From 112c96a5516fb9e6a8a619baa4933aff3186a887 Mon Sep 17 00:00:00 2001
From: Chris Hager <chris@linuxuser.at>
Date: Tue, 24 Jun 2025 12:15:38 +0200
Subject: [PATCH] orderflow-proxy should be able to register TLS cert

---
 ports/http_handler.go                    | 30 ++++-----------
 scripts/ci/{setup.hurl => e2e-test.hurl} | 47 +++++++++++++++++++-----
 scripts/ci/integration-test.sh           |  2 +-
 3 files changed, 47 insertions(+), 32 deletions(-)
 rename scripts/ci/{setup.hurl => e2e-test.hurl} (60%)

diff --git a/ports/http_handler.go b/ports/http_handler.go
index 413449b..1a3b7ab 100644
--- a/ports/http_handler.go
+++ b/ports/http_handler.go
@@ -270,29 +270,15 @@ func (bhs *BuilderHubHandler) RegisterCredentials(w http.ResponseWriter, r *http
 		return
 	}
 
-	// Validate payload based on service type
-	var tlsCert string
-	var ecdsaPubkey []byte
+	if sc.ECDSAPubkey == nil && sc.TLSCert == "" {
+		http.Error(w, "No credentials provided", http.StatusBadRequest)
+		return
+	}
 
-	switch service {
-	case "instance":
-		if sc.TLSCert == "" {
-			http.Error(w, "TLS cert is required for instance service", http.StatusBadRequest)
-			return
-		}
-		tlsCert = sc.TLSCert
-	case "orderflow_proxy", "rbuilder":
-		if sc.ECDSAPubkey == nil {
-			http.Error(w, "ECDSA pubkey is required for service", http.StatusBadRequest)
-			return
-		}
-		ecdsaPubkey = sc.ECDSAPubkey.Bytes()
-	default:
-		if sc.TLSCert == "" && sc.ECDSAPubkey == nil {
-			http.Error(w, "No credentials provided", http.StatusBadRequest)
-			return
-		}
-		tlsCert = sc.TLSCert
+	tlsCert := sc.TLSCert
+
+	var ecdsaPubkey []byte
+	if sc.ECDSAPubkey != nil {
 		ecdsaPubkey = sc.ECDSAPubkey.Bytes()
 	}
 
diff --git a/scripts/ci/setup.hurl b/scripts/ci/e2e-test.hurl
similarity index 60%
rename from scripts/ci/setup.hurl
rename to scripts/ci/e2e-test.hurl
index 106ee0d..10d478b 100644
--- a/scripts/ci/setup.hurl
+++ b/scripts/ci/e2e-test.hurl
@@ -85,13 +85,42 @@ jsonpath "$.[0].ip" == "1.2.3.4"
 jsonpath "$.[0].name" == "test_builder"
 
 # [Builder API] Register credentials for 'rbuilder' service
-#POST http://localhost:8888/api/l1-builder/v1/register_credentials/rbuilder
-#{
-#  "ecdsa_pubkey_address": "0x321f3426eEc20DE1910af1CD595c4DD83BEA0BA5"
-#}
+POST http://localhost:8888/api/l1-builder/v1/register_credentials/rbuilder
+{
+  "ecdsa_pubkey_address": "0x321f3426eEc20DE1910af1CD595c4DD83BEA0BA5"
+}
+HTTP 200
 
-## [Builder API] List of peers now includes the added credentials
-#GET http://localhost:8888/api/l1-builder/v1/builders
-#HTTP 200
-#[Asserts]
-#jsonpath "$.[0].rbuilder.ecdsa_pubkey_address" == "0x321f3426eec20de1910af1cd595c4dd83bea0ba5"
\ No newline at end of file
+# [Builder API] Register credentials for 'orderflow_proxy' service
+POST http://localhost:8888/api/l1-builder/v1/register_credentials/orderflow_proxy
+{
+  "ecdsa_pubkey_address": "0x321f3426eEc20DE1910af1CD595c4DD83BEA0BA5",
+  "tls_cert": "abcdefghijklmnopqrstuvwxyz"
+}
+HTTP 200
+
+# [Builder API] Register credentials for 'instance' service
+POST http://localhost:8888/api/l1-builder/v1/register_credentials/instance
+{
+  "tls_cert": "1234567890"
+}
+HTTP 200
+
+# [Builder API] Register credentials for custom service
+POST http://localhost:8888/api/l1-builder/v1/register_credentials/foobar123
+{
+  "tls_cert": "1234567890",
+  "ecdsa_pubkey_address": "0x321f3426eEc20DE1910af1CD595c4DD83BEA0BA5"
+}
+HTTP 200
+
+# [Builder API] Get the list of peers
+GET http://localhost:8888/api/l1-builder/v1/builders
+HTTP 200
+[Asserts]
+jsonpath "$.[0].orderflow_proxy.tls_cert" == "abcdefghijklmnopqrstuvwxyz"
+jsonpath "$.[0].orderflow_proxy.ecdsa_pubkey_address" == "0x321f3426eec20de1910af1cd595c4dd83bea0ba5"
+jsonpath "$.[0].rbuilder.ecdsa_pubkey_address" == "0x321f3426eec20de1910af1cd595c4dd83bea0ba5"
+jsonpath "$.[0].instance.tls_cert" == "1234567890"
+jsonpath "$.[0].foobar123.tls_cert" == "1234567890"
+jsonpath "$.[0].foobar123.ecdsa_pubkey_address" == "0x321f3426eec20de1910af1cd595c4dd83bea0ba5"
diff --git a/scripts/ci/integration-test.sh b/scripts/ci/integration-test.sh
index fa7ab7f..c321bf4 100755
--- a/scripts/ci/integration-test.sh
+++ b/scripts/ci/integration-test.sh
@@ -16,7 +16,7 @@ printf 'GET http://localhost:8888/\nHTTP 404' | hurl --retry 60 > /dev/null;
 
 # Run the tests
 echo "Running integration tests..."
-hurl --test scripts/ci/setup.hurl
+hurl --test scripts/ci/e2e-test.hurl
 echo "Integration tests completed successfully."
 
 # Stop and remove the Docker containers