def parse_spacebridge_response(response): """ Takes the serialized protobuf response from cloudgateway's auth endpoint, parses it and returns the deserialized protobuf object :param response: :return: AuthenticationQueryResponse protobuf object """ spacebridge_response = http_pb2.AuthenticationQueryResponse() spacebridge_response.ParseFromString(response.content) if spacebridge_response.HasField('error'): if response.status_code == 500: raise RestException.CloudgatewayServerError('cloudgateway encountered an internal error: %s' % spacebridge_response.error.message, 500) raise RestException.CloudgatewayServerError( 'cloudgateway request error: %s' % spacebridge_response.error.message, response.status_code ) if not str(response.status_code).startswith('2'): raise RestException.CloudgatewayServerError("cloudgateway error: %s" % str(response.content), response.status_code) return spacebridge_response
def parse_device_authentication_response(response): """Parse the response from Cloud Gateway on device authentication request Args: response ([requests.response]): response object returned by the requests library Raises: RestException.CloudgatewayServerError: [description] Returns: [String]: 10-digit auth code """ if response.status_code != 200: raise RestException.CloudgatewayServerError('Unable to reach cloudgateway, response_code={0}'.format( response.status_code), response.status_code) device_authentication_response = http_pb2.DeviceAuthenticationResponse() device_authentication_response.ParseFromString(response.content) if device_authentication_response.HasField('error'): raise RestException.CloudgatewayServerError( 'cloudgateway request error: {}'.format(device_authentication_response.error.message), response.status_code ) return device_authentication_response.payload.authenticationCode
def parse_authentication_result_response(response): """Parse response from Cloud Gatewaay on a AuthenticationResultRequest Args: response (Requests.Response): response object whose content is a serialized AuthenticationResultResponse object Raises: RestException.CloudgatewayServerError Returns: [AuthenticationResultResponse proto] """ if response.status_code != 200: raise RestException.CloudgatewayServerError('Unable to reach cloudgateway, response_code={0}'.format( response.status_code), response.status_code) authentication_result_response = http_pb2.AuthenticationResultResponse() authentication_result_response.ParseFromString(response.content) if authentication_result_response.HasField('error'): raise RestException.CloudgatewayServerError( 'cloudgateway request error: {}'.format(authentication_result_response.error.message), response.status_code ) return authentication_result_response.payload
def make_device_authentication_request(device_info, encryption_context, config): """Makes a device authentication request to Cloud Gateway. If successful, Cloud Gateway will return a DeviceAuthenticationResponse object. Args: device_info ([DeviceInfo]): device info object containing client's public keys encryption_context ([EncryptionContext]): Raises: RestException.CloudgatewayServerError Returns: [Requests.Response]: response object whose content is a serialized DeviceAuthenticationResponse proto """ request_proto = build_device_authentication_request(device_info) try: spacebridge_header = {'Authorization': sb_auth_header(encryption_context)} return requests.post(sb_client_auth_endpoint(config), headers=spacebridge_header, data=request_proto.SerializeToString(), ) except Exception as e: raise RestException.CloudgatewayServerError('Unable to reach cloudgateway: {0}'.format(e), 503)
def make_authentication_result_request(auth_code, encryption_context, config, key_bundle=None): """ Make AuthenticationResultRequest to Cloud Gateway Args: auth_code ([string]): 10-digit auth code returned by Cloud Gateway on Device Authentication Request encryption_context ([EncryptionContext]): Raises: RestException.CloudgatewayServerError: Returns: [Requests.Response]: Response object containing serialized AuthenticationResultResponse object """ request_proto = build_authentication_result_request(auth_code) with requests_ssl_context(key_bundle) as cert: try: spacebridge_header = { 'Authorization': sb_auth_header(encryption_context) } return requests.get(sb_client_auth_result_endpoint( auth_code, config), headers=spacebridge_header, data=request_proto.SerializeToString(), cert=cert.name) except Exception as e: raise RestException.CloudgatewayServerError( 'Unable to reach cloudgateway: {0}'.format(e), 503)
def submit_auth_code(auth_code, encryption_context, config): """ Given an auth code, submit it to cloudgateway's auth endpoint. Raise an exception if cannot reach cloudgateway :param auth_code :param encryption_context :return: seriealized protobuf response from cloudgateway """ try: spacebridge_header = { 'Authorization': sb_auth_header(encryption_context) } return requests.get(sb_auth_endpoint(auth_code, config), headers=spacebridge_header, proxies=config.get_proxies()) except Exception as e: raise RestException.CloudgatewayServerError( 'Unable to reach cloudgateway: {0}'.format(e), 503)
def submit_auth_code(auth_code, encryption_context, config, key_bundle=None): """ Given an auth code, submit it to cloudgateway's auth endpoint. Raise an exception if cannot reach cloudgateway :param auth_code :param encryption_context :param mtls_pkcs12: A PKCS12 object containing the certificate and private key information for mTLS :return: seriealized protobuf response from cloudgateway """ with requests_ssl_context(key_bundle) as cert: try: spacebridge_header = {'Authorization': sb_auth_header(encryption_context)} return requests.get(sb_auth_endpoint(auth_code, config), headers=spacebridge_header, proxies=config.get_proxies(), cert=cert.name ) except Exception as e: raise RestException.CloudgatewayServerError('Unable to reach cloudgateway: {0}'.format(e), 503)
def make_mdm_authentication_request(username, password, server_info, encryption_context, mdm_sign_private_key, config): """ Make AuthenticationResultRequest to Cloud Gateway Args: auth_code ([string]): 10-digit auth code returned by Cloud Gateway on Device Authentication Request encryption_context ([EncryptionContext]): Raises: RestException.CloudgatewayServerError: Returns: [Requests.Response]: Response object containing serialized AuthenticationResultResponse object """ request_proto = build_mdm_authentication_request(username, password, encryption_context, server_info, mdm_sign_private_key) try: return requests.post( url='{0}/api/mdm/authenticate'.format(config.get_spacebridge_domain()), headers={'Content-Type': 'application/x-protobuf', 'Authorization': sb_auth_header(encryption_context)}, data=request_proto.SerializeToString(), proxies=config.get_proxies() ) except Exception as e: raise RestException.CloudgatewayServerError('Unable to reach cloudgateway: {0}'.format(e), 503)