def check_auth_token(token):
parts = token.split("-")
if len(parts) < 2:
return "0x0"
# :HACK: alert, this should be part of ocean-lib-py
sig, timestamp = parts
auth_token_message = (get_config().auth_token_message
or "Ocean Protocol Authentication")
default_exp = 24 * 60 * 60
expiration = int(get_config().auth_token_expiration or default_exp)
if int(datetime.now().timestamp()) > (int(timestamp) + expiration):
return "0x0"
message = f"{auth_token_message}\n{timestamp}"
address = Web3Helper.personal_ec_recover(message, sig)
return Web3.toChecksumAddress(address)
def validate_dns_record(record, domain, record_type):
value = record if isinstance(record, str) else record.to_text().strip()
allow_non_public_ip = get_config().allow_non_public_ip
try:
ip = ipaddress.ip_address(value)
# noqa See https://docs.python.org/3/library/ipaddress.html#ipaddress.IPv4Address.is_global
if ip.is_private or ip.is_reserved or ip.is_loopback:
if allow_non_public_ip:
logger.warning(
f"[!] DNS record type {record_type} for domain name "
f"{domain} resolves to a non public IP address {value}, "
"but allowed by config!"
)
return True
else:
logger.error(
f"[!] DNS record type {record_type} for domain name "
f"{domain} resolves to a non public IP address {value}. "
)
return False
except ValueError:
logger.info("[!] '%s' is not valid IP address!" % value)
return False
return True
def generate_auth_token(wallet):
raw_msg = get_config(
).auth_token_message or "Ocean Protocol Authentication"
_time = int(datetime.now().timestamp())
_message = f"{raw_msg}\n{_time}"
prefixed_msg_hash = add_ethereum_prefix_and_hash_msg(_message)
return f"{Web3Helper.sign_hash(prefixed_msg_hash, wallet)}-{_time}"
def check_auth_token(token):
parts = token.split('-')
if len(parts) < 2:
return '0x0'
# :HACK: alert, this should be part of ocean-utils, ocean-keeper, or a stand-alone library
sig, timestamp = parts
auth_token_message = get_config(
).auth_token_message or "Ocean Protocol Authentication"
default_exp = 24 * 60 * 60
expiration = int(get_config().auth_token_expiration or default_exp)
if int(datetime.now().timestamp()) > (int(timestamp) + expiration):
return '0x0'
message = f'{auth_token_message}\n{timestamp}'
address = Keeper.personal_ec_recover(message, sig)
return Web3.toChecksumAddress(address)
def build_stage_output_dict(output_def, service_endpoint, owner, provider_wallet):
config = get_config()
if BaseURLs.ASSETS_URL in service_endpoint:
service_endpoint = service_endpoint.split(BaseURLs.ASSETS_URL)[0]
return dict(
{
"nodeUri": output_def.get("nodeUri", config.network_url),
"brizoUri": output_def.get("brizoUri", service_endpoint),
"brizoAddress": output_def.get("brizoAddress", provider_wallet.address),
"metadata": output_def.get(
"metadata",
dict(
{
"main": {"name": "Compute job output"},
"additionalInformation": {
"description": "Output from running the compute job."
},
}
),
),
"metadataUri": config.aquarius_url,
"owner": output_def.get("owner", owner),
"publishOutput": output_def.get("publishOutput", 1),
"publishAlgorithmLog": output_def.get("publishAlgorithmLog", 1),
"whitelist": output_def.get("whitelist", []),
}
)
def get_compute_address():
try:
compute_info = requests.get(get_config().operator_service_url).json()
return compute_info.get("address", None)
except Exception as e:
logger.error(f"Error getting CtD address: {str(e)}")
return None
def build_stage_output_dict(output_def, asset, owner, provider_wallet):
config = get_config()
service_endpoint = asset.get_service(
ServiceTypes.CLOUD_COMPUTE).service_endpoint
if BaseURLs.ASSETS_URL in service_endpoint:
service_endpoint = service_endpoint.split(BaseURLs.ASSETS_URL)[0]
return dict({
'nodeUri':
output_def.get('nodeUri', config.network_url),
'brizoUri':
output_def.get('brizoUri', service_endpoint),
'brizoAddress':
output_def.get('brizoAddress', provider_wallet.address),
'metadata':
output_def.get(
'metadata',
dict({
'main': {
'name': 'Compute job output'
},
'additionalInformation': {
'description': 'Output from running the compute job.'
}
})),
'metadataUri':
output_def.get('metadataUri', config.aquarius_url),
'owner':
output_def.get('owner', owner),
'publishOutput':
output_def.get('publishOutput', 1),
'publishAlgorithmLog':
output_def.get('publishAlgorithmLog', 1),
'whitelist':
output_def.get('whitelist', [])
})
def web3():
return Web3Provider.get_web3(get_config().keeper_url)
validate_algorithm_dict, validate_order,
validate_transfer_not_used_for_other_service)
from ocean_provider.utils.accounts import verify_signature
from ocean_provider.utils.basics import (LocalFileAdapter,
get_asset_from_metadatastore,
get_config, get_datatoken_minter,
get_provider_wallet, setup_network)
from ocean_provider.utils.encryption import do_encrypt
setup_logging()
services = Blueprint('services', __name__)
setup_network()
provider_wallet = get_provider_wallet()
requests_session = get_requests_session()
requests_session.mount('file://', LocalFileAdapter())
user_nonce = UserNonce(get_config().storage_path)
logger = logging.getLogger(__name__)
@services.route('/nonce', methods=['GET'])
def nonce():
required_attributes = [
'userAddress',
]
data = get_request_data(request)
msg, status = check_required_attributes(required_attributes, data, 'nonce')
if msg:
return jsonify(error=msg), status
def get_metadata_url():
return get_config().aquarius_url
def get_compute_endpoint():
return get_config().operator_service_url + '/api/v1/operator/compute'
import os
from os.path import abspath, dirname
from ocean_provider.utils.basics import get_config
from sqlalchemy import create_engine
from sqlalchemy.ext.declarative import declarative_base
from sqlalchemy.orm import sessionmaker
PROJECT_ROOT = dirname(dirname(abspath(__file__)))
SQLALCHEMY_DATABASE_URL = "sqlite:////" + os.path.join(
PROJECT_ROOT, "db",
get_config().storage_path)
engine = create_engine(SQLALCHEMY_DATABASE_URL,
connect_args={"check_same_thread": False})
SessionLocal = sessionmaker(autocommit=False, autoflush=False, bind=engine)
Base = declarative_base()
def setup_all():
config = get_config()
Web3Provider.init_web3(config.keeper_url)
ContractHandler.set_artifacts_path(get_keeper_path(config))
init_account_envvars()
def web3():
return Web3Provider.get_web3(get_config().network_url)
def get_factory_contract(factory_address=None, abi_path=None, abi=None):
if not factory_address:
factory_address = get_config().factory_address
return FactoryContract(factory_address, abi_path, abi)
def get_registered_ddo(account, metadata, service_descriptor):
aqua = Aquarius('http://localhost:5000')
ddo = DDO()
ddo_service_endpoint = aqua.get_service_endpoint()
# Create new data token contract
dt_contract = FactoryContract(get_config().factory_address)\
.create_data_token(account, metadata_url=ddo_service_endpoint)
if not dt_contract:
raise AssertionError('Creation of data token contract failed.')
ddo._other_values = {'dataTokenAddress': dt_contract.address}
metadata_service_desc = ServiceDescriptor.metadata_service_descriptor(
metadata, ddo_service_endpoint
)
service_descriptors = list(
[ServiceDescriptor.authorization_service_descriptor('http://localhost:12001')])
service_descriptors.append(service_descriptor)
service_type = service_descriptor[0]
service_descriptors = [metadata_service_desc] + service_descriptors
services = ServiceFactory.build_services(service_descriptors)
checksums = dict()
for service in services:
checksums[str(service.index)] = checksum(service.main)
# Adding proof to the ddo.
ddo.add_proof(checksums, account)
did = ddo.assign_did(DID.did(ddo.proof['checksum']))
ddo_service_endpoint.replace('{did}', did)
services[0].set_service_endpoint(ddo_service_endpoint)
stype_to_service = {s.type: s for s in services}
_service = stype_to_service[service_type]
for service in services:
ddo.add_service(service)
# ddo.proof['signatureValue'] = ocean_lib.sign_hash(
# did_to_id_bytes(did), account)
ddo.add_public_key(did, account.address)
ddo.add_authentication(did, PUBLIC_KEY_TYPE_RSA)
try:
_oldddo = aqua.get_asset_ddo(ddo.did)
if _oldddo:
aqua.retire_asset_ddo(ddo.did)
except ValueError:
pass
if not plecos.is_valid_dict_local(ddo.metadata):
print(f'invalid metadata: {plecos.validate_dict_local(ddo.metadata)}')
assert False, f'invalid metadata: {plecos.validate_dict_local(ddo.metadata)}'
encrypted_files = do_encrypt(
json.dumps(metadata['main']['files']),
account,
)
# only assign if the encryption worked
if encrypted_files:
index = 0
for file in metadata['main']['files']:
file['index'] = index
index = index + 1
del file['url']
metadata['encryptedFiles'] = encrypted_files
# ddo._other_values
try:
aqua.publish_asset_ddo(ddo)
except Exception as e:
print(f'error publishing ddo {ddo.did} in Aquarius: {e}')
raise
return ddo
