Examples with MultiTenancyValidationException org.hyperledger.besu.ethereum.privacy.MultiTenancyValidationException used on opensource projects

Example 1 with MultiTenancyValidationException

use of org.hyperledger.besu.ethereum.privacy.MultiTenancyValidationException in project besu by hyperledger.

the class PrivDistributeRawTransaction method response.

@Override
public JsonRpcResponse response(final JsonRpcRequestContext requestContext) {
    final Object id = requestContext.getRequest().getId();
    final String rawPrivateTransaction = requestContext.getRequiredParameter(0, String.class);
    try {
        final PrivateTransaction privateTransaction = PrivateTransaction.readFrom(RLP.input(Bytes.fromHexString(rawPrivateTransaction)));
        final String privacyUserId = privacyIdProvider.getPrivacyUserId(requestContext.getUser());
        if (!privateTransaction.getPrivateFrom().equals(Bytes.fromBase64String(privacyUserId))) {
            return new JsonRpcErrorResponse(id, PRIVATE_FROM_DOES_NOT_MATCH_ENCLAVE_PUBLIC_KEY);
        }
        final Optional<Bytes> maybePrivacyGroupId = privateTransaction.getPrivacyGroupId();
        if (flexiblePrivacyGroupsEnabled && maybePrivacyGroupId.isEmpty()) {
            return new JsonRpcErrorResponse(id, JsonRpcError.FLEXIBLE_PRIVACY_GROUP_ID_NOT_AVAILABLE);
        }
        Optional<PrivacyGroup> maybePrivacyGroup = maybePrivacyGroupId.flatMap(gId -> privacyController.findPrivacyGroupByGroupId(gId.toBase64String(), privacyUserId));
        if (flexiblePrivacyGroupsEnabled) {
            if (FlexibleUtil.isGroupAdditionTransaction(privateTransaction)) {
                final List<String> participantsFromParameter = FlexibleUtil.getParticipantsFromParameter(privateTransaction.getPayload());
                if (maybePrivacyGroup.isEmpty()) {
                    maybePrivacyGroup = Optional.of(new PrivacyGroup(maybePrivacyGroupId.get().toBase64String(), PrivacyGroup.Type.FLEXIBLE, "", "", participantsFromParameter));
                }
                maybePrivacyGroup.get().addMembers(participantsFromParameter);
            }
            if (maybePrivacyGroup.isEmpty()) {
                return new JsonRpcErrorResponse(id, JsonRpcError.FLEXIBLE_PRIVACY_GROUP_DOES_NOT_EXIST);
            }
        }
        final ValidationResult<TransactionInvalidReason> validationResult = privacyController.validatePrivateTransaction(privateTransaction, privacyUserId);
        if (!validationResult.isValid()) {
            return new JsonRpcErrorResponse(id, convertTransactionInvalidReason(validationResult.getInvalidReason()));
        }
        final String enclaveKey = privacyController.createPrivateMarkerTransactionPayload(privateTransaction, privacyUserId, maybePrivacyGroup);
        return new JsonRpcSuccessResponse(id, hexEncodeEnclaveKey(enclaveKey));
    } catch (final MultiTenancyValidationException e) {
        LOG.error("Unauthorized privacy multi-tenancy rpc request. {}", e.getMessage());
        return new JsonRpcErrorResponse(id, ENCLAVE_ERROR);
    } catch (final IllegalArgumentException | RLPException e) {
        LOG.error("Unable to decode transaction for distribute");
        return new JsonRpcErrorResponse(id, DECODE_ERROR);
    } catch (final Exception e) {
        return new JsonRpcErrorResponse(id, convertEnclaveInvalidReason(e.getMessage()));
    }
}

Example 2 with MultiTenancyValidationException

use of org.hyperledger.besu.ethereum.privacy.MultiTenancyValidationException in project besu by hyperledger.

the class PrivGetEeaTransactionCount method response.

@Override
public JsonRpcResponse response(final JsonRpcRequestContext requestContext) {
    if (requestContext.getRequest().getParamLength() != 3) {
        return new JsonRpcErrorResponse(requestContext.getRequest().getId(), JsonRpcError.INVALID_PARAMS);
    }
    final Address address = requestContext.getRequiredParameter(0, Address.class);
    final String privateFrom = requestContext.getRequiredParameter(1, String.class);
    final String[] privateFor = requestContext.getRequiredParameter(2, String[].class);
    final String privacyUserId = privacyIdProvider.getPrivacyUserId(requestContext.getUser());
    if (!privateFrom.equals(privacyUserId)) {
        return new JsonRpcErrorResponse(requestContext.getRequest().getId(), PRIVATE_FROM_DOES_NOT_MATCH_ENCLAVE_PUBLIC_KEY);
    }
    try {
        final long nonce = determineEeaNonce(privateFrom, privateFor, address, privacyIdProvider.getPrivacyUserId(requestContext.getUser()));
        return new JsonRpcSuccessResponse(requestContext.getRequest().getId(), Quantity.create(nonce));
    } catch (final MultiTenancyValidationException e) {
        LOG.error("Unauthorized privacy multi-tenancy rpc request. {}", e.getMessage());
        return new JsonRpcErrorResponse(requestContext.getRequest().getId(), GET_PRIVATE_TRANSACTION_NONCE_ERROR);
    } catch (final Exception e) {
        LOG.error(e.getMessage(), e);
        return new JsonRpcErrorResponse(requestContext.getRequest().getId(), GET_PRIVATE_TRANSACTION_NONCE_ERROR);
    }
}

Example 3 with MultiTenancyValidationException

use of org.hyperledger.besu.ethereum.privacy.MultiTenancyValidationException in project besu by hyperledger.

the class PrivxFindFlexiblePrivacyGroup method response.

@Override
public JsonRpcResponse response(final JsonRpcRequestContext requestContext) {
    LOG.trace("Executing {}", RpcMethod.PRIVX_FIND_PRIVACY_GROUP.getMethodName());
    final String[] addresses = requestContext.getRequiredParameter(0, String[].class);
    LOG.trace("Finding a privacy group with members {}", Arrays.toString(addresses));
    final PrivacyGroup[] response;
    try {
        response = privacyController.findPrivacyGroupByMembers(Arrays.asList(addresses), privacyIdProvider.getPrivacyUserId(requestContext.getUser()));
    } catch (final MultiTenancyValidationException e) {
        LOG.error("Unauthorized privacy multi-tenancy rpc request. {}", e.getMessage());
        return new JsonRpcErrorResponse(requestContext.getRequest().getId(), FIND_FLEXIBLE_PRIVACY_GROUP_ERROR);
    } catch (final Exception e) {
        LOG.error("Failed to fetch flexible privacy group", e);
        return new JsonRpcErrorResponse(requestContext.getRequest().getId(), FIND_FLEXIBLE_PRIVACY_GROUP_ERROR);
    }
    return new JsonRpcSuccessResponse(requestContext.getRequest().getId(), Lists.newArrayList(response));
}

Example 4 with MultiTenancyValidationException

use of org.hyperledger.besu.ethereum.privacy.MultiTenancyValidationException in project besu by hyperledger.

the class PrivFindPrivacyGroupTest method failsWithUnauthorizedErrorIfMultiTenancyValidationFails.

@Test
public void failsWithUnauthorizedErrorIfMultiTenancyValidationFails() {
    when(privacyController.findPrivacyGroupByMembers(ADDRESSES, ENCLAVE_PUBLIC_KEY)).thenThrow(new MultiTenancyValidationException("validation failed"));
    final PrivFindPrivacyGroup privFindPrivacyGroup = new PrivFindPrivacyGroup(privacyController, privacyIdProvider);
    final JsonRpcResponse expectedResponse = new JsonRpcErrorResponse(request.getRequest().getId(), JsonRpcError.FIND_PRIVACY_GROUP_ERROR);
    final JsonRpcResponse response = privFindPrivacyGroup.response(request);
    assertThat(response).isEqualTo(expectedResponse);
    verify(privacyController).findPrivacyGroupByMembers(ADDRESSES, ENCLAVE_PUBLIC_KEY);
}

Example 5 with MultiTenancyValidationException

use of org.hyperledger.besu.ethereum.privacy.MultiTenancyValidationException in project besu by hyperledger.

the class PrivGetFilterChangesTest method multiTenancyCheckFailure.

@Test
public void multiTenancyCheckFailure() {
    final User user = mock(User.class);
    when(privacyIdProvider.getPrivacyUserId(any())).thenReturn(ENCLAVE_KEY);
    doThrow(new MultiTenancyValidationException("msg")).when(privacyController).verifyPrivacyGroupContainsPrivacyUserId(eq(PRIVACY_GROUP_ID), eq(ENCLAVE_KEY));
    final JsonRpcRequestContext request = privGetFilterChangesRequestWithUser(PRIVACY_GROUP_ID, FILTER_ID, user);
    assertThatThrownBy(() -> method.response(request)).isInstanceOf(MultiTenancyValidationException.class).hasMessageContaining("msg");
}