From 1635f3204abc8a979822039adc52b4a299aaa071 Mon Sep 17 00:00:00 2001 From: Shreya Malviya Date: Mon, 1 Aug 2022 18:59:11 +0530 Subject: [PATCH 01/14] Island: Change /api/auth -> /api/authenticate --- monkey/monkey_island/cc/resources/auth/auth.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/monkey/monkey_island/cc/resources/auth/auth.py b/monkey/monkey_island/cc/resources/auth/auth.py index 34632bf7e..d9513bae8 100644 --- a/monkey/monkey_island/cc/resources/auth/auth.py +++ b/monkey/monkey_island/cc/resources/auth/auth.py @@ -28,7 +28,7 @@ class Authenticate(AbstractResource): """ - urls = ["/api/auth"] + urls = ["/api/authenticate"] def __init__(self, authentication_service: AuthenticationService): self._authentication_service = authentication_service From 3c1e69eabbf64610d8a5bbd0e46019d61b24a4c9 Mon Sep 17 00:00:00 2001 From: Shreya Malviya Date: Mon, 1 Aug 2022 18:59:55 +0530 Subject: [PATCH 02/14] BB: Change /api/auth -> /api/authenticate --- .../monkey_zoo/blackbox/island_client/monkey_island_requests.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/envs/monkey_zoo/blackbox/island_client/monkey_island_requests.py b/envs/monkey_zoo/blackbox/island_client/monkey_island_requests.py index f26dc9e8a..5a2d11db7 100644 --- a/envs/monkey_zoo/blackbox/island_client/monkey_island_requests.py +++ b/envs/monkey_zoo/blackbox/island_client/monkey_island_requests.py @@ -39,7 +39,7 @@ class MonkeyIslandRequests(object): def get_jwt_from_server(self): resp = requests.post( # noqa: DUO123 - self.addr + "api/auth", + self.addr + "api/authenticate", json={"username": ISLAND_USERNAME, "password": ISLAND_PASSWORD}, verify=False, ) From 8342ec8b5cfbbadc3164352c7b1cb47eaff47779 Mon Sep 17 00:00:00 2001 From: Shreya Malviya Date: Mon, 1 Aug 2022 18:45:19 +0530 Subject: [PATCH 03/14] UI: Change /api/auth -> /api/authenticate --- monkey/monkey_island/cc/ui/src/services/AuthService.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/monkey/monkey_island/cc/ui/src/services/AuthService.js b/monkey/monkey_island/cc/ui/src/services/AuthService.js index 7838a8563..09966ead0 100644 --- a/monkey/monkey_island/cc/ui/src/services/AuthService.js +++ b/monkey/monkey_island/cc/ui/src/services/AuthService.js @@ -2,7 +2,7 @@ import decode from 'jwt-decode'; export default class AuthService { SECONDS_BEFORE_JWT_EXPIRES = 20; - AUTHENTICATION_API_ENDPOINT = '/api/auth'; + AUTHENTICATION_API_ENDPOINT = '/api/authenticate'; REGISTRATION_API_ENDPOINT = '/api/registration'; login = (username, password) => { From b5784f0479583946bedc5ffb0158555814647fa2 Mon Sep 17 00:00:00 2001 From: Shreya Malviya Date: Mon, 1 Aug 2022 18:46:28 +0530 Subject: [PATCH 04/14] Island: Rename cc/resources/auth/auth.py -> cc/resources/auth/authenticate.py --- monkey/monkey_island/cc/app.py | 2 +- .../cc/resources/auth/{auth.py => authenticate.py} | 0 2 files changed, 1 insertion(+), 1 deletion(-) rename monkey/monkey_island/cc/resources/auth/{auth.py => authenticate.py} (100%) diff --git a/monkey/monkey_island/cc/app.py b/monkey/monkey_island/cc/app.py index 56c3283e9..efd3c9e0f 100644 --- a/monkey/monkey_island/cc/app.py +++ b/monkey/monkey_island/cc/app.py @@ -21,7 +21,7 @@ from monkey_island.cc.resources.AbstractResource import AbstractResource from monkey_island.cc.resources.agent_configuration import AgentConfiguration from monkey_island.cc.resources.agent_controls import StopAgentCheck, StopAllAgents from monkey_island.cc.resources.attack.attack_report import AttackReport -from monkey_island.cc.resources.auth.auth import Authenticate, init_jwt +from monkey_island.cc.resources.auth.authenticate import Authenticate, init_jwt from monkey_island.cc.resources.auth.registration import Registration from monkey_island.cc.resources.blackbox.log_blackbox_endpoint import LogBlackboxEndpoint from monkey_island.cc.resources.blackbox.monkey_blackbox_endpoint import MonkeyBlackboxEndpoint diff --git a/monkey/monkey_island/cc/resources/auth/auth.py b/monkey/monkey_island/cc/resources/auth/authenticate.py similarity index 100% rename from monkey/monkey_island/cc/resources/auth/auth.py rename to monkey/monkey_island/cc/resources/auth/authenticate.py From a9e13c37ead93fc7df3b05ac34861aae09bdc4e5 Mon Sep 17 00:00:00 2001 From: Shreya Malviya Date: Mon, 1 Aug 2022 18:47:12 +0530 Subject: [PATCH 05/14] UT: Change imports cc.resources.auth.auth -> cc.resources.auth.authenticate --- .../unit_tests/monkey_island/cc/resources/auth/test_auth.py | 2 +- monkey/tests/unit_tests/monkey_island/cc/resources/conftest.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/monkey/tests/unit_tests/monkey_island/cc/resources/auth/test_auth.py b/monkey/tests/unit_tests/monkey_island/cc/resources/auth/test_auth.py index b3f10f5df..465b0f772 100644 --- a/monkey/tests/unit_tests/monkey_island/cc/resources/auth/test_auth.py +++ b/monkey/tests/unit_tests/monkey_island/cc/resources/auth/test_auth.py @@ -4,7 +4,7 @@ from unittest.mock import MagicMock import pytest from common.utils.exceptions import IncorrectCredentialsError -from monkey_island.cc.resources.auth.auth import Authenticate +from monkey_island.cc.resources.auth.authenticate import Authenticate USERNAME = "test_user" PASSWORD = "test_password" diff --git a/monkey/tests/unit_tests/monkey_island/cc/resources/conftest.py b/monkey/tests/unit_tests/monkey_island/cc/resources/conftest.py index 26fe24821..4fb2e7be3 100644 --- a/monkey/tests/unit_tests/monkey_island/cc/resources/conftest.py +++ b/monkey/tests/unit_tests/monkey_island/cc/resources/conftest.py @@ -7,7 +7,7 @@ from tests.monkey_island import OpenErrorFileRepository from tests.unit_tests.monkey_island.conftest import init_mock_app import monkey_island.cc.app -import monkey_island.cc.resources.auth.auth +import monkey_island.cc.resources.auth.authenticate import monkey_island.cc.resources.island_mode from monkey_island.cc.repository import IFileRepository From 187dc640455fef4fcc50594fb1a0be5dccda201c Mon Sep 17 00:00:00 2001 From: Shreya Malviya Date: Mon, 1 Aug 2022 18:48:22 +0530 Subject: [PATCH 06/14] Island: Change /api/registration -> /api/register --- monkey/monkey_island/cc/resources/auth/registration.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/monkey/monkey_island/cc/resources/auth/registration.py b/monkey/monkey_island/cc/resources/auth/registration.py index 6c2124dd5..5101a1836 100644 --- a/monkey/monkey_island/cc/resources/auth/registration.py +++ b/monkey/monkey_island/cc/resources/auth/registration.py @@ -13,7 +13,7 @@ logger = logging.getLogger(__name__) class Registration(AbstractResource): - urls = ["/api/registration"] + urls = ["/api/register"] def __init__(self, authentication_service: AuthenticationService): self._authentication_service = authentication_service From 236b2cb3e286c950ab93afaa7422c579053182c3 Mon Sep 17 00:00:00 2001 From: Shreya Malviya Date: Mon, 1 Aug 2022 18:48:44 +0530 Subject: [PATCH 07/14] UI: Change /api/registration -> /api/register --- monkey/monkey_island/cc/ui/src/services/AuthService.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/monkey/monkey_island/cc/ui/src/services/AuthService.js b/monkey/monkey_island/cc/ui/src/services/AuthService.js index 09966ead0..f8d7b0754 100644 --- a/monkey/monkey_island/cc/ui/src/services/AuthService.js +++ b/monkey/monkey_island/cc/ui/src/services/AuthService.js @@ -3,7 +3,7 @@ import decode from 'jwt-decode'; export default class AuthService { SECONDS_BEFORE_JWT_EXPIRES = 20; AUTHENTICATION_API_ENDPOINT = '/api/authenticate'; - REGISTRATION_API_ENDPOINT = '/api/registration'; + REGISTRATION_API_ENDPOINT = '/api/register'; login = (username, password) => { return this._login(username, password); From 54a0072454c051ec35d35c0af869200b83588a85 Mon Sep 17 00:00:00 2001 From: Shreya Malviya Date: Mon, 1 Aug 2022 18:49:22 +0530 Subject: [PATCH 08/14] BB: Change /api/registration -> /api/register --- .../monkey_zoo/blackbox/island_client/monkey_island_requests.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/envs/monkey_zoo/blackbox/island_client/monkey_island_requests.py b/envs/monkey_zoo/blackbox/island_client/monkey_island_requests.py index 5a2d11db7..7b91207a2 100644 --- a/envs/monkey_zoo/blackbox/island_client/monkey_island_requests.py +++ b/envs/monkey_zoo/blackbox/island_client/monkey_island_requests.py @@ -49,7 +49,7 @@ class MonkeyIslandRequests(object): def try_set_island_to_credentials(self): resp = requests.post( # noqa: DUO123 - self.addr + "api/registration", + self.addr + "api/register", json={"username": ISLAND_USERNAME, "password": ISLAND_PASSWORD}, verify=False, ) From 21501fdde5ad2a45a84ff4d2d2cc1342719699f5 Mon Sep 17 00:00:00 2001 From: Shreya Malviya Date: Mon, 1 Aug 2022 19:05:04 +0530 Subject: [PATCH 09/14] Island: Rename cc/resources/auth/registration.py -> cc/resources/auth/register.py --- monkey/monkey_island/cc/app.py | 2 +- .../cc/resources/auth/{registration.py => register.py} | 0 2 files changed, 1 insertion(+), 1 deletion(-) rename monkey/monkey_island/cc/resources/auth/{registration.py => register.py} (100%) diff --git a/monkey/monkey_island/cc/app.py b/monkey/monkey_island/cc/app.py index efd3c9e0f..d583ebc1a 100644 --- a/monkey/monkey_island/cc/app.py +++ b/monkey/monkey_island/cc/app.py @@ -22,7 +22,7 @@ from monkey_island.cc.resources.agent_configuration import AgentConfiguration from monkey_island.cc.resources.agent_controls import StopAgentCheck, StopAllAgents from monkey_island.cc.resources.attack.attack_report import AttackReport from monkey_island.cc.resources.auth.authenticate import Authenticate, init_jwt -from monkey_island.cc.resources.auth.registration import Registration +from monkey_island.cc.resources.auth.register import Registration from monkey_island.cc.resources.blackbox.log_blackbox_endpoint import LogBlackboxEndpoint from monkey_island.cc.resources.blackbox.monkey_blackbox_endpoint import MonkeyBlackboxEndpoint from monkey_island.cc.resources.blackbox.telemetry_blackbox_endpoint import ( diff --git a/monkey/monkey_island/cc/resources/auth/registration.py b/monkey/monkey_island/cc/resources/auth/register.py similarity index 100% rename from monkey/monkey_island/cc/resources/auth/registration.py rename to monkey/monkey_island/cc/resources/auth/register.py From f9ddba423beb05c8143684a2d5a5686d049d1f34 Mon Sep 17 00:00:00 2001 From: Shreya Malviya Date: Mon, 1 Aug 2022 19:05:40 +0530 Subject: [PATCH 10/14] UT: Change imports cc.resources.auth.registration -> cc.resources.auth.register --- .../monkey_island/cc/resources/auth/test_registration.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/monkey/tests/unit_tests/monkey_island/cc/resources/auth/test_registration.py b/monkey/tests/unit_tests/monkey_island/cc/resources/auth/test_registration.py index c10f0b011..67d7478d9 100644 --- a/monkey/tests/unit_tests/monkey_island/cc/resources/auth/test_registration.py +++ b/monkey/tests/unit_tests/monkey_island/cc/resources/auth/test_registration.py @@ -4,7 +4,7 @@ from unittest.mock import MagicMock import pytest from common.utils.exceptions import AlreadyRegisteredError, InvalidRegistrationCredentialsError -from monkey_island.cc.resources.auth.registration import Registration +from monkey_island.cc.resources.auth.register import Registration REGISTRATION_URL = Registration.urls[0] From 767cc8fa3e3ea0ca7991cc95f6512a00f2400bcd Mon Sep 17 00:00:00 2001 From: Shreya Malviya Date: Tue, 2 Aug 2022 13:16:32 +0530 Subject: [PATCH 11/14] Changelog: Add enty for auth and registration endpoint renaming --- CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index a1974f561..c8a1738f2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -48,6 +48,8 @@ Changelog](https://keepachangelog.com/en/1.0.0/). - `/api/version-update` to `api/island/version`. #2109 - The `/api/island-mode` to `/api/island/mode`. #2106 - The `/api/log/island/download` endpoint to `/api/island/log`. #2107 +- The `/api/auth` endpoint to `/api/authenticate`. #2105 +- The `/api/registration` endpoint to `/api/register`. #2105 ### Removed - VSFTPD exploiter. #1533 From 05f9e527e9eea7303289ed42051a50991bce73d9 Mon Sep 17 00:00:00 2001 From: Shreya Malviya Date: Tue, 2 Aug 2022 13:41:46 +0530 Subject: [PATCH 12/14] Island: Remove unnecessary error in Authenticate POST --- monkey/monkey_island/cc/resources/auth/authenticate.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/monkey/monkey_island/cc/resources/auth/authenticate.py b/monkey/monkey_island/cc/resources/auth/authenticate.py index d9513bae8..a4b4468ec 100644 --- a/monkey/monkey_island/cc/resources/auth/authenticate.py +++ b/monkey/monkey_island/cc/resources/auth/authenticate.py @@ -50,5 +50,4 @@ class Authenticate(AbstractResource): except IncorrectCredentialsError: return make_response({"error": "Invalid credentials"}, HTTPStatus.UNAUTHORIZED) - # API Spec: Why are we sending "error" here? - return make_response({"access_token": access_token, "error": ""}, HTTPStatus.OK) + return make_response({"access_token": access_token}, HTTPStatus.OK) From 40f69f0e589e631f1043cbd79dde2760ab0581f1 Mon Sep 17 00:00:00 2001 From: Shreya Malviya Date: Tue, 2 Aug 2022 14:02:36 +0530 Subject: [PATCH 13/14] UT: Modify test_authentication_successful to not check for 'error' field in response --- .../unit_tests/monkey_island/cc/resources/auth/test_auth.py | 1 - 1 file changed, 1 deletion(-) diff --git a/monkey/tests/unit_tests/monkey_island/cc/resources/auth/test_auth.py b/monkey/tests/unit_tests/monkey_island/cc/resources/auth/test_auth.py index 465b0f772..6d5af8a94 100644 --- a/monkey/tests/unit_tests/monkey_island/cc/resources/auth/test_auth.py +++ b/monkey/tests/unit_tests/monkey_island/cc/resources/auth/test_auth.py @@ -37,7 +37,6 @@ def test_authentication_successful(make_auth_request, mock_authentication_servic response = make_auth_request(TEST_REQUEST) assert response.status_code == 200 - assert response.json["error"] == "" assert re.match( r"^[a-zA-Z0-9+/=]+\.[a-zA-Z0-9+/=]+\.[a-zA-Z0-9+/=\-_]+$", response.json["access_token"] ) From 486e28928ef6b3840ba7e047e19dc3d385f96846 Mon Sep 17 00:00:00 2001 From: Shreya Malviya Date: Tue, 2 Aug 2022 14:04:06 +0530 Subject: [PATCH 14/14] UT: Rename test files to be consistent with names of files they're testing --- .../cc/resources/auth/{test_auth.py => test_authenticate.py} | 0 .../cc/resources/auth/{test_registration.py => test_register.py} | 0 2 files changed, 0 insertions(+), 0 deletions(-) rename monkey/tests/unit_tests/monkey_island/cc/resources/auth/{test_auth.py => test_authenticate.py} (100%) rename monkey/tests/unit_tests/monkey_island/cc/resources/auth/{test_registration.py => test_register.py} (100%) diff --git a/monkey/tests/unit_tests/monkey_island/cc/resources/auth/test_auth.py b/monkey/tests/unit_tests/monkey_island/cc/resources/auth/test_authenticate.py similarity index 100% rename from monkey/tests/unit_tests/monkey_island/cc/resources/auth/test_auth.py rename to monkey/tests/unit_tests/monkey_island/cc/resources/auth/test_authenticate.py diff --git a/monkey/tests/unit_tests/monkey_island/cc/resources/auth/test_registration.py b/monkey/tests/unit_tests/monkey_island/cc/resources/auth/test_register.py similarity index 100% rename from monkey/tests/unit_tests/monkey_island/cc/resources/auth/test_registration.py rename to monkey/tests/unit_tests/monkey_island/cc/resources/auth/test_register.py