feat(auth): add check for robot UUID and send error if robot name used

PrivateAIM · Oct 22, 2024 · f39220f · f39220f
1 parent aee09a3
commit f39220f
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 8 deletions.
diff --git a/hub_adapter/auth.py b/hub_adapter/auth.py
@@ -1,6 +1,7 @@
 """Handle the authorization and authentication of services."""
 
 import logging
+import uuid
 
 import httpx
 from fastapi import Security, HTTPException
@@ -112,24 +113,36 @@ async def verify_idp_token(token: str = Security(idp_oauth2_scheme)) -> dict:
 
 async def get_hub_token() -> dict:
     """Automated method for getting a robot token from the central Hub service."""
-    robot_user, robot_secret = (
+    robot_id, robot_secret = (
         hub_adapter_settings.HUB_ROBOT_USER,
         hub_adapter_settings.HUB_ROBOT_SECRET,
     )
+
     payload = {
         "grant_type": "robot_credentials",
-        "id": robot_user,
+        "id": robot_id,
         "secret": robot_secret,
     }
 
-    if not robot_user or not robot_secret:
-        logger.error("Missing robot user or secret. Check env vars")
+    if not robot_id or not robot_secret:
+        logger.error("Missing robot ID or secret. Check env vars")
         raise HTTPException(
             status_code=status.HTTP_401_UNAUTHORIZED,
             detail="No credentials provided for the hub robot. Check that the environment variables are set properly",
             headers={"WWW-Authenticate": "Bearer"},
         )
 
+    try:
+        uuid.UUID(robot_id)
+
+    except ValueError:
+        logger.error(f"Invalid robot ID: {robot_id}")
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail="Robot ID is not a valid UUID",
+            headers={"WWW-Authenticate": "Bearer"},
+        )
+
     token_route = hub_adapter_settings.HUB_AUTH_SERVICE_URL.rstrip("/") + "/token"
     resp = httpx.post(token_route, data=payload)
 

diff --git a/hub_adapter/routers/hub.py b/hub_adapter/routers/hub.py
@@ -71,14 +71,12 @@ async def get_node_id() -> str:
     robot_user = hub_adapter_settings.HUB_ROBOT_USER
 
     node_cache = {}
-    node_id = None
     if node_id_pickle_path.is_file():
         with open(node_id_pickle_path, "rb") as f:
             node_cache = pickle.load(f)
 
-        node_id = node_cache.get(
-            robot_user
-        )  # Returns None if key not in dict or '' if no Node ID was found
+    # Returns None if key not in dict or '' if no Node ID was found
+    node_id = node_cache.get(robot_user) or "nothingFound"
 
     if (
         robot_user not in node_cache