From 5e860be303f37110ef304de21382e068e14eea0d Mon Sep 17 00:00:00 2001 From: Conrado Gouvea Date: Thu, 26 Dec 2024 16:44:49 -0300 Subject: [PATCH] add HTTPS support to the server (#402) --- Cargo.lock | 277 +++++++++++++++++++++++++++++- coordinator/src/comms/http.rs | 2 +- participant/src/comms/http.rs | 2 +- server/Cargo.toml | 3 + server/src/args.rs | 35 +++- server/src/lib.rs | 33 +++- server/tests/integration_tests.rs | 46 ++++- 7 files changed, 381 insertions(+), 17 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 4c31fddd..4628a2d8 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -116,6 +116,12 @@ version = "1.0.86" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b3d1d046238990b9cf5bcde22a3fb3584ee5cf65fb2765f454ed428c7a0063da" +[[package]] +name = "arc-swap" +version = "1.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "69f7f8c3906b62b754cd5326047894316021dcfe5a194c8ea52bdd94934a3457" + [[package]] name = "arrayref" version = "0.3.8" @@ -176,6 +182,32 @@ version = "1.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0c4b4d0bd25bd0b74681c0ad21497610ce1b7c91b1022cd21c80c6fbdd9476b0" +[[package]] +name = "aws-lc-rs" +version = "1.11.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f47bb8cc16b669d267eeccf585aea077d0882f4777b1c1f740217885d6e6e5a3" +dependencies = [ + "aws-lc-sys", + "paste", + "zeroize", +] + +[[package]] +name = "aws-lc-sys" +version = "0.23.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a2101df3813227bbaaaa0b04cd61c534c7954b22bd68d399b440be937dc63ff7" +dependencies = [ + "bindgen", + "cc", + "cmake", + "dunce", + "fs_extra", + "libc", + "paste", +] + [[package]] name = "axum" version = "0.7.9" @@ -266,6 +298,30 @@ dependencies = [ "syn 2.0.87", ] +[[package]] +name = "axum-server" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "56bac90848f6a9393ac03c63c640925c4b7c8ca21654de40d53f55964667c7d8" +dependencies = [ + "arc-swap", + "bytes", + "futures-util", + "http 1.1.0", + "http-body", + "http-body-util", + "hyper", + "hyper-util", + "pin-project-lite", + "rustls", + "rustls-pemfile", + "rustls-pki-types", + "tokio", + "tokio-rustls", + "tower 0.4.13", + "tower-service", +] + [[package]] name = "axum-test" version = "16.4.0" @@ -341,6 +397,29 @@ version = "0.11.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d965446196e3b7decd44aa7ee49e31d630118f90ef12f97900f262eb915c951d" +[[package]] +name = "bindgen" +version = "0.69.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "271383c67ccabffb7381723dea0672a673f292304fcb45c01cc648c7a8d58088" +dependencies = [ + "bitflags 2.6.0", + "cexpr", + "clang-sys", + "itertools 0.12.1", + "lazy_static", + "lazycell", + "log", + "prettyplease", + "proc-macro2", + "quote", + "regex", + "rustc-hash", + "shlex", + "syn 2.0.87", + "which", +] + [[package]] name = "bitflags" version = "1.3.2" @@ -434,6 +513,19 @@ name = "cc" version = "1.1.7" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "26a5c3fd7bfa1ce3897a3a3501d362b2d87b7f2583ebcb4a949ec25911025cbc" +dependencies = [ + "jobserver", + "libc", +] + +[[package]] +name = "cexpr" +version = "0.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6fac387a98bb7c37292057cffc56d62ecb629900026402633ae9160df93a8766" +dependencies = [ + "nom", +] [[package]] name = "cfg-if" @@ -476,6 +568,17 @@ dependencies = [ "zeroize", ] +[[package]] +name = "clang-sys" +version = "1.8.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0b023947811758c97c59bf9d1c188fd619ad4718dcaa767947df1cadb14f39f4" +dependencies = [ + "glob", + "libc", + "libloading", +] + [[package]] name = "clap" version = "4.5.23" @@ -516,6 +619,15 @@ version = "0.7.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f46ad14479a25103f283c0f10005961cf086d8dc42205bb44c46ac563475dca6" +[[package]] +name = "cmake" +version = "0.1.52" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c682c223677e0e5b6b7f63a64b9351844c3f1b1678a68b7ee617e30fb082620e" +dependencies = [ + "cc", +] + [[package]] name = "cobs" version = "0.2.3" @@ -569,7 +681,7 @@ dependencies = [ "frost-ed25519", "frost-rerandomized", "hex", - "itertools", + "itertools 0.13.0", "message-io", "participant", "rand", @@ -811,7 +923,7 @@ dependencies = [ "frost-core", "frost-ed25519", "hex", - "itertools", + "itertools 0.13.0", "pipe", "rand", "reddsa", @@ -828,6 +940,12 @@ dependencies = [ "litrs", ] +[[package]] +name = "dunce" +version = "1.0.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "92773504d58c093f6de2459af4af33faa518c13451eb8f2b5698ed3d36e7c813" + [[package]] name = "ed25519" version = "2.2.3" @@ -977,7 +1095,7 @@ dependencies = [ "frost-ed25519", "frost-rerandomized", "hex", - "itertools", + "itertools 0.13.0", "participant", "postcard", "rand", @@ -1008,7 +1126,7 @@ dependencies = [ "derive-getters", "document-features", "hex", - "itertools", + "itertools 0.13.0", "postcard", "rand_core", "serde", @@ -1046,6 +1164,12 @@ dependencies = [ "rand_core", ] +[[package]] +name = "fs_extra" +version = "1.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "42703706b716c37f96a77aea830392ad231f44c9e9a67872fa5548707e11b11c" + [[package]] name = "funty" version = "2.0.0" @@ -1178,6 +1302,12 @@ version = "0.28.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4271d37baee1b8c7e4b708028c57d816cf9d2434acb33a549475f78c181f6253" +[[package]] +name = "glob" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d2fabcfbdc87f4758337ca535fb41a6d701b65693ce38287d856d1674551ec9b" + [[package]] name = "group" version = "0.13.0" @@ -1288,6 +1418,15 @@ dependencies = [ "serde", ] +[[package]] +name = "home" +version = "0.5.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e3d1354bf6b7235cb4a0576c2619fd4ed18183f689b12b006a0ee7329eeff9a5" +dependencies = [ + "windows-sys 0.52.0", +] + [[package]] name = "http" version = "0.2.12" @@ -1472,6 +1611,15 @@ version = "1.70.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7943c866cc5cd64cbc25b2e01621d07fa8eb2a1a23160ee81ce38704e97b8ecf" +[[package]] +name = "itertools" +version = "0.12.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ba291022dbbd398a455acf126c1e341954079855bc60dfdda641363bd6922569" +dependencies = [ + "either", +] + [[package]] name = "itertools" version = "0.13.0" @@ -1487,6 +1635,15 @@ version = "1.0.11" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "49f1f14873335454500d59611f1cf4a4b0f786f9ac11f4312a78e4cf2566695b" +[[package]] +name = "jobserver" +version = "0.1.32" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "48d1dbcbbeb6a7fec7e059840aa538bd62aaccf972c7346c4d9d2059312853d0" +dependencies = [ + "libc", +] + [[package]] name = "js-sys" version = "0.3.69" @@ -1516,12 +1673,28 @@ version = "1.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bbd2bcb4c963f2ddae06a2efc7e9f3591312473c50c6685e1f298068316e66fe" +[[package]] +name = "lazycell" +version = "1.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "830d08ce1d1d941e6b30645f1a0eb5643013d835ce3779a5fc208261dbe10f55" + [[package]] name = "libc" version = "0.2.164" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "433bfe06b8c75da9b2e3fbea6e5329ff87748f0b144ef75306e674c3f6f7c13f" +[[package]] +name = "libloading" +version = "0.8.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fc2f4eb4bc735547cfed7c0a4922cbd04a4655978c09b54f1f7b228750664c34" +dependencies = [ + "cfg-if", + "windows-targets 0.52.6", +] + [[package]] name = "libredox" version = "0.1.3" @@ -1627,6 +1800,12 @@ dependencies = [ "unicase", ] +[[package]] +name = "minimal-lexical" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "68354c5c6bd36d73ff3feceb05efa59b6acb7626617f4962be322a825e61f79a" + [[package]] name = "miniz_oxide" version = "0.7.4" @@ -1706,6 +1885,16 @@ dependencies = [ "memoffset", ] +[[package]] +name = "nom" +version = "7.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d273983c5a657a70a3e8f2a01329822f3b8c8172b73826411a55751e404a0a4a" +dependencies = [ + "memchr", + "minimal-lexical", +] + [[package]] name = "nu-ansi-term" version = "0.46.0" @@ -1861,6 +2050,22 @@ dependencies = [ "subtle", ] +[[package]] +name = "paste" +version = "1.0.15" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "57c0d7b74b563b49d38dae00a0c37d4d6de9b432382b2892f0574ddcae73fd0a" + +[[package]] +name = "pem" +version = "3.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8e459365e590736a54c3fa561947c84837534b8e9af6fc5bf781307e82658fae" +dependencies = [ + "base64 0.22.1", + "serde", +] + [[package]] name = "percent-encoding" version = "2.3.1" @@ -1985,6 +2190,16 @@ dependencies = [ "yansi", ] +[[package]] +name = "prettyplease" +version = "0.2.25" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "64d1ec885c64d0457d564db4ec299b2dae3f9c02808b8ad9c3a089c591b18033" +dependencies = [ + "proc-macro2", + "syn 2.0.87", +] + [[package]] name = "proc-macro2" version = "1.0.86" @@ -2039,6 +2254,19 @@ dependencies = [ "getrandom", ] +[[package]] +name = "rcgen" +version = "0.13.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "54077e1872c46788540de1ea3d7f4ccb1983d12f9aa909b234468676c1a36779" +dependencies = [ + "pem", + "ring", + "rustls-pki-types", + "time", + "yasna", +] + [[package]] name = "reddsa" version = "0.5.1" @@ -2232,6 +2460,12 @@ version = "0.1.24" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "719b953e2095829ee67db738b3bfa9fa368c94900df327b3f07fe6e794d2fe1f" +[[package]] +name = "rustc-hash" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "08d43f7aa6b08d49f382cde6a7982047c3426db949b1424bc4b7ec9ae12c6ce2" + [[package]] name = "rustc_version" version = "0.4.0" @@ -2260,6 +2494,7 @@ version = "0.23.12" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c58f8c84392efc0a126acce10fa59ff7b3d2ac06ab451a33f2741989b806b044" dependencies = [ + "aws-lc-rs", "once_cell", "rustls-pki-types", "rustls-webpki", @@ -2289,6 +2524,7 @@ version = "0.102.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8e6b52d4fda176fd835fdc55a835d4a89b8499cad995885a21149d5ad62f852e" dependencies = [ + "aws-lc-rs", "ring", "rustls-pki-types", "untrusted", @@ -2430,6 +2666,7 @@ dependencies = [ "axum", "axum-extra", "axum-macros", + "axum-server", "axum-test", "clap", "coordinator", @@ -2441,6 +2678,7 @@ dependencies = [ "frost-rerandomized", "hex", "rand", + "rcgen", "reddsa", "regex", "reqwest", @@ -2448,6 +2686,7 @@ dependencies = [ "serde_json", "serdect", "snow", + "tempfile", "tokio", "tower-http", "tracing", @@ -2487,6 +2726,12 @@ dependencies = [ "lazy_static", ] +[[package]] +name = "shlex" +version = "1.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0fda2ff0d084019ba4d7c6f371c95d8fd75ce3524c3cb8fb653a3023f6323e64" + [[package]] name = "signal-hook-registry" version = "1.4.2" @@ -2944,6 +3189,7 @@ dependencies = [ "tokio", "tower-layer", "tower-service", + "tracing", ] [[package]] @@ -3062,7 +3308,7 @@ dependencies = [ "frost-ed25519", "frost-rerandomized", "hex", - "itertools", + "itertools 0.13.0", "rand", "reddsa", "serde_json", @@ -3300,6 +3546,18 @@ dependencies = [ "wasm-bindgen", ] +[[package]] +name = "which" +version = "4.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "87ba24419a2078cd2b0f2ede2691b6c66d8e47836da3b6db8265ebad47afbfc7" +dependencies = [ + "either", + "home", + "once_cell", + "rustix", +] + [[package]] name = "winapi" version = "0.3.9" @@ -3552,6 +3810,15 @@ version = "0.5.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "09041cd90cf85f7f8b2df60c646f853b7f535ce68f85244eb6731cf89fa498ec" +[[package]] +name = "yasna" +version = "0.5.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e17bb3549cc1321ae1296b9cdc2698e2b6cb1992adfa19a8c72e5b7a738f44cd" +dependencies = [ + "time", +] + [[package]] name = "zerocopy" version = "0.6.6" diff --git a/coordinator/src/comms/http.rs b/coordinator/src/comms/http.rs index 08496379..f5ac142e 100644 --- a/coordinator/src/comms/http.rs +++ b/coordinator/src/comms/http.rs @@ -283,7 +283,7 @@ impl HTTPComms { let client = reqwest::Client::new(); Ok(Self { client, - host_port: format!("http://{}:{}", args.ip, args.port), + host_port: format!("https://{}:{}", args.ip, args.port), session_id: None, access_token: None, num_signers: 0, diff --git a/participant/src/comms/http.rs b/participant/src/comms/http.rs index 847cd05c..172aaa40 100644 --- a/participant/src/comms/http.rs +++ b/participant/src/comms/http.rs @@ -122,7 +122,7 @@ where let client = reqwest::Client::new(); Ok(Self { client, - host_port: format!("http://{}:{}", args.ip, args.port), + host_port: format!("https://{}:{}", args.ip, args.port), session_id: Uuid::parse_str(&args.session_id).ok(), access_token: None, args: args.clone(), diff --git a/server/Cargo.toml b/server/Cargo.toml index 5ffe17d5..bf2ea463 100644 --- a/server/Cargo.toml +++ b/server/Cargo.toml @@ -9,6 +9,7 @@ edition = "2021" axum = "0.7.9" axum-extra = { version = "0.9.6", features = ["typed-header"] } axum-macros = "0.4.2" +axum-server = { version = "0.7", features = ["tls-rustls"] } clap = { version = "4.5.23", features = ["derive"] } delay_map = "0.4.0" derivative = "2.2.0" @@ -16,11 +17,13 @@ eyre = "0.6.11" frost-core = { version = "2.0.0", features = ["serde"] } frost-rerandomized = { version = "2.0.0-rc.0", features = ["serde"] } rand = "0.8" +rcgen = "0.13.1" serde = { version = "1.0", features = ["derive"] } serdect = { version = "0.2.0" } serde_json = "1.0.133" snow = "0.9.6" tokio = { version = "1.42", features = ["full"] } +tempfile = "3.14.0" tower-http = { version = "0.6.2", features = ["trace"] } tracing = "0.1" tracing-subscriber = { version = "0.3", features = ["env-filter"] } diff --git a/server/src/args.rs b/server/src/args.rs index ce551c23..619b60d8 100644 --- a/server/src/args.rs +++ b/server/src/args.rs @@ -3,11 +3,42 @@ use clap::Parser; #[derive(Parser, Debug, Default)] #[command(author, version, about, long_about = None)] pub struct Args { - /// IP to bind to + /// IP to bind to. + /// + /// If `no_tls_very_insecure` is set, it will bind to 127.0.0.1 + /// regardless of the value passed here. #[arg(short, long, default_value = "0.0.0.0")] pub ip: String, - /// Port to bind to + /// Port to bind to. #[arg(short, long, default_value_t = 2744)] pub port: u16, + + /// The path of the certificate to use for HTTPS (PEM format). + /// + /// For production deployments, it's recommended to provide HTTPS using + /// a reverse proxy such as nginx. In that case, set `no_tls_very_insecure` + /// instead. + #[arg(short = 'c', long)] + pub tls_cert: Option, + + /// The path of the private key to use for HTTPS (PEM format). + #[arg(short = 'k', long)] + pub tls_key: Option, + + /// Flag to disable TLS/HTTPS. DO NOT set this flag unless you're providing + /// TLS/HTTPS on your own (e.g. with nginx or another reverse proxy). + #[arg(short, long, default_value_t = false)] + pub no_tls_very_insecure: bool, +} + +impl Args { + /// Get the effective IP to use, considering the arguments passed. + pub fn ip(&self) -> String { + if self.no_tls_very_insecure { + "127.0.0.1".to_string() + } else { + self.ip.clone() + } + } } diff --git a/server/src/lib.rs b/server/src/lib.rs index 0761c412..1ac9c706 100644 --- a/server/src/lib.rs +++ b/server/src/lib.rs @@ -4,6 +4,10 @@ mod state; mod types; mod user; +use std::net::SocketAddr; + +use axum_server::tls_rustls::RustlsConfig; +use eyre::OptionExt; pub use state::{AppState, SharedState}; use tower_http::trace::TraceLayer; pub use types::*; @@ -40,9 +44,32 @@ pub async fn run(args: &Args) -> Result<(), Box> { let shared_state = AppState::new().await?; let app = router(shared_state.clone()); - let addr = format!("{}:{}", args.ip, args.port); - let listener = tokio::net::TcpListener::bind(addr).await?; - Ok(axum::serve(listener, app).await?) + let addr: SocketAddr = format!("{}:{}", args.ip(), args.port).parse()?; + + if args.no_tls_very_insecure { + tracing::warn!( + "starting an INSECURE HTTP server. This should be done only for \ + testing or if you are providing TLS/HTTPS with a separate \ + mechanism (e.g. reverse proxy such as nginx)" + ); + let listener = tokio::net::TcpListener::bind(addr).await?; + Ok(axum::serve(listener, app).await?) + } else { + let config = RustlsConfig::from_pem_file( + args.tls_cert + .clone() + .ok_or_eyre("tls-cert argument is required")?, + args.tls_key + .clone() + .ok_or_eyre("tls-key argument is required")?, + ) + .await?; + + tracing::info!("starting HTTPS server at {}", addr); + Ok(axum_server::bind_rustls(addr, config) + .serve(app.into_make_service()) + .await?) + } } /// An error. Wraps a StatusCode which is returned by the server when the diff --git a/server/tests/integration_tests.rs b/server/tests/integration_tests.rs index 3cfb2651..380e01cd 100644 --- a/server/tests/integration_tests.rs +++ b/server/tests/integration_tests.rs @@ -4,6 +4,7 @@ use std::{collections::BTreeMap, error::Error, time::Duration}; use axum_test::TestServer; use coordinator::comms::http::SessionState; use rand::thread_rng; +use reqwest::Certificate; use server::{ args::Args, router, AppState, SendCommitmentsArgs, SendSignatureSharesArgs, SendSigningPackageArgs, @@ -386,11 +387,41 @@ async fn test_http() -> Result<(), Box> { tracing_subscriber::fmt::init(); let mut rng = thread_rng(); + // For this test, we generate a self-signed certificate. + // If you're deploying a real server, generate a proper certificate; + // refer to the documentation. + use rcgen::{generate_simple_self_signed, CertifiedKey}; + let subject_alt_names = vec!["127.0.0.1".to_string(), "localhost".to_string()]; + let CertifiedKey { cert, key_pair } = generate_simple_self_signed(subject_alt_names).unwrap(); + let temp_dir = tempfile::tempdir()?; + std::fs::write(temp_dir.path().join("cert.pem"), cert.pem())?; + std::fs::write( + temp_dir.path().join("cert.key.pem"), + key_pair.serialize_pem(), + )?; + // Spawn server for testing tokio::spawn(async move { server::run(&Args { ip: "127.0.0.1".to_string(), port: 2744, + tls_cert: Some( + temp_dir + .path() + .join("cert.pem") + .to_str() + .unwrap() + .to_string(), + ), + tls_key: Some( + temp_dir + .path() + .join("cert.key.pem") + .to_str() + .unwrap() + .to_string(), + ), + no_tls_very_insecure: false, }) .await .unwrap(); @@ -400,8 +431,13 @@ async fn test_http() -> Result<(), Box> { // TODO: this could possibly be not enough, use some retry logic instead tokio::time::sleep(Duration::from_secs(2)).await; - // Create a client to make requests - let client = reqwest::Client::new(); + // Create a client to make requests. To make HTTPS work in the test, we add + // the self-signed certificate as the root certificate. For regular use, you + // should just use `reqwest::Client::new()`, if the server has a proper web + // certificate. + let client = reqwest::Client::builder() + .add_root_certificate(Certificate::from_pem(cert.pem().as_bytes())?) + .build()?; let builder = snow::Builder::new("Noise_K_25519_ChaChaPoly_BLAKE2s".parse().unwrap()); let alice_keypair = builder.generate_keypair().unwrap(); @@ -409,7 +445,7 @@ async fn test_http() -> Result<(), Box> { // Get challenges for login let r = client - .post("http://127.0.0.1:2744/challenge") + .post("https://127.0.0.1:2744/challenge") .json(&server::ChallengeArgs {}) .send() .await?; @@ -424,7 +460,7 @@ async fn test_http() -> Result<(), Box> { xed25519::PrivateKey::from(&TryInto::<[u8; 32]>::try_into(alice_keypair.private).unwrap()); let alice_signature: [u8; 64] = alice_private.sign(alice_challenge.as_bytes(), &mut rng); let r = client - .post("http://127.0.0.1:2744/login") + .post("https://127.0.0.1:2744/login") .json(&server::KeyLoginArgs { uuid: alice_challenge, pubkey: alice_keypair.public.clone(), @@ -440,7 +476,7 @@ async fn test_http() -> Result<(), Box> { // Call create_new_session let r = client - .post("http://127.0.0.1:2744/create_new_session") + .post("https://127.0.0.1:2744/create_new_session") .bearer_auth(access_token) .json(&server::CreateNewSessionArgs { pubkeys: vec![