use of org.hyperledger.besu.ethereum.privacy.MultiTenancyValidationException in project besu by hyperledger.
the class PrivDistributeRawTransaction method response.
@Override
public JsonRpcResponse response(final JsonRpcRequestContext requestContext) {
final Object id = requestContext.getRequest().getId();
final String rawPrivateTransaction = requestContext.getRequiredParameter(0, String.class);
try {
final PrivateTransaction privateTransaction = PrivateTransaction.readFrom(RLP.input(Bytes.fromHexString(rawPrivateTransaction)));
final String privacyUserId = privacyIdProvider.getPrivacyUserId(requestContext.getUser());
if (!privateTransaction.getPrivateFrom().equals(Bytes.fromBase64String(privacyUserId))) {
return new JsonRpcErrorResponse(id, PRIVATE_FROM_DOES_NOT_MATCH_ENCLAVE_PUBLIC_KEY);
}
final Optional<Bytes> maybePrivacyGroupId = privateTransaction.getPrivacyGroupId();
if (flexiblePrivacyGroupsEnabled && maybePrivacyGroupId.isEmpty()) {
return new JsonRpcErrorResponse(id, JsonRpcError.FLEXIBLE_PRIVACY_GROUP_ID_NOT_AVAILABLE);
}
Optional<PrivacyGroup> maybePrivacyGroup = maybePrivacyGroupId.flatMap(gId -> privacyController.findPrivacyGroupByGroupId(gId.toBase64String(), privacyUserId));
if (flexiblePrivacyGroupsEnabled) {
if (FlexibleUtil.isGroupAdditionTransaction(privateTransaction)) {
final List<String> participantsFromParameter = FlexibleUtil.getParticipantsFromParameter(privateTransaction.getPayload());
if (maybePrivacyGroup.isEmpty()) {
maybePrivacyGroup = Optional.of(new PrivacyGroup(maybePrivacyGroupId.get().toBase64String(), PrivacyGroup.Type.FLEXIBLE, "", "", participantsFromParameter));
}
maybePrivacyGroup.get().addMembers(participantsFromParameter);
}
if (maybePrivacyGroup.isEmpty()) {
return new JsonRpcErrorResponse(id, JsonRpcError.FLEXIBLE_PRIVACY_GROUP_DOES_NOT_EXIST);
}
}
final ValidationResult<TransactionInvalidReason> validationResult = privacyController.validatePrivateTransaction(privateTransaction, privacyUserId);
if (!validationResult.isValid()) {
return new JsonRpcErrorResponse(id, convertTransactionInvalidReason(validationResult.getInvalidReason()));
}
final String enclaveKey = privacyController.createPrivateMarkerTransactionPayload(privateTransaction, privacyUserId, maybePrivacyGroup);
return new JsonRpcSuccessResponse(id, hexEncodeEnclaveKey(enclaveKey));
} catch (final MultiTenancyValidationException e) {
LOG.error("Unauthorized privacy multi-tenancy rpc request. {}", e.getMessage());
return new JsonRpcErrorResponse(id, ENCLAVE_ERROR);
} catch (final IllegalArgumentException | RLPException e) {
LOG.error("Unable to decode transaction for distribute");
return new JsonRpcErrorResponse(id, DECODE_ERROR);
} catch (final Exception e) {
return new JsonRpcErrorResponse(id, convertEnclaveInvalidReason(e.getMessage()));
}
}
use of org.hyperledger.besu.ethereum.privacy.MultiTenancyValidationException in project besu by hyperledger.
the class PrivGetEeaTransactionCount method response.
@Override
public JsonRpcResponse response(final JsonRpcRequestContext requestContext) {
if (requestContext.getRequest().getParamLength() != 3) {
return new JsonRpcErrorResponse(requestContext.getRequest().getId(), JsonRpcError.INVALID_PARAMS);
}
final Address address = requestContext.getRequiredParameter(0, Address.class);
final String privateFrom = requestContext.getRequiredParameter(1, String.class);
final String[] privateFor = requestContext.getRequiredParameter(2, String[].class);
final String privacyUserId = privacyIdProvider.getPrivacyUserId(requestContext.getUser());
if (!privateFrom.equals(privacyUserId)) {
return new JsonRpcErrorResponse(requestContext.getRequest().getId(), PRIVATE_FROM_DOES_NOT_MATCH_ENCLAVE_PUBLIC_KEY);
}
try {
final long nonce = determineEeaNonce(privateFrom, privateFor, address, privacyIdProvider.getPrivacyUserId(requestContext.getUser()));
return new JsonRpcSuccessResponse(requestContext.getRequest().getId(), Quantity.create(nonce));
} catch (final MultiTenancyValidationException e) {
LOG.error("Unauthorized privacy multi-tenancy rpc request. {}", e.getMessage());
return new JsonRpcErrorResponse(requestContext.getRequest().getId(), GET_PRIVATE_TRANSACTION_NONCE_ERROR);
} catch (final Exception e) {
LOG.error(e.getMessage(), e);
return new JsonRpcErrorResponse(requestContext.getRequest().getId(), GET_PRIVATE_TRANSACTION_NONCE_ERROR);
}
}
use of org.hyperledger.besu.ethereum.privacy.MultiTenancyValidationException in project besu by hyperledger.
the class PrivxFindFlexiblePrivacyGroup method response.
@Override
public JsonRpcResponse response(final JsonRpcRequestContext requestContext) {
LOG.trace("Executing {}", RpcMethod.PRIVX_FIND_PRIVACY_GROUP.getMethodName());
final String[] addresses = requestContext.getRequiredParameter(0, String[].class);
LOG.trace("Finding a privacy group with members {}", Arrays.toString(addresses));
final PrivacyGroup[] response;
try {
response = privacyController.findPrivacyGroupByMembers(Arrays.asList(addresses), privacyIdProvider.getPrivacyUserId(requestContext.getUser()));
} catch (final MultiTenancyValidationException e) {
LOG.error("Unauthorized privacy multi-tenancy rpc request. {}", e.getMessage());
return new JsonRpcErrorResponse(requestContext.getRequest().getId(), FIND_FLEXIBLE_PRIVACY_GROUP_ERROR);
} catch (final Exception e) {
LOG.error("Failed to fetch flexible privacy group", e);
return new JsonRpcErrorResponse(requestContext.getRequest().getId(), FIND_FLEXIBLE_PRIVACY_GROUP_ERROR);
}
return new JsonRpcSuccessResponse(requestContext.getRequest().getId(), Lists.newArrayList(response));
}
use of org.hyperledger.besu.ethereum.privacy.MultiTenancyValidationException in project besu by hyperledger.
the class PrivFindPrivacyGroupTest method failsWithUnauthorizedErrorIfMultiTenancyValidationFails.
@Test
public void failsWithUnauthorizedErrorIfMultiTenancyValidationFails() {
when(privacyController.findPrivacyGroupByMembers(ADDRESSES, ENCLAVE_PUBLIC_KEY)).thenThrow(new MultiTenancyValidationException("validation failed"));
final PrivFindPrivacyGroup privFindPrivacyGroup = new PrivFindPrivacyGroup(privacyController, privacyIdProvider);
final JsonRpcResponse expectedResponse = new JsonRpcErrorResponse(request.getRequest().getId(), JsonRpcError.FIND_PRIVACY_GROUP_ERROR);
final JsonRpcResponse response = privFindPrivacyGroup.response(request);
assertThat(response).isEqualTo(expectedResponse);
verify(privacyController).findPrivacyGroupByMembers(ADDRESSES, ENCLAVE_PUBLIC_KEY);
}
use of org.hyperledger.besu.ethereum.privacy.MultiTenancyValidationException in project besu by hyperledger.
the class PrivGetFilterChangesTest method multiTenancyCheckFailure.
@Test
public void multiTenancyCheckFailure() {
final User user = mock(User.class);
when(privacyIdProvider.getPrivacyUserId(any())).thenReturn(ENCLAVE_KEY);
doThrow(new MultiTenancyValidationException("msg")).when(privacyController).verifyPrivacyGroupContainsPrivacyUserId(eq(PRIVACY_GROUP_ID), eq(ENCLAVE_KEY));
final JsonRpcRequestContext request = privGetFilterChangesRequestWithUser(PRIVACY_GROUP_ID, FILTER_ID, user);
assertThatThrownBy(() -> method.response(request)).isInstanceOf(MultiTenancyValidationException.class).hasMessageContaining("msg");
}
Aggregations