fix credentials/verify endpoint

digitalcredentials · Nov 28, 2024 · 7654148 · 7654148
1 parent 805f3c6
commit 7654148
Show file tree

Hide file tree

Showing 6 changed files with 65 additions and 32 deletions.
diff --git a/.knownDidRegistries.js b/.knownDidRegistries.js
@@ -0,0 +1,20 @@
+const knownDidRegistries = [
+  {
+    name: 'DCC Pilot Registry',
+    url: 'https://digitalcredentials.github.io/issuer-registry/registry.json'
+  },
+  {
+    name: 'DCC Sandbox Registry',
+    url: 'https://digitalcredentials.github.io/sandbox-registry/registry.json'
+  },
+  {
+    name: 'DCC Community Registry',
+    url: 'https://digitalcredentials.github.io/community-registry/registry.json'
+  },
+  {
+    name: 'DCC Registry',
+    url: 'https://digitalcredentials.github.io/dcc-registry/registry.json'
+  }
+]
+
+export default knownDidRegistries
diff --git a/src/app.js b/src/app.js
@@ -6,8 +6,8 @@ import errorHandler from './middleware/errorHandler.js'
 import errorLogger from './middleware/errorLogger.js'
 import invalidPathHandler from './middleware/invalidPathHandler.js'
 import VerificationException from './VerificationException.js'
-import verify from './verify.js'
-import getSignedVC from './test-fixtures/vc.js'
+import { verifyCredential } from './verify.js'
+import { getSignedVC } from './test-fixtures/vc.js'
 
 export async function build() {
   var app = express()
@@ -24,15 +24,17 @@ export async function build() {
         `${req.protocol}://${req.headers.host}/credentials/verify`,
         getSignedVC()
       )
-      if (!data.proof)
+      console.log('the verification result in healthz:')
+      console.log(data)
+      if (!data.verified)
         throw new VerificationException(
           503,
           'transaction-service healthz failed'
         )
     } catch (e) {
       console.log(`exception in healthz: ${JSON.stringify(e)}`)
       return res.status(503).json({
-        error: `signing-service healthz check failed with error: ${e}`,
+        error: `verification-service healthz check failed with error: ${e}`,
         healthy: false
       })
     }
@@ -52,10 +54,10 @@ export async function build() {
       if (!req.body || !Object.keys(req.body).length) {
         throw new VerificationException(
           400,
-          'A verifiable credential must be provided in the body.'
+          'A verifiableCredential property must be provided in the body and it must contain a verifiable credential.'
         )
       }
-      const verificationResult = await verify(vc)
+      const verificationResult = await verifyCredential(vc)
       return res.json(verificationResult)
     } catch (e) {
       // catch the async errors and pass them to the error logger and handler

diff --git a/src/app.test.js b/src/app.test.js
@@ -2,6 +2,7 @@ import { expect } from 'chai'
 import request from 'supertest'
 
 import { build } from './app.js'
+import { getConfig, setConfig } from './config.js'
 
 let app
 
@@ -48,19 +49,20 @@ describe('api', () => {
 
     describe('/healthz fail', () => {
       // to force an error with the health check, we remove the
-      // test issuer instance and it's signing seed
+      // registries list
 
       beforeEach(async () => {
-        // need to do something here to make health check fail
+        getConfig().registries = []
+      })
+      afterEach(async () => {
+        setConfig()
       })
 
       it('returns 503 when not healthy', async () => {
         await request(app)
           .get(`/healthz`)
           .expect('Content-Type', /json/)
           .expect((res) => {
-            console.log('the body:')
-            console.log(res.body)
             expect(res.body.error).to.contain('error')
           })
           .expect(503)

diff --git a/src/config.js b/src/config.js
@@ -1,24 +1,25 @@
+import { RegistryClient } from '@digitalcredentials/issuer-registry-client'
+import knownDidRegistries from '../.knownDidRegistries.js'
+
 let CONFIG
 const defaultPort = 4009
 const defaultConsoleLogLevel = 'silly'
 const defaultLogLevel = 'silly'
+const registries = new RegistryClient()
+await registries.load({ config: knownDidRegistries })
 
 export function setConfig() {
-  CONFIG = parseConfig()
-}
-
-function parseConfig() {
   const env = process.env
-  const config = Object.freeze({
+  CONFIG = {
     port: env.PORT ? parseInt(env.PORT) : defaultPort,
     enableAccessLogging: env.ENABLE_ACCESS_LOGGING?.toLowerCase() === 'true',
     consoleLogLevel:
       env.CONSOLE_LOG_LEVEL?.toLocaleLowerCase() || defaultConsoleLogLevel,
     logLevel: env.LOG_LEVEL?.toLocaleLowerCase() || defaultLogLevel,
     errorLogFile: env.ERROR_LOG_FILE,
-    logAllFile: env.LOG_ALL_FILE
-  })
-  return config
+    logAllFile: env.LOG_ALL_FILE,
+    registries
+  }
 }
 
 export function getConfig() {

diff --git a/src/getRelevantRegistryNames.js b/src/getRelevantRegistryNames.js
@@ -0,0 +1,16 @@
+import { getConfig } from './config.js'
+/**
+ * Returns the names of any known DID registries in which the VC's issuer appears.
+ *
+ * @returns A list of names of DID registries the issuer appears in.
+ */
+export function getRelevantRegistryNames({ issuer }) {
+  const { registries } = getConfig()
+  const issuerDid = typeof issuer === 'string' ? issuer : issuer.id
+  const issuerInfo = registries.didEntry(issuerDid)
+  // See if the issuer DID appears in any of the known registries
+  // If yes, assemble a list of registries it appears in
+  return issuerInfo?.inRegistries
+    ? Array.from(issuerInfo.inRegistries).map((r) => r.name)
+    : null
+}
diff --git a/src/verify.js b/src/verify.js
@@ -1,11 +1,9 @@
 import { Ed25519Signature2020 } from '@digitalbazaar/ed25519-signature-2020'
 //import { purposes } from 'jsonld-signatures'
 import * as vc from '@digitalbazaar/vc'
-//import { VerifiablePresentation, PresentationError } from 'types/presentation.d';
-//import { VerifiableCredential, CredentialError, CredentialErrorTypes } from 'types/credential.d';
 import { securityLoader } from '@digitalcredentials/security-document-loader'
-import { registryCollections } from '@digitalcredentials/issuer-registry-client'
 import { getCredentialStatusChecker } from './credentialStatus.js'
+import { getRelevantRegistryNames } from './getRelevantRegistryNames.js'
 
 const documentLoader = securityLoader({ fetchRemoteContexts: true }).build()
 const suite = new Ed25519Signature2020()
@@ -64,8 +62,6 @@ export async function verifyPresentation(
 }
 
 export async function verifyCredential(credential) {
-  const { issuer } = credential
-
   if (!checkID(credential)) {
     return createFatalErrorResult(
       credential,
@@ -105,7 +101,7 @@ export async function verifyCredential(credential) {
       // Only check revocation status if VC has a 'credentialStatus' property
       checkStatus
     })
-    console.log(JSON.stringify(result))
+    //console.log(JSON.stringify(result))
     result.fatal = false
     if (result?.error?.name === 'VerificationError') {
       return createFatalErrorResult(
@@ -134,14 +130,10 @@ export async function verifyCredential(credential) {
       }
     }
 
-    const issuerDid = typeof issuer === 'string' ? issuer : issuer.id
-    await registryCollections.issuerDid.fetchRegistries()
-    const isInRegistry =
-      await registryCollections.issuerDid.isInRegistryCollection(issuerDid)
-    if (isInRegistry) {
-      const registryInfo =
-        await registryCollections.issuerDid.registriesFor(issuerDid)
-      result.registryName = registryInfo[0].name
+    const { issuer } = credential
+    const registryNames = getRelevantRegistryNames({ issuer })
+    if (registryNames) {
+      result.registryNames = registryNames
     } else {
       result.verified = false
       ;(result.results[0].log ??= []).push({