node: allow JWT pass by file only (#24579)

a8040bc2 · Marius van der Wijden · GitHub · 535f25d6 · a8040bc2 · a8040bc2
Unverified Commit a8040bc2 authored Mar 24, 2022 by Marius van der Wijden Committed by GitHub Mar 24, 2022
Hide whitespace changes
Inline Side-by-side

Showing with 3 additions and 12 deletions

flags.go cmd/utils/flags.go +1 -1

node.go node/node.go +2 -11

No files found.
--- a/cmd/utils/flags.go
+++ b/cmd/utils/flags.go
@@ -548,7 +548,7 @@ var (
 	}
 	JWTSecretFlag = cli.StringFlag{
 		Name:  "authrpc.jwtsecret",
-		Usage: "JWT secret (or path to a jwt secret) to use for authenticated RPC endpoints",
+		Usage: "Path to a JWT secret to use for authenticated RPC endpoints",
 	}
 	// Logging and debug settings
 	EthStatsURLFlag = cli.StringFlag{

--- a/node/node.go
+++ b/node/node.go
@@ -346,17 +346,8 @@ func (n *Node) closeDataDir() {
 // or from the default location. If neither of those are present, it generates
 // a new secret and stores to the default location.
 func (n *Node) obtainJWTSecret(cliParam string) ([]byte, error) {
-	var fileName string
+	fileName := cliParam
-	if len(cliParam) > 0 {
+	if len(fileName) == 0 {
-		// If a plaintext secret was provided via cli flags, use that
-		jwtSecret := common.FromHex(cliParam)
-		if len(jwtSecret) == 32 && strings.HasPrefix(cliParam, "0x") {
-			log.Warn("Plaintext JWT secret provided, please consider passing via file")
-			return jwtSecret, nil
-		}
-		// path provided
-		fileName = cliParam
-	} else {
 		// no path provided, use default
 		fileName = n.ResolvePath(datadirJWTKey)
 	}