[incubator-teaclave] branch develop updated: [frontend] Partially implement authentication mechansim to handle requests

Wed, 29 Jan 2020 21:02:23 -0800 

This is an automated email from the ASF dual-hosted git repository.

mssun pushed a commit to branch develop
in repository https://gitbox.apache.org/repos/asf/incubator-teaclave.git


The following commit(s) were added to refs/heads/develop by this push:
     new f773f9a  [frontend] Partially implement authentication mechansim to 
handle requests
f773f9a is described below

commit f773f9a38e6efdcb8955648ebb71aab6c41ffb0f
Author: Mingshen Sun <[email protected]>
AuthorDate: Wed Jan 29 20:53:15 2020 -0800

    [frontend] Partially implement authentication mechansim to handle requests
---
 cmake/scripts/test.sh                              |  1 +
 services/frontend/enclave/src/service.rs           | 50 ++++++++++++++++++----
 tests/functional_tests/enclave/src/lib.rs          |  4 +-
 .../enclave/src/teaclave_frontend_service.rs       | 37 ++++++++++++++++
 types/src/lib.rs                                   |  2 +-
 5 files changed, 84 insertions(+), 10 deletions(-)

diff --git a/cmake/scripts/test.sh b/cmake/scripts/test.sh
index bfa3395..7f0204a 100755
--- a/cmake/scripts/test.sh
+++ b/cmake/scripts/test.sh
@@ -40,6 +40,7 @@ pushd ${MESATEE_SERVICE_INSTALL_DIR}
 ./teaclave_authentication_service &
 ./teaclave_database_service &
 ./teaclave_execution_service &
+./teaclave_frontend_service &
 popd
 sleep 3
 ./teaclave_functional_tests
diff --git a/services/frontend/enclave/src/service.rs 
b/services/frontend/enclave/src/service.rs
index 7b75e94..bf220be 100644
--- a/services/frontend/enclave/src/service.rs
+++ b/services/frontend/enclave/src/service.rs
@@ -1,13 +1,16 @@
 #![allow(dead_code)]
 
 use std::prelude::v1::*;
-use std::sync::Arc;
+use std::sync::{Arc, SgxMutex as Mutex};
 use teaclave_config::RuntimeConfig;
 use 
teaclave_proto::teaclave_authentication_service::TeaclaveAuthenticationClient;
+use teaclave_proto::teaclave_authentication_service::UserAuthenticateRequest;
+use teaclave_proto::teaclave_common::UserCredential;
 use teaclave_proto::teaclave_frontend_service::{
     RegisterInputFileRequest, RegisterInputFileResponse, 
RegisterOutputFileRequest,
     RegisterOutputFileResponse, TeaclaveFrontend,
 };
+use teaclave_rpc::endpoint::Endpoint;
 use teaclave_service_enclave_utils::teaclave_service;
 use teaclave_types::{TeaclaveServiceResponseError, 
TeaclaveServiceResponseResult};
 use thiserror::Error;
@@ -27,27 +30,58 @@ impl From<TeaclaveFrontendError> for 
TeaclaveServiceResponseError {
 #[teaclave_service(teaclave_frontend_service, TeaclaveFrontend, 
TeaclaveFrontendError)]
 #[derive(Clone)]
 pub(crate) struct TeaclaveFrontendService {
-    authentication_client: Arc<TeaclaveAuthenticationClient>,
+    authentication_client: Arc<Mutex<TeaclaveAuthenticationClient>>,
 }
 
 impl TeaclaveFrontendService {
-    pub(crate) fn new(_config: &RuntimeConfig) -> Self {
-        unimplemented!()
+    pub(crate) fn new(config: &RuntimeConfig) -> Self {
+        let channel = 
Endpoint::new(&config.internal_endpoints.authentication.advertised_address)
+            .connect()
+            .unwrap();
+        let client = TeaclaveAuthenticationClient::new(channel).unwrap();
+        Self {
+            authentication_client: Arc::new(Mutex::new(client)),
+        }
     }
 }
 
 impl TeaclaveFrontend for TeaclaveFrontendService {
     fn register_input_file(
         &self,
-        _request: RegisterInputFileRequest,
+        request: RegisterInputFileRequest,
     ) -> TeaclaveServiceResponseResult<RegisterInputFileResponse> {
-        unimplemented!()
+        if !self.authenticate(request.credential) {
+            return Err(TeaclaveFrontendError::AuthenticationError.into());
+        }
+        let response = RegisterInputFileResponse {
+            data_id: "".to_string(),
+        };
+        Ok(response)
     }
 
     fn register_output_file(
         &self,
-        _request: RegisterOutputFileRequest,
+        request: RegisterOutputFileRequest,
     ) -> TeaclaveServiceResponseResult<RegisterOutputFileResponse> {
-        unimplemented!()
+        if !self.authenticate(request.credential) {
+            return Err(TeaclaveFrontendError::AuthenticationError.into());
+        }
+        let response = RegisterOutputFileResponse {
+            data_id: "".to_string(),
+        };
+        Ok(response)
+    }
+}
+
+impl TeaclaveFrontendService {
+    fn authenticate(&self, credential: UserCredential) -> bool {
+        let auth_request = UserAuthenticateRequest { credential };
+        let auth_response = self
+            .authentication_client
+            .clone()
+            .lock()
+            .unwrap()
+            .user_authenticate(auth_request);
+        auth_response.unwrap().accept
     }
 }
diff --git a/tests/functional_tests/enclave/src/lib.rs 
b/tests/functional_tests/enclave/src/lib.rs
index 8dfead3..ef7772d 100644
--- a/tests/functional_tests/enclave/src/lib.rs
+++ b/tests/functional_tests/enclave/src/lib.rs
@@ -38,12 +38,14 @@ use teaclave_service_enclave_utils::ServiceEnclave;
 mod teaclave_authentication_service;
 mod teaclave_database_service;
 mod teaclave_execution_service;
+mod teaclave_frontend_service;
 
 #[handle_ecall]
 fn handle_run_test(_args: &RunTestInput) -> Result<RunTestOutput> {
     let ret = teaclave_authentication_service::run_tests()
         & teaclave_database_service::run_tests()
-        & teaclave_execution_service::run_tests();
+        & teaclave_execution_service::run_tests()
+        & teaclave_frontend_service::run_tests();
 
     assert_eq!(ret, true);
     Ok(RunTestOutput::default())
diff --git a/tests/functional_tests/enclave/src/teaclave_frontend_service.rs 
b/tests/functional_tests/enclave/src/teaclave_frontend_service.rs
new file mode 100644
index 0000000..801cf97
--- /dev/null
+++ b/tests/functional_tests/enclave/src/teaclave_frontend_service.rs
@@ -0,0 +1,37 @@
+use std::prelude::v1::*;
+use teaclave_proto::teaclave_common::*;
+use teaclave_proto::teaclave_frontend_service::*;
+use teaclave_rpc::endpoint::Endpoint;
+use teaclave_types::*;
+
+pub fn run_tests() -> bool {
+    use teaclave_test_utils::*;
+
+    run_tests!(test_register_input_file_authentication_error)
+}
+
+fn test_register_input_file_authentication_error() {
+    let request = RegisterInputFileRequest {
+        uri: "".to_string(),
+        hash: "".to_string(),
+        crypto_info: TeaclaveFileCryptoInfo::AesGcm128(AesGcm128CryptoInfo {
+            key: [0x90u8; 16],
+            iv: [0x89u8; 12],
+        }),
+        credential: UserCredential {
+            id: "".to_string(),
+            token: "".to_string(),
+        },
+    };
+
+    let channel = Endpoint::new("localhost:7777").connect().unwrap();
+    let mut client = TeaclaveFrontendClient::new(channel).unwrap();
+    let response = client.register_input_file(request);
+
+    assert_eq!(
+        response,
+        Err(TeaclaveServiceResponseError::RequestError(
+            "authentication error".to_string()
+        ))
+    );
+}
diff --git a/types/src/lib.rs b/types/src/lib.rs
index 3abd5e6..c64df9b 100644
--- a/types/src/lib.rs
+++ b/types/src/lib.rs
@@ -162,7 +162,7 @@ impl EnclaveInfo {
     }
 }
 
-#[derive(Error, Debug, Serialize, Deserialize)]
+#[derive(Error, Debug, Serialize, Deserialize, PartialEq)]
 pub enum TeaclaveServiceResponseError {
     #[error("Request error: {0}")]
     RequestError(String),


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to