def test_s3(client, provider_account):
# write file to s3
s3_url = write_s3()
ddo = get_registered_ddo(provider_account, providers=[provider_account.address], url=s3_url)
index = 0
# generate the grant token
grant_token = generate_download_grant_token(provider_account, ddo.did)
# request access token
response = client.post("/api/v1/gateway/services/oauth/token", data={
"grant_type": NeverminedJWTBearerGrant.GRANT_TYPE,
"assertion": grant_token
})
access_token = response.get_json()["access_token"]
endpoint = BaseURLs.ASSETS_URL + '/download/%d' % (index)
print(endpoint)
response = client.get(
endpoint,
headers={"Authorization": f"Bearer {access_token}"}
)
assert response.status == '200 OK'
expected_file = Path(__file__).parent / "resources/TEST.md"
assert response.data == expected_file.read_bytes()
def test_consume(client, provider_account, consumer_account):
endpoint = BaseURLs.ASSETS_URL + '/consume'
for method in constants.ConfigSections.DECRYPTION_METHODS:
print('Testing Consume with Authorization Method: ' + method)
ddo = get_registered_ddo(provider_account,
providers=[provider_account.address],
auth_service=method)
# initialize an agreement
agreement_id = place_order(provider_account, ddo, consumer_account,
ServiceTypes.ASSET_ACCESS)
payload = dict({
'serviceAgreementId': agreement_id,
'consumerAddress': consumer_account.address
})
print('Provider: ' + provider_account.address)
print('Consumer: ' + consumer_account.address)
keeper = keeper_instance()
agr_id_hash = add_ethereum_prefix_and_hash_msg(agreement_id)
signature = keeper.sign_hash(agr_id_hash, consumer_account)
index = 0
event = keeper.access_template.subscribe_agreement_created(
agreement_id, 15, None, (), wait=True, from_block=0)
assert event, "Agreement event is not found, check the keeper node's logs"
consumer_balance = keeper.token.get_token_balance(
consumer_account.address)
if consumer_balance < 50:
keeper.dispenser.request_tokens(50 - consumer_balance,
consumer_account)
sa = ServiceAgreement.from_ddo(ServiceTypes.ASSET_ACCESS, ddo)
lock_payment(agreement_id, ddo.asset_id, sa, amounts, receivers,
consumer_account)
event = keeper.lock_payment_condition.subscribe_condition_fulfilled(
agreement_id, 15, None, (), wait=True, from_block=0)
assert event, "Lock reward condition fulfilled event is not found, check the keeper " \
"node's logs"
grant_access(agreement_id, ddo, consumer_account, provider_account)
event = keeper.access_condition.subscribe_condition_fulfilled(
agreement_id, 15, None, (), wait=True, from_block=0)
assert event or keeper.access_condition.check_permissions(
ddo.asset_id, consumer_account.address
), f'Failed to get access permission: agreement_id={agreement_id}, ' \
f'did={ddo.did}, consumer={consumer_account.address}'
# Consume using url index and signature (let the gateway do the decryption)
payload['signature'] = signature
payload['index'] = index
request_url = endpoint + '?' + '&'.join(
[f'{k}={v}' for k, v in payload.items()])
response = client.get(request_url)
assert response.status == '200 OK'
def test_access_endpoint_bad_signature(client, provider_account,
consumer_account):
# The provider_account will place the order and consumer_account
# will try to request access to it
# order access
keeper = keeper_instance()
ddo = get_registered_ddo(provider_account,
providers=[provider_account.address])
agreement_id = place_order(provider_account, ddo, provider_account)
event = keeper.access_template.subscribe_agreement_created(agreement_id,
15,
None, (),
wait=True,
from_block=0)
assert event, "Agreement event is not found, check the keeper node's logs"
consumer_balance = keeper.token.get_token_balance(consumer_account.address)
if consumer_balance < 50:
keeper.dispenser.request_tokens(50 - consumer_balance,
consumer_account)
sa = ServiceAgreement.from_ddo(ServiceTypes.ASSET_ACCESS, ddo)
lock_payment(agreement_id, ddo.asset_id, sa, amounts, receivers,
consumer_account)
event = keeper.lock_payment_condition.subscribe_condition_fulfilled(
agreement_id, 15, None, (), wait=True, from_block=0)
assert event, "Lock reward condition fulfilled event is not found, check the keeper node's logs"
# create jwt bearer grant
jwk = account_to_jwk(consumer_account)
assertion = NeverminedJWTBearerGrant.sign(jwk,
issuer=consumer_account.address,
audience=BaseURLs.ASSETS_URL +
'/access',
subject=agreement_id,
claims={"did": ddo.did},
header={"alg": "ES256K"})
response = client.post("/api/v1/gateway/services/oauth/token",
data={
"grant_type":
NeverminedJWTBearerGrant.GRANT_TYPE,
"assertion": assertion
})
assert response.status_code == 400
assert response.get_json()["error"] == "invalid_client"
def test_download_endpoint(client, provider_account):
ddo = get_registered_ddo(provider_account,
providers=[provider_account.address])
# create jwt bearer grant
jwk = account_to_jwk(provider_account)
assertion = NeverminedJWTBearerGrant.sign(jwk,
issuer=provider_account.address,
audience=BaseURLs.ASSETS_URL +
'/download',
claims={"did": ddo.did},
header={"alg": "ES256K"})
response = client.post("/api/v1/gateway/services/oauth/token",
data={
"grant_type":
NeverminedJWTBearerGrant.GRANT_TYPE,
"assertion": assertion
})
assert response.status_code == 200
def test_download(client, provider_account):
ddo = get_registered_ddo(provider_account,
providers=[provider_account.address])
index = 0
# generate the grant token
grant_token = generate_download_grant_token(provider_account, ddo.did)
# request access token
response = client.post("/api/v1/gateway/services/oauth/token",
data={
"grant_type":
NeverminedJWTBearerGrant.GRANT_TYPE,
"assertion": grant_token
})
access_token = response.get_json()["access_token"]
endpoint = BaseURLs.ASSETS_URL + '/download/%d' % (index)
response = client.get(endpoint,
headers={"Authorization": f"Bearer {access_token}"})
assert response.status == '200 OK'
def test_access(client, provider_account, consumer_account):
for method in constants.ConfigSections.DECRYPTION_METHODS:
ddo = get_registered_ddo(provider_account,
providers=[provider_account.address],
auth_service=method)
# initialize an agreement
agreement_id = place_order(provider_account, ddo, consumer_account)
keeper = keeper_instance()
index = 0
event = keeper.access_template.subscribe_agreement_created(
agreement_id, 15, None, (), wait=True, from_block=0)
assert event, "Agreement event is not found, check the keeper node's logs"
consumer_balance = keeper.token.get_token_balance(
consumer_account.address)
if consumer_balance < 50:
keeper.dispenser.request_tokens(50 - consumer_balance,
consumer_account)
sa = ServiceAgreement.from_ddo(ServiceTypes.ASSET_ACCESS, ddo)
lock_payment(agreement_id, ddo.asset_id, sa, amounts, receivers,
consumer_account)
event = keeper.lock_payment_condition.subscribe_condition_fulfilled(
agreement_id, 15, None, (), wait=True, from_block=0)
assert event, "Lock reward condition fulfilled event is not found, check the keeper node's logs"
# Consume using url index
# generate the grant token
grant_token = generate_access_grant_token(consumer_account,
agreement_id, ddo.did)
# request access token
response = client.post("/api/v1/gateway/services/oauth/token",
data={
"grant_type":
NeverminedJWTBearerGrant.GRANT_TYPE,
"assertion": grant_token
})
access_token = response.get_json()["access_token"]
endpoint = BaseURLs.ASSETS_URL + '/access/%s/%d' % (agreement_id,
index)
response = client.get(
endpoint, headers={"Authorization": f"Bearer {access_token}"})
agreement = keeper.agreement_manager.get_agreement(agreement_id)
cond_ids = agreement.condition_ids
assert keeper.condition_manager.get_condition_state(
cond_ids[0]) == ConditionState.Fulfilled.value
assert keeper.condition_manager.get_condition_state(
cond_ids[1]) == ConditionState.Fulfilled.value
assert keeper.condition_manager.get_condition_state(
cond_ids[2]) == ConditionState.Fulfilled.value
assert response.status == '200 OK'
assert len(
keeper.did_registry.get_provenance_method_events(
'USED', did_bytes=did_to_id_bytes(ddo.did))) == 1