From 26709fbd70313e5beb96ad7d70de3b9dbc5f06ba Mon Sep 17 00:00:00 2001 From: Katie Mazaitis Date: Mon, 22 May 2023 10:55:53 -0400 Subject: [PATCH 1/5] Fix temporary key and contact point msgs --- src/server/_security.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/server/_security.py b/src/server/_security.py index f09db3304..04a2f310e 100644 --- a/src/server/_security.py +++ b/src/server/_security.py @@ -32,18 +32,18 @@ API_KEY_REQUIRED_STARTING_AT, API_KEY_REGISTRATION_FORM_LINK ) -PHASE_1_2_STOPGAP = ( # todo: add temporary key +PHASE_1_2_STOPGAP = ( "A temporary public key `{}` is available for use between now and {} to give you time to register or adapt your requests without this message continuing to break your systems." -).format(TEMPORARY_API_KEY, API_KEY_REQUIRED_STARTING_AT) +).format(TEMPORARY_API_KEY, (API_KEY_REQUIRED_STARTING_AT + timedelta(days=7))) # steady-state error messages ERROR_MSG_RATE_LIMIT = "Rate limit exceeded for anonymous queries.\nTo remove this limit, register a free API key at {}".format(API_KEY_REGISTRATION_FORM_LINK) ERROR_MSG_MULTIPLES = "Requested too many multiples for anonymous queries.\nTo remove this limit, register a free API key at {}".format(API_KEY_REGISTRATION_FORM_LINK) ERROR_MSG_INVALID_KEY = ( - "API key does not exist. Register a new key at {} or contact $CONTACT_POINT to troubleshoot".format(API_KEY_REGISTRATION_FORM_LINK) + "API key does not exist. Register a new key at {} or contact delphi-support+privacy@andrew.cmu.edu to troubleshoot".format(API_KEY_REGISTRATION_FORM_LINK) ) -ERROR_MSG_INVALID_ROLE = "Provided API key does not have access to this endpoint, please contact $CONTACT_POINT." +ERROR_MSG_INVALID_ROLE = "Provided API key does not have access to this endpoint, please contact delphi-support+privacy@andrew.cmu.edu." def resolve_auth_token() -> Optional[str]: From c75f227e9ec34f1eac5eaee779eb19750af75be0 Mon Sep 17 00:00:00 2001 From: Katie Mazaitis Date: Mon, 22 May 2023 13:18:48 -0400 Subject: [PATCH 2/5] Removed exceptions no longer in use Neither of these was used anywhere: * UnAuthenticatedException * MissingAPIKeyException --- src/server/_exceptions.py | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/src/server/_exceptions.py b/src/server/_exceptions.py index 942be1290..86ef028c1 100644 --- a/src/server/_exceptions.py +++ b/src/server/_exceptions.py @@ -25,16 +25,6 @@ def __init__(self, endpoints: Iterable[str]): super(MissingOrWrongSourceException, self).__init__(f"no data source specified, possible values: {','.join(endpoints)}", 400) -class UnAuthenticatedException(EpiDataException): - def __init__(self): - super(UnAuthenticatedException, self).__init__("unauthenticated", 401) - - -class MissingAPIKeyException(EpiDataException): - def __init__(self): - super(MissingAPIKeyException, self).__init__("missing api key", 401) - - class ValidationFailedException(EpiDataException): def __init__(self, message: str): super(ValidationFailedException, self).__init__(message, 400) From 88ed92d4ac2e62e121215fb1c43997a9aa38e350 Mon Sep 17 00:00:00 2001 From: Katie Mazaitis Date: Mon, 22 May 2023 13:36:57 -0400 Subject: [PATCH 3/5] whitespace and comments --- src/server/_security.py | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/src/server/_security.py b/src/server/_security.py index 04a2f310e..0dbafd96c 100644 --- a/src/server/_security.py +++ b/src/server/_security.py @@ -22,10 +22,6 @@ API_KEY_SOFT_WARNING = API_KEY_HARD_WARNING - timedelta(days=14) # rollout warning messages -# intended usage: in place of API_KEY_WARNING_TEXT -# phase 1 / soft warning: ROLLOUT_WARNING_RATE_LIMIT or ROLLOUT_WARNING_MULTIPLES -# phase 2 / hard warning: (ROLLOUT_WARNING_RATE_LIMIT + PHASE_2_STOPGAP) or (ROLLOUT_WARNING_MULTIPLES + PHASE_2_STOPGAP) - ROLLOUT_WARNING_RATE_LIMIT = "This request exceeded the anonymous limit on requests per minute." ROLLOUT_WARNING_MULTIPLES = "This request exceeded the anonymous limit on selected multiples." _ROLLOUT_WARNING_AD_FRAGMENT = "To be exempt from this limit, authenticate your requests with an API key, which will be enforced starting {}. Registration now available at {}.".format( @@ -38,8 +34,8 @@ # steady-state error messages -ERROR_MSG_RATE_LIMIT = "Rate limit exceeded for anonymous queries.\nTo remove this limit, register a free API key at {}".format(API_KEY_REGISTRATION_FORM_LINK) -ERROR_MSG_MULTIPLES = "Requested too many multiples for anonymous queries.\nTo remove this limit, register a free API key at {}".format(API_KEY_REGISTRATION_FORM_LINK) +ERROR_MSG_RATE_LIMIT = "Rate limit exceeded for anonymous queries. To remove this limit, register a free API key at {}".format(API_KEY_REGISTRATION_FORM_LINK) +ERROR_MSG_MULTIPLES = "Requested too many multiples for anonymous queries. To remove this limit, register a free API key at {}".format(API_KEY_REGISTRATION_FORM_LINK) ERROR_MSG_INVALID_KEY = ( "API key does not exist. Register a new key at {} or contact delphi-support+privacy@andrew.cmu.edu to troubleshoot".format(API_KEY_REGISTRATION_FORM_LINK) ) From 6f8b018b7fe109bebe118ac3aabfe2e67f3d2261 Mon Sep 17 00:00:00 2001 From: Katie Mazaitis Date: Mon, 22 May 2023 13:42:47 -0400 Subject: [PATCH 4/5] Synced rollout warnings to approved comms Also fixed per minute -> per hour, and added "free" where it was supposed to be --- src/server/_security.py | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/src/server/_security.py b/src/server/_security.py index 0dbafd96c..67868cfc4 100644 --- a/src/server/_security.py +++ b/src/server/_security.py @@ -22,11 +22,9 @@ API_KEY_SOFT_WARNING = API_KEY_HARD_WARNING - timedelta(days=14) # rollout warning messages -ROLLOUT_WARNING_RATE_LIMIT = "This request exceeded the anonymous limit on requests per minute." -ROLLOUT_WARNING_MULTIPLES = "This request exceeded the anonymous limit on selected multiples." -_ROLLOUT_WARNING_AD_FRAGMENT = "To be exempt from this limit, authenticate your requests with an API key, which will be enforced starting {}. Registration now available at {}.".format( - API_KEY_REQUIRED_STARTING_AT, API_KEY_REGISTRATION_FORM_LINK -) +ROLLOUT_WARNING_RATE_LIMIT = "This request exceeded the anonymous limit on requests per hour, which will be enforced starting {}.".format(API_KEY_REQUIRED_STARTING_AT) +ROLLOUT_WARNING_MULTIPLES = "This request exceeded the anonymous limit on selected multiples, which will be enforced starting {}.".format(API_KEY_REQUIRED_STARTING_AT) +_ROLLOUT_WARNING_AD_FRAGMENT = "To be exempt from this limit, authenticate your requests with a free API key, now available at {}.".format(API_KEY_REGISTRATION_FORM_LINK) PHASE_1_2_STOPGAP = ( "A temporary public key `{}` is available for use between now and {} to give you time to register or adapt your requests without this message continuing to break your systems." @@ -39,7 +37,7 @@ ERROR_MSG_INVALID_KEY = ( "API key does not exist. Register a new key at {} or contact delphi-support+privacy@andrew.cmu.edu to troubleshoot".format(API_KEY_REGISTRATION_FORM_LINK) ) -ERROR_MSG_INVALID_ROLE = "Provided API key does not have access to this endpoint, please contact delphi-support+privacy@andrew.cmu.edu." +ERROR_MSG_INVALID_ROLE = "Provided API key does not have access to this endpoint. Please contact delphi-support+privacy@andrew.cmu.edu." def resolve_auth_token() -> Optional[str]: From ea8624a0a40da5f21cd1bf96671b529396ab83c2 Mon Sep 17 00:00:00 2001 From: Katie Mazaitis Date: Mon, 22 May 2023 16:58:09 -0400 Subject: [PATCH 5/5] Apply suggestions from code review Co-authored-by: melange396 --- src/server/_security.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/server/_security.py b/src/server/_security.py index 49290fa58..36fb1d93b 100644 --- a/src/server/_security.py +++ b/src/server/_security.py @@ -22,7 +22,7 @@ API_KEY_SOFT_WARNING = API_KEY_HARD_WARNING - timedelta(days=14) # rollout warning messages -ROLLOUT_WARNING_RATE_LIMIT = "This request exceeded the anonymous limit on requests per hour, which will be enforced starting {}.".format(API_KEY_REQUIRED_STARTING_AT) +ROLLOUT_WARNING_RATE_LIMIT = "This request exceeded the rate limit on anonymous requests, which will be enforced starting {}.".format(API_KEY_REQUIRED_STARTING_AT) ROLLOUT_WARNING_MULTIPLES = "This request exceeded the anonymous limit on selected multiples, which will be enforced starting {}.".format(API_KEY_REQUIRED_STARTING_AT) _ROLLOUT_WARNING_AD_FRAGMENT = "To be exempt from this limit, authenticate your requests with a free API key, now available at {}.".format(API_KEY_REGISTRATION_FORM_LINK_LOCAL) @@ -36,6 +36,7 @@ ERROR_MSG_MULTIPLES = "Requested too many multiples for anonymous queries. To remove this limit, register a free API key at {}".format(API_KEY_REGISTRATION_FORM_LINK_LOCAL) ERROR_MSG_INVALID_KEY = ( "API key does not exist. Register a new key at {} or contact delphi-support+privacy@andrew.cmu.edu to troubleshoot".format(API_KEY_REGISTRATION_FORM_LINK_LOCAL) +) ERROR_MSG_INVALID_ROLE = "Provided API key does not have access to this endpoint. Please contact delphi-support+privacy@andrew.cmu.edu."