-
Notifications
You must be signed in to change notification settings - Fork 8
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
0fad127
commit fabc66e
Showing
16 changed files
with
817 additions
and
35 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,4 @@ | ||
docker | ||
node_modules | ||
tmp | ||
.env | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
version: "3.8" | ||
services: | ||
dynamodb-local: | ||
command: "-jar DynamoDBLocal.jar -sharedDb -inMemory -cors '*'" | ||
image: "amazon/dynamodb-local:latest" | ||
container_name: dynamodb-local | ||
ports: | ||
- "8000:8000" | ||
volumes: | ||
- "./docker/dynamodb:/home/dynamodblocal/data" | ||
working_dir: /home/dynamodblocal |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
import express from "express"; | ||
import cors from "cors"; | ||
import serverless from "serverless-http"; | ||
import bodyParser from "body-parser"; | ||
import { corsOrigin } from "../../utils"; | ||
import { MAX_REQUEST_BODY_SIZE } from "../../constants"; | ||
import { router } from "./router"; | ||
|
||
const app = express(); | ||
|
||
app.use(cors({ origin: corsOrigin })); | ||
app.use(bodyParser.json({ limit: MAX_REQUEST_BODY_SIZE })); | ||
app.use( | ||
bodyParser.urlencoded({ limit: MAX_REQUEST_BODY_SIZE, extended: true }), | ||
); | ||
app.use("/.netlify/functions/ocsp-responder", router); | ||
|
||
export const handler = serverless(app); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,115 @@ | ||
import express, { Request, Response } from "express"; | ||
import { | ||
DYNAMODB_TABLE, | ||
OCSP_RESPONDER_SUCCESS_MESSAGE, | ||
OCSP_RESPONDER_REVOCATION_REASON, | ||
} from "../../constants"; | ||
import { checkApiKey, normalizeHash } from "../../utils"; | ||
import { dynamoDbClient } from "../../services/dynamoDb"; | ||
|
||
const router = express.Router(); | ||
|
||
router.post("/", checkApiKey, async (req: Request, res: Response) => { | ||
const { documentHash } = req.body; | ||
const hash = normalizeHash(documentHash); | ||
|
||
try { | ||
await dynamoDbClient | ||
.put({ | ||
TableName: DYNAMODB_TABLE.REVOCATION, | ||
Item: { | ||
documentHash: hash, | ||
createdAt: new Date().toISOString(), | ||
}, | ||
}) | ||
.promise(); | ||
|
||
res.status(200).json({ | ||
success: true, | ||
message: OCSP_RESPONDER_SUCCESS_MESSAGE.ADDED, | ||
}); | ||
} catch (err) { | ||
res.status(400).json(err); | ||
} | ||
}); | ||
|
||
router.get("/", checkApiKey, async (req: Request, res: Response) => { | ||
try { | ||
const result = await dynamoDbClient | ||
.scan({ | ||
TableName: DYNAMODB_TABLE.REVOCATION, | ||
}) | ||
.promise(); | ||
|
||
res.status(200).json({ | ||
success: true, | ||
data: result, | ||
}); | ||
} catch (err) { | ||
res.status(400).json(err); | ||
} | ||
}); | ||
|
||
router.delete( | ||
"/:documentHash", | ||
checkApiKey, | ||
async (req: Request, res: Response) => { | ||
const { | ||
params: { documentHash }, | ||
} = req; | ||
const hash = normalizeHash(documentHash); | ||
|
||
try { | ||
await dynamoDbClient | ||
.delete({ | ||
TableName: DYNAMODB_TABLE.REVOCATION, | ||
Key: { | ||
documentHash: hash, | ||
}, | ||
}) | ||
.promise(); | ||
|
||
res.status(200).json({ | ||
success: true, | ||
messsage: OCSP_RESPONDER_SUCCESS_MESSAGE.REMOVED, | ||
}); | ||
} catch (err) { | ||
res.status(400).json(err); | ||
} | ||
}, | ||
); | ||
|
||
router.get("/:documentHash", async (req: Request, res: Response) => { | ||
const { | ||
params: { documentHash }, | ||
} = req; | ||
const hash = normalizeHash(documentHash); | ||
|
||
try { | ||
const result = await dynamoDbClient | ||
.get({ | ||
TableName: DYNAMODB_TABLE.REVOCATION, | ||
Key: { | ||
documentHash: hash, | ||
}, | ||
}) | ||
.promise(); | ||
|
||
if (Object.entries(result).length === 0 && result.constructor === Object) { | ||
res.status(200).json({ | ||
revoked: false, | ||
documentHash: hash, | ||
}); | ||
} else { | ||
res.status(200).json({ | ||
revoked: true, | ||
documentHash: hash, | ||
reasonCode: OCSP_RESPONDER_REVOCATION_REASON.AFFILIATION_CHANGED, // this response shape is required from oa-verify guard -> https://github.com/Open-Attestation/oa-verify/blob/9638ba5285dc85fc294283c5e5e531debaaa5c4b/src/verifiers/documentStatus/didSigned/didSignedDocumentStatus.type.ts#L44-L79 | ||
}); | ||
} | ||
} catch (err) { | ||
res.status(400).json(err); | ||
} | ||
}); | ||
|
||
export { router }; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
import AWS from "aws-sdk"; | ||
|
||
const option = | ||
process.env.NODE_ENV === "test" | ||
? { | ||
apiVersion: "2012-08-10", | ||
region: "localhost", | ||
endpoint: "http://localhost:8000", | ||
accessKeyId: "fakeMyKeyId", | ||
secretAccessKey: "fakeSecretAccessKey", | ||
} | ||
: { | ||
accessKeyId: process.env.TT_OCSP_AWS_ACCESS_KEY_ID, | ||
secretAccessKey: process.env.TT_OCSP_AWS_SECRET_ACCESS_KEY, | ||
}; | ||
|
||
export const dynamoDbClient = new AWS.DynamoDB.DocumentClient(option); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.