Merge pull request #1368 from alphagov/vb-route-secret

initial logging for route protection
2026-02-01 15:46:07 -05:00 · 2017-11-06 16:31:48 +00:00
parent 430342b567 cae42fe862
commit 7aa0976bec
5 changed files with 212 additions and 6 deletions
--- a/app/authentication/auth.py
+++ b/app/authentication/auth.py
@@ -7,6 +7,7 @@ from sqlalchemy.exc import DataError
 from sqlalchemy.orm.exc import NoResultFound

 from app.dao.services_dao import dao_fetch_service_by_id_with_api_keys
+from flask import jsonify


 class AuthError(Exception):
@@ -44,11 +45,55 @@ def requires_no_auth():
    pass


-def restrict_ip_sms():
+def check_route_secret():
    # Check route of inbound sms (Experimental)
-    # Temporary custom header for route security
-    if request.headers.get("X-Custom-forwarder"):
-        current_app.logger.info("X-Custom-forwarder received")
+    # Custom header for route security
+    auth_error_msg = ''
+    if request.headers.get("X-Custom-Forwarder"):
+        route_secret_key = request.headers.get("X-Custom-Forwarder")
+
+        if route_secret_key is None:
+            # Not blocking at the moment
+            # raise AuthError('invalid secret key', 403)
+            auth_error_msg = auth_error_msg + 'invalid secret key, '
+        else:
+
+            key_1 = current_app.config.get('ROUTE_SECRET_KEY_1')
+            key_2 = current_app.config.get('ROUTE_SECRET_KEY_2')
+
+            if key_1 == '' and key_2 == '':
+                # Not blocking at the moment
+                # raise AuthError('X-Custom-Forwarder, no secret was set on server', 503)
+                auth_error_msg = auth_error_msg + 'no secret was set on server, '
+            else:
+
+                key_used = None
+                route_allowed = False
+                if route_secret_key == key_1:
+                    key_used = 1
+                    route_allowed = True
+                elif route_secret_key == key_2:
+                    key_used = 2
+                    route_allowed = True
+
+                if not key_used:
+                    # Not blocking at the moment
+                    # raise AuthError('X-Custom-Forwarder, wrong secret', 403)
+                    auth_error_msg = auth_error_msg + 'wrong secret'
+
+        current_app.logger.info({
+            'message': 'X-Custom-Forwarder',
+            'log_contents': {
+                'passed': route_allowed,
+                'key_used': key_used,
+                'error': auth_error_msg
+            }
+        })
+        return jsonify(key_used=key_used), 200
+
+
+def restrict_ip_sms():
+    check_route_secret()

    # Check IP of SMS providers
    if request.headers.get("X-Forwarded-For"):
--- a/app/cloudfoundry_config.py
+++ b/app/cloudfoundry_config.py
@@ -45,6 +45,8 @@ def extract_notify_config(notify_config):
    os.environ['SECRET_KEY'] = notify_config['credentials']['secret_key']
    os.environ['DANGEROUS_SALT'] = notify_config['credentials']['dangerous_salt']
    os.environ['SMS_INBOUND_WHITELIST'] = json.dumps(notify_config['credentials']['allow_ip_inbound_sms'])
+    os.environ['ROUTE_SECRET_KEY_1'] = notify_config['credentials']['route_secret_key_1']
+    os.environ['ROUTE_SECRET_KEY_2'] = notify_config['credentials']['route_secret_key_2']


 def extract_performance_platform_config(performance_platform_config):
--- a/app/config.py
+++ b/app/config.py
@@ -287,6 +287,8 @@ class Config(object):
    FREE_SMS_TIER_FRAGMENT_COUNT = 250000

    SMS_INBOUND_WHITELIST = json.loads(os.environ.get('SMS_INBOUND_WHITELIST', '[]'))
+    ROUTE_SECRET_KEY_1 = os.environ.get('ROUTE_SECRET_KEY_1', '')
+    ROUTE_SECRET_KEY_2 = os.environ.get('ROUTE_SECRET_KEY_2', '')

    # Format is as follows:
    # {"dataset_1": "token_1", ...}