aboutsummaryrefslogtreecommitdiffstats
path: root/cmd/faucet/faucet.go
diff options
context:
space:
mode:
Diffstat (limited to 'cmd/faucet/faucet.go')
-rw-r--r--cmd/faucet/faucet.go414
1 files changed, 324 insertions, 90 deletions
diff --git a/cmd/faucet/faucet.go b/cmd/faucet/faucet.go
index 8cd62441e..72098e68d 100644
--- a/cmd/faucet/faucet.go
+++ b/cmd/faucet/faucet.go
@@ -21,8 +21,10 @@ package main
import (
"bytes"
+ "compress/zlib"
"context"
"encoding/json"
+ "errors"
"flag"
"fmt"
"html/template"
@@ -33,6 +35,7 @@ import (
"net/url"
"os"
"path/filepath"
+ "regexp"
"strconv"
"strings"
"sync"
@@ -181,10 +184,10 @@ func main() {
// request represents an accepted funding request.
type request struct {
- Username string `json:"username"` // GitHub user for displaying an avatar
- Account common.Address `json:"account"` // Ethereum address being funded
- Time time.Time `json:"time"` // Timestamp when te request was accepted
- Tx *types.Transaction `json:"tx"` // Transaction funding the account
+ Avatar string `json:"avatar"` // Avatar URL to make the UI nicer
+ Account common.Address `json:"account"` // Ethereum address being funded
+ Time time.Time `json:"time"` // Timestamp when the request was accepted
+ Tx *types.Transaction `json:"tx"` // Transaction funding the account
}
// faucet represents a crypto faucet backed by an Ethereum light client.
@@ -299,6 +302,8 @@ func (f *faucet) webHandler(w http.ResponseWriter, r *http.Request) {
// apiHandler handles requests for Ether grants and transaction statuses.
func (f *faucet) apiHandler(conn *websocket.Conn) {
// Start tracking the connection and drop at the end
+ defer conn.Close()
+
f.lock.Lock()
f.conns = append(f.conns, conn)
f.lock.Unlock()
@@ -313,25 +318,50 @@ func (f *faucet) apiHandler(conn *websocket.Conn) {
}
f.lock.Unlock()
}()
- // Send a few initial stats to the client
- balance, _ := f.client.BalanceAt(context.Background(), f.account.Address, nil)
- nonce, _ := f.client.NonceAt(context.Background(), f.account.Address, nil)
+ // Gather the initial stats from the network to report
+ var (
+ head *types.Header
+ balance *big.Int
+ nonce uint64
+ err error
+ )
+ for {
+ // Attempt to retrieve the stats, may error on no faucet connectivity
+ ctx, cancel := context.WithTimeout(context.Background(), 3*time.Second)
+ head, err = f.client.HeaderByNumber(ctx, nil)
+ if err == nil {
+ balance, err = f.client.BalanceAt(ctx, f.account.Address, head.Number)
+ if err == nil {
+ nonce, err = f.client.NonceAt(ctx, f.account.Address, nil)
+ }
+ }
+ cancel()
- websocket.JSON.Send(conn, map[string]interface{}{
+ // If stats retrieval failed, wait a bit and retry
+ if err != nil {
+ if err = sendError(conn, errors.New("Faucet offline: "+err.Error())); err != nil {
+ log.Warn("Failed to send faucet error to client", "err", err)
+ return
+ }
+ time.Sleep(3 * time.Second)
+ continue
+ }
+ // Initial stats reported successfully, proceed with user interaction
+ break
+ }
+ // Send over the initial stats and the latest header
+ if err = send(conn, map[string]interface{}{
"funds": balance.Div(balance, ether),
"funded": nonce,
"peers": f.stack.Server().PeerCount(),
"requests": f.reqs,
- })
- // Send the initial block to the client
- ctx, cancel := context.WithTimeout(context.Background(), time.Second)
- header, err := f.client.HeaderByNumber(ctx, nil)
- cancel()
-
- if err != nil {
- log.Error("Failed to retrieve latest header", "err", err)
- } else {
- websocket.JSON.Send(conn, header)
+ }, 3*time.Second); err != nil {
+ log.Warn("Failed to send initial stats to client", "err", err)
+ return
+ }
+ if err = send(conn, head, 3*time.Second); err != nil {
+ log.Warn("Failed to send initial header to client", "err", err)
+ return
}
// Keep reading requests from the websocket until the connection breaks
for {
@@ -341,18 +371,25 @@ func (f *faucet) apiHandler(conn *websocket.Conn) {
Tier uint `json:"tier"`
Captcha string `json:"captcha"`
}
- if err := websocket.JSON.Receive(conn, &msg); err != nil {
+ if err = websocket.JSON.Receive(conn, &msg); err != nil {
return
}
- if !strings.HasPrefix(msg.URL, "https://gist.github.com/") {
- websocket.JSON.Send(conn, map[string]string{"error": "URL doesn't link to GitHub Gists"})
+ if !strings.HasPrefix(msg.URL, "https://gist.github.com/") && !strings.HasPrefix(msg.URL, "https://twitter.com/") &&
+ !strings.HasPrefix(msg.URL, "https://plus.google.com/") && !strings.HasPrefix(msg.URL, "https://www.facebook.com/") {
+ if err = sendError(conn, errors.New("URL doesn't link to supported services")); err != nil {
+ log.Warn("Failed to send URL error to client", "err", err)
+ return
+ }
continue
}
if msg.Tier >= uint(*tiersFlag) {
- websocket.JSON.Send(conn, map[string]string{"error": "Invalid funding tier requested"})
+ if err = sendError(conn, errors.New("Invalid funding tier requested")); err != nil {
+ log.Warn("Failed to send tier error to client", "err", err)
+ return
+ }
continue
}
- log.Info("Faucet funds requested", "gist", msg.URL, "tier", msg.Tier)
+ log.Info("Faucet funds requested", "url", msg.URL, "tier", msg.Tier)
// If captcha verifications are enabled, make sure we're not dealing with a robot
if *captchaToken != "" {
@@ -362,7 +399,10 @@ func (f *faucet) apiHandler(conn *websocket.Conn) {
res, err := http.PostForm("https://www.google.com/recaptcha/api/siteverify", form)
if err != nil {
- websocket.JSON.Send(conn, map[string]string{"error": err.Error()})
+ if err = sendError(conn, err); err != nil {
+ log.Warn("Failed to send captcha post error to client", "err", err)
+ return
+ }
continue
}
var result struct {
@@ -372,74 +412,55 @@ func (f *faucet) apiHandler(conn *websocket.Conn) {
err = json.NewDecoder(res.Body).Decode(&result)
res.Body.Close()
if err != nil {
- websocket.JSON.Send(conn, map[string]string{"error": err.Error()})
+ if err = sendError(conn, err); err != nil {
+ log.Warn("Failed to send captcha decode error to client", "err", err)
+ return
+ }
continue
}
if !result.Success {
log.Warn("Captcha verification failed", "err", string(result.Errors))
- websocket.JSON.Send(conn, map[string]string{"error": "Beep-bop, you're a robot!"})
+ if err = sendError(conn, errors.New("Beep-bop, you're a robot!")); err != nil {
+ log.Warn("Failed to send captcha failure to client", "err", err)
+ return
+ }
continue
}
}
- // Retrieve the gist from the GitHub Gist APIs
- parts := strings.Split(msg.URL, "/")
- req, _ := http.NewRequest("GET", "https://api.github.com/gists/"+parts[len(parts)-1], nil)
- if *githubUser != "" {
- req.SetBasicAuth(*githubUser, *githubToken)
- }
- res, err := http.DefaultClient.Do(req)
- if err != nil {
- websocket.JSON.Send(conn, map[string]string{"error": err.Error()})
- continue
- }
- var gist struct {
- Owner struct {
- Login string `json:"login"`
- } `json:"owner"`
- Files map[string]struct {
- Content string `json:"content"`
- } `json:"files"`
+ // Retrieve the Ethereum address to fund, the requesting user and a profile picture
+ var (
+ username string
+ avatar string
+ address common.Address
+ )
+ switch {
+ case strings.HasPrefix(msg.URL, "https://gist.github.com/"):
+ username, avatar, address, err = authGitHub(msg.URL)
+ case strings.HasPrefix(msg.URL, "https://twitter.com/"):
+ username, avatar, address, err = authTwitter(msg.URL)
+ case strings.HasPrefix(msg.URL, "https://plus.google.com/"):
+ username, avatar, address, err = authGooglePlus(msg.URL)
+ case strings.HasPrefix(msg.URL, "https://www.facebook.com/"):
+ username, avatar, address, err = authFacebook(msg.URL)
+ default:
+ err = errors.New("Something funky happened, please open an issue at https://github.com/ethereum/go-ethereum/issues")
}
- err = json.NewDecoder(res.Body).Decode(&gist)
- res.Body.Close()
if err != nil {
- websocket.JSON.Send(conn, map[string]string{"error": err.Error()})
- continue
- }
- if gist.Owner.Login == "" {
- websocket.JSON.Send(conn, map[string]string{"error": "Anonymous Gists not allowed"})
- continue
- }
- // Iterate over all the files and look for Ethereum addresses
- var address common.Address
- for _, file := range gist.Files {
- content := strings.TrimSpace(file.Content)
- if len(content) == 2+common.AddressLength*2 {
- address = common.HexToAddress(content)
+ if err = sendError(conn, err); err != nil {
+ log.Warn("Failed to send prefix error to client", "err", err)
+ return
}
- }
- if address == (common.Address{}) {
- websocket.JSON.Send(conn, map[string]string{"error": "No Ethereum address found to fund"})
continue
}
- // Validate the user's existence since the API is unhelpful here
- if res, err = http.Head("https://github.com/" + gist.Owner.Login); err != nil {
- websocket.JSON.Send(conn, map[string]string{"error": err.Error()})
- continue
- }
- res.Body.Close()
+ log.Info("Faucet request valid", "url", msg.URL, "tier", msg.Tier, "user", username, "address", address)
- if res.StatusCode != 200 {
- websocket.JSON.Send(conn, map[string]string{"error": "Invalid user... boom!"})
- continue
- }
// Ensure the user didn't request funds too recently
f.lock.Lock()
var (
fund bool
timeout time.Time
)
- if timeout = f.timeouts[gist.Owner.Login]; time.Now().After(timeout) {
+ if timeout = f.timeouts[username]; time.Now().After(timeout) {
// User wasn't funded recently, create the funding transaction
amount := new(big.Int).Mul(big.NewInt(int64(*payoutFlag)), ether)
amount = new(big.Int).Mul(amount, new(big.Int).Exp(big.NewInt(5), big.NewInt(int64(msg.Tier)), nil))
@@ -448,33 +469,45 @@ func (f *faucet) apiHandler(conn *websocket.Conn) {
tx := types.NewTransaction(f.nonce+uint64(len(f.reqs)), address, amount, big.NewInt(21000), f.price, nil)
signed, err := f.keystore.SignTx(f.account, tx, f.config.ChainId)
if err != nil {
- websocket.JSON.Send(conn, map[string]string{"error": err.Error()})
f.lock.Unlock()
+ if err = sendError(conn, err); err != nil {
+ log.Warn("Failed to send transaction creation error to client", "err", err)
+ return
+ }
continue
}
// Submit the transaction and mark as funded if successful
if err := f.client.SendTransaction(context.Background(), signed); err != nil {
- websocket.JSON.Send(conn, map[string]string{"error": err.Error()})
f.lock.Unlock()
+ if err = sendError(conn, err); err != nil {
+ log.Warn("Failed to send transaction transmission error to client", "err", err)
+ return
+ }
continue
}
f.reqs = append(f.reqs, &request{
- Username: gist.Owner.Login,
- Account: address,
- Time: time.Now(),
- Tx: signed,
+ Avatar: avatar,
+ Account: address,
+ Time: time.Now(),
+ Tx: signed,
})
- f.timeouts[gist.Owner.Login] = time.Now().Add(time.Duration(*minutesFlag*int(math.Pow(3, float64(msg.Tier)))) * time.Minute)
+ f.timeouts[username] = time.Now().Add(time.Duration(*minutesFlag*int(math.Pow(3, float64(msg.Tier)))) * time.Minute)
fund = true
}
f.lock.Unlock()
// Send an error if too frequent funding, othewise a success
if !fund {
- websocket.JSON.Send(conn, map[string]string{"error": fmt.Sprintf("%s left until next allowance", common.PrettyDuration(timeout.Sub(time.Now())))})
+ if err = sendError(conn, fmt.Errorf("%s left until next allowance", common.PrettyDuration(timeout.Sub(time.Now())))); err != nil {
+ log.Warn("Failed to send funding error to client", "err", err)
+ return
+ }
continue
}
- websocket.JSON.Send(conn, map[string]string{"success": fmt.Sprintf("Funding request accepted for %s into %s", gist.Owner.Login, address.Hex())})
+ if err = sendSuccess(conn, fmt.Sprintf("Funding request accepted for %s into %s", username, address.Hex())); err != nil {
+ log.Warn("Failed to send funding success to client", "err", err)
+ return
+ }
select {
case f.update <- struct{}{}:
default:
@@ -497,11 +530,31 @@ func (f *faucet) loop() {
select {
case head := <-heads:
// New chain head arrived, query the current stats and stream to clients
- balance, _ := f.client.BalanceAt(context.Background(), f.account.Address, nil)
- balance = new(big.Int).Div(balance, ether)
+ var (
+ balance *big.Int
+ nonce uint64
+ price *big.Int
+ err error
+ )
+ ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
+ balance, err = f.client.BalanceAt(ctx, f.account.Address, head.Number)
+ if err == nil {
+ nonce, err = f.client.NonceAt(ctx, f.account.Address, nil)
+ if err == nil {
+ price, err = f.client.SuggestGasPrice(ctx)
+ }
+ }
+ cancel()
- price, _ := f.client.SuggestGasPrice(context.Background())
- nonce, _ := f.client.NonceAt(context.Background(), f.account.Address, nil)
+ // If querying the data failed, try for the next block
+ if err != nil {
+ log.Warn("Failed to update faucet state", "block", head.Number, "hash", head.Hash(), "err", err)
+ continue
+ } else {
+ log.Info("Updated faucet state", "block", head.Number, "hash", head.Hash(), "balance", balance, "nonce", nonce, "price", price)
+ }
+ // Faucet state retrieved, update locally and send to clients
+ balance = new(big.Int).Div(balance, ether)
f.lock.Lock()
f.price, f.nonce = price, nonce
@@ -512,17 +565,17 @@ func (f *faucet) loop() {
f.lock.RLock()
for _, conn := range f.conns {
- if err := websocket.JSON.Send(conn, map[string]interface{}{
+ if err := send(conn, map[string]interface{}{
"funds": balance,
"funded": f.nonce,
"peers": f.stack.Server().PeerCount(),
"requests": f.reqs,
- }); err != nil {
+ }, time.Second); err != nil {
log.Warn("Failed to send stats to client", "err", err)
conn.Close()
continue
}
- if err := websocket.JSON.Send(conn, head); err != nil {
+ if err := send(conn, head, time.Second); err != nil {
log.Warn("Failed to send header to client", "err", err)
conn.Close()
}
@@ -533,7 +586,7 @@ func (f *faucet) loop() {
// Pending requests updated, stream to clients
f.lock.RLock()
for _, conn := range f.conns {
- if err := websocket.JSON.Send(conn, map[string]interface{}{"requests": f.reqs}); err != nil {
+ if err := send(conn, map[string]interface{}{"requests": f.reqs}, time.Second); err != nil {
log.Warn("Failed to send requests to client", "err", err)
conn.Close()
}
@@ -542,3 +595,184 @@ func (f *faucet) loop() {
}
}
}
+
+// sends transmits a data packet to the remote end of the websocket, but also
+// setting a write deadline to prevent waiting forever on the node.
+func send(conn *websocket.Conn, value interface{}, timeout time.Duration) error {
+ if timeout == 0 {
+ timeout = 60 * time.Second
+ }
+ conn.SetWriteDeadline(time.Now().Add(timeout))
+ return websocket.JSON.Send(conn, value)
+}
+
+// sendError transmits an error to the remote end of the websocket, also setting
+// the write deadline to 1 second to prevent waiting forever.
+func sendError(conn *websocket.Conn, err error) error {
+ return send(conn, map[string]string{"error": err.Error()}, time.Second)
+}
+
+// sendSuccess transmits a success message to the remote end of the websocket, also
+// setting the write deadline to 1 second to prevent waiting forever.
+func sendSuccess(conn *websocket.Conn, msg string) error {
+ return send(conn, map[string]string{"success": msg}, time.Second)
+}
+
+// authGitHub tries to authenticate a faucet request using GitHub gists, returning
+// the username, avatar URL and Ethereum address to fund on success.
+func authGitHub(url string) (string, string, common.Address, error) {
+ // Retrieve the gist from the GitHub Gist APIs
+ parts := strings.Split(url, "/")
+ req, _ := http.NewRequest("GET", "https://api.github.com/gists/"+parts[len(parts)-1], nil)
+ if *githubUser != "" {
+ req.SetBasicAuth(*githubUser, *githubToken)
+ }
+ res, err := http.DefaultClient.Do(req)
+ if err != nil {
+ return "", "", common.Address{}, err
+ }
+ var gist struct {
+ Owner struct {
+ Login string `json:"login"`
+ } `json:"owner"`
+ Files map[string]struct {
+ Content string `json:"content"`
+ } `json:"files"`
+ }
+ err = json.NewDecoder(res.Body).Decode(&gist)
+ res.Body.Close()
+ if err != nil {
+ return "", "", common.Address{}, err
+ }
+ if gist.Owner.Login == "" {
+ return "", "", common.Address{}, errors.New("Anonymous Gists not allowed")
+ }
+ // Iterate over all the files and look for Ethereum addresses
+ var address common.Address
+ for _, file := range gist.Files {
+ content := strings.TrimSpace(file.Content)
+ if len(content) == 2+common.AddressLength*2 {
+ address = common.HexToAddress(content)
+ }
+ }
+ if address == (common.Address{}) {
+ return "", "", common.Address{}, errors.New("No Ethereum address found to fund")
+ }
+ // Validate the user's existence since the API is unhelpful here
+ if res, err = http.Head("https://github.com/" + gist.Owner.Login); err != nil {
+ return "", "", common.Address{}, err
+ }
+ res.Body.Close()
+
+ if res.StatusCode != 200 {
+ return "", "", common.Address{}, errors.New("Invalid user... boom!")
+ }
+ // Everything passed validation, return the gathered infos
+ return gist.Owner.Login + "@github", fmt.Sprintf("https://github.com/%s.png?size=64", gist.Owner.Login), address, nil
+}
+
+// authTwitter tries to authenticate a faucet request using Twitter posts, returning
+// the username, avatar URL and Ethereum address to fund on success.
+func authTwitter(url string) (string, string, common.Address, error) {
+ // Ensure the user specified a meaningful URL, no fancy nonsense
+ parts := strings.Split(url, "/")
+ if len(parts) < 4 || parts[len(parts)-2] != "status" {
+ return "", "", common.Address{}, errors.New("Invalid Twitter status URL")
+ }
+ username := parts[len(parts)-3]
+
+ // Twitter's API isn't really friendly with direct links. Still, we don't
+ // want to do ask read permissions from users, so just load the public posts and
+ // scrape it for the Ethereum address and profile URL.
+ res, err := http.Get(url)
+ if err != nil {
+ return "", "", common.Address{}, err
+ }
+ defer res.Body.Close()
+
+ reader, err := zlib.NewReader(res.Body)
+ if err != nil {
+ return "", "", common.Address{}, err
+ }
+ body, err := ioutil.ReadAll(reader)
+ if err != nil {
+ return "", "", common.Address{}, err
+ }
+ address := common.HexToAddress(string(regexp.MustCompile("0x[0-9a-fA-F]{40}").Find(body)))
+ if address == (common.Address{}) {
+ return "", "", common.Address{}, errors.New("No Ethereum address found to fund")
+ }
+ var avatar string
+ if parts = regexp.MustCompile("src=\"([^\"]+twimg.com/profile_images[^\"]+)\"").FindStringSubmatch(string(body)); len(parts) == 2 {
+ avatar = parts[1]
+ }
+ return username + "@twitter", avatar, address, nil
+}
+
+// authGooglePlus tries to authenticate a faucet request using GooglePlus posts,
+// returning the username, avatar URL and Ethereum address to fund on success.
+func authGooglePlus(url string) (string, string, common.Address, error) {
+ // Ensure the user specified a meaningful URL, no fancy nonsense
+ parts := strings.Split(url, "/")
+ if len(parts) < 4 || parts[len(parts)-2] != "posts" {
+ return "", "", common.Address{}, errors.New("Invalid Google+ post URL")
+ }
+ username := parts[len(parts)-3]
+
+ // Google's API isn't really friendly with direct links. Still, we don't
+ // want to do ask read permissions from users, so just load the public posts and
+ // scrape it for the Ethereum address and profile URL.
+ res, err := http.Get(url)
+ if err != nil {
+ return "", "", common.Address{}, err
+ }
+ defer res.Body.Close()
+
+ body, err := ioutil.ReadAll(res.Body)
+ if err != nil {
+ return "", "", common.Address{}, err
+ }
+ address := common.HexToAddress(string(regexp.MustCompile("0x[0-9a-fA-F]{40}").Find(body)))
+ if address == (common.Address{}) {
+ return "", "", common.Address{}, errors.New("No Ethereum address found to fund")
+ }
+ var avatar string
+ if parts = regexp.MustCompile("src=\"([^\"]+googleusercontent.com[^\"]+photo.jpg)\"").FindStringSubmatch(string(body)); len(parts) == 2 {
+ avatar = parts[1]
+ }
+ return username + "@google+", avatar, address, nil
+}
+
+// authFacebook tries to authenticate a faucet request using Facebook posts,
+// returning the username, avatar URL and Ethereum address to fund on success.
+func authFacebook(url string) (string, string, common.Address, error) {
+ // Ensure the user specified a meaningful URL, no fancy nonsense
+ parts := strings.Split(url, "/")
+ if len(parts) < 4 || parts[len(parts)-2] != "posts" {
+ return "", "", common.Address{}, errors.New("Invalid Facebook post URL")
+ }
+ username := parts[len(parts)-3]
+
+ // Facebook's Graph API isn't really friendly with direct links. Still, we don't
+ // want to do ask read permissions from users, so just load the public posts and
+ // scrape it for the Ethereum address and profile URL.
+ res, err := http.Get(url)
+ if err != nil {
+ return "", "", common.Address{}, err
+ }
+ defer res.Body.Close()
+
+ body, err := ioutil.ReadAll(res.Body)
+ if err != nil {
+ return "", "", common.Address{}, err
+ }
+ address := common.HexToAddress(string(regexp.MustCompile("0x[0-9a-fA-F]{40}").Find(body)))
+ if address == (common.Address{}) {
+ return "", "", common.Address{}, errors.New("No Ethereum address found to fund")
+ }
+ var avatar string
+ if parts = regexp.MustCompile("src=\"([^\"]+fbcdn.net[^\"]+)\"").FindStringSubmatch(string(body)); len(parts) == 2 {
+ avatar = parts[1]
+ }
+ return username + "@facebook", avatar, address, nil
+}