "github.com/vntchain/go-vnt/les" 51 "github.com/vntchain/go-vnt/log" 52 "github.com/vntchain/go-vnt/node" 53 "github.com/vntchain/go-vnt/params" 54 "github.com/vntchain/go-vnt/vnt" 55 "github.com/vntchain/go-vnt/vnt/downloader" 56 "github.com/vntchain/go-vnt/vntclient" 57 "github.com/vntchain/go-vnt/vntp2p" 58 "github.com/vntchain/go-vnt/vntstats" 59 "golang.org/x/net/websocket" 60 ) 61 62 var ( 63 genesisFlag = flag.String("genesis", "", "Genesis json file to seed the chain with") 64 apiPortFlag = flag.Int("apiport", 8080, "Listener port for the HTTP API connection") 65 vntPortFlag = flag.Int("vntport", 30303, "Listener port for the devp2p connection") 66 bootFlag = flag.String("bootnodes", "", "Comma separated bootnode vnode URLs to seed with") 67 netFlag = flag.Uint64("network", 0, "Network ID to use for the VNT protocol") 68 statsFlag = flag.String("vntstats", "", "Vntstats network monitoring auth string") 69 70 netnameFlag = flag.String("faucet.name", "", "Network name to assign to the faucet") 71 payoutFlag = flag.Int("faucet.amount", 1, "Number of vnts to pay out per user request") 72 minutesFlag = flag.Int("faucet.minutes", 1440, "Number of minutes to wait between funding rounds") 73 tiersFlag = flag.Int("faucet.tiers", 3, "Number of funding tiers to enable (x3 time, x2.5 funds)") 74 75 accJSONFlag = flag.String("account.json", "", "Key json file to fund user requests with") 76 accPassFlag = flag.String("account.pass", "", "Decryption password to access faucet funds") 77 78 githubUser = flag.String("github.user", "", "GitHub user to authenticate with for Gist access") 79 githubToken = flag.String("github.token", "", "GitHub personal token to access Gists with") 80 81 captchaToken = flag.String("captcha.token", "", "Recaptcha site key to authenticate client side") 82 captchaSecret = flag.String("captcha.secret", "", "Recaptcha secret key to authenticate server side") 83 84 noauthFlag = flag.Bool("noauth", false, "Enables funding requests without authentication") 85 logFlag = flag.Int("loglevel", 3, "Log level to use for VNT and the faucet") 86 ) 87 88 var ( 89 vntUnit = new(big.Int).Exp(big.NewInt(10), big.NewInt(18), nil) 90 ) 91 92 func main() { 93 // Parse the flags and set up the logger to print everything requested 94 flag.Parse() 95 log.Root().SetHandler(log.LvlFilterHandler(log.Lvl(*logFlag), log.StreamHandler(os.Stderr, log.TerminalFormat(true)))) 96 97 rctx, cancel := context.WithCancel(context.Background()) 98 defer cancel() 99 // Construct the payout tiers 100 amounts := make([]string, *tiersFlag) 101 periods := make([]string, *tiersFlag) 102 for i := 0; i < *tiersFlag; i++ { 103 // Calculate the amount for the next tier and format it 104 amount := float64(*payoutFlag) * math.Pow(2.5, float64(i)) 105 amounts[i] = fmt.Sprintf("%s Vnts", strconv.FormatFloat(amount, 'f', -1, 64)) 106 if amount == 1 { 107 amounts[i] = strings.TrimSuffix(amounts[i], "s") 108 } 109 // Calculate the period for the next tier and format it 110 period := *minutesFlag * int(math.Pow(3, float64(i))) 111 periods[i] = fmt.Sprintf("%d mins", period) 112 if period%60 == 0 { 113 period /= 60 114 periods[i] = fmt.Sprintf("%d hours", period) 115 116 if period%24 == 0 { 117 period /= 24 118 periods[i] = fmt.Sprintf("%d days", period) 119 } 120 } 121 if period == 1 { 122 periods[i] = strings.TrimSuffix(periods[i], "s") 123 } 124 } 125 // Load up and render the faucet website 126 tmpl, err := Asset("faucet.html") 127 if err != nil { 128 log.Crit("Failed to load the faucet template", "err", err) 129 } 130 website := new(bytes.Buffer) 131 err = template.Must(template.New("").Parse(string(tmpl))).Execute(website, map[string]interface{}{ 132 "Network": *netnameFlag, 133 "Amounts": amounts, 134 "Periods": periods, 135 "Recaptcha": *captchaToken, 136 "NoAuth": *noauthFlag, 137 }) 138 if err != nil { 139 log.Crit("Failed to render the faucet template", "err", err) 140 } 141 // Load and parse the genesis block requested by the user 142 blob, err := ioutil.ReadFile(*genesisFlag) 143 if err != nil { 144 log.Crit("Failed to read genesis block contents", "genesis", *genesisFlag, "err", err) 145 } 146 genesis := new(core.Genesis) 147 if err = json.Unmarshal(blob, genesis); err != nil { 148 log.Crit("Failed to parse genesis block json", "err", err) 149 } 150 151 var vnodes []*vntp2p.Node 152 153 for _, boot := range strings.Split(*bootFlag, ",") { 154 if vnode, err := vntp2p.ParseNode(boot); err == nil { 155 vnodes = append(vnodes, vnode) 156 } else { 157 log.Error("Failed to parse bootnode URL", "url", boot, "err", err) 158 } 159 } 160 161 // Load up the account key and decrypt its password 162 if blob, err = ioutil.ReadFile(*accPassFlag); err != nil { 163 log.Crit("Failed to read account password contents", "file", *accPassFlag, "err", err) 164 } 165 pass := string(blob) 166 167 ks := keystore.NewKeyStore(filepath.Join(os.Getenv("HOME"), ".faucet", "keys"), keystore.StandardScryptN, keystore.StandardScryptP) 168 if blob, err = ioutil.ReadFile(*accJSONFlag); err != nil { 169 log.Crit("Failed to read account key contents", "file", *accJSONFlag, "err", err) 170 } 171 acc, err := ks.Import(blob, pass, pass) 172 if err != nil { 173 log.Crit("Failed to import faucet signer account", "err", err) 174 } 175 ks.Unlock(acc, pass) 176 177 // Assemble and start the faucet light service 178 // faucet, err := newFaucet(genesis, *vntPortFlag, *netFlag, *statsFlag, ks, website.Bytes()) 179 faucet, err := newFaucet(rctx, genesis, *vntPortFlag, vnodes, *netFlag, *statsFlag, ks, website.Bytes()) 180 if err != nil { 181 log.Crit("Failed to start faucet", "err", err) 182 } 183 defer faucet.close() 184 185 if err := faucet.listenAndServe(*apiPortFlag); err != nil { 186 log.Crit("Failed to launch faucet API", "err", err) 187 } 188 } 189 190 // request represents an accepted funding request. 191 type request struct { 192 Avatar string `json:"avatar"` // Avatar URL to make the UI nicer 193 Account common.Address `json:"account"` // VNT address being funded 194 Time time.Time `json:"time"` // Timestamp when the request was accepted 195 Tx *types.Transaction `json:"tx"` // Transaction funding the account 196 } 197 198 // faucet represents a crypto faucet backed by an VNT light client. 199 type faucet struct { 200 config *params.ChainConfig // Chain configurations for signing 201 stack *node.Node // VNT protocol stack 202 client *vntclient.Client // Client connection to the VNT chain 203 index []byte // Index page to serve up on the web 204 205 keystore *keystore.KeyStore // Keystore containing the single signer 206 account accounts.Account // Account funding user faucet requests 207 nonce uint64 // Current pending nonce of the faucet 208 price *big.Int // Current gas price to issue funds with 209 210 conns []*websocket.Conn // Currently live websocket connections 211 timeouts map[string]time.Time // History of users and their funding timeouts 212 reqs []*request // Currently pending funding requests 213 update chan struct{} // Channel to signal request updates 214 215 lock sync.RWMutex // Lock protecting the faucet's internals 216 } 217 218 // func newFaucet(genesis *core.Genesis, port int, vnodes []*discv5.Node, network uint64, stats string, ks *keystore.KeyStore, index []byte) (*faucet, error) { 219 func newFaucet(rctx context.Context, genesis *core.Genesis, port int, vnodes []*vntp2p.Node, network uint64, stats string, ks *keystore.KeyStore, index []byte) (*faucet, error) { 220 // Assemble the raw devp2p protocol stack 221 stack, err := node.New(&node.Config{ 222 Name: "gvnt", 223 Version: params.Version, 224 DataDir: filepath.Join(os.Getenv("HOME"), ".faucet"), 225 P2P: vntp2p.Config{ 226 // NAT: nat.Any(), 227 NAT: libp2p.NATPortMap(), 228 NoDiscovery: true, 229 // DiscoveryV5: true, 230 ListenAddr: fmt.Sprintf(":%d", port), 231 MaxPeers: 25, 232 BootstrapNodes: vnodes, 233 }, 234 }) 235 if err != nil { 236 return nil, err 237 } 238 // Assemble the VNT light client protocol 239 if err := stack.Register(func(ctx *node.ServiceContext) (node.Service, error) { 240 cfg := vnt.DefaultConfig 241 cfg.SyncMode = downloader.LightSync 242 cfg.NetworkId = network 243 cfg.Genesis = genesis 244 return les.New(ctx, &cfg) 245 }); err != nil { 246 return nil, err 247 } 248 // Assemble the vntstats monitoring and reporting service' 249 if stats != "" { 250 if err := stack.Register(func(ctx *node.ServiceContext) (node.Service, error) { 251 var serv *les.LightVnt 252 ctx.Service(&serv) 253 return vntstats.New(stats, nil, serv) 254 }); err != nil { 255 return nil, err 256 } 257 } 258 // Boot up the client and ensure it connects to bootnodes 259 if err := stack.Start(); err != nil { 260 return nil, err 261 } 262 263 for _, boot := range vnodes { 264 // old, _ := vntp2p.ParseNode(boot.String()) 265 stack.Server().AddPeer(rctx, boot) 266 } 267 // Attach to the client and retrieve and interesting metadatas 268 api, err := stack.Attach() 269 if err != nil { 270 stack.Stop() 271 return nil, err 272 } 273 client := vntclient.NewClient(api) 274 275 return &faucet{ 276 config: genesis.Config, 277 stack: stack, 278 client: client, 279 index: index, 280 keystore: ks, 281 account: ks.Accounts()[0], 282 timeouts: make(map[string]time.Time), 283 update: make(chan struct{}, 1), 284 }, nil 285 } 286 287 // close terminates the VNT connection and tears down the faucet. 288 func (f *faucet) close() error { 289 return f.stack.Stop() 290 } 291 292 // listenAndServe registers the HTTP handlers for the faucet and boots it up 293 // for service user funding requests. 294 func (f *faucet) listenAndServe(port int) error { 295 go f.loop() 296 297 http.HandleFunc("/", f.webHandler) 298 http.Handle("/api", websocket.Handler(f.apiHandler)) 299 300 return http.ListenAndServe(fmt.Sprintf(":%d", port), nil) 301 } 302 303 // webHandler handles all non-api requests, simply flattening and returning the 304 // faucet website. 305 func (f *faucet) webHandler(w http.ResponseWriter, r *http.Request) { 306 w.Write(f.index) 307 } 308 309 // apiHandler handles requests for Vnt grants and transaction statuses. 310 func (f *faucet) apiHandler(conn *websocket.Conn) { 311 // Start tracking the connection and drop at the end 312 defer conn.Close() 313 314 f.lock.Lock() 315 f.conns = append(f.conns, conn) 316 f.lock.Unlock() 317 318 defer func() { 319 f.lock.Lock() 320 for i, c := range f.conns { 321 if c == conn { 322 f.conns = append(f.conns[:i], f.conns[i+1:]...) 323 break 324 } 325 } 326 f.lock.Unlock() 327 }() 328 // Gather the initial stats from the network to report 329 var ( 330 head *types.Header 331 balance *big.Int 332 nonce uint64 333 err error 334 ) 335 for { 336 // Attempt to retrieve the stats, may error on no faucet connectivity 337 ctx, cancel := context.WithTimeout(context.Background(), 3*time.Second) 338 head, err = f.client.HeaderByNumber(ctx, nil) 339 if err == nil { 340 balance, err = f.client.BalanceAt(ctx, f.account.Address, head.Number) 341 if err == nil { 342 nonce, err = f.client.NonceAt(ctx, f.account.Address, nil) 343 } 344 } 345 cancel() 346 347 // If stats retrieval failed, wait a bit and retry 348 if err != nil { 349 if err = sendError(conn, errors.New("Faucet offline: "+err.Error())); err != nil { 350 log.Warn("Failed to send faucet error to client", "err", err) 351 return 352 } 353 time.Sleep(3 * time.Second) 354 continue 355 } 356 // Initial stats reported successfully, proceed with user interaction 357 break 358 } 359 // Send over the initial stats and the latest header 360 if err = send(conn, map[string]interface{}{ 361 "funds": balance.Div(balance, vntUnit), 362 "funded": nonce, 363 "peers": f.stack.Server().PeerCount(), 364 "requests": f.reqs, 365 }, 3*time.Second); err != nil { 366 log.Warn("Failed to send initial stats to client", "err", err) 367 return 368 } 369 if err = send(conn, head, 3*time.Second); err != nil { 370 log.Warn("Failed to send initial header to client", "err", err) 371 return 372 } 373 // Keep reading requests from the websocket until the connection breaks 374 for { 375 // Fetch the next funding request and validate against github 376 var msg struct { 377 URL string `json:"url"` 378 Tier uint `json:"tier"` 379 Captcha string `json:"captcha"` 380 } 381 if err = websocket.JSON.Receive(conn, &msg); err != nil { 382 return 383 } 384 if !*noauthFlag && !strings.HasPrefix(msg.URL, "https://gist.github.com/") && !strings.HasPrefix(msg.URL, "https://twitter.com/") && 385 !strings.HasPrefix(msg.URL, "https://plus.google.com/") && !strings.HasPrefix(msg.URL, "https://www.facebook.com/") { 386 if err = sendError(conn, errors.New("URL doesn't link to supported services")); err != nil { 387 log.Warn("Failed to send URL error to client", "err", err) 388 return 389 } 390 continue 391 } 392 if msg.Tier >= uint(*tiersFlag) { 393 if err = sendError(conn, errors.New("Invalid funding tier requested")); err != nil { 394 log.Warn("Failed to send tier error to client", "err", err) 395 return 396 } 397 continue 398 } 399 log.Info("Faucet funds requested", "url", msg.URL, "tier", msg.Tier) 400 401 // If captcha verifications are enabled, make sure we're not dealing with a robot 402 if *captchaToken != "" { 403 form := url.Values{} 404 form.Add("secret", *captchaSecret) 405 form.Add("response", msg.Captcha) 406 407 res, err := http.PostForm("https://www.google.com/recaptcha/api/siteverify", form) 408 if err != nil { 409 if err = sendError(conn, err); err != nil { 410 log.Warn("Failed to send captcha post error to client", "err", err) 411 return 412 } 413 continue 414 } 415 var result struct { 416 Success bool `json:"success"` 417 Errors json.RawMessage `json:"error-codes"` 418 } 419 err = json.NewDecoder(res.Body).Decode(&result) 420 res.Body.Close() 421 if err != nil { 422 if err = sendError(conn, err); err != nil { 423 log.Warn("Failed to send captcha decode error to client", "err", err) 424 return 425 } 426 continue 427 } 428 if !result.Success { 429 log.Warn("Captcha verification failed", "err", string(result.Errors)) 430 if err = sendError(conn, errors.New("Beep-bop, you're a robot!")); err != nil { 431 log.Warn("Failed to send captcha failure to client", "err", err) 432 return 433 } 434 continue 435 } 436 } 437 // Retrieve the VNT address to fund, the requesting user and a profile picture 438 var ( 439 username string 440 avatar string 441 address common.Address 442 ) 443 switch { 444 case strings.HasPrefix(msg.URL, "https://gist.github.com/"): 445 if err = sendError(conn, errors.New("GitHub authentication discontinued at the official request of GitHub")); err != nil { 446 log.Warn("Failed to send GitHub deprecation to client", "err", err) 447 return 448 } 449 continue 450 case strings.HasPrefix(msg.URL, "https://twitter.com/"): 451 username, avatar, address, err = authTwitter(msg.URL) 452 case strings.HasPrefix(msg.URL, "https://plus.google.com/"): 453 username, avatar, address, err = authGooglePlus(msg.URL) 454 case strings.HasPrefix(msg.URL, "https://www.facebook.com/"): 455 username, avatar, address, err = authFacebook(msg.URL) 456 case *noauthFlag: 457 username, avatar, address, err = authNoAuth(msg.URL) 458 default: 459 err = errors.New("Something funky happened, please open an issue at https://github.com/vntchain/go-vnt/issues") 460 } 461 if err != nil { 462 if err = sendError(conn, err); err != nil { 463 log.Warn("Failed to send prefix error to client", "err", err) 464 return 465 } 466 continue 467 } 468 log.Info("Faucet request valid", "url", msg.URL, "tier", msg.Tier, "user", username, "address", address) 469 470 // Ensure the user didn't request funds too recently 471 f.lock.Lock() 472 var ( 473 fund bool 474 timeout time.Time 475 ) 476 if timeout = f.timeouts[username]; time.Now().After(timeout) { 477 // User wasn't funded recently, create the funding transaction 478 amount := new(big.Int).Mul(big.NewInt(int64(*payoutFlag)), vntUnit) 479 amount = new(big.Int).Mul(amount, new(big.Int).Exp(big.NewInt(5), big.NewInt(int64(msg.Tier)), nil)) 480 amount = new(big.Int).Div(amount, new(big.Int).Exp(big.NewInt(2), big.NewInt(int64(msg.Tier)), nil)) 481 482 tx := types.NewTransaction(f.nonce+uint64(len(f.reqs)), address, amount, 21000, f.price, nil) 483 signed, err := f.keystore.SignTx(f.account, tx, f.config.ChainID) 484 if err != nil { 485 f.lock.Unlock() 486 if err = sendError(conn, err); err != nil { 487 log.Warn("Failed to send transaction creation error to client", "err", err) 488 return 489 } 490 continue 491 } 492 // Submit the transaction and mark as funded if successful 493 if err := f.client.SendTransaction(context.Background(), signed); err != nil { 494 f.lock.Unlock() 495 if err = sendError(conn, err); err != nil { 496 log.Warn("Failed to send transaction transmission error to client", "err", err) 497 return 498 } 499 continue 500 } 501 f.reqs = append(f.reqs, &request{ 502 Avatar: avatar, 503 Account: address, 504 Time: time.Now(), 505 Tx: signed, 506 }) 507 f.timeouts[username] = time.Now().Add(time.Duration(*minutesFlag*int(math.Pow(3, float64(msg.Tier)))) * time.Minute) 508 fund = true 509 } 510 f.lock.Unlock() 511 512 // Send an error if too frequent funding, othewise a success 513 if !fund { 514 if err = sendError(conn, fmt.Errorf("%s left until next allowance", common.PrettyDuration(timeout.Sub(time.Now())))); err != nil { // nolint: gosimple 515 log.Warn("Failed to send funding error to client", "err", err) 516 return 517 } 518 continue 519 } 520 if err = sendSuccess(conn, fmt.Sprintf("Funding request accepted for %s into %s", username, address.Hex())); err != nil { 521 log.Warn("Failed to send funding success to client", "err", err) 522 return 523 } 524 select { 525 case f.update <- struct{}{}: 526 default: 527 } 528 } 529 } 530 531 // loop keeps waiting for interesting events and pushes them out to connected 532 // websockets. 533 func (f *faucet) loop() { 534 // Wait for chain events and push them to clients 535 heads := make(chan *types.Header, 16) 536 sub, err := f.client.SubscribeNewHead(context.Background(), heads) 537 if err != nil { 538 log.Crit("Failed to subscribe to head events", "err", err) 539 } 540 defer sub.Unsubscribe() 541 542 // Start a goroutine to update the state from head notifications in the background 543 update := make(chan *types.Header) 544 545 go func() { 546 for head := range update { 547 // New chain head arrived, query the current stats and stream to clients 548 var ( 549 balance *big.Int 550 nonce uint64 551 price *big.Int 552 err error 553 ) 554 ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second) 555 balance, err = f.client.BalanceAt(ctx, f.account.Address, head.Number) 556 if err == nil { 557 nonce, err = f.client.NonceAt(ctx, f.account.Address, nil) 558 if err == nil { 559 price, err = f.client.SuggestGasPrice(ctx) 560 } 561 } 562 cancel() 563 564 // If querying the data failed, try for the next block 565 if err != nil { 566 log.Warn("Failed to update faucet state", "block", head.Number, "hash", head.Hash(), "err", err) 567 continue 568 } else { 569 log.Info("Updated faucet state", "block", head.Number, "hash", head.Hash(), "balance", balance, "nonce", nonce, "price", price) 570 } 571 // Faucet state retrieved, update locally and send to clients 572 balance = new(big.Int).Div(balance, vntUnit) 573 574 f.lock.Lock() 575 f.price, f.nonce = price, nonce 576 for len(f.reqs) > 0 && f.reqs[0].Tx.Nonce() < f.nonce { 577 f.reqs = f.reqs[1:] 578 } 579 f.lock.Unlock() 580 581 f.lock.RLock() 582 for _, conn := range f.conns { 583 if err := send(conn, map[string]interface{}{ 584 "funds": balance, 585 "funded": f.nonce, 586 "peers": f.stack.Server().PeerCount(), 587 "requests": f.reqs, 588 }, time.Second); err != nil { 589 log.Warn("Failed to send stats to client", "err", err) 590 conn.Close() 591 continue 592 } 593 if err := send(conn, head, time.Second); err != nil { 594 log.Warn("Failed to send header to client", "err", err) 595 conn.Close() 596 } 597 } 598 f.lock.RUnlock() 599 } 600 }() 601 // Wait for various events and assing to the appropriate background threads 602 for { 603 select { 604 case head := <-heads: 605 // New head arrived, send if for state update if there's none running 606 select { 607 case update <- head: 608 default: 609 } 610 611 case <-f.update: 612 // Pending requests updated, stream to clients 613 f.lock.RLock() 614 for _, conn := range f.conns { 615 if err := send(conn, map[string]interface{}{"requests": f.reqs}, time.Second); err != nil { 616 log.Warn("Failed to send requests to client", "err", err) 617 conn.Close() 618 } 619 } 620 f.lock.RUnlock() 621 } 622 } 623 } 624 625 // sends transmits a data packet to the remote end of the websocket, but also 626 // setting a write deadline to prevent waiting forever on the node. 627 func send(conn *websocket.Conn, value interface{}, timeout time.Duration) error { 628 if timeout == 0 { 629 timeout = 60 * time.Second 630 } 631 conn.SetWriteDeadline(time.Now().Add(timeout)) 632 return websocket.JSON.Send(conn, value) 633 } 634 635 // sendError transmits an error to the remote end of the websocket, also setting 636 // the write deadline to 1 second to prevent waiting forever. 637 func sendError(conn *websocket.Conn, err error) error { 638 return send(conn, map[string]string{"error": err.Error()}, time.Second) 639 } 640 641 // sendSuccess transmits a success message to the remote end of the websocket, also 642 // setting the write deadline to 1 second to prevent waiting forever. 643 func sendSuccess(conn *websocket.Conn, msg string) error { 644 return send(conn, map[string]string{"success": msg}, time.Second) 645 } 646 647 // authGitHub tries to authenticate a faucet request using GitHub gists, returning 648 // the username, avatar URL and VNT address to fund on success. 649 func authGitHub(url string) (string, string, common.Address, error) { 650 // Retrieve the gist from the GitHub Gist APIs 651 parts := strings.Split(url, "/") 652 req, _ := http.NewRequest("GET", "https://api.github.com/gists/"+parts[len(parts)-1], nil) 653 if *githubUser != "" { 654 req.SetBasicAuth(*githubUser, *githubToken) 655 } 656 res, err := http.DefaultClient.Do(req) 657 if err != nil { 658 return "", "", common.Address{}, err 659 } 660 var gist struct { 661 Owner struct { 662 Login string `json:"login"` 663 } `json:"owner"` 664 Files map[string]struct { 665 Content string `json:"content"` 666 } `json:"files"` 667 } 668 err = json.NewDecoder(res.Body).Decode(&gist) 669 res.Body.Close() 670 if err != nil { 671 return "", "", common.Address{}, err 672 } 673 if gist.Owner.Login == "" { 674 return "", "", common.Address{}, errors.New("Anonymous Gists not allowed") 675 } 676 // Iterate over all the files and look for VNT addresses 677 var address common.Address 678 for _, file := range gist.Files { 679 content := strings.TrimSpace(file.Content) 680 if len(content) == 2+common.AddressLength*2 { 681 address = common.HexToAddress(content) 682 } 683 } 684 if address == (common.Address{}) { 685 return "", "", common.Address{}, errors.New("No VNT address found to fund") 686 } 687 // Validate the user's existence since the API is unhelpful here 688 if res, err = http.Head("https://github.com/" + gist.Owner.Login); err != nil { 689 return "", "", common.Address{}, err 690 } 691 res.Body.Close() 692 693 if res.StatusCode != 200 { 694 return "", "", common.Address{}, errors.New("Invalid user... boom!") 695 } 696 // Everything passed validation, return the gathered infos 697 return gist.Owner.Login + "@github", fmt.Sprintf("https://github.com/%s.png?size=64", gist.Owner.Login), address, nil 698 } 699 700 // authTwitter tries to authenticate a faucet request using Twitter posts, returning 701 // the username, avatar URL and VNT address to fund on success. 702 func authTwitter(url string) (string, string, common.Address, error) { 703 // Ensure the user specified a meaningful URL, no fancy nonsense 704 parts := strings.Split(url, "/") 705 if len(parts) < 4 || parts[len(parts)-2] != "status" { 706 return "", "", common.Address{}, errors.New("Invalid Twitter status URL") 707 } 708 // Twitter's API isn't really friendly with direct links. Still, we don't 709 // want to do ask read permissions from users, so just load the public posts and 710 // scrape it for the VNT address and profile URL. 711 res, err := http.Get(url) 712 if err != nil { 713 return "", "", common.Address{}, err 714 } 715 defer res.Body.Close() 716 717 // Resolve the username from the final redirect, no intermediate junk 718 parts = strings.Split(res.Request.URL.String(), "/") 719 if len(parts) < 4 || parts[len(parts)-2] != "status" { 720 return "", "", common.Address{}, errors.New("Invalid Twitter status URL") 721 } 722 username := parts[len(parts)-3] 723 724 body, err := ioutil.ReadAll(res.Body) 725 if err != nil { 726 return "", "", common.Address{}, err 727 } 728 address := common.HexToAddress(string(regexp.MustCompile("0x[0-9a-fA-F]{40}").Find(body))) 729 if address == (common.Address{}) { 730 return "", "", common.Address{}, errors.New("No VNT address found to fund") 731 } 732 var avatar string 733 if parts = regexp.MustCompile("src=\"([^\"]+twimg.com/profile_images[^\"]+)\"").FindStringSubmatch(string(body)); len(parts) == 2 { 734 avatar = parts[1] 735 } 736 return username + "@twitter", avatar, address, nil 737 } 738 739 // authGooglePlus tries to authenticate a faucet request using GooglePlus posts, 740 // returning the username, avatar URL and VNT address to fund on success. 741 func authGooglePlus(url string) (string, string, common.Address, error) { 742 // Ensure the user specified a meaningful URL, no fancy nonsense 743 parts := strings.Split(url, "/") 744 if len(parts) < 4 || parts[len(parts)-2] != "posts" { 745 return "", "", common.Address{}, errors.New("Invalid Google+ post URL") 746 } 747 username := parts[len(parts)-3] 748 749 // Google's API isn't really friendly with direct links. Still, we don't 750 // want to do ask read permissions from users, so just load the public posts and 751 // scrape it for the VNT address and profile URL. 752 res, err := http.Get(url) 753 if err != nil { 754 return "", "", common.Address{}, err 755 } 756 defer res.Body.Close() 757 758 body, err := ioutil.ReadAll(res.Body) 759 if err != nil { 760 return "", "", common.Address{}, err 761 } 762 address := common.HexToAddress(string(regexp.MustCompile("0x[0-9a-fA-F]{40}").Find(body))) 763 if address == (common.Address{}) { 764 return "", "", common.Address{}, errors.New("No VNT address found to fund") 765 } 766 var avatar string 767 if parts = regexp.MustCompile("src=\"([^\"]+googleusercontent.com[^\"]+photo.jpg)\"").FindStringSubmatch(string(body)); len(parts) == 2 { 768 avatar = parts[1] 769 } 770 return username + "@google+", avatar, address, nil 771 } 772 773 // authFacebook tries to authenticate a faucet request using Facebook posts, 774 // returning the username, avatar URL and VNT address to fund on success. 775 func authFacebook(url string) (string, string, common.Address, error) { 776 // Ensure the user specified a meaningful URL, no fancy nonsense 777 parts := strings.Split(url, "/") 778 if len(parts) < 4 || parts[len(parts)-2] != "posts" { 779 return "", "", common.Address{}, errors.New("Invalid Facebook post URL") 780 } 781 username := parts[len(parts)-3] 782 783 // Facebook's Graph API isn't really friendly with direct links. Still, we don't 784 // want to do ask read permissions from users, so just load the public posts and 785 // scrape it for the VNT address and profile URL. 786 res, err := http.Get(url) 787 if err != nil { 788 return "", "", common.Address{}, err 789 } 790 defer res.Body.Close() 791 792 body, err := ioutil.ReadAll(res.Body) 793 if err != nil { 794 return "", "", common.Address{}, err 795 } 796 address := common.HexToAddress(string(regexp.MustCompile("0x[0-9a-fA-F]{40}").Find(body))) 797 if address == (common.Address{}) { 798 return "", "", common.Address{}, errors.New("No VNT address found to fund") 799 } 800 var avatar string 801 if parts = regexp.MustCompile("src=\"([^\"]+fbcdn.net[^\"]+)\"").FindStringSubmatch(string(body)); len(parts) == 2 { 802 avatar = parts[1] 803 } 804 return username + "@facebook", avatar, address, nil 805 } 806 807 // authNoAuth tries to interpret a faucet request as a plain VNT address, 808 // without actually performing any remote authentication. This mode is prone to 809 // Byzantine attack, so only ever use for truly private networks. 810 func authNoAuth(url string) (string, string, common.Address, error) { 811 address := common.HexToAddress(regexp.MustCompile("0x[0-9a-fA-F]{40}").FindString(url)) 812 if address == (common.Address{}) { 813 return "", "", common.Address{}, errors.New("No VNT address found to fund") 814 } 815 return address.Hex() + "@noauth", "", address, nil 816 }