p15670423
/
monkey
1
0
Fork 5
Code Issues Pull Requests 3 Projects Releases Wiki Activity

Merge pull request #2147 from guardicore/2105-refactor-auth-endpoints 

Rename endpoints for auth and register, remove unnecessary error
This commit is contained in:
Shreya Malviya 2022-08-02 14:15:36 +05:30 committed by GitHub
parent 30166880bb 486e28928e
commit 9442b66912
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
9 changed files with 14 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGELOG.md
View File

@ -48,6 +48,8 @@ Changelog](https://keepachangelog.com/en/1.0.0/).
- `/api/version-update` to `api/island/version`. #2109 - `/api/version-update` to `api/island/version`. #2109
- The `/api/island-mode` to `/api/island/mode`. #2106 - The `/api/island-mode` to `/api/island/mode`. #2106
- The `/api/log/island/download` endpoint to `/api/island/log`. #2107 - The `/api/log/island/download` endpoint to `/api/island/log`. #2107
- The `/api/auth` endpoint to `/api/authenticate`. #2105
- The `/api/registration` endpoint to `/api/register`. #2105
### Removed ### Removed
- VSFTPD exploiter. #1533 - VSFTPD exploiter. #1533

4
envs/monkey_zoo/blackbox/island_client/monkey_island_requests.py
View File

@ -39,7 +39,7 @@ class MonkeyIslandRequests(object):
def get_jwt_from_server(self): def get_jwt_from_server(self):
resp = requests.post( # noqa: DUO123 resp = requests.post( # noqa: DUO123
self.addr + "api/auth", self.addr + "api/authenticate",
json={"username": ISLAND_USERNAME, "password": ISLAND_PASSWORD}, json={"username": ISLAND_USERNAME, "password": ISLAND_PASSWORD},
verify=False, verify=False,
) )
@ -49,7 +49,7 @@ class MonkeyIslandRequests(object):
def try_set_island_to_credentials(self): def try_set_island_to_credentials(self):
resp = requests.post( # noqa: DUO123 resp = requests.post( # noqa: DUO123
self.addr + "api/registration", self.addr + "api/register",
json={"username": ISLAND_USERNAME, "password": ISLAND_PASSWORD}, json={"username": ISLAND_USERNAME, "password": ISLAND_PASSWORD},
verify=False, verify=False,
) )

4
monkey/monkey_island/cc/app.py
View File

@ -21,8 +21,8 @@ from monkey_island.cc.resources.AbstractResource import AbstractResource
from monkey_island.cc.resources.agent_configuration import AgentConfiguration from monkey_island.cc.resources.agent_configuration import AgentConfiguration
from monkey_island.cc.resources.agent_controls import StopAgentCheck, StopAllAgents from monkey_island.cc.resources.agent_controls import StopAgentCheck, StopAllAgents
from monkey_island.cc.resources.attack.attack_report import AttackReport from monkey_island.cc.resources.attack.attack_report import AttackReport
from monkey_island.cc.resources.auth.auth import Authenticate, init_jwt from monkey_island.cc.resources.auth.authenticate import Authenticate, init_jwt
from monkey_island.cc.resources.auth.registration import Registration from monkey_island.cc.resources.auth.register import Registration
from monkey_island.cc.resources.blackbox.log_blackbox_endpoint import LogBlackboxEndpoint from monkey_island.cc.resources.blackbox.log_blackbox_endpoint import LogBlackboxEndpoint
from monkey_island.cc.resources.blackbox.monkey_blackbox_endpoint import MonkeyBlackboxEndpoint from monkey_island.cc.resources.blackbox.monkey_blackbox_endpoint import MonkeyBlackboxEndpoint
from monkey_island.cc.resources.blackbox.telemetry_blackbox_endpoint import ( from monkey_island.cc.resources.blackbox.telemetry_blackbox_endpoint import (

5
monkey/monkey_island/cc/resources/auth/auth.py → monkey/monkey_island/cc/resources/auth/authenticate.py
View File

@ -28,7 +28,7 @@ class Authenticate(AbstractResource):
""" """
urls = ["/api/auth"] urls = ["/api/authenticate"]
def __init__(self, authentication_service: AuthenticationService): def __init__(self, authentication_service: AuthenticationService):
self._authentication_service = authentication_service self._authentication_service = authentication_service
@ -50,5 +50,4 @@ class Authenticate(AbstractResource):
except IncorrectCredentialsError: except IncorrectCredentialsError:
return make_response({"error": "Invalid credentials"}, HTTPStatus.UNAUTHORIZED) return make_response({"error": "Invalid credentials"}, HTTPStatus.UNAUTHORIZED)
# API Spec: Why are we sending "error" here? return make_response({"access_token": access_token}, HTTPStatus.OK)
return make_response({"access_token": access_token, "error": ""}, HTTPStatus.OK)

2
monkey/monkey_island/cc/resources/auth/registration.py → monkey/monkey_island/cc/resources/auth/register.py
View File

@ -13,7 +13,7 @@ logger = logging.getLogger(__name__)
class Registration(AbstractResource): class Registration(AbstractResource):
urls = ["/api/registration"] urls = ["/api/register"]
def __init__(self, authentication_service: AuthenticationService): def __init__(self, authentication_service: AuthenticationService):
self._authentication_service = authentication_service self._authentication_service = authentication_service

4
monkey/monkey_island/cc/ui/src/services/AuthService.js
View File

@ -2,8 +2,8 @@ import decode from 'jwt-decode';
export default class AuthService { export default class AuthService {
SECONDS_BEFORE_JWT_EXPIRES = 20; SECONDS_BEFORE_JWT_EXPIRES = 20;
AUTHENTICATION_API_ENDPOINT = '/api/auth'; AUTHENTICATION_API_ENDPOINT = '/api/authenticate';
REGISTRATION_API_ENDPOINT = '/api/registration'; REGISTRATION_API_ENDPOINT = '/api/register';
login = (username, password) => { login = (username, password) => {
return this._login(username, password); return this._login(username, password);

3
monkey/tests/unit_tests/monkey_island/cc/resources/auth/test_auth.py → monkey/tests/unit_tests/monkey_island/cc/resources/auth/test_authenticate.py
View File

@ -4,7 +4,7 @@ from unittest.mock import MagicMock
import pytest import pytest
from common.utils.exceptions import IncorrectCredentialsError from common.utils.exceptions import IncorrectCredentialsError
from monkey_island.cc.resources.auth.auth import Authenticate from monkey_island.cc.resources.auth.authenticate import Authenticate
USERNAME = "test_user" USERNAME = "test_user"
PASSWORD = "test_password" PASSWORD = "test_password"
@ -37,7 +37,6 @@ def test_authentication_successful(make_auth_request, mock_authentication_servic
response = make_auth_request(TEST_REQUEST) response = make_auth_request(TEST_REQUEST)
assert response.status_code == 200 assert response.status_code == 200
assert response.json["error"] == ""
assert re.match( assert re.match(
r"^[a-zA-Z0-9+/=]+\.[a-zA-Z0-9+/=]+\.[a-zA-Z0-9+/=\-_]+$", response.json["access_token"] r"^[a-zA-Z0-9+/=]+\.[a-zA-Z0-9+/=]+\.[a-zA-Z0-9+/=\-_]+$", response.json["access_token"]
) )

2
monkey/tests/unit_tests/monkey_island/cc/resources/auth/test_registration.py → monkey/tests/unit_tests/monkey_island/cc/resources/auth/test_register.py
View File

@ -4,7 +4,7 @@ from unittest.mock import MagicMock
import pytest import pytest
from common.utils.exceptions import AlreadyRegisteredError, InvalidRegistrationCredentialsError from common.utils.exceptions import AlreadyRegisteredError, InvalidRegistrationCredentialsError
from monkey_island.cc.resources.auth.registration import Registration from monkey_island.cc.resources.auth.register import Registration
REGISTRATION_URL = Registration.urls[0] REGISTRATION_URL = Registration.urls[0]

2
monkey/tests/unit_tests/monkey_island/cc/resources/conftest.py
View File

@ -7,7 +7,7 @@ from tests.monkey_island import OpenErrorFileRepository
from tests.unit_tests.monkey_island.conftest import init_mock_app from tests.unit_tests.monkey_island.conftest import init_mock_app
import monkey_island.cc.app import monkey_island.cc.app
import monkey_island.cc.resources.auth.auth import monkey_island.cc.resources.auth.authenticate
import monkey_island.cc.resources.island_mode import monkey_island.cc.resources.island_mode
from monkey_island.cc.repository import IFileRepository from monkey_island.cc.repository import IFileRepository