diff --git a/package.json b/package.json index 99768ab32..42e2a58d2 100644 --- a/package.json +++ b/package.json @@ -1,7 +1,7 @@ { "name": "selfkey-identity-wallet", "productName": "SelfKey Identity Wallet", - "version": "1.9.16", + "version": "1.9.17", "description": "The Official SelfKey Identity Wallet for Desktop", "browser": [ "chrome" diff --git a/src/main/platform/relying-party.js b/src/main/platform/relying-party.js index 4d040482a..81ffb84b9 100644 --- a/src/main/platform/relying-party.js +++ b/src/main/platform/relying-party.js @@ -124,6 +124,15 @@ export class RelyingPartyRest { static getAuthorizationHeader(token) { return `Bearer ${token}`; } + static isSecure(url) { + if ( + url.startsWith('https://credentials.keyfi.com') || + url.startsWith('https://korporatio.instance.kyc-chain.com') + ) { + return false; + } + return true; + } static async getChallenge(ctx) { let url = ctx.getEndpoint(CHALLENGE_ENDPOINT_NAME); const did = ctx.supportsDID() @@ -133,7 +142,8 @@ export class RelyingPartyRest { return request.get({ url, headers: { 'User-Agent': this.userAgent, Origin: ctx.getOrigin() }, - json: true + json: true, + rejectUnauthorized: this.isSecure(url) }); } static postChallengeReply(ctx, challenge, signature, keyId) { @@ -154,7 +164,8 @@ export class RelyingPartyRest { 'User-Agent': this.userAgent, Origin: ctx.getOrigin() }, - json: true + json: true, + rejectUnauthorized: this.isSecure(url) }); } static getUserToken(ctx, meta) { @@ -173,7 +184,8 @@ export class RelyingPartyRest { Origin: ctx.getOrigin() }, qs, - json: true + json: true, + rejectUnauthorized: this.isSecure(url) }); } static async uploadUserFile(ctx, doc) { @@ -196,7 +208,8 @@ export class RelyingPartyRest { 'User-Agent': this.userAgent, Origin: ctx.getOrigin() }, - json: true + json: true, + rejectUnauthorized: this.isSecure(url) }); } static async createUser(ctx, attributes, documents = [], meta = {}) { @@ -211,7 +224,8 @@ export class RelyingPartyRest { 'User-Agent': this.userAgent, Origin: ctx.getOrigin() }, - json: true + json: true, + rejectUnauthorized: this.isSecure(url) }); } let formData = documents.reduce((acc, curr) => { @@ -252,7 +266,8 @@ export class RelyingPartyRest { 'User-Agent': this.userAgent, Origin: ctx.getOrigin() }, - json: true + json: true, + rejectUnauthorized: this.isSecure(url) }); } static getKYCTemplate(ctx, id) { @@ -265,7 +280,8 @@ export class RelyingPartyRest { 'User-Agent': this.userAgent, Origin: ctx.getOrigin() }, - json: true + json: true, + rejectUnauthorized: this.isSecure(url) }); } @@ -295,7 +311,8 @@ export class RelyingPartyRest { 'User-Agent': this.userAgent, Origin: ctx.getOrigin() }, - json: true + json: true, + rejectUnauthorized: this.isSecure(url) }) ); } @@ -312,7 +329,8 @@ export class RelyingPartyRest { 'User-Agent': this.userAgent, Origin: ctx.getOrigin() }, - json: true + json: true, + rejectUnauthorized: this.isSecure(url) }); } @@ -341,7 +359,8 @@ export class RelyingPartyRest { 'User-Agent': this.userAgent, Origin: ctx.getOrigin() }, - json: true + json: true, + rejectUnauthorized: this.isSecure(url) }); } @@ -359,7 +378,8 @@ export class RelyingPartyRest { 'User-Agent': this.userAgent, Origin: ctx.getOrigin() }, - json: true + json: true, + rejectUnauthorized: this.isSecure(url) }); } static updateKYCApplicationPayment(ctx, applicationId, transactionHash) { @@ -375,7 +395,8 @@ export class RelyingPartyRest { 'User-Agent': this.userAgent, Origin: ctx.getOrigin() }, - json: true + json: true, + rejectUnauthorized: this.isSecure(url) }); } @@ -389,7 +410,8 @@ export class RelyingPartyRest { 'User-Agent': this.userAgent, Origin: ctx.getOrigin() }, - json: true + json: true, + rejectUnauthorized: this.isSecure(url) }); return chatResponse; } @@ -406,7 +428,8 @@ export class RelyingPartyRest { 'User-Agent': this.userAgent, Origin: ctx.getOrigin() }, - json: true + json: true, + rejectUnauthorized: this.isSecure(url) }); } @@ -429,7 +452,8 @@ export class RelyingPartyRest { 'User-Agent': this.userAgent, Origin: ctx.getOrigin() }, - json: true + json: true, + rejectUnauthorized: this.isSecure(url) }); } @@ -445,7 +469,8 @@ export class RelyingPartyRest { 'User-Agent': this.userAgent, Origin: ctx.getOrigin() }, - json: true + json: true, + rejectUnauthorized: this.isSecure(url) }); return applications; } catch (error) { @@ -467,7 +492,8 @@ export class RelyingPartyRest { 'User-Agent': this.userAgent, Origin: ctx.getOrigin() }, - json: true + json: true, + rejectUnauthorized: this.isSecure(url) }); return user; } catch (error) { @@ -489,7 +515,8 @@ export class RelyingPartyRest { 'User-Agent': this.userAgent, Origin: ctx.getOrigin() }, - json: true + json: true, + rejectUnauthorized: this.isSecure(url) }); } @@ -504,7 +531,8 @@ export class RelyingPartyRest { 'User-Agent': this.userAgent, Origin: ctx.getOrigin() }, - json: true + json: true, + rejectUnauthorized: this.isSecure(url) }); } @@ -528,7 +556,8 @@ export class RelyingPartyRest { 'User-Agent': this.userAgent, Origin: ctx.getOrigin() }, - json: true + json: true, + rejectUnauthorized: this.isSecure(url) }); } static getAccessToken(ctx) { @@ -541,7 +570,8 @@ export class RelyingPartyRest { 'User-Agent': this.userAgent, Origin: ctx.getOrigin() }, - json: true + json: true, + rejectUnauthorized: this.isSecure(url) }); } } diff --git a/src/main/platform/relying-party.spec.js b/src/main/platform/relying-party.spec.js index 10f940ab4..93ef7f514 100644 --- a/src/main/platform/relying-party.spec.js +++ b/src/main/platform/relying-party.spec.js @@ -65,7 +65,28 @@ describe('RelyingPartyRest', () => { { url: `${testEndpoint}/did:eth:0xtest`, headers: { 'User-Agent': RelyingPartyRest.userAgent, Origin: 'test' }, - json: true + json: true, + rejectUnauthorized: true + } + ]); + expect(res).toBe(testChallnage); + }); + it('should throw on call failure', () => {}); + }); + describe('getChallengeBypassSecure', () => { + it('should return challenge on successfull request bypassing secure connection', async () => { + const testEndpoint = 'https://korporatio.instance.kyc-chain.com'; + const testChallnage = 'testChallenge'; + sinon.stub(request, 'get').resolves(testChallnage); + sinon.stub(ctx, 'getEndpoint').returns(testEndpoint); + let res = await RelyingPartyRest.getChallenge(ctx); + expect(ctx.getEndpoint.calledOnceWith('/auth/challenge')).toBeTruthy(); + expect(request.get.getCall(0).args).toEqual([ + { + url: `${testEndpoint}/did:eth:0xtest`, + headers: { 'User-Agent': RelyingPartyRest.userAgent, Origin: 'test' }, + json: true, + rejectUnauthorized: false } ]); expect(res).toBe(testChallnage); @@ -97,7 +118,8 @@ describe('RelyingPartyRest', () => { 'User-Agent': RelyingPartyRest.userAgent, Origin: 'test' }, - json: true + json: true, + rejectUnauthorized: true } ]); expect(res).toBe(testToken); @@ -128,7 +150,8 @@ describe('RelyingPartyRest', () => { 'User-Agent': RelyingPartyRest.userAgent, Origin: 'test' }, - json: true + json: true, + rejectUnauthorized: true } ]); }); @@ -166,6 +189,7 @@ describe('RelyingPartyRest', () => { Origin: 'test' }, json: true, + rejectUnauthorized: true, formData: { document: { value: doc.buffer, @@ -295,6 +319,7 @@ describe('RelyingPartyRest', () => { Origin: 'test' }, json: true, + rejectUnauthorized: true, body: { attributes, meta: {} } } ]); @@ -322,7 +347,8 @@ describe('RelyingPartyRest', () => { 'User-Agent': RelyingPartyRest.userAgent, Origin: 'test' }, - json: true + json: true, + rejectUnauthorized: true } ]); expect(res).toEqual('ok'); @@ -349,7 +375,8 @@ describe('RelyingPartyRest', () => { 'User-Agent': RelyingPartyRest.userAgent, Origin: 'test' }, - json: true + json: true, + rejectUnauthorized: true } ]); expect(res).toEqual('ok'); @@ -373,7 +400,8 @@ describe('RelyingPartyRest', () => { 'User-Agent': RelyingPartyRest.userAgent, Origin: 'test' }, - json: true + json: true, + rejectUnauthorized: true } ]); expect(res).toEqual('ok'); @@ -398,7 +426,8 @@ describe('RelyingPartyRest', () => { 'User-Agent': RelyingPartyRest.userAgent, Origin: 'test' }, - json: true + json: true, + rejectUnauthorized: true } ]); expect(res).toEqual('ok'); @@ -437,7 +466,8 @@ describe('RelyingPartyRest', () => { Origin: 'test' }, body: { templateId, attributes }, - json: true + json: true, + rejectUnauthorized: true } ]); }); @@ -477,7 +507,8 @@ describe('RelyingPartyRest', () => { Origin: 'test' }, body: application, - json: true + json: true, + rejectUnauthorized: true } ]); }); @@ -501,7 +532,8 @@ describe('RelyingPartyRest', () => { 'User-Agent': RelyingPartyRest.userAgent, Origin: 'test' }, - json: true + json: true, + rejectUnauthorized: true } ]); expect(res).toEqual('ok'); @@ -527,7 +559,8 @@ describe('RelyingPartyRest', () => { 'User-Agent': RelyingPartyRest.userAgent, Origin: 'test' }, - json: true + json: true, + rejectUnauthorized: true } ]); expect(res).toEqual('ok'); @@ -563,7 +596,8 @@ describe('RelyingPartyRest', () => { } } }, - json: true + json: true, + rejectUnauthorized: true } ]); }); @@ -601,7 +635,8 @@ describe('RelyingPartyRest', () => { 'User-Agent': RelyingPartyRest.userAgent, Origin: 'test' }, - json: true + json: true, + rejectUnauthorized: true } ]); });