Add User Info to created tasks (#303)

This PR makes user information from JWT tokens available as part of a Task. Included changes: * Renamed `verify_token` to `call_if_agent`, since this function is specific to agent token verification * Renames `is_authorized` to `is_agent`, since this function checks if the token is an agent * Adds support for unmanaged nodes in `is_agent` (see #133 for information) * Saves the user information from the JWT token on task create as part of `TaskConfig` Note, `TaskConfig` is what is provided to notification templates. This enables Github issues and ADO work items to tie back to the user that created the task. Note, while `upn` _usually_ means email for AAD user tokens. If we were going to make use of the email address, we should perform a graph lookup based on the `oid`, but we're not.
2025-06-13 10:38:08 +00:00 · 2020-11-13 06:50:52 -05:00
parent 31f099d3d4
commit beea318968
13 changed files with 254 additions and 71 deletions
--- a/src/api-service/app/onefuzzlib/tasks/main.py
+++ b/src/api-service/app/onefuzzlib/tasks/main.py
@ -11,7 +11,7 @@ from uuid import UUID
 from onefuzztypes.enums import ErrorCode, TaskState
 from onefuzztypes.models import Error
 from onefuzztypes.models import Task as BASE_TASK
-from onefuzztypes.models import TaskConfig, TaskVm
+from onefuzztypes.models import TaskConfig, TaskVm, UserInfo
 from onefuzztypes.webhooks import (
    WebhookEventTaskCreated,
    WebhookEventTaskFailed,
@ -42,7 +42,9 @@ class Task(BASE_TASK, ORMMixin):
        return True

    @classmethod
-    def create(cls, config: TaskConfig, job_id: UUID) -> Union["Task", Error]:
+    def create(
+        cls, config: TaskConfig, job_id: UUID, user_info: UserInfo
+    ) -> Union["Task", Error]:
        if config.vm:
            os = get_os(config.vm.region, config.vm.image)
        elif config.pool:
@ -52,11 +54,14 @@ class Task(BASE_TASK, ORMMixin):
            os = pool.os
        else:
            raise Exception("task must have vm or pool")
-        task = cls(config=config, job_id=job_id, os=os)
+        task = cls(config=config, job_id=job_id, os=os, user_info=user_info)
        task.save()
        Webhook.send_event(
            WebhookEventTaskCreated(
-                job_id=task.job_id, task_id=task.task_id, config=config
+                job_id=task.job_id,
+                task_id=task.task_id,
+                config=config,
+                user_info=user_info,
            )
        )
        return task
@ -183,7 +188,9 @@ class Task(BASE_TASK, ORMMixin):
        self.state = TaskState.stopping
        self.save()
        Webhook.send_event(
-            WebhookEventTaskStopped(job_id=self.job_id, task_id=self.task_id)
+            WebhookEventTaskStopped(
+                job_id=self.job_id, task_id=self.task_id, user_info=self.user_info
+            )
        )

    def mark_failed(self, error: Error) -> None:
@ -199,7 +206,10 @@ class Task(BASE_TASK, ORMMixin):

        Webhook.send_event(
            WebhookEventTaskFailed(
-                job_id=self.job_id, task_id=self.task_id, error=error
+                job_id=self.job_id,
+                task_id=self.task_id,
+                error=error,
+                user_info=self.user_info,
            )
        )