p34709852
/
monkey
forked from p15670423/monkey
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

Island: Remove "auth user"

This commit is contained in:
Mike Salvatore 2021-10-07 15:49:42 -04:00
parent 6bdba71b69
commit 252c1d940a
10 changed files with 13 additions and 56 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
monkey/monkey_island/cc/environment/__init__.py
View File

@ -23,9 +23,8 @@ class Environment(object, metaclass=ABCMeta):
self._config = config self._config = config
self._testing = False # Assume env is not for unit testing. self._testing = False # Assume env is not for unit testing.
@abstractmethod def get_user(self):
def get_auth_users(self): return self._config.user_creds
pass
def needs_registration(self) -> bool: def needs_registration(self) -> bool:
try: try:

6
monkey/monkey_island/cc/environment/aws.py
View File

@ -7,9 +7,3 @@ class AwsEnvironment(Environment):
super(AwsEnvironment, self).__init__(config) super(AwsEnvironment, self).__init__(config)
# Not suppressing error here on purpose. This is critical if we're on AWS env. # Not suppressing error here on purpose. This is critical if we're on AWS env.
self.aws_info = AwsInstance() self.aws_info = AwsInstance()
def get_auth_users(self):
if self._is_registered():
return [self._config.get_user()]
else:
return []

5
monkey/monkey_island/cc/environment/environment_config.py
View File

@ -5,7 +5,6 @@ import os
from typing import Dict from typing import Dict
from monkey_island.cc.environment.user_creds import UserCreds from monkey_island.cc.environment.user_creds import UserCreds
from monkey_island.cc.resources.auth.auth_user import User
class EnvironmentConfig: class EnvironmentConfig:
@ -58,10 +57,6 @@ class EnvironmentConfig:
self.user_creds = credentials self.user_creds = credentials
self.save_to_file() self.save_to_file()
def get_user(self) -> User:
auth_user = self.user_creds.to_auth_user()
return auth_user if auth_user else None
def _get_user_credentials_from_config(dict_data: Dict): def _get_user_credentials_from_config(dict_data: Dict):
username = dict_data.get("user", "") username = dict_data.get("user", "")

8
monkey/monkey_island/cc/environment/password.py
View File

@ -1,9 +1,7 @@
from monkey_island.cc.environment import Environment from monkey_island.cc.environment import Environment
# TODO: We can probably remove these Environment subclasses, but the
# AwsEnvironment class still does something unique in its constructor.
class PasswordEnvironment(Environment): class PasswordEnvironment(Environment):
def get_auth_users(self): pass
if self._is_registered():
return [self._config.get_user()]
else:
return []

5
monkey/monkey_island/cc/environment/user_creds.py
View File

@ -2,8 +2,6 @@ from __future__ import annotations
from typing import Dict from typing import Dict
from monkey_island.cc.resources.auth.auth_user import User
class UserCreds: class UserCreds:
def __init__(self, username, password_hash): def __init__(self, username, password_hash):
@ -20,6 +18,3 @@ class UserCreds:
if self.password_hash: if self.password_hash:
cred_dict.update({"password_hash": self.password_hash}) cred_dict.update({"password_hash": self.password_hash})
return cred_dict return cred_dict
def to_auth_user(self) -> User:
return User(1, self.username, self.password_hash)

4
monkey/monkey_island/cc/resources/auth/auth.py
View File

@ -50,12 +50,12 @@ class Authenticate(flask_restful.Resource):
def _credentials_match_registered_user(username: str, password: str) -> bool: def _credentials_match_registered_user(username: str, password: str) -> bool:
registered_user = env_singleton.env.get_auth_users() registered_user = env_singleton.env.get_user()
if not registered_user: if not registered_user:
return False return False
return (registered_user.username == username) and password_matches_hash(password, registered_user[0].secret) return (registered_user.username == username) and password_matches_hash(password, registered_user.password_hash)
def _create_access_token(username): def _create_access_token(username):

8
monkey/monkey_island/cc/resources/auth/auth_user.py
View File

@ -1,8 +0,0 @@
class User(object):
def __init__(self, user_id, username, secret):
self.id = user_id
self.username = username
self.secret = secret
def __str__(self):
return "User(id='%s')" % self.id

13
monkey/tests/unit_tests/monkey_island/cc/environment/test_environment.py
View File

@ -13,8 +13,7 @@ WITH_CREDENTIALS = None
NO_CREDENTIALS = None NO_CREDENTIALS = None
PARTIAL_CREDENTIALS = None PARTIAL_CREDENTIALS = None
EMPTY_USER_CREDENTIALS = UserCreds("", "") USER_CREDENTIALS = UserCreds(username="test", password_hash="1231234")
FULL_USER_CREDENTIALS = UserCreds(username="test", password_hash="1231234")
# This fixture is a dirty hack that can be removed once these tests are converted from # This fixture is a dirty hack that can be removed once these tests are converted from
@ -49,24 +48,18 @@ class StubEnvironmentConfig(EnvironmentConfig):
class TestEnvironment(TestCase): class TestEnvironment(TestCase):
class EnvironmentCredentialsRequired(Environment): class EnvironmentCredentialsRequired(Environment):
def __init__(self): def __init__(self):
config = StubEnvironmentConfig("test", "test", EMPTY_USER_CREDENTIALS) config = StubEnvironmentConfig("test", "test", None)
super().__init__(config) super().__init__(config)
def get_auth_users(self):
return []
class EnvironmentAlreadyRegistered(Environment): class EnvironmentAlreadyRegistered(Environment):
def __init__(self): def __init__(self):
config = StubEnvironmentConfig("test", "test", UserCreds("test_user", "test_secret")) config = StubEnvironmentConfig("test", "test", UserCreds("test_user", "test_secret"))
super().__init__(config) super().__init__(config)
def get_auth_users(self):
return [1, "Test_username", "Test_secret"]
@patch.object(target=EnvironmentConfig, attribute="save_to_file", new=MagicMock()) @patch.object(target=EnvironmentConfig, attribute="save_to_file", new=MagicMock())
def test_try_add_user(self): def test_try_add_user(self):
env = TestEnvironment.EnvironmentCredentialsRequired() env = TestEnvironment.EnvironmentCredentialsRequired()
credentials = FULL_USER_CREDENTIALS credentials = USER_CREDENTIALS
env.try_add_user(credentials) env.try_add_user(credentials)
credentials = UserCreds(username="test", password_hash="") credentials = UserCreds(username="test", password_hash="")

7
monkey/tests/unit_tests/monkey_island/cc/environment/test_environment_config.py
View File

@ -82,10 +82,9 @@ def test_add_user(config_file, with_credentials):
assert from_file["environment"]["password_hash"] == new_password_hash assert from_file["environment"]["password_hash"] == new_password_hash
def test_get_user(with_credentials): def test_user(with_credentials):
environment_config = EnvironmentConfig(with_credentials) environment_config = EnvironmentConfig(with_credentials)
user = environment_config.get_user() user = environment_config.user_creds
assert user.id == 1
assert user.username == "test" assert user.username == "test"
assert user.secret == "abcdef" assert user.password_hash == "abcdef"

8
monkey/tests/unit_tests/monkey_island/cc/environment/test_user_creds.py
View File

@ -30,14 +30,6 @@ def test_to_dict_full_creds():
assert user_creds.to_dict() == {"user": TEST_USER, "password_hash": TEST_HASH} assert user_creds.to_dict() == {"user": TEST_USER, "password_hash": TEST_HASH}
def test_to_auth_user_full_credentials():
user_creds = UserCreds(TEST_USER, TEST_HASH)
auth_user = user_creds.to_auth_user()
assert auth_user.id == 1
assert auth_user.username == TEST_USER
assert auth_user.secret == TEST_HASH
def test_member_values(monkeypatch): def test_member_values(monkeypatch):
creds = UserCreds(TEST_USER, TEST_HASH) creds = UserCreds(TEST_USER, TEST_HASH)
assert creds.username == TEST_USER assert creds.username == TEST_USER