Skip to content

Commit

Permalink
add test ethereum identity flow (not integration)
Browse files Browse the repository at this point in the history
  • Loading branch information
daveroga committed Mar 28, 2024
1 parent 8e5c553 commit cb9c837
Show file tree
Hide file tree
Showing 2 changed files with 192 additions and 12 deletions.
12 changes: 11 additions & 1 deletion src/credentials/status/reverse-sparse-merkle-tree.ts
Original file line number Diff line number Diff line change
Expand Up @@ -173,7 +173,17 @@ export class RHSResolver implements CredentialStatusResolver {
return this.getRevocationStatusFromIssuerData(issuerDID, issuerData, genesisState);
}
const currentStateBigInt = Hash.fromHex(stateHex).bigInt();
if (!isGenesisState(issuerDID, currentStateBigInt)) {

const issuerId = DID.idFromDID(issuerDID);
let isBjjIdentity = false; // don't generate proof for ethereum identities
try {
Id.ethAddressFromId(issuerId);
} catch {
// not an ethereum identity
isBjjIdentity = true;
}

if (isBjjIdentity && !isGenesisState(issuerDID, currentStateBigInt)) {
throw new Error(
`latest state not found and state parameter ${stateHex} is not genesis state`
);
Expand Down
192 changes: 181 additions & 11 deletions tests/handlers/auth.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,8 @@ import {
RHS_URL,
WALLET_KEY,
STATE_CONTRACT,
RPC_URL
RPC_URL,
SEED_ISSUER
} from '../helpers';
import { testOpts } from './mock';

Expand Down Expand Up @@ -404,8 +405,178 @@ describe('auth', () => {
expect(token).to.be.a('object');
});

it.only('auth flow identity (profile) with ethereum identity issuer with circuits V3', async () => {
const ethSigner = new ethers.Wallet(
WALLET_KEY,
(dataStorage.states as EthStateStorage).provider
);

const { did: didIssuer, credential: issuerAuthCredential } = await idWallet.createIdentity({
method: DidMethod.PolygonId,
blockchain: Blockchain.Polygon,
networkId: NetworkId.Mumbai,
seed: SEED_ISSUER,
revocationOpts: {
type: CredentialStatusType.Iden3ReverseSparseMerkleTreeProof,
id: RHS_URL
},
keyType: KmsKeyType.Secp256k1,
ethSigner,
proofService
});
expect(issuerAuthCredential).not.to.be.undefined;

const profileDID = await idWallet.createProfile(userDID, 777, didIssuer.string());

const claimReq: CredentialRequest = {
credentialSchema:
'https://raw.githubusercontent.com/iden3/claim-schema-vocab/main/schemas/json/kyc-nonmerklized.json',
type: 'KYCAgeCredential',
credentialSubject: {
id: userDID.string(),
birthday: 19960424,
documentType: 99
},
expiration: 2793526400,
revocationOpts: {
type: CredentialStatusType.Iden3ReverseSparseMerkleTreeProof,
id: RHS_URL
}
};
const issuerCred = await idWallet.issueCredential(didIssuer, claimReq);
const employeeCredRequest: CredentialRequest = {
credentialSchema:
'https://raw.githubusercontent.com/iden3/claim-schema-vocab/main/schemas/json/KYCEmployee-v101.json',
type: 'KYCEmployee',
credentialSubject: {
id: profileDID.string(),
ZKPexperiance: true,
hireDate: '2023-12-11',
position: 'boss',
salary: 200,
documentType: 1
},
revocationOpts: {
type: CredentialStatusType.Iden3ReverseSparseMerkleTreeProof,
id: RHS_URL
}
};
const employeeCred = await idWallet.issueCredential(didIssuer, employeeCredRequest);

await credWallet.saveAll([employeeCred, issuerCred]);

const res = await idWallet.addCredentialsToMerkleTree([employeeCred], didIssuer);
await idWallet.publishStateToRHS(didIssuer, RHS_URL);

const txId = await proofService.transitState(
didIssuer,
res.oldTreeState,
true,
dataStorage.states,
ethSigner
);

const credsWithIden3MTPProof = await idWallet.generateIden3SparseMerkleTreeProof(
didIssuer,
res.credentials,
txId
);

await credWallet.saveAll(credsWithIden3MTPProof);

const proofReqs: ZeroKnowledgeProofRequest[] = [
{
id: 1,
circuitId: CircuitId.AtomicQueryV3,
optional: false,
query: {
proofType: ProofType.BJJSignature,
allowedIssuers: ['*'],
type: 'KYCAgeCredential',
context:
'https://raw.githubusercontent.com/iden3/claim-schema-vocab/main/schemas/json-ld/kyc-nonmerklized.jsonld',
credentialSubject: {
documentType: {
$eq: 99
}
}
}
},
{
id: 2,
circuitId: CircuitId.LinkedMultiQuery10,
optional: false,
query: {
groupId: 1,
proofType: ProofType.Iden3SparseMerkleTreeProof,
allowedIssuers: ['*'],
type: 'KYCEmployee',
context:
'https://raw.githubusercontent.com/iden3/claim-schema-vocab/main/schemas/json-ld/kyc-v101.json-ld',
credentialSubject: {
documentType: {
$eq: 1
},
position: {
$eq: 'boss',
$ne: 'employee'
}
}
}
},
{
id: 3,
circuitId: CircuitId.AtomicQueryV3,
optional: false,
query: {
groupId: 1,
proofType: ProofType.BJJSignature,
allowedIssuers: ['*'],
type: 'KYCEmployee',
context:
'https://raw.githubusercontent.com/iden3/claim-schema-vocab/main/schemas/json-ld/kyc-v101.json-ld',
credentialSubject: {
hireDate: {
$eq: '2023-12-11'
}
}
},
params: {
nullifierSessionId: '12345'
}
}
];

const authReqBody: AuthorizationRequestMessageBody = {
callbackUrl: 'http://localhost:8080/callback?id=1234442-123123-123123',
reason: 'reason',
message: 'mesage',
did_doc: {},
scope: proofReqs
};

const id = uuid.v4();
const authReq: AuthorizationRequestMessage = {
id,
typ: PROTOCOL_CONSTANTS.MediaType.PlainMessage,
type: PROTOCOL_CONSTANTS.PROTOCOL_MESSAGE_TYPE.AUTHORIZATION_REQUEST_MESSAGE_TYPE,
thid: id,
body: authReqBody,
from: didIssuer.string()
};

const msgBytes = byteEncoder.encode(JSON.stringify(authReq));
const authRes = await authHandler.handleAuthorizationRequest(userDID, msgBytes);
// console.log(JSON.stringify(authRes.authResponse));
const tokenStr = authRes.token;
// console.log(tokenStr);
expect(tokenStr).to.be.a('string');
const token = await Token.parse(tokenStr);
expect(token).to.be.a('object');
});

// SKIPPED : ethereum identity integration test
it.skip('auth flow identity (profile) with ethereum identity issuer with circuits V3', async () => {
it.skip('auth flow identity (profile) with ethereum identity issuer with circuits V3 (integration)', async () => {
const stateEthConfig = defaultEthConnectionConfig;
stateEthConfig.url = RPC_URL;
stateEthConfig.contractAddress = STATE_CONTRACT;
Expand Down Expand Up @@ -484,8 +655,7 @@ describe('auth', () => {
});
expect(issuerAuthCredential).not.to.be.undefined;

const issuerDIDEth = didIssuer;
const profileDID = await idWallet.createProfile(didUser, 777, issuerDIDEth.string());
const profileDID = await idWallet.createProfile(didUser, 777, didIssuer.string());

const claimReq: CredentialRequest = {
credentialSchema:
Expand All @@ -502,7 +672,7 @@ describe('auth', () => {
id: RHS_URL
}
};
const issuerCred = await idWallet.issueCredential(issuerDIDEth, claimReq);
const issuerCred = await idWallet.issueCredential(didIssuer, claimReq);
const employeeCredRequest: CredentialRequest = {
credentialSchema:
'https://raw.githubusercontent.com/iden3/claim-schema-vocab/main/schemas/json/KYCEmployee-v101.json',
Expand All @@ -520,23 +690,23 @@ describe('auth', () => {
id: RHS_URL
}
};
const employeeCred = await idWallet.issueCredential(issuerDIDEth, employeeCredRequest);
const employeeCred = await idWallet.issueCredential(didIssuer, employeeCredRequest);

await credWallet.saveAll([employeeCred, issuerCred]);

const res = await idWallet.addCredentialsToMerkleTree([employeeCred], issuerDIDEth);
await idWallet.publishStateToRHS(issuerDIDEth, RHS_URL);
const res = await idWallet.addCredentialsToMerkleTree([employeeCred], didIssuer);
await idWallet.publishStateToRHS(didIssuer, RHS_URL);

const txId = await proofService.transitState(
issuerDIDEth,
didIssuer,
res.oldTreeState,
false,
dataStorage.states,
ethSigner
);

const credsWithIden3MTPProof = await idWallet.generateIden3SparseMerkleTreeProof(
issuerDIDEth,
didIssuer,
res.credentials,
txId
);
Expand Down Expand Up @@ -621,7 +791,7 @@ describe('auth', () => {
type: PROTOCOL_CONSTANTS.PROTOCOL_MESSAGE_TYPE.AUTHORIZATION_REQUEST_MESSAGE_TYPE,
thid: id,
body: authReqBody,
from: issuerDIDEth.string()
from: didIssuer.string()
};

const msgBytes = byteEncoder.encode(JSON.stringify(authReq));
Expand Down

0 comments on commit cb9c837

Please sign in to comment.