feat(verifyExp): add documentation; address PR comments

energywebfoundation · Jul 26, 2022 · e7a50a5 · e7a50a5
1 parent 1d96490
commit e7a50a5
Show file tree

Hide file tree

Showing 4 changed files with 52 additions and 33 deletions.
diff --git a/docs/api/classes/modules_claims.ClaimsService.md b/docs/api/classes/modules_claims.ClaimsService.md
@@ -74,16 +74,20 @@ claimsService.getClaimById(claim.id);
 
 ▸ **claimIsExpired**(`date`): `boolean`
 
+Verifies if a date is expired (occurs before given date)
+
 #### Parameters
 
-| Name | Type |
-| :------ | :------ |
-| `date` | `number` |
+| Name | Type | Description |
+| :------ | :------ | :------ |
+| `date` | `number` | to be verified |
 
 #### Returns
 
 `boolean`
 
+Boolean indicating if a date is expired
+
 ___
 
 ### claimRevocationDetails
@@ -263,17 +267,21 @@ ___
 
 ▸ **fetchCredential**(`subjectDID`, `roleNamespace`): `Promise`<`undefined` \| `VerifiableCredential`<`RoleCredentialSubject`\> \| `RoleEIP191JWT`\>
 
+Fetch a credential from storage
+
 #### Parameters
 
-| Name | Type |
-| :------ | :------ |
-| `subjectDID` | `string` |
-| `roleNamespace` | `string` |
+| Name | Type | Description |
+| :------ | :------ | :------ |
+| `subjectDID` | `string` | The DID to try to resolve a credential for |
+| `roleNamespace` | `string` | - |
 
 #### Returns
 
 `Promise`<`undefined` \| `VerifiableCredential`<`RoleCredentialSubject`\> \| `RoleEIP191JWT`\>
 
+Resolved Credetiantial of type VerifiableCredential<RoleCredentialSubject> || RoleEIP191JWT or undefined
+
 ___
 
 ### getClaimById

diff --git a/e2e/claims.service.e2e.ts b/e2e/claims.service.e2e.ts
@@ -62,8 +62,8 @@ const verifyVcRole = 'verifyVcRole';
 const verifyVcRole2 = 'verifyVcRole2';
 const verifyOffChainClaimRole = 'verifyOnChain';
 const resolveVC = 'resolvevc';
-const verifyVcExpired = 'vcExpired';
-const eipExpired = 'eipExpired';
+const verifyResolvedVcExpired = 'vcResolvedExpired';
+const eip191JwtExpired = 'eip191JwtExpired';
 const vcExpired = 'vcExpired';
 const namespace = root;
 const version = 1;
@@ -119,19 +119,19 @@ const roles: Record<string, IRoleDefinitionV2> = {
     roleName: verifyOffChainClaimRole,
     issuer: { issuerType: 'DID', did: [staticIssuerDID] },
   },
-  [`${verifyVcExpired}.${root}`]: {
+  [`${verifyResolvedVcExpired}.${root}`]: {
     ...baseRoleDef,
-    roleName: verifyVcExpired,
+    roleName: verifyResolvedVcExpired,
     issuer: { issuerType: 'DID', did: [staticIssuerDID] },
   },
   [`${vcExpired}.${root}`]: {
     ...baseRoleDef,
     roleName: vcExpired,
     issuer: { issuerType: 'DID', did: [staticIssuerDID] },
   },
-  [`${eipExpired}.${root}`]: {
+  [`${eip191JwtExpired}.${root}`]: {
     ...baseRoleDef,
-    roleName: eipExpired,
+    roleName: eip191JwtExpired,
     issuer: { issuerType: 'DID', did: [staticIssuerDID] },
   },
 };
@@ -275,9 +275,9 @@ describe('Сlaim tests', () => {
       returnSteps: false,
     });
     await domainsService.createRole({
-      roleName: verifyVcExpired,
+      roleName: verifyResolvedVcExpired,
       namespace,
-      data: roles[`${verifyVcExpired}.${root}`],
+      data: roles[`${verifyResolvedVcExpired}.${root}`],
       returnSteps: false,
     });
     await domainsService.createRole({
@@ -287,9 +287,9 @@ describe('Сlaim tests', () => {
       returnSteps: false,
     });
     await domainsService.createRole({
-      roleName: eipExpired,
+      roleName: eip191JwtExpired,
       namespace,
-      data: roles[`${eipExpired}.${root}`],
+      data: roles[`${eip191JwtExpired}.${root}`],
       returnSteps: false,
     });
     ({ didRegistry, claimsService } = await connectToDidRegistry());
@@ -938,7 +938,7 @@ describe('Сlaim tests', () => {
         });
 
         test('resolveCredentialAndVerify should return an expiration error if the credential is expired', async () => {
-          const roleName = `${verifyVcExpired}.${root}`;
+          const roleName = `${verifyResolvedVcExpired}.${root}`;
           const { issuedToken } = await enrolAndIssue(rootOwner, staticIssuer, {
             subjectDID: rootOwnerDID,
             claimType: roleName,
@@ -1002,7 +1002,7 @@ describe('Сlaim tests', () => {
         expect(result.isVerified).toBe(false);
       });
       test('verifyEIP should return an expiration error if the credential is expired', async () => {
-        const roleName = `${eipExpired}.${root}`;
+        const roleName = `${eip191JwtExpired}.${root}`;
         const { issuedToken } = await enrolAndIssue(rootOwner, staticIssuer, {
           subjectDID: rootOwnerDID,
           claimType: roleName,

diff --git a/src/errors/error-messages.ts b/src/errors/error-messages.ts
@@ -35,5 +35,5 @@ export enum ERROR_MESSAGES {
   PROOF_NOT_VERIFIED = 'Proof not verified',
   OFFCHAIN_ISSUER_NOT_AUTHORIZED = 'Issuer of OffChain Claim is not authorized',
   NO_CLAIM_RESOLVED = 'No claim found for given DID and role',
-  CLAIM_EXPIRED = 'Credential Expired',
+  CREDENTIAL_EXPIRED = 'Credential Expired',
 }
diff --git a/src/modules/claims/claims.service.ts b/src/modules/claims/claims.service.ts
@@ -1422,6 +1422,13 @@ export class ClaimsService {
       await this._signerService.signMessage(arrayify(proofHash))
     );
   }
+
+  /**
+   * Verifies if a date is expired (occurs before given date)
+   * @param {Number} date to be verified
+   * @return Boolean indicating if a date is expired
+   *
+   */
   claimIsExpired(date: number): boolean {
     return !!date && date < Date.now();
   }
@@ -1489,13 +1496,12 @@ export class ClaimsService {
     const { payload, eip191Jwt } = roleEIP191JWT;
     const errors: string[] = [];
     const issuerDID = this._signerService.did;
-    let issuerVerified = true;
-    const { status, error } = await this._issuerVerification.verifyIssuer(
-      issuerDID,
-      payload?.claimData?.claimType
-    );
-    if (!status && error) {
-      issuerVerified = false;
+    const { status: issuerVerified, error } =
+      await this._issuerVerification.verifyIssuer(
+        issuerDID,
+        payload?.claimData?.claimType
+      );
+    if (!issuerVerified && error) {
       errors.push(error);
     }
     const proofVerified = await this._didRegistry.verifyPublicClaim(
@@ -1505,11 +1511,10 @@ export class ClaimsService {
     if (!proofVerified) {
       errors.push(ERROR_MESSAGES.PROOF_NOT_VERIFIED);
     }
-    let isExpired = false;
+    const isExpired = payload?.exp && this.claimIsExpired(payload.exp);
     if (payload?.exp) {
-      if (this.claimIsExpired(payload.exp)) {
-        isExpired = true;
-        errors.push(ERROR_MESSAGES.CLAIM_EXPIRED);
+      if (isExpired) {
+        errors.push(ERROR_MESSAGES.CREDENTIAL_EXPIRED);
       }
     }
     return {
@@ -1518,17 +1523,23 @@ export class ClaimsService {
     };
   }
 
+  /**
+   * Fetch a credential from storage
+   *
+   * @param subjectDID The DID to try to resolve a credential for
+   * @param roleNamesapce The role to try to get a credential for. Should be a full role namespace (for example, "myrole.roles.myorg.auth.ewc")
+   * @return Resolved Credetiantial of type VerifiableCredential<RoleCredentialSubject> || RoleEIP191JWT or undefined
+   */
   async fetchCredential(
     subjectDID: string,
     roleNamespace: string
   ): Promise<
     VerifiableCredential<RoleCredentialSubject> | RoleEIP191JWT | undefined
   > {
-    const resolvedCredential = await this._credentialResolver.getCredential(
+    return await this._credentialResolver.getCredential(
       subjectDID,
       roleNamespace
     );
-    return resolvedCredential;
   }
 
   /**