예제 #1
0
def test_consume(client, provider_account, consumer_account):
    endpoint = BaseURLs.ASSETS_URL + '/consume'

    for method in constants.ConfigSections.DECRYPTION_METHODS:
        print('Testing Consume with Authorization Method: ' + method)
        ddo = get_registered_ddo(provider_account,
                                 providers=[provider_account.address],
                                 auth_service=method)

        # initialize an agreement
        agreement_id = place_order(provider_account, ddo, consumer_account,
                                   ServiceTypes.ASSET_ACCESS)
        payload = dict({
            'serviceAgreementId': agreement_id,
            'consumerAddress': consumer_account.address
        })

        print('Provider: ' + provider_account.address)
        print('Consumer: ' + consumer_account.address)

        keeper = keeper_instance()
        agr_id_hash = add_ethereum_prefix_and_hash_msg(agreement_id)
        signature = keeper.sign_hash(agr_id_hash, consumer_account)
        index = 0

        event = keeper.access_template.subscribe_agreement_created(
            agreement_id, 15, None, (), wait=True, from_block=0)
        assert event, "Agreement event is not found, check the keeper node's logs"

        consumer_balance = keeper.token.get_token_balance(
            consumer_account.address)
        if consumer_balance < 50:
            keeper.dispenser.request_tokens(50 - consumer_balance,
                                            consumer_account)

        sa = ServiceAgreement.from_ddo(ServiceTypes.ASSET_ACCESS, ddo)
        lock_payment(agreement_id, ddo.asset_id, sa, amounts, receivers,
                     consumer_account)
        event = keeper.lock_payment_condition.subscribe_condition_fulfilled(
            agreement_id, 15, None, (), wait=True, from_block=0)
        assert event, "Lock reward condition fulfilled event is not found, check the keeper " \
                      "node's logs"

        grant_access(agreement_id, ddo, consumer_account, provider_account)
        event = keeper.access_condition.subscribe_condition_fulfilled(
            agreement_id, 15, None, (), wait=True, from_block=0)
        assert event or keeper.access_condition.check_permissions(
            ddo.asset_id, consumer_account.address
        ), f'Failed to get access permission: agreement_id={agreement_id}, ' \
           f'did={ddo.did}, consumer={consumer_account.address}'

        # Consume using url index and signature (let the gateway do the decryption)
        payload['signature'] = signature
        payload['index'] = index
        request_url = endpoint + '?' + '&'.join(
            [f'{k}={v}' for k, v in payload.items()])
        response = client.get(request_url)
        assert response.status == '200 OK'
예제 #2
0
def test_access_endpoint_bad_signature(client, provider_account,
                                       consumer_account):
    # The provider_account will place the order and consumer_account
    # will try to request access to it

    # order access
    keeper = keeper_instance()
    ddo = get_registered_ddo(provider_account,
                             providers=[provider_account.address])
    agreement_id = place_order(provider_account, ddo, provider_account)

    event = keeper.access_template.subscribe_agreement_created(agreement_id,
                                                               15,
                                                               None, (),
                                                               wait=True,
                                                               from_block=0)
    assert event, "Agreement event is not found, check the keeper node's logs"

    consumer_balance = keeper.token.get_token_balance(consumer_account.address)
    if consumer_balance < 50:
        keeper.dispenser.request_tokens(50 - consumer_balance,
                                        consumer_account)

    sa = ServiceAgreement.from_ddo(ServiceTypes.ASSET_ACCESS, ddo)
    lock_payment(agreement_id, ddo.asset_id, sa, amounts, receivers,
                 consumer_account)

    event = keeper.lock_payment_condition.subscribe_condition_fulfilled(
        agreement_id, 15, None, (), wait=True, from_block=0)
    assert event, "Lock reward condition fulfilled event is not found, check the keeper node's logs"

    # create jwt bearer grant
    jwk = account_to_jwk(consumer_account)
    assertion = NeverminedJWTBearerGrant.sign(jwk,
                                              issuer=consumer_account.address,
                                              audience=BaseURLs.ASSETS_URL +
                                              '/access',
                                              subject=agreement_id,
                                              claims={"did": ddo.did},
                                              header={"alg": "ES256K"})

    response = client.post("/api/v1/gateway/services/oauth/token",
                           data={
                               "grant_type":
                               NeverminedJWTBearerGrant.GRANT_TYPE,
                               "assertion": assertion
                           })
    assert response.status_code == 400
    assert response.get_json()["error"] == "invalid_client"
예제 #3
0
def test_execute_endpoint(client, provider_account, consumer_account):
    ddo_compute = get_registered_compute_ddo(
        provider_account, providers=[provider_account.address])
    ddo_algorithm = get_registered_algorithm_ddo(
        consumer_account, providers=[provider_account.address])
    ddo_workflow = get_registered_workflow_ddo(
        consumer_account,
        ddo_compute.did,
        ddo_algorithm.did,
        providers=[provider_account.address])

    # initialize agreement
    agreement_id = place_order(provider_account,
                               ddo_compute,
                               consumer_account,
                               service_type=ServiceTypes.CLOUD_COMPUTE)
    sa = ServiceAgreement.from_ddo(ServiceTypes.CLOUD_COMPUTE, ddo_compute)
    lock_payment(agreement_id, ddo_compute.asset_id, sa, amounts, receivers,
                 consumer_account)

    keeper = keeper_instance()
    event = keeper.lock_payment_condition.subscribe_condition_fulfilled(
        agreement_id, 60, None, (), wait=True)
    assert event is not None, "Reward condition is not found"

    # create jwt bearer grant
    jwk = account_to_jwk(consumer_account)
    assertion = NeverminedJWTBearerGrant.sign(jwk,
                                              issuer=consumer_account.address,
                                              subject=agreement_id,
                                              audience=BaseURLs.ASSETS_URL +
                                              '/execute',
                                              claims={"did": ddo_workflow.did},
                                              header={"alg": "ES256K"})

    response = client.post("/api/v1/gateway/services/oauth/token",
                           data={
                               "grant_type":
                               NeverminedJWTBearerGrant.GRANT_TYPE,
                               "assertion": assertion
                           })
    assert response.status_code == 200

    # use jwt access token to execute the compute
    access_token = response.get_json()["access_token"]
    response = client.post(f"/api/v1/gateway/services/execute/{agreement_id}",
                           headers={"Authorization": f"Bearer {access_token}"})
    assert response.status_code == 200
예제 #4
0
def test_access_proof(client, provider_account, consumer_account):
    for method in constants.ConfigSections.DECRYPTION_METHODS:
        ddo = get_proof_ddo(provider_account,
                            providers=[provider_account.address],
                            auth_service=method)

        # initialize an agreement
        agreement_id = place_order(provider_account, ddo, consumer_account,
                                   ServiceTypes.ASSET_ACCESS_PROOF)

        print(ddo.did)

        keeper = keeper_instance()
        index = 0

        event = keeper.access_proof_template.subscribe_agreement_created(
            agreement_id, 15, None, (), wait=True, from_block=0)
        assert event, "Agreement event is not found, check the keeper node's logs"

        consumer_balance = keeper.token.get_token_balance(
            consumer_account.address)
        if consumer_balance < 50:
            keeper.dispenser.request_tokens(50 - consumer_balance,
                                            consumer_account)

        sa = ServiceAgreement.from_ddo(ServiceTypes.ASSET_ACCESS_PROOF, ddo)
        lock_payment(agreement_id, ddo.asset_id, sa, amounts, receivers,
                     consumer_account)
        event = keeper.lock_payment_condition.subscribe_condition_fulfilled(
            agreement_id, 15, None, (), wait=True, from_block=0)
        assert event, "Lock reward condition fulfilled event is not found, check the keeper node's logs"

        # Consume using url index

        # generate the grant token
        grant_token = generate_access_proof_grant_token(
            consumer_account, agreement_id, ddo.did, get_buyer_secret_key(),
            "/access-proof")

        # request access token
        response = client.post("/api/v1/gateway/services/oauth/token",
                               data={
                                   "grant_type":
                                   NeverminedJWTBearerGrant.GRANT_TYPE,
                                   "assertion": grant_token
                               })
        access_token = response.get_json()["access_token"]

        agreement = keeper.agreement_manager.get_agreement(agreement_id)
        cond_ids = agreement.condition_ids
        assert keeper.condition_manager.get_condition_state(
            cond_ids[0]) == ConditionState.Fulfilled.value
        assert keeper.condition_manager.get_condition_state(
            cond_ids[1]) == ConditionState.Fulfilled.value
        assert keeper.condition_manager.get_condition_state(
            cond_ids[2]) == ConditionState.Fulfilled.value

        endpoint = BaseURLs.ASSETS_URL + '/access-proof/%s/%d' % (agreement_id,
                                                                  index)
        response = client.get(
            endpoint, headers={"Authorization": f"Bearer {access_token}"})

        assert response.status == '200 OK'
        assert len(
            keeper.did_registry.get_provenance_method_events(
                'USED', did_bytes=did_to_id_bytes(ddo.did))) == 1