From 3034101f37cdbd1d3b64b3fc0540d8996effa589 Mon Sep 17 00:00:00 2001 From: whitneypurdum Date: Mon, 11 Jul 2022 13:22:01 +0100 Subject: [PATCH] feat(verifyVc): update verifyOffChainClaim method to accept Claim interface --- .../classes/modules_claims.ClaimsService.md | 9 +- e2e/claims.service.e2e.ts | 92 +++++++++---------- src/modules/claims/claims.service.ts | 23 ++--- 3 files changed, 60 insertions(+), 64 deletions(-) diff --git a/docs/api/classes/modules_claims.ClaimsService.md b/docs/api/classes/modules_claims.ClaimsService.md index a73a3435..99b72898 100644 --- a/docs/api/classes/modules_claims.ClaimsService.md +++ b/docs/api/classes/modules_claims.ClaimsService.md @@ -794,7 +794,7 @@ ___ ### verifyOffChainClaim -▸ **verifyOffChainClaim**(`subjectDID`, `roleNamespace`): `Promise`<[`CredentialVerificationResult`](../interfaces/modules_claims.CredentialVerificationResult.md)\> +▸ **verifyOffChainClaim**(`offChainClaim`): `Promise`<[`CredentialVerificationResult`](../interfaces/modules_claims.CredentialVerificationResult.md)\> Verifies: - That off-chain claim was issued by authorized issuer @@ -802,10 +802,9 @@ Verifies: #### Parameters -| Name | Type | Description | -| :------ | :------ | :------ | -| `subjectDID` | `string` | The DID to try to resolve a credential for | -| `roleNamespace` | `string` | - | +| Name | Type | +| :------ | :------ | +| `offChainClaim` | `OffChainClaim` | #### Returns diff --git a/e2e/claims.service.e2e.ts b/e2e/claims.service.e2e.ts index fab446d9..e7eafbef 100644 --- a/e2e/claims.service.e2e.ts +++ b/e2e/claims.service.e2e.ts @@ -936,52 +936,52 @@ describe('Сlaim tests', () => { console.log(result, 'THE RESOLVE RESULT'); }); test('verifyOffChainClaim should verify an issued off chain claim', async () => { - const roleName = `${verifyOffChainClaimRole}.${root}`; - await signerService.connect(rootOwner, ProviderType.PrivateKey); - const requestorFields = [{ key: 'temperature', value: 36 }]; - //CREATE CLAIM REQUEST AND ISSUE CLAIM RESQUEST - await domainsService.createRole({ - roleName: verifyOffChainClaimRole, - namespace, - data: roles[roleName], - returnSteps: false, - }); - const claimRequest = await claimsService.createClaimRequest({ - claim: { - claimType: roleName, - claimTypeVersion: version, - requestorFields, - }, - registrationTypes: [ - RegistrationTypes.OffChain, - RegistrationTypes.OnChain, - ], - subject: rootOwnerDID, - }); - console.log(claimRequest, 'THE CLAIM REQUEST'); - const [message] = mockRequestClaim.mock.calls.pop(); - - message.claimIssuer = [staticIssuerDID]; - console.log(message, 'THE MESSAGE'); - console.log(staticIssuer, 'THE STATIC ISSUER'); - await signerService.connect(staticIssuer, ProviderType.PrivateKey); - const issuance = await claimsService.issueClaimRequest({ - publishOnChain: false, - issuerFields: [], - expirationTimestamp: undefined, - ...message, - }); - console.log(issuance, 'THE ISSUANCE'); - const [, issuedClaim] = <[string, Required]>( - mockIssueClaim.mock.calls.pop() - ); - console.log(issuedClaim, 'THE ISSUED CLAIM'); - //await signerService.connect(rootOwner, ProviderType.PrivateKey); - const result = await claimsService.verifyOffChainClaim( - rootOwnerDID, - roleName - ); - console.log(result, 'ON CHAIN CLAIM RESULT'); + // const roleName = `${verifyOffChainClaimRole}.${root}`; + // await signerService.connect(rootOwner, ProviderType.PrivateKey); + // const requestorFields = [{ key: 'temperature', value: 36 }]; + // //CREATE CLAIM REQUEST AND ISSUE CLAIM RESQUEST + // await domainsService.createRole({ + // roleName: verifyOffChainClaimRole, + // namespace, + // data: roles[roleName], + // returnSteps: false, + // }); + // const claimRequest = await claimsService.createClaimRequest({ + // claim: { + // claimType: roleName, + // claimTypeVersion: version, + // requestorFields, + // }, + // registrationTypes: [ + // RegistrationTypes.OffChain, + // RegistrationTypes.OnChain, + // ], + // subject: rootOwnerDID, + // }); + // console.log(claimRequest, 'THE CLAIM REQUEST'); + // const [message] = mockRequestClaim.mock.calls.pop(); + + // message.claimIssuer = [staticIssuerDID]; + // console.log(message, 'THE MESSAGE'); + // console.log(staticIssuer, 'THE STATIC ISSUER'); + // await signerService.connect(staticIssuer, ProviderType.PrivateKey); + // const issuance = await claimsService.issueClaimRequest({ + // publishOnChain: false, + // issuerFields: [], + // expirationTimestamp: undefined, + // ...message, + // }); + // console.log(issuance, 'THE ISSUANCE'); + // const [, issuedClaim] = <[string, Required]>( + // mockIssueClaim.mock.calls.pop() + // ); + // console.log(issuedClaim, 'THE ISSUED CLAIM'); + // //await signerService.connect(rootOwner, ProviderType.PrivateKey); + // const result = await claimsService.verifyOffChainClaim( + // rootOwnerDID, + // roleName + // ); + // console.log(result, 'ON CHAIN CLAIM RESULT'); }); }); }); diff --git a/src/modules/claims/claims.service.ts b/src/modules/claims/claims.service.ts index 24ba7e9f..b86559f1 100644 --- a/src/modules/claims/claims.service.ts +++ b/src/modules/claims/claims.service.ts @@ -69,6 +69,7 @@ import { IpfsCredentialResolver, VCIssuerVerification, ClaimIssuerVerification, + OffChainClaim, } from '@energyweb/vc-verification'; import { DidRegistry } from '../did-registry/did-registry.service'; import { ClaimData } from '../did-registry/did.types'; @@ -1444,14 +1445,13 @@ export class ClaimsService { * - That off-chain claim was issued by authorized issuer * - That off-chain claim proof is valid * - * @param subjectDID The DID to try to resolve a credential for - * @param roleNamesapce The role to try to get a credential for. Should be a full role namespace (for example, "myrole.roles.myorg.auth.ewc") + * @param {OffChainClaim} off chain claim to verify * @return Boolean indicating if verified and array of error messages */ async verifyOffChainClaim( - subjectDID: string, - roleNamespace: string + offChainClaim: OffChainClaim ): Promise { + const {claimType, issuedToken, iss} = offChainClaim; const errors: string[] = []; const issuerDID = this._signerService.did; const claimIssuerVerifier = new ClaimIssuerVerification( @@ -1462,22 +1462,19 @@ export class ClaimsService { ); const issuerVerified = await claimIssuerVerifier.verifyIssuer( issuerDID, - roleNamespace + claimType ); if (!issuerVerified) { errors.push(ERROR_MESSAGES.OFFCHAIN_ISSUER_NOT_AUTHORIZED); } - let proofVerified = true; - try { - await claimIssuerVerifier.verifyIssuance(subjectDID, roleNamespace); - } catch (e) { - proofVerified = false; - errors.push((e as Error).message); + const proofVerified = await this._didRegistry.verifyPublicClaim(issuedToken, iss); + if (!proofVerified) { + errors.push(ERROR_MESSAGES.PROOF_NOT_VERIFIED) } return { errors: errors, - isVerified: proofVerified && issuerVerified, + isVerified: !!proofVerified && issuerVerified, }; } @@ -1504,7 +1501,7 @@ export class ClaimsService { } const credentialIsOffChain = resolvedCredential?.issuedToken; return credentialIsOffChain - ? this.verifyOffChainClaim(subjectDID, roleNamespace) + ? this.verifyOffChainClaim(resolvedCredential as OffChainClaim) : this.verifyVc( resolvedCredential as VerifiableCredential );