Search in sources :

Example 1 with MultiTenancyValidationException

use of org.hyperledger.besu.ethereum.privacy.MultiTenancyValidationException in project besu by hyperledger.

the class PrivDistributeRawTransaction method response.

@Override
public JsonRpcResponse response(final JsonRpcRequestContext requestContext) {
    final Object id = requestContext.getRequest().getId();
    final String rawPrivateTransaction = requestContext.getRequiredParameter(0, String.class);
    try {
        final PrivateTransaction privateTransaction = PrivateTransaction.readFrom(RLP.input(Bytes.fromHexString(rawPrivateTransaction)));
        final String privacyUserId = privacyIdProvider.getPrivacyUserId(requestContext.getUser());
        if (!privateTransaction.getPrivateFrom().equals(Bytes.fromBase64String(privacyUserId))) {
            return new JsonRpcErrorResponse(id, PRIVATE_FROM_DOES_NOT_MATCH_ENCLAVE_PUBLIC_KEY);
        }
        final Optional<Bytes> maybePrivacyGroupId = privateTransaction.getPrivacyGroupId();
        if (flexiblePrivacyGroupsEnabled && maybePrivacyGroupId.isEmpty()) {
            return new JsonRpcErrorResponse(id, JsonRpcError.FLEXIBLE_PRIVACY_GROUP_ID_NOT_AVAILABLE);
        }
        Optional<PrivacyGroup> maybePrivacyGroup = maybePrivacyGroupId.flatMap(gId -> privacyController.findPrivacyGroupByGroupId(gId.toBase64String(), privacyUserId));
        if (flexiblePrivacyGroupsEnabled) {
            if (FlexibleUtil.isGroupAdditionTransaction(privateTransaction)) {
                final List<String> participantsFromParameter = FlexibleUtil.getParticipantsFromParameter(privateTransaction.getPayload());
                if (maybePrivacyGroup.isEmpty()) {
                    maybePrivacyGroup = Optional.of(new PrivacyGroup(maybePrivacyGroupId.get().toBase64String(), PrivacyGroup.Type.FLEXIBLE, "", "", participantsFromParameter));
                }
                maybePrivacyGroup.get().addMembers(participantsFromParameter);
            }
            if (maybePrivacyGroup.isEmpty()) {
                return new JsonRpcErrorResponse(id, JsonRpcError.FLEXIBLE_PRIVACY_GROUP_DOES_NOT_EXIST);
            }
        }
        final ValidationResult<TransactionInvalidReason> validationResult = privacyController.validatePrivateTransaction(privateTransaction, privacyUserId);
        if (!validationResult.isValid()) {
            return new JsonRpcErrorResponse(id, convertTransactionInvalidReason(validationResult.getInvalidReason()));
        }
        final String enclaveKey = privacyController.createPrivateMarkerTransactionPayload(privateTransaction, privacyUserId, maybePrivacyGroup);
        return new JsonRpcSuccessResponse(id, hexEncodeEnclaveKey(enclaveKey));
    } catch (final MultiTenancyValidationException e) {
        LOG.error("Unauthorized privacy multi-tenancy rpc request. {}", e.getMessage());
        return new JsonRpcErrorResponse(id, ENCLAVE_ERROR);
    } catch (final IllegalArgumentException | RLPException e) {
        LOG.error("Unable to decode transaction for distribute");
        return new JsonRpcErrorResponse(id, DECODE_ERROR);
    } catch (final Exception e) {
        return new JsonRpcErrorResponse(id, convertEnclaveInvalidReason(e.getMessage()));
    }
}
Also used : PrivateTransaction(org.hyperledger.besu.ethereum.privacy.PrivateTransaction) PrivacyGroup(org.hyperledger.besu.enclave.types.PrivacyGroup) RLPException(org.hyperledger.besu.ethereum.rlp.RLPException) MultiTenancyValidationException(org.hyperledger.besu.ethereum.privacy.MultiTenancyValidationException) MultiTenancyValidationException(org.hyperledger.besu.ethereum.privacy.MultiTenancyValidationException) Bytes(org.apache.tuweni.bytes.Bytes) JsonRpcErrorConverter.convertTransactionInvalidReason(org.hyperledger.besu.ethereum.api.jsonrpc.JsonRpcErrorConverter.convertTransactionInvalidReason) TransactionInvalidReason(org.hyperledger.besu.ethereum.transaction.TransactionInvalidReason) RLPException(org.hyperledger.besu.ethereum.rlp.RLPException) JsonRpcSuccessResponse(org.hyperledger.besu.ethereum.api.jsonrpc.internal.response.JsonRpcSuccessResponse) JsonRpcErrorResponse(org.hyperledger.besu.ethereum.api.jsonrpc.internal.response.JsonRpcErrorResponse)

Example 2 with MultiTenancyValidationException

use of org.hyperledger.besu.ethereum.privacy.MultiTenancyValidationException in project besu by hyperledger.

the class PrivGetEeaTransactionCount method response.

@Override
public JsonRpcResponse response(final JsonRpcRequestContext requestContext) {
    if (requestContext.getRequest().getParamLength() != 3) {
        return new JsonRpcErrorResponse(requestContext.getRequest().getId(), JsonRpcError.INVALID_PARAMS);
    }
    final Address address = requestContext.getRequiredParameter(0, Address.class);
    final String privateFrom = requestContext.getRequiredParameter(1, String.class);
    final String[] privateFor = requestContext.getRequiredParameter(2, String[].class);
    final String privacyUserId = privacyIdProvider.getPrivacyUserId(requestContext.getUser());
    if (!privateFrom.equals(privacyUserId)) {
        return new JsonRpcErrorResponse(requestContext.getRequest().getId(), PRIVATE_FROM_DOES_NOT_MATCH_ENCLAVE_PUBLIC_KEY);
    }
    try {
        final long nonce = determineEeaNonce(privateFrom, privateFor, address, privacyIdProvider.getPrivacyUserId(requestContext.getUser()));
        return new JsonRpcSuccessResponse(requestContext.getRequest().getId(), Quantity.create(nonce));
    } catch (final MultiTenancyValidationException e) {
        LOG.error("Unauthorized privacy multi-tenancy rpc request. {}", e.getMessage());
        return new JsonRpcErrorResponse(requestContext.getRequest().getId(), GET_PRIVATE_TRANSACTION_NONCE_ERROR);
    } catch (final Exception e) {
        LOG.error(e.getMessage(), e);
        return new JsonRpcErrorResponse(requestContext.getRequest().getId(), GET_PRIVATE_TRANSACTION_NONCE_ERROR);
    }
}
Also used : MultiTenancyValidationException(org.hyperledger.besu.ethereum.privacy.MultiTenancyValidationException) Address(org.hyperledger.besu.datatypes.Address) JsonRpcSuccessResponse(org.hyperledger.besu.ethereum.api.jsonrpc.internal.response.JsonRpcSuccessResponse) MultiTenancyValidationException(org.hyperledger.besu.ethereum.privacy.MultiTenancyValidationException) JsonRpcErrorResponse(org.hyperledger.besu.ethereum.api.jsonrpc.internal.response.JsonRpcErrorResponse)

Example 3 with MultiTenancyValidationException

use of org.hyperledger.besu.ethereum.privacy.MultiTenancyValidationException in project besu by hyperledger.

the class PrivxFindFlexiblePrivacyGroup method response.

@Override
public JsonRpcResponse response(final JsonRpcRequestContext requestContext) {
    LOG.trace("Executing {}", RpcMethod.PRIVX_FIND_PRIVACY_GROUP.getMethodName());
    final String[] addresses = requestContext.getRequiredParameter(0, String[].class);
    LOG.trace("Finding a privacy group with members {}", Arrays.toString(addresses));
    final PrivacyGroup[] response;
    try {
        response = privacyController.findPrivacyGroupByMembers(Arrays.asList(addresses), privacyIdProvider.getPrivacyUserId(requestContext.getUser()));
    } catch (final MultiTenancyValidationException e) {
        LOG.error("Unauthorized privacy multi-tenancy rpc request. {}", e.getMessage());
        return new JsonRpcErrorResponse(requestContext.getRequest().getId(), FIND_FLEXIBLE_PRIVACY_GROUP_ERROR);
    } catch (final Exception e) {
        LOG.error("Failed to fetch flexible privacy group", e);
        return new JsonRpcErrorResponse(requestContext.getRequest().getId(), FIND_FLEXIBLE_PRIVACY_GROUP_ERROR);
    }
    return new JsonRpcSuccessResponse(requestContext.getRequest().getId(), Lists.newArrayList(response));
}
Also used : MultiTenancyValidationException(org.hyperledger.besu.ethereum.privacy.MultiTenancyValidationException) JsonRpcSuccessResponse(org.hyperledger.besu.ethereum.api.jsonrpc.internal.response.JsonRpcSuccessResponse) PrivacyGroup(org.hyperledger.besu.enclave.types.PrivacyGroup) MultiTenancyValidationException(org.hyperledger.besu.ethereum.privacy.MultiTenancyValidationException) JsonRpcErrorResponse(org.hyperledger.besu.ethereum.api.jsonrpc.internal.response.JsonRpcErrorResponse)

Example 4 with MultiTenancyValidationException

use of org.hyperledger.besu.ethereum.privacy.MultiTenancyValidationException in project besu by hyperledger.

the class PrivFindPrivacyGroupTest method failsWithUnauthorizedErrorIfMultiTenancyValidationFails.

@Test
public void failsWithUnauthorizedErrorIfMultiTenancyValidationFails() {
    when(privacyController.findPrivacyGroupByMembers(ADDRESSES, ENCLAVE_PUBLIC_KEY)).thenThrow(new MultiTenancyValidationException("validation failed"));
    final PrivFindPrivacyGroup privFindPrivacyGroup = new PrivFindPrivacyGroup(privacyController, privacyIdProvider);
    final JsonRpcResponse expectedResponse = new JsonRpcErrorResponse(request.getRequest().getId(), JsonRpcError.FIND_PRIVACY_GROUP_ERROR);
    final JsonRpcResponse response = privFindPrivacyGroup.response(request);
    assertThat(response).isEqualTo(expectedResponse);
    verify(privacyController).findPrivacyGroupByMembers(ADDRESSES, ENCLAVE_PUBLIC_KEY);
}
Also used : MultiTenancyValidationException(org.hyperledger.besu.ethereum.privacy.MultiTenancyValidationException) JsonRpcResponse(org.hyperledger.besu.ethereum.api.jsonrpc.internal.response.JsonRpcResponse) JsonRpcErrorResponse(org.hyperledger.besu.ethereum.api.jsonrpc.internal.response.JsonRpcErrorResponse) Test(org.junit.Test)

Example 5 with MultiTenancyValidationException

use of org.hyperledger.besu.ethereum.privacy.MultiTenancyValidationException in project besu by hyperledger.

the class PrivGetFilterChangesTest method multiTenancyCheckFailure.

@Test
public void multiTenancyCheckFailure() {
    final User user = mock(User.class);
    when(privacyIdProvider.getPrivacyUserId(any())).thenReturn(ENCLAVE_KEY);
    doThrow(new MultiTenancyValidationException("msg")).when(privacyController).verifyPrivacyGroupContainsPrivacyUserId(eq(PRIVACY_GROUP_ID), eq(ENCLAVE_KEY));
    final JsonRpcRequestContext request = privGetFilterChangesRequestWithUser(PRIVACY_GROUP_ID, FILTER_ID, user);
    assertThatThrownBy(() -> method.response(request)).isInstanceOf(MultiTenancyValidationException.class).hasMessageContaining("msg");
}
Also used : MultiTenancyValidationException(org.hyperledger.besu.ethereum.privacy.MultiTenancyValidationException) User(io.vertx.ext.auth.User) JsonRpcRequestContext(org.hyperledger.besu.ethereum.api.jsonrpc.internal.JsonRpcRequestContext) Test(org.junit.Test)

Aggregations

MultiTenancyValidationException (org.hyperledger.besu.ethereum.privacy.MultiTenancyValidationException)16 JsonRpcErrorResponse (org.hyperledger.besu.ethereum.api.jsonrpc.internal.response.JsonRpcErrorResponse)14 JsonRpcResponse (org.hyperledger.besu.ethereum.api.jsonrpc.internal.response.JsonRpcResponse)8 JsonRpcSuccessResponse (org.hyperledger.besu.ethereum.api.jsonrpc.internal.response.JsonRpcSuccessResponse)7 Test (org.junit.Test)6 JsonRpcRequestContext (org.hyperledger.besu.ethereum.api.jsonrpc.internal.JsonRpcRequestContext)5 PrivacyGroup (org.hyperledger.besu.enclave.types.PrivacyGroup)4 JsonRpcRequest (org.hyperledger.besu.ethereum.api.jsonrpc.internal.JsonRpcRequest)3 PrivateTransaction (org.hyperledger.besu.ethereum.privacy.PrivateTransaction)3 JsonObject (io.vertx.core.json.JsonObject)2 Address (org.hyperledger.besu.datatypes.Address)2 JsonRpcError (org.hyperledger.besu.ethereum.api.jsonrpc.internal.response.JsonRpcError)2 Test (org.junit.jupiter.api.Test)2 ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)2 Span (io.opentelemetry.api.trace.Span)1 User (io.vertx.ext.auth.User)1 Optional (java.util.Optional)1 Pattern (java.util.regex.Pattern)1 Bytes (org.apache.tuweni.bytes.Bytes)1 EnclaveClientException (org.hyperledger.besu.enclave.EnclaveClientException)1