diff --git a/ethereum/api/src/main/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcHttpService.java b/ethereum/api/src/main/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcHttpService.java index 02333398fd..874919bac5 100644 --- a/ethereum/api/src/main/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcHttpService.java +++ b/ethereum/api/src/main/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcHttpService.java @@ -28,6 +28,7 @@ import org.hyperledger.besu.ethereum.api.jsonrpc.execution.JsonRpcExecutor; import org.hyperledger.besu.ethereum.api.jsonrpc.execution.TimedJsonRpcProcessor; import org.hyperledger.besu.ethereum.api.jsonrpc.execution.TracedJsonRpcProcessor; import org.hyperledger.besu.ethereum.api.jsonrpc.health.HealthService; +import org.hyperledger.besu.ethereum.api.jsonrpc.internal.exception.Logging403ErrorHandler; import org.hyperledger.besu.ethereum.api.jsonrpc.internal.methods.JsonRpcMethod; import org.hyperledger.besu.ethereum.api.tls.TlsClientAuthConfiguration; import org.hyperledger.besu.ethereum.api.tls.TlsConfiguration; @@ -298,7 +299,7 @@ public class JsonRpcHttpService { // Verify Host header to avoid rebind attack. router.route().handler(checkAllowlistHostHeader()); - + router.errorHandler(403, new Logging403ErrorHandler()); router .route() .handler( diff --git a/ethereum/api/src/main/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcService.java b/ethereum/api/src/main/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcService.java index 883528c2a6..a3751feb62 100644 --- a/ethereum/api/src/main/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcService.java +++ b/ethereum/api/src/main/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcService.java @@ -30,6 +30,7 @@ import org.hyperledger.besu.ethereum.api.jsonrpc.execution.JsonRpcProcessor; import org.hyperledger.besu.ethereum.api.jsonrpc.execution.TimedJsonRpcProcessor; import org.hyperledger.besu.ethereum.api.jsonrpc.execution.TracedJsonRpcProcessor; import org.hyperledger.besu.ethereum.api.jsonrpc.health.HealthService; +import org.hyperledger.besu.ethereum.api.jsonrpc.internal.exception.Logging403ErrorHandler; import org.hyperledger.besu.ethereum.api.jsonrpc.internal.methods.JsonRpcMethod; import org.hyperledger.besu.ethereum.api.jsonrpc.websocket.WebSocketConfiguration; import org.hyperledger.besu.ethereum.api.jsonrpc.websocket.WebSocketMessageHandler; @@ -402,7 +403,7 @@ public class JsonRpcService { // Verify Host header to avoid rebind attack. router.route().handler(denyRouteToBlockedHost()); - + router.errorHandler(403, new Logging403ErrorHandler()); router .route() .handler( diff --git a/ethereum/api/src/main/java/org/hyperledger/besu/ethereum/api/jsonrpc/internal/exception/Logging403ErrorHandler.java b/ethereum/api/src/main/java/org/hyperledger/besu/ethereum/api/jsonrpc/internal/exception/Logging403ErrorHandler.java new file mode 100644 index 0000000000..dcd6d8873d --- /dev/null +++ b/ethereum/api/src/main/java/org/hyperledger/besu/ethereum/api/jsonrpc/internal/exception/Logging403ErrorHandler.java @@ -0,0 +1,38 @@ +/* + * Copyright Hyperledger Besu Contributors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on + * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the + * specific language governing permissions and limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * + */ + +package org.hyperledger.besu.ethereum.api.jsonrpc.internal.exception; + +import io.vertx.core.Handler; +import io.vertx.core.http.HttpServerResponse; +import io.vertx.ext.web.RoutingContext; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +public class Logging403ErrorHandler implements Handler { + + private static final Logger LOG = LoggerFactory.getLogger(Logging403ErrorHandler.class); + + @Override + public void handle(final RoutingContext event) { + LOG.error(event.failure().getMessage()); + LOG.debug(event.failure().getMessage(), event.failure()); + int statusCode = event.statusCode(); + + HttpServerResponse response = event.response(); + response.setStatusCode(statusCode).end("Exception thrown handling RPC"); + } +} diff --git a/ethereum/api/src/main/java/org/hyperledger/besu/ethereum/api/jsonrpc/websocket/WebSocketService.java b/ethereum/api/src/main/java/org/hyperledger/besu/ethereum/api/jsonrpc/websocket/WebSocketService.java index cee396161e..f6131339cc 100644 --- a/ethereum/api/src/main/java/org/hyperledger/besu/ethereum/api/jsonrpc/websocket/WebSocketService.java +++ b/ethereum/api/src/main/java/org/hyperledger/besu/ethereum/api/jsonrpc/websocket/WebSocketService.java @@ -19,6 +19,7 @@ import static com.google.common.collect.Streams.stream; import org.hyperledger.besu.ethereum.api.jsonrpc.authentication.AuthenticationService; import org.hyperledger.besu.ethereum.api.jsonrpc.authentication.AuthenticationUtils; import org.hyperledger.besu.ethereum.api.jsonrpc.authentication.DefaultAuthenticationService; +import org.hyperledger.besu.ethereum.api.jsonrpc.internal.exception.Logging403ErrorHandler; import org.hyperledger.besu.ethereum.api.jsonrpc.websocket.subscription.SubscriptionManager; import org.hyperledger.besu.metrics.BesuMetricCategory; import org.hyperledger.besu.plugin.services.MetricsSystem; @@ -222,7 +223,7 @@ public class WebSocketService { .produces(APPLICATION_JSON) .handler(DefaultAuthenticationService::handleDisabledLogin); } - + router.errorHandler(403, new Logging403ErrorHandler()); router.route().handler(WebSocketService::handleHttpNotSupported); return router; }