Merge branch '2157-remove-i-user-repository' into 2157-switch-to-token-based-auth

Issue #2157
PR #3005

Author: mssalvatore

monkey/common/utils/exceptions.py

@@ -10,10 +10,6 @@ class AlreadyRegisteredError(Exception):
     """Raise to indicate the reason why registration is not required"""
 
 
-class UnknownUserError(Exception):
-    """Raise to indicate that authentication failed"""
-
-
 class IncorrectCredentialsError(Exception):
     """Raise to indicate that authentication failed"""
 

monkey/monkey_island/cc/models/__init__.py

@@ -1,7 +1,6 @@
 # Order of importing matters here, for registering the embedded and referenced documents before
 # using them.
 from .simulation import Simulation, IslandMode
-from .user_credentials import UserCredentials
 from common.types import MachineID
 from .machine import Machine, NetworkServices
 from .communication_type import CommunicationType

monkey/monkey_island/cc/models/user_credentials.py

@@ -5,7 +5,6 @@
 from .i_agent_binary_repository import IAgentBinaryRepository
 from .i_simulation_repository import ISimulationRepository
 from .i_credentials_repository import ICredentialsRepository
-from .i_user_repository import IUserRepository
 from .i_machine_repository import IMachineRepository
 from .i_agent_repository import IAgentRepository
 from .i_node_repository import INodeRepository
@@ -25,7 +24,6 @@
 
 from .agent_binary_repository import AgentBinaryRepository
 from .file_simulation_repository import FileSimulationRepository
-from .json_file_user_repository import JSONFileUserRepository
 from .mongo_credentials_repository import MongoCredentialsRepository
 from .mongo_machine_repository import MongoMachineRepository
 from .mongo_agent_repository import MongoAgentRepository

monkey/monkey_island/cc/repositories/__init__.py

@@ -1,15 +1,8 @@
 from pathlib import Path
 
-import bcrypt
-
-from common.utils.exceptions import (
-    IncorrectCredentialsError,
-    InvalidRegistrationCredentialsError,
-    UnknownUserError,
-)
+from common.utils.exceptions import InvalidRegistrationCredentialsError
 from monkey_island.cc.event_queue import IIslandEventQueue, IslandEventTopic
-from monkey_island.cc.models import IslandMode, UserCredentials
-from monkey_island.cc.repositories import IUserRepository
+from monkey_island.cc.models import IslandMode
 from monkey_island.cc.server_utils.encryption import ILockableEncryptor
 
 
@@ -21,23 +14,13 @@ class AuthenticationService:
     def __init__(
         self,
         data_dir: Path,
-        user_repository: IUserRepository,
         repository_encryptor: ILockableEncryptor,
         island_event_queue: IIslandEventQueue,
     ):
         self._data_dir = data_dir
-        self._user_repository = user_repository
         self._repository_encryptor = repository_encryptor
         self._island_event_queue = island_event_queue
 
-    def needs_registration(self) -> bool:
-        """
-        Checks if a user is already registered on the Island
-
-        :return: Whether registration is required on the Island
-        """
-        return not self._user_repository.has_registered_users()
-
     def register_new_user(self, username: str, password: str):
         """
         Registers a new user on the Island, then resets the encryptor and database
@@ -49,9 +32,6 @@ def register_new_user(self, username: str, password: str):
         if not username or not password:
             raise InvalidRegistrationCredentialsError("Username or password can not be empty.")
 
-        credentials = UserCredentials(username, _hash_password(password))
-        self._user_repository.add_user(credentials)
-
         self._island_event_queue.publish(IslandEventTopic.CLEAR_SIMULATION_DATA)
         self._island_event_queue.publish(IslandEventTopic.RESET_AGENT_CONFIGURATION)
         self._island_event_queue.publish(
@@ -61,14 +41,6 @@ def register_new_user(self, username: str, password: str):
         self._reset_repository_encryptor(username, password)
 
     def authenticate(self, username: str, password: str):
-        try:
-            registered_user = self._user_repository.get_user_credentials(username)
-        except UnknownUserError:
-            raise IncorrectCredentialsError()
-
-        if not _credentials_match_registered_user(username, password, registered_user):
-            raise IncorrectCredentialsError()
-
         self._unlock_repository_encryptor(username, password)
 
     def _unlock_repository_encryptor(self, username: str, password: str):
@@ -81,24 +53,5 @@ def _reset_repository_encryptor(self, username: str, password: str):
         self._repository_encryptor.unlock(secret.encode())
 
 
-def _hash_password(plaintext_password: str) -> str:
-    salt = bcrypt.gensalt()
-    password_hash = bcrypt.hashpw(plaintext_password.encode("utf-8"), salt)
-
-    return password_hash.decode()
-
-
-def _credentials_match_registered_user(
-    username: str, password: str, registered_user: UserCredentials
-) -> bool:
-    return (registered_user.username == username) and _password_matches_hash(
-        password, registered_user.password_hash
-    )
-
-
-def _password_matches_hash(plaintext_password: str, password_hash: str) -> bool:
-    return bcrypt.checkpw(plaintext_password.encode("utf-8"), password_hash.encode("utf-8"))
-
-
 def _get_secret_from_credentials(username: str, password: str) -> str:
     return f"{username}:{password}"

monkey/monkey_island/cc/repositories/i_user_repository.py

@@ -50,8 +50,6 @@
     IMachineRepository,
     INodeRepository,
     ISimulationRepository,
-    IUserRepository,
-    JSONFileUserRepository,
     LocalStorageFileRepository,
     MongoAgentEventRepository,
     MongoAgentRepository,
@@ -164,7 +162,6 @@ def _register_repositories(container: DIContainer, data_dir: Path):
     container.register_instance(
         ICredentialsRepository, container.resolve(MongoCredentialsRepository)
     )
-    container.register_instance(IUserRepository, container.resolve(JSONFileUserRepository))
     container.register_instance(IAgentEventRepository, container.resolve(MongoAgentEventRepository))
 
     container.register_instance(INodeRepository, container.resolve(MongoNodeRepository))