def check_authentication_token(self, token_string=''): """Checks given token and returns a dict with actor id if valid. @param token_string str @retval token_info dict @throws BadRequest Illegal parameter type of value @throws NotFound Token string not found @throws Unauthorized Token not valid anymore or otherwise """ token_id = "token_%s" % token_string token = self.container.object_store.read(token_id) if not isinstance(token, SecurityToken): raise Inconsistent("Token illegal type") if token.token_type != TokenTypeEnum.ACTOR_AUTH: raise BadRequest("Illegal token type") if token.token_string != token_string: raise Inconsistent("Found token's token_string does not match") cur_time = get_ion_ts_millis() if token.status != "OPEN": raise Unauthorized("Token status invalid") if cur_time >= int(token.expires): raise Unauthorized("Token expired") token_info = dict(actor_id=token.actor_id, expiry=token.expires, token=token, token_id=token_id) log.info("Authentication token %s resolved to actor %s, expiry %s", token_string, token.actor_id, token.expires) return token_info
def handle_incoming_message(self, invocation): receiver = invocation.get_message_receiver() op = invocation.get_header_value('op', 'Unknown') actor_id = invocation.get_header_value(MSG_HEADER_ACTOR, 'anonymous') # Raise Inconsistent message if conversation interceptor found a problem # TODO - May just want to drop this message instead of returning in case of DOS attack if GovernanceDispatcher.CONVERSATION__STATUS_ANNOTATION in invocation.message_annotations and \ invocation.message_annotations[GovernanceDispatcher.CONVERSATION__STATUS_ANNOTATION] == GovernanceDispatcher.STATUS_REJECT: if GovernanceDispatcher.CONVERSATION__STATUS_REASON_ANNOTATION in invocation.message_annotations: raise Inconsistent( "The message from user %s for operation %s(%s) has an error: %s" % (actor_id, receiver, op, invocation.message_annotations[ GovernanceDispatcher. CONVERSATION__STATUS_REASON_ANNOTATION])) else: raise Inconsistent( "The message from user %s for operation %s(%s) is inconsistent with the specified protocol" % (actor_id, receiver, op)) # Raise Unauthorized exception if policy denies access. if GovernanceDispatcher.POLICY__STATUS_ANNOTATION in invocation.message_annotations and \ invocation.message_annotations[GovernanceDispatcher.POLICY__STATUS_ANNOTATION] == GovernanceDispatcher.STATUS_REJECT: if GovernanceDispatcher.POLICY__STATUS_REASON_ANNOTATION in invocation.message_annotations: raise Unauthorized(invocation.message_annotations[ GovernanceDispatcher.POLICY__STATUS_REASON_ANNOTATION]) raise Unauthorized( "The request from user %s for operation %s(%s) has been denied" % (actor_id, receiver, op)) return invocation
def get_secure_service_def(self, service_name): """Checks whether the service indicated by given service_name exists and/or is exposed after white and black listing. Returns service registry entry. """ if self.service_whitelist: if service_name not in self.service_whitelist: raise Unauthorized("Service access not permitted") if self.service_blacklist: if service_name in self.service_blacklist: raise Unauthorized("Service access not permitted") # Retrieve service definition target_service = get_service_registry().get_service_by_name( service_name) if not target_service: raise BadRequest("The requested service (%s) is not available" % service_name) if not target_service.client: raise Inconsistent( "Cannot find a client class for the specified service: %s" % service_name) if not target_service.schema: raise Inconsistent( "Cannot find a schema for the specified service: %s" % service_name) return target_service
def check_process_operation_preconditions(self, process, msg, headers): """ This method is called by the ION endpoint to execute any process operation preconditions functions before allowing the operation to be called. """ operation = headers.get('op', None) if operation is None: return process_op_conditions = self.get_process_operation_dict(process.name, auto_add=False) if process_op_conditions is not None and operation in process_op_conditions: preconditions = process_op_conditions[operation] for precond in reversed(preconditions): if type(precond) in (types.MethodType, types.FunctionType): # Handle precondition which are built-in functions try: ret_val, ret_message = precond(msg, headers) except Exception as e: # TODD - Catching all exceptions and logging as errors, don't want to stop processing for this right now log.error( 'Executing precondition function: %s for operation: %s - %s so it will be ignored.' % (precond.__name__, operation, e.message)) ret_val = True ret_message = '' if not ret_val: raise Unauthorized(ret_message) elif isinstance(precond, basestring): try: # See if this is method within the endpoint process, if so call it method = getattr(process, precond, None) if method: ret_val, ret_message = method(msg, headers) else: # It is not a method in the process, so try to execute as a simple python function exec precond pref = locals()["precondition_func"] ret_val, ret_message = pref(process, msg, headers) except Exception as e: # TODD - Catching all exceptions and logging as errors, don't want to stop processing for this right now log.error( 'Executing precondition function: %s for operation: %s - %s so it will be ignored.' % (precond, operation, e.message)) ret_val = True ret_message = '' if not ret_val: raise Unauthorized(ret_message)
def check_process_operation_preconditions(self, process, msg, headers): operation = headers.get('op', None) if operation is None: return process_op_conditions = self.get_process_operation_dict(process.name) if process_op_conditions.has_key(operation): preconditions = process_op_conditions[operation] for precond in preconditions: if type(precond) == types.MethodType or type( precond) == types.FunctionType: #Handle precondition which are built-in functions try: ret_val, ret_message = precond(msg, headers) except Exception, e: #TODD - Catching all exceptions and logging as errors, don't want to stop processing for this right now log.error( 'Executing precondition function: %s for operation: %s - %s so it will be ignored.' % (precond.__name__, operation, e.message)) ret_val = True ret_message = '' if not ret_val: raise Unauthorized(ret_message) elif type(precond) == types.StringType: try: exec precond pref = locals()["precondition_func"] ret_val, ret_message = pref(process, msg, headers) except Exception, e: #TODD - Catching all exceptions and logging as errors, don't want to stop processing for this right now log.error( 'Executing precondition function: %s for operation: %s - %s so it will be ignored.' % (precond, operation, e.message)) ret_val = True ret_message = '' if not ret_val: raise Unauthorized(ret_message)
def validate_request(self, ion_actor_id, expiry, in_whitelist=False): # There is no point in looking up an anonymous user - so return default values. if ion_actor_id == DEFAULT_ACTOR_ID: # Since this is an anonymous request, there really is no expiry associated with it if not in_whitelist and self.require_login: raise Unauthorized("Anonymous access not permitted") else: return DEFAULT_ACTOR_ID, DEFAULT_EXPIRY try: user = self.idm_client.read_actor_identity( actor_id=ion_actor_id, headers=self._get_gateway_headers()) except NotFound as e: if not in_whitelist and self.require_login: # This could be a restart of the system with a new preload. # TODO: Invalidate Flask sessions on relaunch/bootstrap with creating new secret user_session = get_auth() if user_session.get("actor_id", None) == ion_actor_id: clear_auth() raise Unauthorized("Invalid identity", exc_id="01.10") else: # If the user isn't found default to anonymous return DEFAULT_ACTOR_ID, DEFAULT_EXPIRY # Need to convert to int first in order to compare against current time. try: int_expiry = int(expiry) except Exception as ex: raise Inconsistent( "Unable to read the expiry value in the request '%s' as an int" % expiry) # The user has been validated as being known in the system, so not check the expiry and raise exception if # the expiry is not set to 0 and less than the current time. if 0 < int_expiry < current_time_millis(): if not in_whitelist and self.require_login: raise Unauthorized("User authentication expired") else: log.warn("User authentication expired") return DEFAULT_ACTOR_ID, DEFAULT_EXPIRY return ion_actor_id, expiry
def handle_incoming_message(self, invocation): receiver = invocation.get_header_value('receiver', 'Unknown') op = invocation.get_header_value('op', 'Unknown') actor_id = invocation.get_header_value('ion-actor-id', 'anonymous') if invocation.message_annotations.has_key(GovernanceDispatcher.POLICY__STATUS_ANNOTATION) and \ invocation.message_annotations[GovernanceDispatcher.POLICY__STATUS_ANNOTATION] == GovernanceDispatcher.STATUS_REJECT: raise Unauthorized( "The request from user %s for operation %s(%s) has been denied" % (actor_id, receiver, op)) return invocation
def rcmd_launch_process(self, u_pid, round, run_type, parameters): try: self.core.launch_process(u_pid, round, run_type, parameters) except EEAgentUnauthorizedException, e: raise Unauthorized(e.message)
expiry = DEFAULT_EXPIRY #Since this is now an anonymous request, there really is no expiry associated with it return ion_actor_id, expiry #need to convert to a float first in order to compare against current time. try: int_expiry = int(expiry) except Exception, e: raise Inconsistent( "Unable to read the expiry value in the request '%s' as an int" % expiry) #The user has been validated as being known in the system, so not check the expiry and raise exception if # the expiry is not set to 0 and less than the current time. if int_expiry > 0 and int_expiry < current_time_millis(): raise Unauthorized( 'The certificate associated with the user and expiry time in the request has expired.' ) return ion_actor_id, expiry def build_message_headers(ion_actor_id, expiry): headers = dict() headers['ion-actor-id'] = ion_actor_id headers['expiry'] = expiry #If this is an anonymous requester then there are no roles associated with the request if ion_actor_id == DEFAULT_ACTOR_ID: headers['ion-actor-roles'] = dict()
def deny_anyop(self, operation, id=None): raise Unauthorized('The anyop operation has been denied')