def parse_spacebridge_response(response):
"""
Takes the serialized protobuf response from cloudgateway's auth endpoint, parses it and returns the deserialized
protobuf object
:param response:
:return: AuthenticationQueryResponse protobuf object
"""
spacebridge_response = http_pb2.AuthenticationQueryResponse()
spacebridge_response.ParseFromString(response.content)
if spacebridge_response.HasField('error'):
if response.status_code == 500:
raise RestException.CloudgatewayServerError('cloudgateway encountered an internal error: %s'
% spacebridge_response.error.message, 500)
raise RestException.CloudgatewayServerError(
'cloudgateway request error: %s' % spacebridge_response.error.message,
response.status_code
)
if not str(response.status_code).startswith('2'):
raise RestException.CloudgatewayServerError("cloudgateway error: %s" % str(response.content), response.status_code)
return spacebridge_response
def parse_device_authentication_response(response):
"""Parse the response from Cloud Gateway on device authentication request
Args:
response ([requests.response]): response object returned by the requests library
Raises:
RestException.CloudgatewayServerError: [description]
Returns:
[String]: 10-digit auth code
"""
if response.status_code != 200:
raise RestException.CloudgatewayServerError('Unable to reach cloudgateway, response_code={0}'.format(
response.status_code), response.status_code)
device_authentication_response = http_pb2.DeviceAuthenticationResponse()
device_authentication_response.ParseFromString(response.content)
if device_authentication_response.HasField('error'):
raise RestException.CloudgatewayServerError(
'cloudgateway request error: {}'.format(device_authentication_response.error.message),
response.status_code
)
return device_authentication_response.payload.authenticationCode
def parse_authentication_result_response(response):
"""Parse response from Cloud Gatewaay on a AuthenticationResultRequest
Args:
response (Requests.Response): response object whose content is a serialized
AuthenticationResultResponse object
Raises:
RestException.CloudgatewayServerError
Returns:
[AuthenticationResultResponse proto]
"""
if response.status_code != 200:
raise RestException.CloudgatewayServerError('Unable to reach cloudgateway, response_code={0}'.format(
response.status_code), response.status_code)
authentication_result_response = http_pb2.AuthenticationResultResponse()
authentication_result_response.ParseFromString(response.content)
if authentication_result_response.HasField('error'):
raise RestException.CloudgatewayServerError(
'cloudgateway request error: {}'.format(authentication_result_response.error.message),
response.status_code
)
return authentication_result_response.payload
def make_device_authentication_request(device_info, encryption_context, config):
"""Makes a device authentication request to Cloud Gateway. If successful,
Cloud Gateway will return a DeviceAuthenticationResponse object.
Args:
device_info ([DeviceInfo]): device info object containing client's
public keys
encryption_context ([EncryptionContext]):
Raises:
RestException.CloudgatewayServerError
Returns:
[Requests.Response]: response object whose content is a serialized
DeviceAuthenticationResponse proto
"""
request_proto = build_device_authentication_request(device_info)
try:
spacebridge_header = {'Authorization': sb_auth_header(encryption_context)}
return requests.post(sb_client_auth_endpoint(config),
headers=spacebridge_header,
data=request_proto.SerializeToString(),
)
except Exception as e:
raise RestException.CloudgatewayServerError('Unable to reach cloudgateway: {0}'.format(e), 503)
def make_authentication_result_request(auth_code,
encryption_context,
config,
key_bundle=None):
""" Make AuthenticationResultRequest to Cloud Gateway
Args:
auth_code ([string]): 10-digit auth code returned by Cloud Gateway on Device Authentication Request
encryption_context ([EncryptionContext]):
Raises:
RestException.CloudgatewayServerError:
Returns:
[Requests.Response]: Response object containing serialized AuthenticationResultResponse object
"""
request_proto = build_authentication_result_request(auth_code)
with requests_ssl_context(key_bundle) as cert:
try:
spacebridge_header = {
'Authorization': sb_auth_header(encryption_context)
}
return requests.get(sb_client_auth_result_endpoint(
auth_code, config),
headers=spacebridge_header,
data=request_proto.SerializeToString(),
cert=cert.name)
except Exception as e:
raise RestException.CloudgatewayServerError(
'Unable to reach cloudgateway: {0}'.format(e), 503)
def submit_auth_code(auth_code, encryption_context, config):
"""
Given an auth code, submit it to cloudgateway's auth endpoint. Raise an exception if cannot reach cloudgateway
:param auth_code
:param encryption_context
:return: seriealized protobuf response from cloudgateway
"""
try:
spacebridge_header = {
'Authorization': sb_auth_header(encryption_context)
}
return requests.get(sb_auth_endpoint(auth_code, config),
headers=spacebridge_header,
proxies=config.get_proxies())
except Exception as e:
raise RestException.CloudgatewayServerError(
'Unable to reach cloudgateway: {0}'.format(e), 503)
def submit_auth_code(auth_code, encryption_context, config, key_bundle=None):
"""
Given an auth code, submit it to cloudgateway's auth endpoint. Raise an exception if cannot reach cloudgateway
:param auth_code
:param encryption_context
:param mtls_pkcs12: A PKCS12 object containing the certificate and private key information for mTLS
:return: seriealized protobuf response from cloudgateway
"""
with requests_ssl_context(key_bundle) as cert:
try:
spacebridge_header = {'Authorization': sb_auth_header(encryption_context)}
return requests.get(sb_auth_endpoint(auth_code, config),
headers=spacebridge_header,
proxies=config.get_proxies(),
cert=cert.name
)
except Exception as e:
raise RestException.CloudgatewayServerError('Unable to reach cloudgateway: {0}'.format(e), 503)
def make_mdm_authentication_request(username, password, server_info, encryption_context, mdm_sign_private_key, config):
""" Make AuthenticationResultRequest to Cloud Gateway
Args:
auth_code ([string]): 10-digit auth code returned by Cloud Gateway on Device Authentication Request
encryption_context ([EncryptionContext]):
Raises:
RestException.CloudgatewayServerError:
Returns:
[Requests.Response]: Response object containing serialized AuthenticationResultResponse object
"""
request_proto = build_mdm_authentication_request(username, password, encryption_context, server_info,
mdm_sign_private_key)
try:
return requests.post(
url='{0}/api/mdm/authenticate'.format(config.get_spacebridge_domain()),
headers={'Content-Type': 'application/x-protobuf', 'Authorization': sb_auth_header(encryption_context)},
data=request_proto.SerializeToString(),
proxies=config.get_proxies()
)
except Exception as e:
raise RestException.CloudgatewayServerError('Unable to reach cloudgateway: {0}'.format(e), 503)
