Skip to content

Commit f747d36

Browse files
volodymyr-basiukvolodymyr-basiuk
committed
add unit test
1 parent 57d6b69 commit f747d36

File tree

2 files changed

+80
-11
lines changed

2 files changed

+80
-11
lines changed

src/auth/auth.ts

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -82,6 +82,7 @@ export function createAuthorizationRequestWithMessage(
8282
typ: PROTOCOL_CONSTANTS.MediaType.PlainMessage,
8383
type: PROTOCOL_CONSTANTS.PROTOCOL_MESSAGE_TYPE.AUTHORIZATION_REQUEST_MESSAGE_TYPE,
8484
body: {
85+
accept: opts?.accept,
8586
reason: reason,
8687
message: message,
8788
callbackUrl: callbackUrl,
@@ -421,7 +422,9 @@ export class Verifier {
421422
const msg = await this.packageManager.unpack(byteEncoder.encode(tokenStr));
422423

423424
if (request.body.accept?.length) {
424-
const acceptedMediaTypes = request.body.accept.map(accept => parseAcceptProfile(accept).env);
425+
const acceptedMediaTypes = request.body.accept.map(
426+
(accept) => parseAcceptProfile(accept).env
427+
);
425428
if (!acceptedMediaTypes.includes(msg.unpackedMediaType)) {
426429
throw new Error('response type is not in accept profiles of the request');
427430
}

test/auth.test.ts

Lines changed: 76 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,7 @@ import {
99
NativeProver,
1010
PROTOCOL_CONSTANTS,
1111
PackageManager,
12+
PlainPacker,
1213
ZeroKnowledgeProofRequest,
1314
buildAccept
1415
} from '@0xpolygonid/js-sdk';
@@ -25,13 +26,31 @@ import { getDateFromUnixTimestamp, getUnixTimestamp } from '@iden3/js-iden3-core
2526

2627
describe('auth tests', () => {
2728
const connectionString = process.env.IPFS_URL ?? 'https://ipfs.io';
28-
const acceptProfile = buildAccept([
29+
const acceptProfileZKP = buildAccept([
2930
{
3031
protocolVersion: PROTOCOL_CONSTANTS.ProtocolVersion.V1,
3132
env: PROTOCOL_CONSTANTS.MediaType.ZKPMessage,
3233
circuits: [PROTOCOL_CONSTANTS.AcceptAuthCircuits.AuthV2]
3334
}
3435
]);
36+
37+
const acceptProfileJWS = buildAccept([
38+
{
39+
protocolVersion: PROTOCOL_CONSTANTS.ProtocolVersion.V1,
40+
env: PROTOCOL_CONSTANTS.MediaType.SignedMessage,
41+
alg: [
42+
PROTOCOL_CONSTANTS.AcceptJwsAlgorithms.ES256K,
43+
PROTOCOL_CONSTANTS.AcceptJwsAlgorithms.ES256K
44+
]
45+
}
46+
]);
47+
48+
const acceptProfilePlain = buildAccept([
49+
{
50+
protocolVersion: PROTOCOL_CONSTANTS.ProtocolVersion.V1,
51+
env: PROTOCOL_CONSTANTS.MediaType.PlainMessage
52+
}
53+
]);
3554
const expiresTime = getDateFromUnixTimestamp(getUnixTimestamp(new Date()) + 5 * 60);
3655
it('createAuthorizationRequest', () => {
3756
const sender = 'did:iden3:polygon:amoy:xCRp75DgAdS63W65fmXHz6p9DwdonuRU9e46DifhX';
@@ -76,7 +95,7 @@ describe('auth tests', () => {
7695
sender,
7796
callback,
7897
{
79-
accept: acceptProfile,
98+
accept: acceptProfilePlain,
8099
expires_time: expiresTime
81100
}
82101
);
@@ -94,12 +113,15 @@ describe('auth tests', () => {
94113
}
95114
};
96115

116+
const packageManager = new PackageManager();
117+
packageManager.registerPackers([new PlainPacker()]);
118+
97119
const verifier = await Verifier.newVerifier({
98120
stateResolver: resolvers,
99121
suite: {
100122
prover: new NativeProver(new FSCircuitStorage({ dirname: '' })),
101123
circuitStorage: new FSCircuitStorage({ dirname: '../' }),
102-
packageManager: new PackageManager(),
124+
packageManager: packageManager,
103125
documentLoader: schemaLoader
104126
}
105127
});
@@ -118,7 +140,6 @@ describe('auth tests', () => {
118140
sender,
119141
callback,
120142
{
121-
accept: acceptProfile,
122143
expires_time: expiresTime
123144
}
124145
);
@@ -150,7 +171,7 @@ describe('auth tests', () => {
150171

151172
const response: AuthorizationResponseMessage = {
152173
id: 'd61ca0e1-0fb4-42e1-9baf-10926d76588a',
153-
typ: PROTOCOL_CONSTANTS.MediaType.ZKPMessage,
174+
typ: PROTOCOL_CONSTANTS.MediaType.PlainMessage,
154175
type: PROTOCOL_CONSTANTS.PROTOCOL_MESSAGE_TYPE.AUTHORIZATION_RESPONSE_MESSAGE_TYPE,
155176
thid: '3bfc628a-6d16-4af7-8358-59656ca30600',
156177
body: {
@@ -287,7 +308,6 @@ describe('auth tests', () => {
287308
sender,
288309
callback,
289310
{
290-
accept: acceptProfile,
291311
expires_time: expiresTime
292312
}
293313
);
@@ -469,7 +489,7 @@ describe('auth tests', () => {
469489
sender,
470490
callback,
471491
{
472-
accept: acceptProfile,
492+
accept: acceptProfileZKP,
473493
expires_time: expiresTime
474494
}
475495
);
@@ -521,7 +541,7 @@ describe('auth tests', () => {
521541
sender,
522542
callback,
523543
{
524-
accept: acceptProfile,
544+
accept: acceptProfileJWS,
525545
expires_time: expiresTime
526546
}
527547
);
@@ -563,6 +583,52 @@ describe('auth tests', () => {
563583
await expect(verifier.fullVerify(token, request, testOpts)).resolves.not.toThrow();
564584
});
565585

586+
it('TestFullVerify invalid accept', async () => {
587+
const token =
588+
'eyJhbGciOiJFUzI1NkstUiIsImtpZCI6ImRpZDpwa2g6cG9seToweDcxNDFFNGQyMEY3NjQ0REM4YzBBZENBOGE1MjBFQzgzQzZjQUJENjUjUmVjb3ZlcnkyMDIwIiwidHlwIjoiYXBwbGljYXRpb24vaWRlbjNjb21tLXNpZ25lZC1qc29uIn0.eyJpZCI6IjJjOGQ5NzQ3LTQ0MTAtNGU5My1iZjg0LTRlYTNjZmY4MmY0MCIsInR5cCI6ImFwcGxpY2F0aW9uL2lkZW4zY29tbS1zaWduZWQtanNvbiIsInR5cGUiOiJodHRwczovL2lkZW4zLWNvbW11bmljYXRpb24uaW8vYXV0aG9yaXphdGlvbi8xLjAvcmVzcG9uc2UiLCJ0aGlkIjoiN2YzOGExOTMtMDkxOC00YTQ4LTlmYWMtMzZhZGZkYjhiNTQyIiwiYm9keSI6eyJzY29wZSI6W3siaWQiOjEsImNpcmN1aXRJZCI6ImNyZWRlbnRpYWxBdG9taWNRdWVyeVNpZ1YyIiwicHJvb2YiOnsicGlfYSI6WyIxMzI3Njk4Nzc5MjQ5MjM0OTA2MDcxMDc3NTEyOTUxMjYxNzY1NjMzODcxMDkxMzE3NDA0NzE0NTcyMDY4Mjk4NzU0MzUwNjY3NDY0IiwiMjA1NDcyOTI1MzQ0MDgxNzA4NDQwODc3MzY2MDQ0OTYyNjQ3MzI2NjUxNDkxMDEzMzMxNzk3NTg5NTAwMjM0NTgwMjA1Njg5NzMzNTYiLCIxIl0sInBpX2IiOltbIjcyNTI1MDEyNjE5ODM1NTYwMjM1NjA3MzI1MjIzODk2MjIxMDY4MTA5OTUxNzkxNjI0MjY2NzcyNDM2MjQwNTQ0Mzc2Nzc1ODI4MCIsIjgyNDU2MTQzMTExNjUzNTUyNzcyNTgyNTg1NTA0MTI5MTUzNjAzNTc2MjEyMDY5OTA0Mjk3NTE3ODk2NTgwNTI1ODY0Mjc2NjgyMDMiXSxbIjg0MjA4OTI3MTI5OTMyMTU5OTU3NjkwMDQ3MzU2Njc5MzY3MDk4MzY5MTY4MzU4MDM2Njc2NjI1NzQxMTcyNjEzNjI2OTgxMzI1MjkiLCIxMDgyOTQzMjI5MDkyODY3MjM1NjAzNjExMTgxNjE4NTQ0MDU3NTgwMDI1NDQzODAyMzUzNTA3MzUzNTY1ODMzOTE0MzMzODAzNDAyNyJdLFsiMSIsIjAiXV0sInBpX2MiOlsiMTIwNTc1NzM1NDQ2Mzc1NDA1MzE2MjIxNDc2NDg2NjE0MDc1NzM1MzY2MjU0MjM0MzY1ODE0MTk2OTY3NzYwOTMxOTY5Nzc5OTg2MzkiLCIxNTIwMzMwMjIxNjcyOTEzOTcwNjQyNjcyMzc5Mzk5Mjk0MjI5NjY1NTU0NDA4MTEwODkzMTE2MjIwMTQxOTcxNzI0MjU4NTQzOTg2NSIsIjEiXSwicHJvdG9jb2wiOiJncm90aDE2IiwiY3VydmUiOiJibjEyOCJ9LCJwdWJfc2lnbmFscyI6WyIxIiwiMjgwMTg1ODg4MjE0NzE5Mzk2MjQ3MTE0MjE5MjIwNzkzOTU0NTE1MDc3NTQzNzU5Nzg0MDgyMzA1MjQ3OTI3ODY4NjI5OTc1MDMiLCIxNDE5MzMwNDc0NzUwMTMzMTE4MTgwOTcxNTkxMjQ4NzIzNjUyNzAwMzkyNTA4MjEwNjc1MjM3Njc5NjA5OTg5MDIwMTkyODE4NTY5MCIsIjEiLCIyMjk0MjU5NDE1NjI2NjY2NTQyNjYxMzQ2Mjc3MTcyNTMyNzMxNDM4MjY0NzQyNjk1OTA0NDg2MzQ0Njg2NjYxMzAwMzc1MTkzOCIsIjEiLCIzMTY5NjEyMzY4MDg3OTA1MzQyNzg2NTE0MDk5NDQ5Mjk3NDA0MzgzODc0MzcxMzU2OTI0ODI4MDgyMTQzNjExOTUzNjIxODU5NzU5IiwiMTY4NzQzMzc0OCIsIjI2NzgzMTUyMTkyMjU1ODAyNzIwNjA4MjM5MDA0MzMyMTc5Njk0NCIsIjAiLCIyMDM3NjAzMzgzMjM3MTEwOTE3NzY4MzA0ODQ1NjAxNDUyNTkwNTExOTE3MzY3NDk4NTg0MzkxNTQ0NTYzNDcyNjE2NzQ1MDk4OTYzMCIsIjIiLCIyIiwiMjAwMDAxMDEiLCIwIiwiMCIsIjAiLCIwIiwiMCIsIjAiLCIwIiwiMCIsIjAiLCIwIiwiMCIsIjAiLCIwIiwiMCIsIjAiLCIwIiwiMCIsIjAiLCIwIiwiMCIsIjAiLCIwIiwiMCIsIjAiLCIwIiwiMCIsIjAiLCIwIiwiMCIsIjAiLCIwIiwiMCIsIjAiLCIwIiwiMCIsIjAiLCIwIiwiMCIsIjAiLCIwIiwiMCIsIjAiLCIwIiwiMCIsIjAiLCIwIiwiMCIsIjAiLCIwIiwiMCIsIjAiLCIwIiwiMCIsIjAiLCIwIiwiMCIsIjAiLCIwIiwiMCIsIjAiLCIwIiwiMCIsIjAiXX1dfSwiZnJvbSI6ImRpZDpwa2g6cG9seToweDcxNDFFNGQyMEY3NjQ0REM4YzBBZENBOGE1MjBFQzgzQzZjQUJENjUiLCJ0byI6ImRpZDpwb2x5Z29uaWQ6cG9seWdvbjptdW1iYWk6MnFMUHF2YXlOUXo5VEEycjVWUHhVdWdvRjE4dGVHVTU4M3pKODU5d2Z5In0.bWc2ECABj7nvHatD8AXWNJM2VtfhkIjNwz5BBIK9zBMsP0-UWLEWdAWcosiLkYoL0KWwZpgEOrPPepl6T5gC-AA';
589+
const sender = 'did:polygonid:polygon:mumbai:2qLPqvayNQz9TA2r5VPxUugoF18teGU583zJ859wfy';
590+
const callback = 'https://test.com/callback';
591+
const reason = 'reason';
592+
const request: AuthorizationRequestMessage = createAuthorizationRequest(
593+
reason,
594+
sender,
595+
callback,
596+
{
597+
accept: acceptProfileZKP,
598+
expires_time: expiresTime
599+
}
600+
);
601+
602+
const proofRequest: ZeroKnowledgeProofRequest = {
603+
id: 1,
604+
circuitId: CircuitId.AtomicQuerySigV2,
605+
query: {
606+
allowedIssuers: ['*'],
607+
context:
608+
'https://raw.githubusercontent.com/iden3/claim-schema-vocab/main/schemas/json-ld/kyc-v4.jsonld',
609+
type: 'KYCAgeCredential',
610+
credentialSubject: {
611+
birthday: {
612+
$lt: 20000101
613+
}
614+
}
615+
}
616+
};
617+
request.body.scope.push(proofRequest);
618+
619+
const verifier = await Verifier.newVerifier({
620+
stateResolver: resolvers,
621+
documentLoader: schemaLoader,
622+
circuitsDir: path.join(__dirname, './testdata'),
623+
didDocumentResolver: resolveDIDDocument
624+
});
625+
verifier.setupJWSPacker(new KMS(), resolveDIDDocument);
626+
627+
await expect(verifier.fullVerify(token, request, testOpts)).rejects.toThrow(
628+
'response type is not in accept profiles of the request'
629+
);
630+
});
631+
566632
it('registry: get existing circuit', () => {
567633
const type = Circuits.getCircuitPubSignals('authV2');
568634
const instance = new type([
@@ -594,7 +660,7 @@ describe('auth tests', () => {
594660
sender,
595661
callback,
596662
{
597-
accept: acceptProfile,
663+
accept: acceptProfileZKP,
598664
expires_time: expiresTime
599665
}
600666
);
@@ -644,7 +710,7 @@ describe('auth tests', () => {
644710
sender,
645711
callback,
646712
{
647-
accept: acceptProfile,
713+
accept: acceptProfileZKP,
648714
expires_time: expiresTime
649715
}
650716
);

0 commit comments

Comments
 (0)