From 8e6c48f9fc93117b060b9ba0bbe01dde6cefba4c Mon Sep 17 00:00:00 2001 From: Mritunjay Kumar Date: Fri, 25 Aug 2023 09:44:40 +0530 Subject: [PATCH] fix: exp for response token --- .../src/DidAuthService/DidAuthClientService.ts | 3 ++- .../src/DidAuthService/DidAuthService.ts | 3 ++- common-libs/did-auth-lib/src/shared/builder.ts | 4 ++-- .../test/unit/DidAuthService/DidAuthService.test.ts | 13 +++++++++++-- 4 files changed, 17 insertions(+), 6 deletions(-) diff --git a/common-libs/did-auth-lib/src/DidAuthService/DidAuthClientService.ts b/common-libs/did-auth-lib/src/DidAuthService/DidAuthClientService.ts index 10d72031..b17c324b 100644 --- a/common-libs/did-auth-lib/src/DidAuthService/DidAuthClientService.ts +++ b/common-libs/did-auth-lib/src/DidAuthService/DidAuthClientService.ts @@ -11,6 +11,7 @@ export default class DidAuthClientService { async createDidAuthResponseToken( didAuthRequestTokenStr: string, options?: CreateResponseTokenOptions, + exp?: number ): Promise { const didAuthRequestToken = DidAuthRequestToken.fromString(didAuthRequestTokenStr) const maxTokenValidityPeriod = options?.maxTokenValidInMs ?? DEFAULT_MAX_TOKEN_VALID_IN_MS @@ -25,7 +26,7 @@ export default class DidAuthClientService { ) } - const jwtObject = await buildResponseJwtObject(didAuthRequestTokenStr) + const jwtObject = await buildResponseJwtObject(didAuthRequestTokenStr, exp) await this._signer.fillSignature(jwtObject) diff --git a/common-libs/did-auth-lib/src/DidAuthService/DidAuthService.ts b/common-libs/did-auth-lib/src/DidAuthService/DidAuthService.ts index 845c5f54..1a005ad6 100644 --- a/common-libs/did-auth-lib/src/DidAuthService/DidAuthService.ts +++ b/common-libs/did-auth-lib/src/DidAuthService/DidAuthService.ts @@ -106,9 +106,10 @@ export default class AffinidiDidAuthService { async createDidAuthResponseToken( didAuthRequestTokenStr: string, options?: CreateResponseTokenOptions, + exp?: number ): Promise { const clientService = new DidAuthClientService(this.createSigner()) - return clientService.createDidAuthResponseToken(didAuthRequestTokenStr, options) + return clientService.createDidAuthResponseToken(didAuthRequestTokenStr, options, exp) } async createDidAuthResponseTokenThroughCloudWallet( diff --git a/common-libs/did-auth-lib/src/shared/builder.ts b/common-libs/did-auth-lib/src/shared/builder.ts index 2bb9b559..0e1b405e 100644 --- a/common-libs/did-auth-lib/src/shared/builder.ts +++ b/common-libs/did-auth-lib/src/shared/builder.ts @@ -1,7 +1,7 @@ import { JwtService } from '@affinidi/tools-common' import { parse } from 'did-resolver' -export const buildResponseJwtObject = async (didAuthRequestToken: string) => { +export const buildResponseJwtObject = async (didAuthRequestToken: string, exp?: number) => { const didAuthRequestTokenDecoded = JwtService.fromJWT(didAuthRequestToken) const jwtType = 'DidAuthResponse' const NOW = Date.now() @@ -9,7 +9,7 @@ export const buildResponseJwtObject = async (didAuthRequestToken: string) => { const jwtObject: any = await JwtService.buildJWTInteractionToken(null, jwtType, didAuthRequestTokenDecoded) jwtObject.payload.requestToken = didAuthRequestToken jwtObject.payload.aud = parse(didAuthRequestTokenDecoded.payload.iss).did - jwtObject.payload.exp = undefined + jwtObject.payload.exp = exp jwtObject.payload.createdAt = NOW return jwtObject } diff --git a/common-libs/did-auth-lib/test/unit/DidAuthService/DidAuthService.test.ts b/common-libs/did-auth-lib/test/unit/DidAuthService/DidAuthService.test.ts index da4dcb3d..9d895e8b 100644 --- a/common-libs/did-auth-lib/test/unit/DidAuthService/DidAuthService.test.ts +++ b/common-libs/did-auth-lib/test/unit/DidAuthService/DidAuthService.test.ts @@ -12,6 +12,7 @@ import DidAuthServerService from '../../../src/DidAuthService/DidAuthServerServi import Signer from '../../../src/shared/Signer' import { Affinidi, KeysService, LocalKeyVault } from '@affinidi/common' import DidAuthClientService from '../../../src/DidAuthService/DidAuthClientService' +import { DEFAULT_REQUEST_TOKEN_VALID_IN_MS } from 'src/shared/constants' const env = { environment: 'dev', @@ -150,7 +151,11 @@ describe('AffinidiDidAuthService', () => { const didAuthRequestToken = await verifierDidAuthService.createDidAuthRequestToken(holderDid) - const didAuthResponseToken = await holderDidAuthService.createDidAuthResponseToken(didAuthRequestToken) + const NOW = Date.now() + + const exp = NOW + DEFAULT_REQUEST_TOKEN_VALID_IN_MS + + const didAuthResponseToken = await holderDidAuthService.createDidAuthResponseToken(didAuthRequestToken, undefined, exp) const result = await verifierDidAuthService.verifyDidAuthResponseToken(didAuthResponseToken, verifierOptions) @@ -174,7 +179,11 @@ describe('AffinidiDidAuthService', () => { const didAuthRequestToken = await serverService.createDidAuthRequestToken(holderDid) - const didAuthResponseToken = await clientService.createDidAuthResponseToken(didAuthRequestToken) + const NOW = Date.now() + + const exp = NOW + DEFAULT_REQUEST_TOKEN_VALID_IN_MS + + const didAuthResponseToken = await clientService.createDidAuthResponseToken(didAuthRequestToken, undefined ,exp) const result = await serverService.verifyDidAuthResponseToken(didAuthResponseToken)