From 7db461de4bbae2fa31c2e48a19f0e7a84feb5611 Mon Sep 17 00:00:00 2001
From: Duncan Ragsdale <88173870+Thistleman@users.noreply.github.com>
Date: Mon, 29 Jan 2024 12:36:54 -0800
Subject: [PATCH] testing signed cookie implementation
---
.../components/Developer/Report/report.jsx | 18 +++++++-
frontend/src/services/cookie_service.js | 35 +++++++++++++++
frontend/src/services/dashboard_service.js | 4 +-
valhub/Dockerfile.prod | 5 ++-
valhub/base/utils.py | 13 +++---
valhub/submissions/views.py | 45 ++++++++++++++-----
6 files changed, 96 insertions(+), 24 deletions(-)
create mode 100644 frontend/src/services/cookie_service.js
diff --git a/frontend/src/components/Developer/Report/report.jsx b/frontend/src/components/Developer/Report/report.jsx
index f06abde7..0e6192bb 100644
--- a/frontend/src/components/Developer/Report/report.jsx
+++ b/frontend/src/components/Developer/Report/report.jsx
@@ -1,6 +1,7 @@
import * as React from 'react';
import { useEffect, useState } from 'react';
import { SubmissionService } from '../../../services/submission_service';
+import { CookieService } from '../../../services/cookie_service';
import ImageList from '@mui/material/ImageList';
import ImageListItem from '@mui/material/ImageListItem';
import List from '@mui/material/List';
@@ -19,7 +20,21 @@ export default function SubmissionReport(props) {
try {
console.log(props.submissionId)
const result = await SubmissionService.getSubmissionResults(props.submissionId);
+ console.log("result", result);
+ const cloudfront_cookie = result.cloudfront_cookie;
+ console.log("cookie", cloudfront_cookie);
+
setImageUrls(result.file_urls);
+ // CookieService.setPrivateReportCookies(x,props.submissionId,cloudfront_cookie);
+ // Add cookie logic here
+ /*
+ const cookie = CookieService.getCookie('access_token');
+ if (user signed in) {
+ CookieService.setPrivateReportCookies(user_id, report_id, domainName, policy, signature, keyPairId);
+ } else {
+ console.log('Access Denied: User not signed in. How did you get here?);
+ }
+ */
} catch (error) {
console.error('Error fetching submission results:', error);
}
@@ -44,7 +59,7 @@ export default function SubmissionReport(props) {
))}
-
+{/*
@@ -67,6 +82,7 @@ export default function SubmissionReport(props) {
+ */}
)
diff --git a/frontend/src/services/cookie_service.js b/frontend/src/services/cookie_service.js
new file mode 100644
index 00000000..f9f0b845
--- /dev/null
+++ b/frontend/src/services/cookie_service.js
@@ -0,0 +1,35 @@
+// This file should handle cookie logic for user sessions and private report authentication/access
+
+import client from "./api_service";
+import { useEffect, useState } from "react";
+import Cookies from 'universal-cookie';
+
+export const CookieService = {
+ getUserCookie() {
+ const cookies = new Cookies();
+ return cookies.get('user');
+ },
+ setPrivateReportCookies(user_id, report_id, domainName, policy, signature, keyPairId) {
+ const cookies = new Cookies();
+ cookies.set('CloudFront-Policy',
+ policy,
+ { path: '/',
+ domain: domainName,
+ secure: true,
+ httpOnly: true });
+ cookies.set('CloudFront-Signature',
+ signature,
+ { path: '/',
+ domain: domainName,
+ secure: true,
+ httpOnly: true });
+ cookies.set('CloudFront-Key-Pair-Id',
+ keyPairId,
+ { path: '/',
+ domain: domainName,
+ secure: true,
+ httpOnly: true });
+
+ return "Private Report Cookies set for user " + user_id + " and report " + report_id;
+ }
+}
\ No newline at end of file
diff --git a/frontend/src/services/dashboard_service.js b/frontend/src/services/dashboard_service.js
index 3e0bfc66..61dda24c 100644
--- a/frontend/src/services/dashboard_service.js
+++ b/frontend/src/services/dashboard_service.js
@@ -1,11 +1,9 @@
import {
create_fake_image_array_list,
- fake_discussion_output,
- create_fake_leaderboard_array
+ fake_discussion_output
} from './fake_data_service';
import client from './api_service';
import { useEffect, useState } from 'react';
-import { faker } from '@faker-js/faker';
export const DashboardService = {
diff --git a/valhub/Dockerfile.prod b/valhub/Dockerfile.prod
index e4daa922..cb7b077a 100644
--- a/valhub/Dockerfile.prod
+++ b/valhub/Dockerfile.prod
@@ -3,9 +3,12 @@ FROM python:3.10-slim
WORKDIR /root
-# Copy AWS configuration if needed
+# Copy AWS and PEM configuration if needed
+# Manually add the files to copy if not included in the host system
RUN mkdir -p .aws
+RUN mkdir -p .pem
COPY .aws /root/.aws
+COPY .pem /root/.pem
# Create and set up the application directory
RUN mkdir valhub
diff --git a/valhub/base/utils.py b/valhub/base/utils.py
index 6b33cd35..fbce6103 100644
--- a/valhub/base/utils.py
+++ b/valhub/base/utils.py
@@ -75,17 +75,14 @@ def rsa_signer(message):
private_key = rsa.PrivateKey.load_pkcs1(key_file.read())
return rsa.sign(message, private_key, 'SHA-1')
-def get_cloudfront_cookie(directory_path):
- if is_emulation:
- return None
- else:
- key_id = 'your-cloudfront-key-pair-id'
- url = 'https://your-cloudfront-url' + directory_path
- expiration = datetime.datetime.now() + datetime.timedelta(hours=1)
+def create_cloudfront_cookie(directory_path):
+
+ key_id = 'K38U4Q0ELOYHZ1'
+ url = 'https://drt7tcx7xxmuz.cloudfront.net' + directory_path
cloudfront_signer = CloudFrontSigner(key_id, rsa_signer)
# Create signed cookies
- policy = cloudfront_signer.build_policy(url, expiration)
+ policy = cloudfront_signer.build_policy(url)
signed_cookies = cloudfront_signer.generate_cookies(policy=policy)
return signed_cookies
diff --git a/valhub/submissions/views.py b/valhub/submissions/views.py
index ddfbc80a..393e67d8 100644
--- a/valhub/submissions/views.py
+++ b/valhub/submissions/views.py
@@ -19,7 +19,7 @@
import logging
from analyses.models import Analysis
-from base.utils import upload_to_s3_bucket, is_emulation
+from base.utils import upload_to_s3_bucket, is_emulation, get_cloudfront_cookie
from accounts.models import Account
from .models import Submission
from urllib.parse import urljoin
@@ -306,6 +306,9 @@ def get_submission_results(request, submission_id):
user_id = submission.created_by.uuid
bucket_name = "pv-validation-hub-bucket"
results_directory = f"submission_files/submission_user_{user_id}/submission_{submission_id}/results/"
+ cf_results_path = f"/submission_user_{user_id}/submission_{submission_id}/results/"
+ file_urls = []
+ ret = {}
# Update for actual S3 usage as well
if is_emulation:
@@ -336,16 +339,36 @@ def get_submission_results(request, submission_id):
if not png_files:
return JsonResponse({"error": "No .png files found in the results directory"}, status=status.HTTP_404_NOT_FOUND)
- file_urls = []
-
- for png_file in png_files:
- file_url = urljoin(base_url, png_file)
- if file_url:
- file_urls.append(file_url)
- else:
- return JsonResponse({"error": f"Error retrieving .png file: {png_file}"}, status=status.HTTP_500_INTERNAL_SERVER_ERROR)
-
- return JsonResponse({"file_urls": file_urls})
+ if is_emulation:
+ # create an emulated signed session cookie for the results directory
+ cloudfront_cookie = get_cloudfront_cookie(base_url)
+ file_urls = [urljoin(base_url, file) for file in file_urls]
+
+ for png_file in png_files:
+ file_url = urljoin(base_url, png_file)
+ if file_url:
+ file_urls.append(file_url)
+ else:
+ return JsonResponse({"error": f"Error retrieving .png file: {png_file}"}, status=status.HTTP_500_INTERNAL_SERVER_ERROR)
+
+ else:
+ # create a signed session cookie for the results directory
+ cloudfront_url = "https://drt7tcx7xxmuz.cloudfront.net" + cf_results_path
+ cloudfront_cookie = get_cloudfront_cookie(cloudfront_url)
+ file_urls = [urljoin(cloudfront_url, file) for file in file_urls]
+
+ for png_file in png_files:
+ file_url = urljoin(cloudfront_url, png_file)
+ if file_url:
+ file_urls.append(file_url)
+ else:
+ return JsonResponse({"error": f"Error retrieving .png file: {png_file}"}, status=status.HTTP_500_INTERNAL_SERVER_ERROR)
+
+ #set returns
+ ret.file_urls = file_urls
+ ret.cloudfront_cookie = cloudfront_cookie
+
+ return JsonResponse(ret, status=status.HTTP_200_OK)
@api_view(["GET"])
@csrf_exempt