def check_authentication_token(self, token_string=''):
"""Checks given token and returns a dict with actor id if valid.
@param token_string str
@retval token_info dict
@throws BadRequest Illegal parameter type of value
@throws NotFound Token string not found
@throws Unauthorized Token not valid anymore or otherwise
"""
token_id = "token_%s" % token_string
token = self.container.object_store.read(token_id)
if not isinstance(token, SecurityToken):
raise Inconsistent("Token illegal type")
if token.token_type != TokenTypeEnum.ACTOR_AUTH:
raise BadRequest("Illegal token type")
if token.token_string != token_string:
raise Inconsistent("Found token's token_string does not match")
cur_time = get_ion_ts_millis()
if token.status != "OPEN":
raise Unauthorized("Token status invalid")
if cur_time >= int(token.expires):
raise Unauthorized("Token expired")
token_info = dict(actor_id=token.actor_id,
expiry=token.expires,
token=token,
token_id=token_id)
log.info("Authentication token %s resolved to actor %s, expiry %s",
token_string, token.actor_id, token.expires)
return token_info
def handle_incoming_message(self, invocation):
receiver = invocation.get_message_receiver()
op = invocation.get_header_value('op', 'Unknown')
actor_id = invocation.get_header_value(MSG_HEADER_ACTOR, 'anonymous')
# Raise Inconsistent message if conversation interceptor found a problem
# TODO - May just want to drop this message instead of returning in case of DOS attack
if GovernanceDispatcher.CONVERSATION__STATUS_ANNOTATION in invocation.message_annotations and \
invocation.message_annotations[GovernanceDispatcher.CONVERSATION__STATUS_ANNOTATION] == GovernanceDispatcher.STATUS_REJECT:
if GovernanceDispatcher.CONVERSATION__STATUS_REASON_ANNOTATION in invocation.message_annotations:
raise Inconsistent(
"The message from user %s for operation %s(%s) has an error: %s"
% (actor_id, receiver, op, invocation.message_annotations[
GovernanceDispatcher.
CONVERSATION__STATUS_REASON_ANNOTATION]))
else:
raise Inconsistent(
"The message from user %s for operation %s(%s) is inconsistent with the specified protocol"
% (actor_id, receiver, op))
# Raise Unauthorized exception if policy denies access.
if GovernanceDispatcher.POLICY__STATUS_ANNOTATION in invocation.message_annotations and \
invocation.message_annotations[GovernanceDispatcher.POLICY__STATUS_ANNOTATION] == GovernanceDispatcher.STATUS_REJECT:
if GovernanceDispatcher.POLICY__STATUS_REASON_ANNOTATION in invocation.message_annotations:
raise Unauthorized(invocation.message_annotations[
GovernanceDispatcher.POLICY__STATUS_REASON_ANNOTATION])
raise Unauthorized(
"The request from user %s for operation %s(%s) has been denied"
% (actor_id, receiver, op))
return invocation
def get_secure_service_def(self, service_name):
"""Checks whether the service indicated by given service_name exists and/or
is exposed after white and black listing. Returns service registry entry.
"""
if self.service_whitelist:
if service_name not in self.service_whitelist:
raise Unauthorized("Service access not permitted")
if self.service_blacklist:
if service_name in self.service_blacklist:
raise Unauthorized("Service access not permitted")
# Retrieve service definition
target_service = get_service_registry().get_service_by_name(
service_name)
if not target_service:
raise BadRequest("The requested service (%s) is not available" %
service_name)
if not target_service.client:
raise Inconsistent(
"Cannot find a client class for the specified service: %s" %
service_name)
if not target_service.schema:
raise Inconsistent(
"Cannot find a schema for the specified service: %s" %
service_name)
return target_service
def check_process_operation_preconditions(self, process, msg, headers):
"""
This method is called by the ION endpoint to execute any process operation preconditions functions before
allowing the operation to be called.
"""
operation = headers.get('op', None)
if operation is None:
return
process_op_conditions = self.get_process_operation_dict(process.name,
auto_add=False)
if process_op_conditions is not None and operation in process_op_conditions:
preconditions = process_op_conditions[operation]
for precond in reversed(preconditions):
if type(precond) in (types.MethodType, types.FunctionType):
# Handle precondition which are built-in functions
try:
ret_val, ret_message = precond(msg, headers)
except Exception as e:
# TODD - Catching all exceptions and logging as errors, don't want to stop processing for this right now
log.error(
'Executing precondition function: %s for operation: %s - %s so it will be ignored.'
% (precond.__name__, operation, e.message))
ret_val = True
ret_message = ''
if not ret_val:
raise Unauthorized(ret_message)
elif isinstance(precond, basestring):
try:
# See if this is method within the endpoint process, if so call it
method = getattr(process, precond, None)
if method:
ret_val, ret_message = method(msg, headers)
else:
# It is not a method in the process, so try to execute as a simple python function
exec precond
pref = locals()["precondition_func"]
ret_val, ret_message = pref(process, msg, headers)
except Exception as e:
# TODD - Catching all exceptions and logging as errors, don't want to stop processing for this right now
log.error(
'Executing precondition function: %s for operation: %s - %s so it will be ignored.'
% (precond, operation, e.message))
ret_val = True
ret_message = ''
if not ret_val:
raise Unauthorized(ret_message)
def check_process_operation_preconditions(self, process, msg, headers):
operation = headers.get('op', None)
if operation is None:
return
process_op_conditions = self.get_process_operation_dict(process.name)
if process_op_conditions.has_key(operation):
preconditions = process_op_conditions[operation]
for precond in preconditions:
if type(precond) == types.MethodType or type(
precond) == types.FunctionType:
#Handle precondition which are built-in functions
try:
ret_val, ret_message = precond(msg, headers)
except Exception, e:
#TODD - Catching all exceptions and logging as errors, don't want to stop processing for this right now
log.error(
'Executing precondition function: %s for operation: %s - %s so it will be ignored.'
% (precond.__name__, operation, e.message))
ret_val = True
ret_message = ''
if not ret_val:
raise Unauthorized(ret_message)
elif type(precond) == types.StringType:
try:
exec precond
pref = locals()["precondition_func"]
ret_val, ret_message = pref(process, msg, headers)
except Exception, e:
#TODD - Catching all exceptions and logging as errors, don't want to stop processing for this right now
log.error(
'Executing precondition function: %s for operation: %s - %s so it will be ignored.'
% (precond, operation, e.message))
ret_val = True
ret_message = ''
if not ret_val:
raise Unauthorized(ret_message)
def validate_request(self, ion_actor_id, expiry, in_whitelist=False):
# There is no point in looking up an anonymous user - so return default values.
if ion_actor_id == DEFAULT_ACTOR_ID:
# Since this is an anonymous request, there really is no expiry associated with it
if not in_whitelist and self.require_login:
raise Unauthorized("Anonymous access not permitted")
else:
return DEFAULT_ACTOR_ID, DEFAULT_EXPIRY
try:
user = self.idm_client.read_actor_identity(
actor_id=ion_actor_id, headers=self._get_gateway_headers())
except NotFound as e:
if not in_whitelist and self.require_login:
# This could be a restart of the system with a new preload.
# TODO: Invalidate Flask sessions on relaunch/bootstrap with creating new secret
user_session = get_auth()
if user_session.get("actor_id", None) == ion_actor_id:
clear_auth()
raise Unauthorized("Invalid identity", exc_id="01.10")
else:
# If the user isn't found default to anonymous
return DEFAULT_ACTOR_ID, DEFAULT_EXPIRY
# Need to convert to int first in order to compare against current time.
try:
int_expiry = int(expiry)
except Exception as ex:
raise Inconsistent(
"Unable to read the expiry value in the request '%s' as an int"
% expiry)
# The user has been validated as being known in the system, so not check the expiry and raise exception if
# the expiry is not set to 0 and less than the current time.
if 0 < int_expiry < current_time_millis():
if not in_whitelist and self.require_login:
raise Unauthorized("User authentication expired")
else:
log.warn("User authentication expired")
return DEFAULT_ACTOR_ID, DEFAULT_EXPIRY
return ion_actor_id, expiry
def handle_incoming_message(self, invocation):
receiver = invocation.get_header_value('receiver', 'Unknown')
op = invocation.get_header_value('op', 'Unknown')
actor_id = invocation.get_header_value('ion-actor-id', 'anonymous')
if invocation.message_annotations.has_key(GovernanceDispatcher.POLICY__STATUS_ANNOTATION) and \
invocation.message_annotations[GovernanceDispatcher.POLICY__STATUS_ANNOTATION] == GovernanceDispatcher.STATUS_REJECT:
raise Unauthorized(
"The request from user %s for operation %s(%s) has been denied"
% (actor_id, receiver, op))
return invocation
def rcmd_launch_process(self, u_pid, round, run_type, parameters):
try:
self.core.launch_process(u_pid, round, run_type, parameters)
except EEAgentUnauthorizedException, e:
raise Unauthorized(e.message)
expiry = DEFAULT_EXPIRY #Since this is now an anonymous request, there really is no expiry associated with it
return ion_actor_id, expiry
#need to convert to a float first in order to compare against current time.
try:
int_expiry = int(expiry)
except Exception, e:
raise Inconsistent(
"Unable to read the expiry value in the request '%s' as an int" %
expiry)
#The user has been validated as being known in the system, so not check the expiry and raise exception if
# the expiry is not set to 0 and less than the current time.
if int_expiry > 0 and int_expiry < current_time_millis():
raise Unauthorized(
'The certificate associated with the user and expiry time in the request has expired.'
)
return ion_actor_id, expiry
def build_message_headers(ion_actor_id, expiry):
headers = dict()
headers['ion-actor-id'] = ion_actor_id
headers['expiry'] = expiry
#If this is an anonymous requester then there are no roles associated with the request
if ion_actor_id == DEFAULT_ACTOR_ID:
headers['ion-actor-roles'] = dict()
def deny_anyop(self, operation, id=None):
raise Unauthorized('The anyop operation has been denied')
