Merge pull request #1180 from guardicore/bb_test_gcp_authentication_fix
BB tests: automatic registration
This commit is contained in:
commit
7b02cebbaf
|
@ -30,6 +30,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
||||||
- Authentication mechanism to use bcrypt on server side. #1139
|
- Authentication mechanism to use bcrypt on server side. #1139
|
||||||
- `server_config.json` puts environment config options in a separate section
|
- `server_config.json` puts environment config options in a separate section
|
||||||
named "environment". #1161
|
named "environment". #1161
|
||||||
|
- BlackBox tests can now register if they are ran on a fresh installation. #1180
|
||||||
- Improved the structure of unit tests by scoping fixtures only to relevant modules
|
- Improved the structure of unit tests by scoping fixtures only to relevant modules
|
||||||
instead of having a one huge fixture file, improved and renamed the directory
|
instead of having a one huge fixture file, improved and renamed the directory
|
||||||
structure of unit tests and unit test infrastructure. #1178
|
structure of unit tests and unit test infrastructure. #1178
|
||||||
|
|
|
@ -12,6 +12,10 @@ NO_AUTH_CREDS = "1234567890!@#$%^&*()_nothing_up_my_sleeve_1234567890!@#$%^&*()"
|
||||||
LOGGER = logging.getLogger(__name__)
|
LOGGER = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
||||||
|
class AuthenticationFailedError(Exception):
|
||||||
|
pass
|
||||||
|
|
||||||
|
|
||||||
# noinspection PyArgumentList
|
# noinspection PyArgumentList
|
||||||
class MonkeyIslandRequests(object):
|
class MonkeyIslandRequests(object):
|
||||||
def __init__(self, server_address):
|
def __init__(self, server_address):
|
||||||
|
@ -43,6 +47,9 @@ class MonkeyIslandRequests(object):
|
||||||
def try_get_jwt_from_server(self):
|
def try_get_jwt_from_server(self):
|
||||||
try:
|
try:
|
||||||
return self.get_jwt_from_server()
|
return self.get_jwt_from_server()
|
||||||
|
except AuthenticationFailedError:
|
||||||
|
self.try_set_island_to_no_password()
|
||||||
|
return self.get_jwt_from_server()
|
||||||
except requests.ConnectionError as err:
|
except requests.ConnectionError as err:
|
||||||
LOGGER.error(
|
LOGGER.error(
|
||||||
"Unable to connect to island, aborting! Error information: {}. Server: {}".format(
|
"Unable to connect to island, aborting! Error information: {}. Server: {}".format(
|
||||||
|
@ -51,6 +58,21 @@ class MonkeyIslandRequests(object):
|
||||||
)
|
)
|
||||||
assert False
|
assert False
|
||||||
|
|
||||||
|
def get_jwt_from_server(self):
|
||||||
|
resp = requests.post( # noqa: DUO123
|
||||||
|
self.addr + "api/auth",
|
||||||
|
json={"username": NO_AUTH_CREDS, "password": NO_AUTH_CREDS},
|
||||||
|
verify=False,
|
||||||
|
)
|
||||||
|
if resp.status_code == 401:
|
||||||
|
raise AuthenticationFailedError
|
||||||
|
return resp.json()["access_token"]
|
||||||
|
|
||||||
|
def try_set_island_to_no_password(self):
|
||||||
|
requests.patch( # noqa: DUO123
|
||||||
|
self.addr + "api/environment", json={"server_config": "standard"}, verify=False
|
||||||
|
)
|
||||||
|
|
||||||
class _Decorators:
|
class _Decorators:
|
||||||
@classmethod
|
@classmethod
|
||||||
def refresh_jwt_token(cls, request_function):
|
def refresh_jwt_token(cls, request_function):
|
||||||
|
@ -62,14 +84,6 @@ class MonkeyIslandRequests(object):
|
||||||
|
|
||||||
return request_function_wrapper
|
return request_function_wrapper
|
||||||
|
|
||||||
def get_jwt_from_server(self):
|
|
||||||
resp = requests.post( # noqa: DUO123
|
|
||||||
self.addr + "api/auth",
|
|
||||||
json={"username": NO_AUTH_CREDS, "password": NO_AUTH_CREDS},
|
|
||||||
verify=False,
|
|
||||||
)
|
|
||||||
return resp.json()["access_token"]
|
|
||||||
|
|
||||||
@_Decorators.refresh_jwt_token
|
@_Decorators.refresh_jwt_token
|
||||||
def get(self, url, data=None):
|
def get(self, url, data=None):
|
||||||
return requests.get( # noqa: DUO123
|
return requests.get( # noqa: DUO123
|
||||||
|
|
|
@ -98,7 +98,15 @@ def wait_machine_bootup():
|
||||||
|
|
||||||
@pytest.fixture(scope="class")
|
@pytest.fixture(scope="class")
|
||||||
def island_client(island, quick_performance_tests):
|
def island_client(island, quick_performance_tests):
|
||||||
island_client_object = MonkeyIslandClient(island)
|
client_established = False
|
||||||
|
try:
|
||||||
|
island_client_object = MonkeyIslandClient(island)
|
||||||
|
client_established = island_client_object.get_api_status()
|
||||||
|
except Exception:
|
||||||
|
logging.exception("Got an exception while trying to establish connection to the Island.")
|
||||||
|
finally:
|
||||||
|
if not client_established:
|
||||||
|
pytest.exit("BB tests couldn't establish communication to the island.")
|
||||||
if not quick_performance_tests:
|
if not quick_performance_tests:
|
||||||
island_client_object.reset_env()
|
island_client_object.reset_env()
|
||||||
yield island_client_object
|
yield island_client_object
|
||||||
|
@ -158,10 +166,6 @@ class TestMonkeyBlackbox:
|
||||||
def get_log_dir_path():
|
def get_log_dir_path():
|
||||||
return os.path.abspath(LOG_DIR_PATH)
|
return os.path.abspath(LOG_DIR_PATH)
|
||||||
|
|
||||||
def test_server_online(self, island_client):
|
|
||||||
if not island_client.get_api_status():
|
|
||||||
pytest.exit("BB tests couldn't reach the Island server, quiting.")
|
|
||||||
|
|
||||||
def test_ssh_exploiter(self, island_client):
|
def test_ssh_exploiter(self, island_client):
|
||||||
TestMonkeyBlackbox.run_exploitation_test(island_client, Ssh, "SSH_exploiter_and_keys")
|
TestMonkeyBlackbox.run_exploitation_test(island_client, Ssh, "SSH_exploiter_and_keys")
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue