def test_consume(client, provider_account, consumer_account):
endpoint = BaseURLs.ASSETS_URL + '/consume'
for method in constants.ConfigSections.DECRYPTION_METHODS:
print('Testing Consume with Authorization Method: ' + method)
ddo = get_registered_ddo(provider_account,
providers=[provider_account.address],
auth_service=method)
# initialize an agreement
agreement_id = place_order(provider_account, ddo, consumer_account,
ServiceTypes.ASSET_ACCESS)
payload = dict({
'serviceAgreementId': agreement_id,
'consumerAddress': consumer_account.address
})
print('Provider: ' + provider_account.address)
print('Consumer: ' + consumer_account.address)
keeper = keeper_instance()
agr_id_hash = add_ethereum_prefix_and_hash_msg(agreement_id)
signature = keeper.sign_hash(agr_id_hash, consumer_account)
index = 0
event = keeper.access_template.subscribe_agreement_created(
agreement_id, 15, None, (), wait=True, from_block=0)
assert event, "Agreement event is not found, check the keeper node's logs"
consumer_balance = keeper.token.get_token_balance(
consumer_account.address)
if consumer_balance < 50:
keeper.dispenser.request_tokens(50 - consumer_balance,
consumer_account)
sa = ServiceAgreement.from_ddo(ServiceTypes.ASSET_ACCESS, ddo)
lock_payment(agreement_id, ddo.asset_id, sa, amounts, receivers,
consumer_account)
event = keeper.lock_payment_condition.subscribe_condition_fulfilled(
agreement_id, 15, None, (), wait=True, from_block=0)
assert event, "Lock reward condition fulfilled event is not found, check the keeper " \
"node's logs"
grant_access(agreement_id, ddo, consumer_account, provider_account)
event = keeper.access_condition.subscribe_condition_fulfilled(
agreement_id, 15, None, (), wait=True, from_block=0)
assert event or keeper.access_condition.check_permissions(
ddo.asset_id, consumer_account.address
), f'Failed to get access permission: agreement_id={agreement_id}, ' \
f'did={ddo.did}, consumer={consumer_account.address}'
# Consume using url index and signature (let the gateway do the decryption)
payload['signature'] = signature
payload['index'] = index
request_url = endpoint + '?' + '&'.join(
[f'{k}={v}' for k, v in payload.items()])
response = client.get(request_url)
assert response.status == '200 OK'
def test_access_endpoint_bad_signature(client, provider_account,
consumer_account):
# The provider_account will place the order and consumer_account
# will try to request access to it
# order access
keeper = keeper_instance()
ddo = get_registered_ddo(provider_account,
providers=[provider_account.address])
agreement_id = place_order(provider_account, ddo, provider_account)
event = keeper.access_template.subscribe_agreement_created(agreement_id,
15,
None, (),
wait=True,
from_block=0)
assert event, "Agreement event is not found, check the keeper node's logs"
consumer_balance = keeper.token.get_token_balance(consumer_account.address)
if consumer_balance < 50:
keeper.dispenser.request_tokens(50 - consumer_balance,
consumer_account)
sa = ServiceAgreement.from_ddo(ServiceTypes.ASSET_ACCESS, ddo)
lock_payment(agreement_id, ddo.asset_id, sa, amounts, receivers,
consumer_account)
event = keeper.lock_payment_condition.subscribe_condition_fulfilled(
agreement_id, 15, None, (), wait=True, from_block=0)
assert event, "Lock reward condition fulfilled event is not found, check the keeper node's logs"
# create jwt bearer grant
jwk = account_to_jwk(consumer_account)
assertion = NeverminedJWTBearerGrant.sign(jwk,
issuer=consumer_account.address,
audience=BaseURLs.ASSETS_URL +
'/access',
subject=agreement_id,
claims={"did": ddo.did},
header={"alg": "ES256K"})
response = client.post("/api/v1/gateway/services/oauth/token",
data={
"grant_type":
NeverminedJWTBearerGrant.GRANT_TYPE,
"assertion": assertion
})
assert response.status_code == 400
assert response.get_json()["error"] == "invalid_client"
def test_execute_endpoint(client, provider_account, consumer_account):
ddo_compute = get_registered_compute_ddo(
provider_account, providers=[provider_account.address])
ddo_algorithm = get_registered_algorithm_ddo(
consumer_account, providers=[provider_account.address])
ddo_workflow = get_registered_workflow_ddo(
consumer_account,
ddo_compute.did,
ddo_algorithm.did,
providers=[provider_account.address])
# initialize agreement
agreement_id = place_order(provider_account,
ddo_compute,
consumer_account,
service_type=ServiceTypes.CLOUD_COMPUTE)
sa = ServiceAgreement.from_ddo(ServiceTypes.CLOUD_COMPUTE, ddo_compute)
lock_payment(agreement_id, ddo_compute.asset_id, sa, amounts, receivers,
consumer_account)
keeper = keeper_instance()
event = keeper.lock_payment_condition.subscribe_condition_fulfilled(
agreement_id, 60, None, (), wait=True)
assert event is not None, "Reward condition is not found"
# create jwt bearer grant
jwk = account_to_jwk(consumer_account)
assertion = NeverminedJWTBearerGrant.sign(jwk,
issuer=consumer_account.address,
subject=agreement_id,
audience=BaseURLs.ASSETS_URL +
'/execute',
claims={"did": ddo_workflow.did},
header={"alg": "ES256K"})
response = client.post("/api/v1/gateway/services/oauth/token",
data={
"grant_type":
NeverminedJWTBearerGrant.GRANT_TYPE,
"assertion": assertion
})
assert response.status_code == 200
# use jwt access token to execute the compute
access_token = response.get_json()["access_token"]
response = client.post(f"/api/v1/gateway/services/execute/{agreement_id}",
headers={"Authorization": f"Bearer {access_token}"})
assert response.status_code == 200
def test_access_proof(client, provider_account, consumer_account):
for method in constants.ConfigSections.DECRYPTION_METHODS:
ddo = get_proof_ddo(provider_account,
providers=[provider_account.address],
auth_service=method)
# initialize an agreement
agreement_id = place_order(provider_account, ddo, consumer_account,
ServiceTypes.ASSET_ACCESS_PROOF)
print(ddo.did)
keeper = keeper_instance()
index = 0
event = keeper.access_proof_template.subscribe_agreement_created(
agreement_id, 15, None, (), wait=True, from_block=0)
assert event, "Agreement event is not found, check the keeper node's logs"
consumer_balance = keeper.token.get_token_balance(
consumer_account.address)
if consumer_balance < 50:
keeper.dispenser.request_tokens(50 - consumer_balance,
consumer_account)
sa = ServiceAgreement.from_ddo(ServiceTypes.ASSET_ACCESS_PROOF, ddo)
lock_payment(agreement_id, ddo.asset_id, sa, amounts, receivers,
consumer_account)
event = keeper.lock_payment_condition.subscribe_condition_fulfilled(
agreement_id, 15, None, (), wait=True, from_block=0)
assert event, "Lock reward condition fulfilled event is not found, check the keeper node's logs"
# Consume using url index
# generate the grant token
grant_token = generate_access_proof_grant_token(
consumer_account, agreement_id, ddo.did, get_buyer_secret_key(),
"/access-proof")
# request access token
response = client.post("/api/v1/gateway/services/oauth/token",
data={
"grant_type":
NeverminedJWTBearerGrant.GRANT_TYPE,
"assertion": grant_token
})
access_token = response.get_json()["access_token"]
agreement = keeper.agreement_manager.get_agreement(agreement_id)
cond_ids = agreement.condition_ids
assert keeper.condition_manager.get_condition_state(
cond_ids[0]) == ConditionState.Fulfilled.value
assert keeper.condition_manager.get_condition_state(
cond_ids[1]) == ConditionState.Fulfilled.value
assert keeper.condition_manager.get_condition_state(
cond_ids[2]) == ConditionState.Fulfilled.value
endpoint = BaseURLs.ASSETS_URL + '/access-proof/%s/%d' % (agreement_id,
index)
response = client.get(
endpoint, headers={"Authorization": f"Bearer {access_token}"})
assert response.status == '200 OK'
assert len(
keeper.did_registry.get_provenance_method_events(
'USED', did_bytes=did_to_id_bytes(ddo.did))) == 1