Skip to content

Commit

Permalink
fix(addVcVerifier): add VerifyVCIssuer method
Browse files Browse the repository at this point in the history
  • Loading branch information
@whitneypurdum
whitneypurdum committed Jun 29, 2022
1 parent 543494f commit 6052d41
Show file tree
Hide file tree
Showing 5 changed files with 242 additions and 55 deletions.
19 changes: 0 additions & 19 deletions docs/api/classes/modules_claims.ClaimsService.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,6 @@ claimsService.getClaimById(claim.id);
- [rejectClaimRequest](modules_claims.ClaimsService.md#rejectclaimrequest)
- [revokeClaim](modules_claims.ClaimsService.md#revokeclaim)
- [revokeMultipleClaim](modules_claims.ClaimsService.md#revokemultipleclaim)
- [verifyVc](modules_claims.ClaimsService.md#verifyvc)
- [create](modules_claims.ClaimsService.md#create)

## Constructors
Expand Down Expand Up @@ -741,24 +740,6 @@ claimsService.revokeMultipleClaim({

___

### verifyVc

**verifyVc**(`vc`): `Promise`<`void`\>

Verify the issuer and and chain of trust for a Verifiable Credential

#### Parameters

| Name | Type |
| :------ | :------ |
| `vc` | `VerifiableCredential`<`RoleCredentialSubject`\> |

#### Returns

`Promise`<`void`\>

___

### create

`Static` **create**(`signerService`, `domainsService`, `cacheClient`, `didRegistry`, `verifiableCredentialService`): `Promise`<[`ClaimsService`](modules_claims.ClaimsService.md)\>
Expand Down
11 changes: 11 additions & 0 deletions docs/api/classes/modules_domains.DomainsService.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,7 @@ domainsService.createOrganization(...);
- [getAppsOfOrg](modules_domains.DomainsService.md#getappsoforg)
- [getDIDsByRole](modules_domains.DomainsService.md#getdidsbyrole)
- [getDefinition](modules_domains.DomainsService.md#getdefinition)
- [getDomainReader](modules_domains.DomainsService.md#getdomainreader)
- [getENSTypesByOwner](modules_domains.DomainsService.md#getenstypesbyowner)
- [getENSTypesBySearchPhrase](modules_domains.DomainsService.md#getenstypesbysearchphrase)
- [getOrgHierarchy](modules_domains.DomainsService.md#getorghierarchy)
Expand Down Expand Up @@ -478,6 +479,16 @@ domain definition

___

### getDomainReader

**getDomainReader**(): `DomainReader`

#### Returns

`DomainReader`

___

### getENSTypesByOwner

**getENSTypesByOwner**(`options`): `Promise`<[`IRole`](../interfaces/modules_domains.IRole.md)[] \| [`IOrganization`](../interfaces/modules_domains.IOrganization.md)[] \| [`IApp`](../interfaces/modules_domains.IApp.md)[]\>
Expand Down
224 changes: 221 additions & 3 deletions package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

35 changes: 2 additions & 33 deletions src/modules/claims/claims.service.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,10 +3,8 @@ import { providers, utils, Wallet } from 'ethers';
import jsonwebtoken from 'jsonwebtoken';
import { v4 } from 'uuid';
import {
DomainReader,
IRoleDefinition,
PreconditionType,
RoleCredentialSubject,
ResolverContractType,
} from '@energyweb/credential-governance';
import {
Expand All @@ -25,7 +23,6 @@ import {
IServiceEndpoint,
ProviderTypes,
} from '@ew-did-registry/did-resolver-interface';
import { VerifiableCredential } from '@ew-did-registry/credentials-interface';
import { ClaimManager__factory } from '../../../ethers/factories/ClaimManager__factory';
import { ERROR_MESSAGES } from '../../errors';
import { emptyAddress } from '../../utils/constants';
Expand Down Expand Up @@ -454,24 +451,6 @@ export class ClaimsService {
await this._cacheClient.issueClaim(this._signerService.did, message);
}

/**
* Verify the issuer and and chain of trust for a Verifiable Credential
*
* @param {VerifiableCredential<RoleCredentialSubject} credential to be verified
*/
async verifyVc(vc: VerifiableCredential<RoleCredentialSubject>) {
const issuerDID = this._signerService.did;
const role = vc.credentialSubject.role.namespace;
if (
!(
(await this._vcIssuerVerifier.verifyIssuerAuthority(role, issuerDID)) ||
(await this._vcIssuerVerifier.verifyChainOfTrustByRoleDefinition(vc))
)
) {
throw new NotAuthorizedIssuer(issuerDID, role);
}
}

/**
* Register issued on-chain claim on Claim Manager contract.
*
Expand Down Expand Up @@ -1150,7 +1129,7 @@ export class ClaimsService {
}

/**
* Verify if the user is issuer of the role verifiable credential
* Verify if the user is an authorized issuer of a role
*
* @param {String} role Registration types of the claim
*/
Expand Down Expand Up @@ -1362,24 +1341,14 @@ export class ClaimsService {
this._didRegistry.registrySettings,
this._didRegistry.ipfsStore
);
const domainReader = new DomainReader({
ensRegistryAddress:
chainConfigs()[this._signerService.chainId].ensRegistryAddress,
provider: this._signerService.provider,
});
const domainReader = this._domainsService.getDomainReader();
domainReader.addKnownResolver({
chainId: this._signerService.chainId,
address: chainConfigs()[this._signerService.chainId].ensResolverV2Address,
type: ResolverContractType.RoleDefinitionResolver_v2,
});
const issuerResolver = new EthersProviderIssuerResolver(domainReader);
// const issuerResolver = new EthersProviderIssuerResolver(
// this._signerService.provider,
// chainConfigs()[this._signerService.chainId].ensResolverV2Address
// );
this._vcIssuerVerifier = new VCIssuerVerification(
// this._signerService.provider,
// this._didRegistry.registrySettings,
credentialResolver,
issuerResolver
);
Expand Down
8 changes: 8 additions & 0 deletions src/modules/domains/domains.service.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1412,4 +1412,12 @@ export class DomainsService {
throw new ENSOwnerNotValidAddressError(owner);
}
}

getDomainReader() {
return new DomainReader({
ensRegistryAddress:
chainConfigs()[this._signerService.chainId].ensRegistryAddress,
provider: this._signerService.provider,
});
}
}

0 comments on commit 6052d41

Please sign in to comment.