Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: enable storage service encrypted endpoint #157

Open
wants to merge 8 commits into
base: next
Choose a base branch
from
Open

feat: enable storage service encrypted endpoint #157

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
acf91ad
feat: enable storage service encrypted endpoint
huynguyen-hl Nov 11, 2024
bb3c1e1
chore: remove resultPath propety in docs and unit tests
huynguyen-hl Nov 12, 2024
aad749b
docs: update verify-app documentation to describe the decryption process
huynguyen-hl Nov 12, 2024
f9d45b4
test: add additional test case for the constructVerifyURL function
huynguyen-hl Nov 12, 2024
706a7a9
test: add additional test case for the constructVerifyURL function
huynguyen-hl Nov 12, 2024
e50a895
chore: update mock data
huynguyen-hl Nov 12, 2024
99a3c23
chore: update scanning page to use the textHtml mime type link set
huynguyen-hl Nov 13, 2024
739fdfb
chore: update the error message for the verify page and its unit tests
huynguyen-hl Nov 13, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 1 addition & 16 deletions app-config.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -688,9 +688,8 @@
"linkRegisterPath": "/api/resolver"
},
"storage": {
"url": "http://localhost:3334/v1/documents",
"url": "http://localhost:3334/v1/credentials",
"params": {
"resultPath": "/uri",
"bucket": "verifiable-credentials"
},
"options": {
Expand Down Expand Up @@ -904,7 +903,6 @@
"storage": {
"url": "http://localhost:3334/v1/documents",
"params": {
"resultPath": "/uri",
"bucket": "verifiable-credentials"
},
"options": {
Expand Down Expand Up @@ -1844,7 +1842,6 @@
"storage": {
"url": "http://localhost:3334/v1/documents",
"params": {
"resultPath": "/uri",
"bucket": "verifiable-credentials"
},
"options": {
Expand Down Expand Up @@ -2022,7 +2019,6 @@
"storage": {
"url": "http://localhost:3334/v1/documents",
"params": {
"resultPath": "/uri",
"bucket": "verifiable-credentials"
},
"options": {
Expand Down Expand Up @@ -2204,7 +2200,6 @@
"storage": {
"url": "http://localhost:3334/v1/documents",
"params": {
"resultPath": "/uri",
"bucket": "verifiable-credentials"
},
"options": {
Expand Down Expand Up @@ -2386,7 +2381,6 @@
"storage": {
"url": "http://localhost:3334/v1/documents",
"params": {
"resultPath": "/uri",
"bucket": "verifiable-credentials"
},
"options": {
Expand Down Expand Up @@ -2589,7 +2583,6 @@
"storage": {
"url": "http://localhost:3334/v1/documents",
"params": {
"resultPath": "/uri",
"bucket": "verifiable-credentials"
},
"options": {
Expand Down Expand Up @@ -3091,7 +3084,6 @@
"storage": {
"url": "http://localhost:3334/v1/documents",
"params": {
"resultPath": "/uri",
"bucket": "verifiable-credentials"
},
"options": {
Expand Down Expand Up @@ -3509,7 +3501,6 @@
"storage": {
"url": "http://localhost:3334/v1/documents",
"params": {
"resultPath": "/uri",
"bucket": "verifiable-credentials"
},
"options": {
Expand Down Expand Up @@ -4173,7 +4164,6 @@
"storage": {
"url": "http://localhost:3334/v1/documents",
"params": {
"resultPath": "/uri",
"bucket": "verifiable-credentials"
},
"options": {
Expand Down Expand Up @@ -4387,7 +4377,6 @@
"storage": {
"url": "http://localhost:3334/v1/documents",
"params": {
"resultPath": "/uri",
"bucket": "verifiable-credentials"
},
"options": {
Expand Down Expand Up @@ -5061,7 +5050,6 @@
"storage": {
"url": "http://localhost:3334/v1/documents",
"params": {
"resultPath": "/uri",
"bucket": "verifiable-credentials"
},
"options": {
Expand Down Expand Up @@ -5275,7 +5263,6 @@
"storage": {
"url": "http://localhost:3334/v1/documents",
"params": {
"resultPath": "/uri",
"bucket": "verifiable-credentials"
},
"options": {
Expand Down Expand Up @@ -5949,7 +5936,6 @@
"storage": {
"url": "http://localhost:3334/v1/documents",
"params": {
"resultPath": "/uri",
"bucket": "verifiable-credentials"
},
"options": {
Expand Down Expand Up @@ -6163,7 +6149,6 @@
"storage": {
"url": "http://localhost:3334/v1/documents",
"params": {
"resultPath": "/uri",
"bucket": "verifiable-credentials"
},
"options": {
Expand Down
2 changes: 0 additions & 2 deletions documentation/docs/mock-apps/common/storage.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,6 @@ The `Storage` object is responsible for managing the configuration of the [Stora
"storage": {
"url": "http://localhost:3334/v1/documents",
"params": {
"resultPath": "/uri",
"bucket": "verifiable-credentials"
},
"options": {
Expand Down Expand Up @@ -46,7 +45,6 @@ The `params` object contains specific parameters for the storage service.
| Property | Required | Description | Type |
| ---------- | -------- | -------------------------------------------------------------------- | ------ |
| bucket | Yes | The name of the storage bucket | String |
| resultPath | Yes | The path where the result (e.g., URI) will be stored in the response | String |

### options

Expand Down
5 changes: 3 additions & 2 deletions documentation/docs/mock-apps/common/verify-link.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,15 +31,16 @@ The general structure of the verify link is as follows:

### Decoded (Human-readable) Example:
```
http://localhost:3001/verify?q={payload:{uri:http://localhost:3001/conformity-credentials/steel-mill-1-emissions.json}}
http://localhost:3001/verify?q={payload:{uri:'http://localhost:3001/conformity-credentials/steel-mill-1-emissions.json', key:'secret', hash:'595d8d20c586c6f55f8a758f294674fa85069db5c518a0f4cbbd3fd61f46522f'}}
```

### Encoded (URL-safe) Example:
```
http://localhost:3001/verify?q%3D%7Bpayload%3A%7Buri%3Ahttp%3A%2F%2Flocalhost%3A3001%2Fconformity-credentials%2Fsteel-mill-1-emissions.json%7D%7D
http://localhost:3001/verify?q%3D%7B%22payload%22%3A%7B%22uri%22%3A%22http%3A%2F%2Flocalhost%3A3001%2Fconformity-credentials%2Fsteel-mill-1-emissions.json%22%2C%22key%22%3A%22secret%22%2C%22hash%22%3A%22595d8d20c586c6f55f8a758f294674fa85069db5c518a0f4cbbd3fd61f46522f%22%7D%7D
```

### Production Example:
```
https://www.example.com/verify?q=%7B%22payload%22%3A%7B%22uri%22%3A%22https%3A%2F%2Fstorage.googleapis.com%2Fverifiable-credentials%2Fconformity-credentials%2Ftop-line-steel-dcc.json%22%7D%7D
https://www.example.com/verify?q=%7B%22payload%22%3A%7B%22uri%22%3A%22https%3A%2F%2Fstorage.googleapis.com%2Fverifiable-credentials%2Fconformity-credentials%2Ftop-line-steel-dcc.json%22%2C%22key%22%3A%22secret%22%2C%22hash%22%3A%22595d8d20c586c6f55f8a758f294674fa85069db5c518a0f4cbbd3fd61f46522f%22%7D%7D
```
1 change: 0 additions & 1 deletion documentation/docs/mock-apps/components/conformity-credential.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,6 @@ The ConformityCredential component allows users to request and manage conformity
"storedCredentialsConfig": {
"url": "http://localhost:3334/v1/documents",
"params": {
"resultPath": "/uri",
"bucket": "verifiable-credentials"
},
"options": {
Expand Down
1 change: 0 additions & 1 deletion documentation/docs/mock-apps/configuration/service-config.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,6 @@ graph TD
"storage": {
"url": "http://localhost:3334/v1/documents",
"params": {
"resultPath": "/uri",
"bucket": "verifiable-credentials"
},
"options": {
Expand Down
1 change: 0 additions & 1 deletion documentation/docs/mock-apps/conformity-credential.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -180,7 +180,6 @@ Example config snippet:
"storedCredentialsConfig": {
"url": "http://localhost:3334/v1/documents",
"params": {
"resultPath": "/uri",
"bucket": "verifiable-credentials"
},
"options": {
Expand Down
1 change: 0 additions & 1 deletion documentation/docs/mock-apps/services/index.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -76,7 +76,6 @@ graph TD
"storage": {
"url": "http://localhost:3334/v1/documents",
"params": {
"resultPath": "/uri",
"bucket": "verifiable-credentials"
},
"options": {
Expand Down
1 change: 0 additions & 1 deletion documentation/docs/mock-apps/services/process-aggregation-event.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,6 @@ P-->>C: Return VC and resolver URL
"storage": {
"url": "http://localhost:3334/v1/documents",
"params": {
"resultPath": "/uri",
"bucket": "verifiable-credentials"
},
"options": {
Expand Down
1 change: 0 additions & 1 deletion documentation/docs/mock-apps/services/process-association-event.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,6 @@ P-->>C: Return association event VC and resolver URL
"url": "https://storage.example.com/upload",
"params": {
"bucket": "bucket-name",
"resultPath": "/url"
}
},
"dlr": {
Expand Down
1 change: 0 additions & 1 deletion documentation/docs/mock-apps/services/process-digital-conformity-credential.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,6 @@ P-->>C: Return digital conformity credential VC and resolver URL
"url": "https://storage.example.com/upload",
"params": {
"bucket": "bucket-name",
"resultPath": "/url"
}
},
"dlr": {
Expand Down
1 change: 0 additions & 1 deletion documentation/docs/mock-apps/services/process-digital-facility-record.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,6 @@ P-->>C: Return digital facility record VC and resolver URL
"storage": {
"url": "http://localhost:3334/v1/documents",
"params": {
"resultPath": "/uri",
"bucket": "verifiable-credentials"
},
"options": {
Expand Down
1 change: 0 additions & 1 deletion documentation/docs/mock-apps/services/process-digital-identity-anchor.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,6 @@ P-->>C: Return digital identity anchor VC and resolver URL
"storage": {
"url": "http://localhost:3334/v1/documents",
"params": {
"resultPath": "/uri",
"bucket": "verifiable-credentials"
},
"options": {
Expand Down
1 change: 0 additions & 1 deletion documentation/docs/mock-apps/services/process-dpp.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -85,7 +85,6 @@ P-->>C: Return VC and resolver URL
"storage": {
"url": "http://localhost:3334/v1/documents",
"params": {
"resultPath": "/uri",
"bucket": "verifiable-credentials"
},
"options": {
Expand Down
1 change: 0 additions & 1 deletion documentation/docs/mock-apps/services/process-object-event.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,6 @@ P-->>C: Return object event VC and resolver URL
"storage": {
"url": "http://localhost:3334/v1/documents",
"params": {
"resultPath": "/uri",
"bucket": "verifiable-credentials"
},
"options": {
Expand Down
1 change: 0 additions & 1 deletion documentation/docs/mock-apps/services/process-traceability-event.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,6 @@ P-->>C: Return event VC and resolver URL
"storage": {
"url": "http://localhost:3334/v1/documents",
"params": {
"resultPath": "/uri",
"bucket": "verifiable-credentials"
},
"options": {
Expand Down
1 change: 0 additions & 1 deletion documentation/docs/mock-apps/services/process-transaction-event.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,6 @@ P-->>C: Return VC and resolver URL
"storage": {
"url": "http://localhost:3334/v1/documents",
"params": {
"resultPath": "/uri",
"bucket": "verifiable-credentials"
},
"options": {
Expand Down
1 change: 0 additions & 1 deletion documentation/docs/mock-apps/services/process-transformation-event-only.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,6 @@ P-->>C: Return transformation event VC and resolver URL
"url": "https://storage.example.com/upload",
"params": {
"bucket": "bucket-name",
"resultPath": "/url"
}
},
"dlr": {
Expand Down
1 change: 0 additions & 1 deletion documentation/docs/mock-apps/services/process-transformation-event.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,6 @@ P-->>C: Return EPCIS VC
"storage": {
"url": "http://localhost:3334/v1/documents",
"params": {
"resultPath": "/uri",
"bucket": "verifiable-credentials"
},
"options": {
Expand Down
4 changes: 4 additions & 0 deletions documentation/docs/mock-apps/verify-app.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,3 +43,7 @@ To ensure the integrity of the credential, a hash value is included in the verif
Upon retrieval of the credential, the application will compute its hash and compare it with the provided value in the URL. If the computed hash matches the provided hash, the credential is considered valid and unaltered.

The hash is optional and can be omitted from the verification link. If the hash is not provided, the credential will not be validated against it.

## Decryption (if required)

If the credential is encrypted, the decryption key is included in the verification link. The application will use this key to decrypt the credential before proceeding with the verification process.
8 changes: 2 additions & 6 deletions packages/components/src/__tests__/ConformityCredential.test.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,9 +44,7 @@ describe('ConformityCredential', () => {

const storedCredentialsConfig = {
url: 'https://example.com',
params: {
resultPath: '',
},
params: {},
};

render(
Expand Down Expand Up @@ -82,9 +80,7 @@ describe('ConformityCredential', () => {

const storedCredentialsConfig = {
url: 'https://example.com',
params: {
resultPath: '',
},
params: {},
};

it('should save credential as string when trigger onClickStorageCredential function', async () => {
Expand Down
8 changes: 2 additions & 6 deletions packages/components/src/__tests__/ConformityUtils.test.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,7 @@ describe('checkStoredCredentials', () => {
it('should return the stored credentials if they are valid', () => {
const storedCredentials = {
url: 'https://example.com',
params: {
resultPath: '',
},
params: {},
};

const result = checkStoredCredentialsConfig(storedCredentials);
Expand All @@ -23,9 +21,7 @@ describe('checkStoredCredentials', () => {
it('should throw an error if the stored credentials url is invalid', () => {
const storedCredentials = {
url: '',
params: {
resultPath: '',
},
params: {},
};

const result = checkStoredCredentialsConfig(storedCredentials);
Expand Down
44 changes: 43 additions & 1 deletion packages/mock-app/src/__tests__/Verify.test.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -424,7 +424,49 @@ describe('Verify', () => {
});

await waitFor(() => {
expect(screen.getByText('Hash invalid')).toBeInTheDocument();
expect(screen.getByText('Failed to compare the hash in the verify URL with the VC hash.')).toBeInTheDocument();
});
});

it('should show error screen when the key is invalid', async () => {
const mockPayloadInvalidKey = {
payload: {
uri: 'http://localhost:3334/v1/verifiable-credentials/6c70251a-f2e7-48a0-a86c-e1027f0e7143.json',
hash: '595d8d20c586c6f55f8a758f294674fa85069db5c518a0f4cbbd3fd61f46522f',
key: 'invalid-key',
},
};
const mockEncryptedCredential = {
cipherText: '+qygK55Jq2S/VmhI8xxHr6JQZbZpM2UbwwPtXgYAh6Opn8Re0y+VStefzXgk3KVRYeaZd+/WZv/Nm3XXdxouGqk2toWHZtAnYAW',
iv: 'HMFLTHEabOowe0pj',
tag: '0B6Js19du2TJ0ADdYe2Ipw==',
type: 'aes-256-gcm'
};
// URL-encode the payload for use as a query parameter
const encodedPayload = `q=${encodeURIComponent(JSON.stringify(mockPayloadInvalidKey))}`;
(useLocation as any).mockImplementation(() => ({
search: encodedPayload,
}));

jest.spyOn(publicAPI, 'get').mockResolvedValueOnce(mockEncryptedCredential);

(computeHash as any).mockImplementation(() => mockPayloadInvalidKey.payload.hash);
(decryptCredential as any).mockImplementation(() => { throw new Error('Failed to decrypt credential') });

(verifyVC as jest.Mock).mockImplementation(() => ({
verified: true,
}));

await act(async () => {
render(
<RouterDom location={history.location} navigator={history}>
<Verify />
</RouterDom>,
);
});

await waitFor(() => {
expect(screen.getByText('Failed to decrypt credential.')).toBeInTheDocument();
});
});
});
Loading
Loading