Hi Ruwan,
As per the discussion with Senthalan, we may have an issue with using
the event handlers passed to the "callTensorFlow" function inside the
callback handler of the http call. Those need to be stored in a global
variable if we are to use them in the http callback. In such case, we need
to check if those variables will be shared across the requests. @Senthalan
Kanagalingam <sentha...@wso2.com> Please check and update with the
findings.
On Wed, Jan 30, 2019 at 1:14 PM Ruwan Abeykoon <ruw...@wso2.com> wrote:
> Hi All,
> Any function in the function library needs to be reusable. So here are
> some guidelines.
>
> 1. Function needs to accept necessary parameters
> 2. Should return a result
> 3. Should not have "side effects"
> 4. Can accept other functions as parameters
> 5. Can accept other functions as event handlers
>
> With above guidelines, we need a simple function like,
>
> callTensorFlow(context, data, eventHandlers{onSuccess, onFail})
>
> The results will be available on the function "onSuccess".
>
> Why we use event handler mechanism?
> Because any external call is an I/O call. Which may take arbitrary amount
> of time to return. We can not block the Tomcat HTTP processor thread. The
> event Handler mechanism takes care of not blocking HTTP worker thread and
> show an in-progress image to the end user.
>
> Cheers,
> Ruwan
>
>
>
> On Wed, Jan 30, 2019 at 12:55 PM Dilin Dampahalage <di...@wso2.com> wrote:
>
>> Hi Senthalan,
>>
>> Why do we need to execute the steps in the "getTensorFlowResult"? Instead
>> of this why can't we have a single function that will just publish data to
>> our API exposing the tensor flow model and return the result send by the
>> API? After getting the result we can execute the steps separately. WDYT?
>>
>> Thanks,
>> Dilin
>>
>>
>> On Wed, Jan 30, 2019 at 10:48 AM Senthalan Kanagalingam <
>> sentha...@wso2.com> wrote:
>>
>>> [+dev]
>>>
>>> On Tue, Jan 29, 2019 at 9:42 PM Senthalan Kanagalingam <
>>> sentha...@wso2.com> wrote:
>>>
>>>> Hi all,
>>>>
>>>> I have tried to change the authentication script to publish the event
>>>> from it rather than our analytical event publisher to overcome the faced
>>>> issue. Here is the script.
>>>>
>>>> function getPayload(context, isSucess) {
>>>> var username = '';
>>>> if (isSucess === true) {
>>>> username = context.currentKnownSubject.username;
>>>> }
>>>> var contextId = '12324232';
>>>> var timestamp = new Date().getTime();
>>>> var remoteIp = context.request.ip;
>>>> var payloadData = {
>>>> 'username' : username,
>>>> 'contextId' : contextId,
>>>> 'authenticationSuccess' : isSucess,
>>>> '_timestamp' : timestamp,
>>>> 'remoteIp' : remoteIp,
>>>> 'eventType' : 'step'
>>>> };
>>>> return payloadData;
>>>> }
>>>>
>>>> function onLoginRequest(context) {
>>>> executeStep(1, {
>>>>
>>>> onSuccess: function (context) {
>>>>
>>>> var payloadData = getPayload(context, true);
>>>>
>>>> httpPost('http://127.0.0.1:5000/publish', payloadData, {
>>>>
>>>> onSuccess : function(context, data) {
>>>>
>>>> Log.info('--------------- Received suspicious ' + data.suspicious);
>>>>
>>>> if (data.suspicious) {
>>>>
>>>> executeStep(2);
>>>>
>>>> }
>>>>
>>>> }, onFail : function(context, data) {
>>>>
>>>> Log.info('--------------- Failed to call analytics engine');
>>>>
>>>> executeStep(2);
>>>>
>>>> }
>>>>
>>>> });
>>>>
>>>> }, onFail : function(context) {
>>>> var payloadData = getPayload(context, false);
>>>>
>>>> httpPost('http://127.0.0.1:5000/publish', payloadData, {
>>>>
>>>> onSuccess : function(context, data) {
>>>>
>>>> Log.info('--------------- Data published ');
>>>>
>>>> }, onFail : function(context, data) {
>>>>
>>>> Log.info('--------------- Data publish failed');
>>>>
>>>> }
>>>>
>>>> });
>>>>
>>>> }
>>>>
>>>> });
>>>> }
>>>>
>>>> Here we can make the getPayload() as a function library function.
>>>>
>>>> To move the calling tensor flow part to the function library as well, I
>>>> have tried the following. Because we can't return the result from the
>>>> callback to the onLoginRequest function
>>>>
>>>> var stepNo;
>>>> function getTensorFlowResult(context, stepUpNo) {
>>>> stepNo = stepUpNo;
>>>> var payloadData = getPayload(context, true);
>>>> httpPost('http://127.0.0.1:5000/publish', payloadData, {
>>>> onSuccess : function(context, data) {
>>>> Log.info('--------------- Received suspicious ' + data.suspicious);
>>>> if (data.suspicious) {
>>>> executeStep(stepNo);
>>>> }
>>>> }, onFail : function(context, data) {
>>>> Log.info('--------------- Failed to call analytics engine');
>>>> executeStep(stepNo);
>>>> }
>>>> });
>>>> }
>>>>
>>>> function publishToTensorFlow(context) {
>>>> var payloadData = getPayload(context, false);
>>>> httpPost('http://127.0.0.1:5000/publish', payloadData, {
>>>> onSuccess : function(context, data) {
>>>> Log.info('--------------- Data published ');
>>>> }, onFail : function(context, data) {
>>>> Log.info('--------------- Data publish failed');
>>>> }
>>>> });
>>>> }
>>>>
>>>> function onLoginRequest(context) {
>>>> executeStep(1, {
>>>> onSuccess: function (context) {
>>>> getTensorFlowResult(context, 2);
>>>> }, onFail : function(context) {
>>>> publishToTensorFlow(context);
>>>> }
>>>> });
>>>> }
>>>>
>>>> But our script validation didn't activate the script as the executeStep(
>>>> *2*) is not found in the script. So I think we can't make
>>>> the TensorFlow calls as the functions library.
>>>>
>>>> Thanks and Regards,
>>>> Senthalan
>>>>
>>>> On Mon, Jan 21, 2019 at 8:50 AM Dilin Dampahalage <di...@wso2.com>
>>>> wrote:
>>>>
>>>>> Hi All,
>>>>>
>>>>> I was working on a personnel project about "Using Tensor Flow for an
>>>>> Adaptive Authentication Scenario". The idea is to implement a suspicious
>>>>> login detection framework using tensor flow and utilize it to prompt
>>>>> additional authentication steps in adaptive authentication flow. Following
>>>>> is the progress so far.
>>>>>
>>>>>
>>>>> - Simulated Identity Server authentication event stream and
>>>>> trained a Tensor Flow model to detect suspicious logins
>>>>> - Build a Python Flask based REST API to expose the model
>>>>> - Configured an event publisher in IS to publish data to the TF API
>>>>> - Detect suspicious logins (In the current model, if you
>>>>> consecutively failed to login to the Identity Server few times, and you
>>>>> login the next time, it is considered as a suspicious login)
>>>>>
>>>>>
>>>>> As the next step I was trying to utilize the Tensor Flow model in a
>>>>> conditional authentication script. But I was unable to get it working so
>>>>> far. The problem is for some reason the event stream is getting published
>>>>> after the conditional script query the TF API for a suspicious login.
>>>>> Therefore the action for a suspicious login is taken in the next login.
>>>>> Following is the conditional authentication script I used.
>>>>>
>>>>> function onLoginRequest(context) {
>>>>>>
>>>>>> executeStep(1, {
>>>>>>
>>>>>> onSuccess: function (context) {
>>>>>>
>>>>>> var username = context.currentKnownSubject.username;
>>>>>>
>>>>>> httpGet('http://127.0.0.1:5000/evaluate?username=' + username, {
>>>>>>
>>>>>> onSuccess : function(context, data) {
>>>>>>
>>>>>> Log.info('--------------- Received suspicious ' + data.suspicious);
>>>>>>
>>>>>> if (data.suspicious) {
>>>>>>
>>>>>> executeStep(2);
>>>>>>
>>>>>> }
>>>>>>
>>>>>> }, onFail : function(context, data) {
>>>>>>
>>>>>> Log.info('--------------- Failed to call analytics engine');
>>>>>>
>>>>>> }
>>>>>>
>>>>>> });
>>>>>>
>>>>>>
>>>>>>
>>>>>> }
>>>>>>
>>>>>> });
>>>>>>
>>>>>> }
>>>>>>
>>>>>>
>>>>>>
>>>>> I would really appreciate your feedback and help on this.
>>>>>
>>>>> I have attached the event publisher and all the resources I used. You
>>>>> can find the medium article I have written in [4].
>>>>>
>>>>> [1] git repo: https://github.com/dilin993/SuspiciousLoginDetection
>>>>> [2] getting started with tensor flow:
>>>>> https://www.tensorflow.org/tutorials/
>>>>> [3] pandas documentation:
>>>>> https://pandas.pydata.org/pandas-docs/stable/index.html
>>>>> [4]
>>>>> https://medium.com/@dilinlalindradampahalage/suspicious-login-detection-for-wso2-is-using-tensor-flow-introduction-a9070289fdd
>>>>>
>>>>> Thanks,
>>>>> Dilin
>>>>>
>>>>> --
>>>>>
>>>>> *Dilin Dampahalage*
>>>>> Software Engineer | WSO2
>>>>>
>>>>> Email : di...@wso2.com
>>>>> Mobile : +94 771 462939
>>>>> web : http://wso2.com
>>>>>
>>>>> <http://wso2.com/signature>
>>>>>
>>>>
>>>>
>>>> --
>>>>
>>>> *Senthalan Kanagalingam*
>>>> *Software Engineer - WSO2 Inc.*
>>>> *Mobile : +94 (0) 77 18 77 466*
>>>> <http://wso2.com/signature>
>>>>
>>>
>>>
>>> --
>>>
>>> *Senthalan Kanagalingam*
>>> *Software Engineer - WSO2 Inc.*
>>> *Mobile : +94 (0) 77 18 77 466*
>>> <http://wso2.com/signature>
>>>
>>
>>
>> --
>>
>> *Dilin Dampahalage*
>> Software Engineer | WSO2
>>
>> Email : di...@wso2.com
>> Mobile : +94 771 462939
>> web : http://wso2.com
>>
>> <http://wso2.com/signature>
>>
>
>
> --
>
> *Ruwan Abeykoon*
> *Associate Director/Architect**,*
> *WSO2, Inc. http://wso2.com <https://wso2.com/signature> *
> *lean.enterprise.middleware.*
>
>
--
*Pulasthi Mahawithana* | Associate Technical Lead | WSO2 Inc.
(m) +94-71-5179022 | (w) +94-11-2145345 | (e) pulast...@wso2.com
Blog: https://medium.com/@pulasthi7/
<https://wso2.com/signature>
_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
