Cannot parse non-numerical ID #28
Comments
|
+1. This is still an issue and means you cannot use clients generated with https://github.com/open-rpc/generator from the OpenRPC definitions in Lotus, as they pass
$ curl -H "Content-Type: application/json" \
--data '{ "jsonrpc": "2.0", "method": "Filecoin.ChainHead", "params": [], "id": "1" }' \
'http://127.0.0.1:1234/rpc/v0'
{"jsonrpc":"2.0","id":0,"error":{"code":-32700,"message":"unmarshaling request: json: cannot unmarshal string into Go struct field request.id of type int64"}} |
|
@mvdan as our resident The decode happens into: Lines 38 to 44 in 45ea43a Using a simple Then the response is built as: Lines 64 to 69 in 45ea43a Using a We're already handling the NULL case: Lines 265 to 267 in 45ea43a But if we want to also handle the String case and do it both in and out (i.e. if you give it an int, return an int, but if you give a string, return a string), what are our options here? Do we have to first inspect it as an I don't know the answer to this but I'm wondering if we can strictly require that any String ID be a string representation of an int64. That would probably satisfy the OpenRPC model, as long as we returned it as a string. I'm a bit weary about accepting arbitrary strings as it seems like an opportunity for novelty that we may not want to introduce. So maybe it's enough to have an int64 but also a flag that says "it came as a string". |
My reading of the spec is different than yours, at least. It says the ID can be a string, but it doesn't say that the string must contain a valid integer representation. So it could be a UUID or some random base64, for example, and I don't think that would break the spec. Assuming you don't want to enforce ID strings to be integers, I think the best option is to implement a custom type that knows how to unmarshal itself. I initially thought about suggesting Here's an example of the decode type: https://play.golang.org/p/SVQFikqZrpg. You can run it and see how it behaves with a few different inputs. You're fully in control with that UnmarshalJSON method, so you could, for example, tweak it to only accept strings which represent valid int64 by doing a second Unmarshal in the string case. You could then, for example, swap the internal |
|
neat, thanks @mvdan, that sounds right for this problem. Re
I was just expressing some discomfort with the anything nature of a string in this position, allowing arbitrary length strings to pass through state like this is how attack vectors emerge so I was pondering if there was a way to limit that. As far as we know from playing with OpenRPC so far it's defaulting to using integer strings (at least the JS/TypeScript codegen client does), but I don't know how universal that is and maybe there's clients out there that we want to support that use some other nonce type here. |
|
The code I shared is entirely custom, so you could always restrict string length. Though, personally, I'd do that before any JSON decoding happens, e.g. via a |
I would move conservatively and assume that the spec was simply being kind to JavaScript by allowing integers to be sent as numbers or strings. If it simplifies anything to require the strings to be representations of integers, then I would go that route. |
|
ok, i take it back. "Whatever the client sends should be exactly what is sent back" is the spirit of the thing, not "be nice to JS". v1 of the spec captures the intent:
and there are these guys:
|
|
Yeah, in my mind being conservative is "allow what the spec says is allowed" :) |
|
ah, there's a |
|
I thought I'd try my rusty Go hands at this one for something different, would appreciate reviews @ #48 |
Per the json-rpc spec, the
"Id"in the request can be a number, a string or NULL, but this library throws an error when using a string:Additionally, the response breaks the spec too because
If there was an error in detecting the id in the Request object (e.g. Parse error/Invalid Request), it MUST be Null..The text was updated successfully, but these errors were encountered: