GithubHelp home page GithubHelp logo

sre-bootcamp's Introduction

Wizeline SRE Bootcamp Selection Challenge

Thank you for registering for the Wizeline Academy SRE Bootcamp, and welcome to the Selection Challenge!

In order to be accepted into the Wizeline Academy SRE Bootcamp, you must successfully complete the Selection Challenge. After registering, you will have until Tuesday, February 21, to complete it. The sooner you send it, the more chances you have of being selected.

We do not want you to think of this as a test or an exam, but instead, more like a project you have been assigned to complete. Communication is important, and we are here to help you if you get stuck or have any concerns - just open an issue in the source repository and our team of SRE experts will get back to you as soon as we can!


Technical Challenge - Practical Applications

We would like you to fork this repository. This will help us get an understanding of your operational skills, no matter which technology stack is used.

Important notes:

  • There is no specific time limitations, so you can go at your own pace.
  • Once you have completed this part of the challenge, please fill out the Google Form that is mentioned at the bottom of this page with your forked repository.

Overview

This repository contains an API skeleton where you can add the code, which is the auth_api folder. Use the language of your preference.

You need to complete a functionality in our API that provides a basic authentication.

The API has 2 missing endpoints. The first endpoint receives a username and password. When these parameters are correct it returns a JWT token; otherwise it should return a 403 HTTP error message.

You will have a read only database with these access:

   
engine mysql
user secret
password jOdznoyH6swQB9sTGdLUeeSrtejWkcw
endpoint sre-bootcamp-selection-challenge.cabf3yhjqvmq.us-east-1.rds.amazonaws.com
port 3306
DB bootcamp_tht

In the database three valid users with their passwords are stored:

Table users

username password salt role
admin encrypted-password F^S%QljSfV admin
noadmin encrypted-password KjvFUC#K*i editor
bob encrypted-password ykptwoT=M( viewer

Passwords in plain text:

username password
admin secret
noadmin noPow3r
bob thisIsNotAPasswordBob

Passwords have appended the salt value and hashed with the SHA512 Algorithm. If the username and password combination is valid, you should return a JWT Token with the role in the payload of the token.

You should use this 256 bit secret to encrypt your token: my2w7wjd7yXF64FIADfJxNs1oupTGAuW

curl -d "username=admin&password=secret" http://localhost:8000/login
{
  "data": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"
}

For the second endpoint you must use the generated token to access a restricted area:

curl -H 'Accept: application/json' -H "Authorization: Bearer ${TOKEN}" localhost:8000/protected
{
  "data": "You are under protected data"
}

Coding

  • Complete the following endpoints.
    • /login
    • /protected
  • Make sure your tests are passing.
  • Add missing tests. Feel free to add any additional tests that you think are valuable.
  • As mentioned above, you may work in the language of your choice. Please pick one from the list of available languages:

Docker

  • Dockerize the application located in src
  • Push it to a public image in DockerHub tagged as wize-<firstName>-<lastName>:latest
  • Application should run in port 8000



Don’t forget to fill out the Google Form with your forked repository!

Remember, you must send your forked repository by filling out the following Google Form you will have until Tuesday, February 21, to be considered for the Wizeline Academy SRE Bootcamp! (The sooner you send it, the more chances you have of being selected).

Thanks for completing the challenge, we can’t wait to see you soon!

sre-bootcamp's People

Stargazers

 avatar  avatar  avatar  avatar  avatar  avatar

Watchers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

sre-bootcamp's Issues

Error: getaddrinfo ENOTFOUND, Verifying if the rds host is running.

I get an error Error: getaddrinfo ENOTFOUND sre-bootcamp-selection-challenge.cabf3yhjqvmq.us-east-1.rds.amazonaws.com/ when trying to curl using the command curl -d "username=admin&password=secret" http://localhost:8000/login to query the aws rds.

When I use nslookup to query the domain name servers using the DB instance endpoint, the server can't find the endpoint.

nslookup sre-bootcamp-selection-challenge.cabf3yhjqvmq.us-east-1.rds.amazonaws.com/

The result is

Server:         172.31.144.1
Address:        172.31.144.1#53

** server can't find sre-bootcamp-selection-challenge.cabf3yhjqvmq.us-east-1.rds.amazonaws.com/: NXDOMAIN

I tried verifying my connection using telnet, running on port 8000, using:

telnet sre-bootcamp-selection-challenge.cabf3yhjqvmq.us-east-1.rds.amazonaws.com/ 8000

I get an error:

telnet: could not resolve sre-bootcamp-selection-challenge.cabf3yhjqvmq.us-east-1.rds.amazonaws.com//8000: Name or service not known

On testing the connectivity with nc and the command:

nc -zv sre-bootcamp-selection-challenge.cabf3yhjqvmq.us-east-1.rds.amazonaws.com/ 8000

The result:

nc: getaddrinfo for host "sre-bootcamp-selection-challenge.cabf3yhjqvmq.us-east-1.rds.amazonaws.com/" port 8000: Name or service not known

I'm trying to wonder if the URL is faulty or existent or if it's an issue on my end and if I should keep looking out for alternative solutions.

Second endpoint is not clear

I am not understanding the second endpoint, it says i should return the message "You are under protected data"
should i return that message only for the "admin" role? What should i return if a wrong token is provided?
I am not clear about what kind of validations we should perform here.

token issue - assertion in function test_generate_token

Hi team, i agree with some other folks who have raised an issue related to the token creation function. The assertion in file: test_api.py, -> function - test_generate_token - , the first parameter in assertion (jwt token) seems to have different structure in comparison to the generated in function - generate_token - in file methods.py; In this last one, i have replaced values manually in payload and still show different output, this difference is in the 'header' structure of the token, if i use any decode64 tool to get the content i show the below differences:

assertion value header:
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9 ({"alg":"HS256","typ":"JWT"})
token generated with values manually replaced (payload):
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9 ({"typ":"JWT","alg":"HS256"})

As you can see above, the 'header' values order are different, therefore unable to pass the assertion. i tried to find any articles related 'header' order manipulation to test the given value but i was not able to find any, therefore my assumption of this issue.

Please note, if i use the token generated from jwt.encode function and replace it in the assertion from function test_generate_token in test_api.py file, i can pass the test.

Thanks for your feedback....

JWT is wrong in the given example(README.md)

Hi Wizeline,

This provided token is not valid I decoded it using this page https://jwt.io/ and I have noticed the payload does not contain the "role".

In addition into the MethodsTest class we have a different JWT token for the same user (admin). so I would like to know which is the right token for the admin user?

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c

image

CodeSignal Problems

Hi

I'm facing an issue when I try to log in CodeSignal to do the code challenge

Evidence:

Screen Shot 2021-08-14 at 1 28 40

I already tried to log in with my gmail account and also GitHub account

I hope you can help me

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.