-
Notifications
You must be signed in to change notification settings - Fork 17
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(agent): add IssuanceSession and NonceService
Signed-off-by: Yurii Shynbuiev <yurii.shynbuiev@iohk.io>
- Loading branch information
1 parent
19c27d0
commit b1d48c6
Showing
11 changed files
with
258 additions
and
30 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
13 changes: 13 additions & 0 deletions
13
...m-agent/service/server/src/main/scala/io/iohk/atala/iam/oidc/domain/IssuanceSession.scala
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
package io.iohk.atala.iam.oidc.domain | ||
|
||
import io.iohk.atala.castor.core.model.did.CanonicalPrismDID | ||
import io.iohk.atala.iam.oidc.http.IssuableCredential | ||
|
||
case class IssuanceSession( | ||
nonce: String, | ||
issuableCredentials: Seq[IssuableCredential], | ||
isPreAuthorized: Boolean, | ||
did: Option[String], | ||
issuerDid: CanonicalPrismDID, | ||
userPin: Option[String] | ||
) |
29 changes: 29 additions & 0 deletions
29
...nt/service/server/src/main/scala/io/iohk/atala/iam/oidc/http/IssuanceSessionRequest.scala
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
package io.iohk.atala.iam.oidc.http | ||
|
||
import sttp.tapir.Schema | ||
import sttp.tapir.json.zio.schemaForZioJsonValue | ||
import zio.json.ast.Json | ||
import zio.json.{DeriveJsonDecoder, DeriveJsonEncoder, JsonDecoder, JsonEncoder} | ||
|
||
case class IssuanceSessionRequest( | ||
nonce: String, | ||
issuableCredentials: Seq[IssuableCredential], | ||
isPreAuthorized: Boolean, | ||
did: Option[String], | ||
issuerDid: Option[String], | ||
userPin: Option[String] | ||
) | ||
|
||
object IssuanceSessionRequest { | ||
given schema: Schema[IssuanceSessionRequest] = Schema.derived | ||
given encoder: JsonEncoder[IssuanceSessionRequest] = DeriveJsonEncoder.gen | ||
given decoder: JsonDecoder[IssuanceSessionRequest] = DeriveJsonDecoder.gen | ||
} | ||
|
||
case class IssuableCredential(`type`: String, claims: Json) | ||
|
||
object IssuableCredential { | ||
given schema: Schema[IssuableCredential] = Schema.derived | ||
given encoder: JsonEncoder[IssuableCredential] = DeriveJsonEncoder.gen | ||
given decoder: JsonDecoder[IssuableCredential] = DeriveJsonDecoder.gen | ||
} |
42 changes: 42 additions & 0 deletions
42
prism-agent/service/server/src/main/scala/io/iohk/atala/iam/oidc/service/NonceService.scala
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
package io.iohk.atala.iam.oidc.service | ||
|
||
import io.iohk.atala.iam.oidc.service.NonceService.NonceGenerator | ||
import zio.Task | ||
|
||
import java.time.Instant | ||
import scala.collection.concurrent.TrieMap | ||
|
||
trait NonceService { | ||
def generateNonce()(implicit gen: NonceGenerator): String = gen() | ||
def validateNonce(nonce: String): Task[Boolean] | ||
def storeNonce(nonce: String, expireAt: Long): Task[Unit] | ||
} | ||
|
||
object NonceService { | ||
type NonceGenerator = () => String | ||
given randomUUID: NonceGenerator = () => java.util.UUID.randomUUID().toString | ||
} | ||
|
||
case class InMemoryNonceService() extends NonceService { | ||
import zio.{Task, ZIO} | ||
private case class NonceRecord(nonce: String, expireAt: Long, fired: Boolean = false) | ||
|
||
private val nonces: TrieMap[String, NonceRecord] = TrieMap.empty | ||
|
||
override def validateNonce(nonce: String): Task[Boolean] = { | ||
nonces.get(nonce) match { | ||
case None => | ||
ZIO.succeed(false) | ||
case Some(n) if !n.fired && n.expireAt > Instant.now().toEpochMilli => | ||
nonces.replace(nonce, n, n.copy(fired = true)) | ||
ZIO.succeed(true) | ||
} | ||
} | ||
|
||
override def storeNonce(nonce: String, expireAt: Long): Task[Unit] = { | ||
nonces.putIfAbsent(nonce, NonceRecord(nonce, expireAt)) match { | ||
case Some(_) => ZIO.fail(new RuntimeException(s"Nonce $nonce already exists")) | ||
case None => ZIO.succeed(()) | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.