Skip to content

Commit

Permalink
#564 - Renamed author signature for consistency (#587)
Browse files Browse the repository at this point in the history
  • Loading branch information
thehenrytsai authored Nov 1, 2023
1 parent de895de commit 09991c5
Show file tree
Hide file tree
Showing 24 changed files with 124 additions and 114 deletions.
6 changes: 3 additions & 3 deletions json-schemas/authorization-owner.json
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
"type": "object",
"additionalProperties": false,
"properties": {
"authorSignature": {
"signature": {
"$ref": "https://identity.foundation/dwn/json-schemas/general-jws.json"
},
"authorDelegatedGrant": {
Expand All @@ -14,10 +14,10 @@
"$ref": "https://identity.foundation/dwn/json-schemas/general-jws.json"
}
},
"description": "`authorSignature` can exist by itself. But if `ownerSignature` is present, then `authorSignature` must also exist",
"description": "`signature` can exist by itself. But if `ownerSignature` is present, then `signature` must also exist",
"dependencies": {
"ownerSignature": [
"authorSignature"
"signature"
]
}
}
2 changes: 1 addition & 1 deletion json-schemas/authorization.json
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
"type": "object",
"additionalProperties": false,
"properties": {
"authorSignature": {
"signature": {
"$ref": "https://identity.foundation/dwn/json-schemas/general-jws.json"
}
}
Expand Down
10 changes: 5 additions & 5 deletions src/core/auth.ts
Original file line number Diff line number Diff line change
Expand Up @@ -52,19 +52,19 @@ export async function authenticate(authorizationModel: AuthorizationModel | unde
throw new DwnError(DwnErrorCode.AuthenticateJwsMissing, 'Missing JWS.');
}

const authorSignatureVerifier = new GeneralJwsVerifier(authorizationModel.authorSignature);
await authorSignatureVerifier.verify(didResolver);
const signatureVerifier = new GeneralJwsVerifier(authorizationModel.signature);
await signatureVerifier.verify(didResolver);

if (authorizationModel.ownerSignature !== undefined) {
const ownerSignatureVerifier = new GeneralJwsVerifier(authorizationModel.ownerSignature);
await ownerSignatureVerifier.verify(didResolver);
}

if (authorizationModel.authorDelegatedGrant !== undefined) {
// verify the signature of the author delegated grant
// verify the signature of the grantor of the delegated grant
const authorDelegatedGrant = await PermissionsGrant.parse(authorizationModel.authorDelegatedGrant);
const grantedByAuthorSignatureVerifier = new GeneralJwsVerifier(authorDelegatedGrant.message.authorization.authorSignature);
await grantedByAuthorSignatureVerifier.verify(didResolver);
const grantedBySignatureVerifier = new GeneralJwsVerifier(authorDelegatedGrant.message.authorization.signature);
await grantedBySignatureVerifier.verify(didResolver);
}
}

Expand Down
10 changes: 5 additions & 5 deletions src/core/message.ts
Original file line number Diff line number Diff line change
Expand Up @@ -33,14 +33,14 @@ export enum DwnMethodName {

export abstract class Message<M extends GenericMessage> {
readonly message: M;
readonly signerSignaturePayload: GenericSignaturePayload | undefined;
readonly signaturePayload: GenericSignaturePayload | undefined;
readonly author: string | undefined;

constructor(message: M) {
this.message = message;

if (message.authorization !== undefined) {
this.signerSignaturePayload = Jws.decodePlainObjectPayload(message.authorization.authorSignature);
this.signaturePayload = Jws.decodePlainObjectPayload(message.authorization.signature);
this.author = Message.getSigner(message as GenericMessage);
}
}
Expand Down Expand Up @@ -73,7 +73,7 @@ export abstract class Message<M extends GenericMessage> {
return undefined;
}

const signer = Jws.getSignerDid(message.authorization.authorSignature.signatures[0]);
const signer = Jws.getSignerDid(message.authorization.signature.signatures[0]);
return signer;
}

Expand Down Expand Up @@ -117,9 +117,9 @@ export abstract class Message<M extends GenericMessage> {
signer: Signer,
additionalPayloadProperties?: { permissionsGrantId?: string, protocolRole?: string }
): Promise<AuthorizationModel> {
const authorSignature = await Message.createSignature(descriptor, signer, additionalPayloadProperties);
const signature = await Message.createSignature(descriptor, signer, additionalPayloadProperties);

const authorization = { authorSignature };
const authorization = { signature };
return authorization;
}

Expand Down
4 changes: 2 additions & 2 deletions src/core/protocol-authorization.ts
Original file line number Diff line number Diff line change
Expand Up @@ -427,7 +427,7 @@ export class ProtocolAuthorization {
protocolDefinition: ProtocolDefinition,
messageStore: MessageStore,
): Promise<void> {
const protocolRole = incomingMessage.signerSignaturePayload?.protocolRole;
const protocolRole = incomingMessage.signaturePayload?.protocolRole;

// Only verify role if there is a role being invoked
if (protocolRole === undefined) {
Expand Down Expand Up @@ -529,7 +529,7 @@ export class ProtocolAuthorization {
throw new Error(`no action rule defined for ${incomingMessageMethod}, ${author} is unauthorized`);
}

const invokedRole = incomingMessage.signerSignaturePayload?.protocolRole;
const invokedRole = incomingMessage.signaturePayload?.protocolRole;

for (const actionRule of actionRules) {
if (!inboundMessageActions.includes(actionRule.can as ProtocolAction)) {
Expand Down
4 changes: 2 additions & 2 deletions src/core/records-grant-authorization.ts
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ export class RecordsGrantAuthorization {
tenant,
incomingMessage,
author,
incomingMessage.signerSignaturePayload!.permissionsGrantId!,
incomingMessage.signaturePayload!.permissionsGrantId!,
messageStore
);

Expand All @@ -44,7 +44,7 @@ export class RecordsGrantAuthorization {
tenant,
incomingMessage,
author,
incomingMessage.signerSignaturePayload!.permissionsGrantId!,
incomingMessage.signaturePayload!.permissionsGrantId!,
messageStore
);

Expand Down
2 changes: 1 addition & 1 deletion src/handlers/records-query.ts
Original file line number Diff line number Diff line change
Expand Up @@ -226,7 +226,7 @@ export class RecordsQueryHandler implements MethodHandler {
* Determines if ProtocolAuthorization.authorizeQuery should be run and if the corresponding filter should be used.
*/
private static shouldProtocolAuthorizeQuery(recordsQuery: RecordsQuery): boolean {
return recordsQuery.signerSignaturePayload!.protocolRole !== undefined;
return recordsQuery.signaturePayload!.protocolRole !== undefined;
}

/**
Expand Down
2 changes: 1 addition & 1 deletion src/interfaces/events-get.ts
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ export class EventsGet extends Message<EventsGetMessage> {

public static async parse(message: EventsGetMessage): Promise<EventsGet> {
Message.validateJsonSchema(message);
await validateMessageSignatureIntegrity(message.authorization.authorSignature, message.descriptor);
await validateMessageSignatureIntegrity(message.authorization.signature, message.descriptor);
validateTimestamp(message.descriptor.messageTimestamp);

return new EventsGet(message);
Expand Down
2 changes: 1 addition & 1 deletion src/interfaces/messages-get.ts
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ export class MessagesGet extends Message<MessagesGetMessage> {
Message.validateJsonSchema(message);
this.validateMessageCids(message.descriptor.messageCids);

await validateMessageSignatureIntegrity(message.authorization.authorSignature, message.descriptor);
await validateMessageSignatureIntegrity(message.authorization.signature, message.descriptor);
validateTimestamp(message.descriptor.messageTimestamp);

return new MessagesGet(message);
Expand Down
2 changes: 1 addition & 1 deletion src/interfaces/permissions-grant.ts
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ export type CreateFromPermissionsRequestOverrides = {
export class PermissionsGrant extends Message<PermissionsGrantMessage> {

public static async parse(message: PermissionsGrantMessage): Promise<PermissionsGrant> {
await validateMessageSignatureIntegrity(message.authorization.authorSignature, message.descriptor);
await validateMessageSignatureIntegrity(message.authorization.signature, message.descriptor);
PermissionsGrant.validateScope(message);
validateTimestamp(message.descriptor.messageTimestamp);
validateTimestamp(message.descriptor.dateExpires);
Expand Down
2 changes: 1 addition & 1 deletion src/interfaces/permissions-request.ts
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ export type PermissionsRequestOptions = {
export class PermissionsRequest extends Message<PermissionsRequestMessage> {

public static async parse(message: PermissionsRequestMessage): Promise<PermissionsRequest> {
await validateMessageSignatureIntegrity(message.authorization.authorSignature, message.descriptor);
await validateMessageSignatureIntegrity(message.authorization.signature, message.descriptor);
validateTimestamp(message.descriptor.messageTimestamp);

return new PermissionsRequest(message);
Expand Down
2 changes: 1 addition & 1 deletion src/interfaces/permissions-revoke.ts
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ export type PermissionsRevokeOptions = {

export class PermissionsRevoke extends Message<PermissionsRevokeMessage> {
public static async parse(message: PermissionsRevokeMessage): Promise<PermissionsRevoke> {
await validateMessageSignatureIntegrity(message.authorization.authorSignature, message.descriptor);
await validateMessageSignatureIntegrity(message.authorization.signature, message.descriptor);
validateTimestamp(message.descriptor.messageTimestamp);

return new PermissionsRevoke(message);
Expand Down
2 changes: 1 addition & 1 deletion src/interfaces/protocols-configure.ts
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ export class ProtocolsConfigure extends Message<ProtocolsConfigureMessage> {
public static async parse(message: ProtocolsConfigureMessage): Promise<ProtocolsConfigure> {
Message.validateJsonSchema(message);
ProtocolsConfigure.validateProtocolDefinition(message.descriptor.definition);
await validateMessageSignatureIntegrity(message.authorization.authorSignature, message.descriptor);
await validateMessageSignatureIntegrity(message.authorization.signature, message.descriptor);
validateTimestamp(message.descriptor.messageTimestamp);

return new ProtocolsConfigure(message);
Expand Down
6 changes: 3 additions & 3 deletions src/interfaces/protocols-query.ts
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ export class ProtocolsQuery extends Message<ProtocolsQueryMessage> {

public static async parse(message: ProtocolsQueryMessage): Promise<ProtocolsQuery> {
if (message.authorization !== undefined) {
await validateMessageSignatureIntegrity(message.authorization.authorSignature, message.descriptor);
await validateMessageSignatureIntegrity(message.authorization.signature, message.descriptor);
}

if (message.descriptor.filter !== undefined) {
Expand Down Expand Up @@ -79,12 +79,12 @@ export class ProtocolsQuery extends Message<ProtocolsQueryMessage> {
// if author is the same as the target tenant, we can directly grant access
if (this.author === tenant) {
return;
} else if (this.author !== undefined && this.signerSignaturePayload!.permissionsGrantId) {
} else if (this.author !== undefined && this.signaturePayload!.permissionsGrantId) {
await GrantAuthorization.authorizeGenericMessage(
tenant,
this,
this.author,
this.signerSignaturePayload!.permissionsGrantId,
this.signaturePayload!.permissionsGrantId,
messageStore
);
} else {
Expand Down
2 changes: 1 addition & 1 deletion src/interfaces/records-delete.ts
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ export type RecordsDeleteOptions = {
export class RecordsDelete extends Message<RecordsDeleteMessage> {

public static async parse(message: RecordsDeleteMessage): Promise<RecordsDelete> {
await validateMessageSignatureIntegrity(message.authorization.authorSignature, message.descriptor);
await validateMessageSignatureIntegrity(message.authorization.signature, message.descriptor);
validateTimestamp(message.descriptor.messageTimestamp);

const recordsDelete = new RecordsDelete(message);
Expand Down
2 changes: 1 addition & 1 deletion src/interfaces/records-query.ts
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ export class RecordsQuery extends Message<RecordsQueryMessage> {
public static async parse(message: RecordsQueryMessage): Promise<RecordsQuery> {
let authorizationPayload;
if (message.authorization !== undefined) {
authorizationPayload = await validateMessageSignatureIntegrity(message.authorization.authorSignature, message.descriptor);
authorizationPayload = await validateMessageSignatureIntegrity(message.authorization.signature, message.descriptor);
}

if (authorizationPayload?.protocolRole !== undefined) {
Expand Down
4 changes: 2 additions & 2 deletions src/interfaces/records-read.ts
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ export class RecordsRead extends Message<RecordsReadMessage> {

public static async parse(message: RecordsReadMessage): Promise<RecordsRead> {
if (message.authorization !== undefined) {
await validateMessageSignatureIntegrity(message.authorization.authorSignature, message.descriptor);
await validateMessageSignatureIntegrity(message.authorization.signature, message.descriptor);
}
validateTimestamp(message.descriptor.messageTimestamp);

Expand Down Expand Up @@ -80,7 +80,7 @@ export class RecordsRead extends Message<RecordsReadMessage> {
} else if (this.author !== undefined && this.author === descriptor.recipient) {
// The recipient of a message may always read it
return;
} else if (this.author !== undefined && this.signerSignaturePayload!.permissionsGrantId !== undefined) {
} else if (this.author !== undefined && this.signaturePayload!.permissionsGrantId !== undefined) {
await RecordsGrantAuthorization.authorizeRead(tenant, this, newestRecordsWrite, this.author, messageStore);
} else if (descriptor.protocol !== undefined) {
await ProtocolAuthorization.authorizeRead(tenant, this, newestRecordsWrite, messageStore);
Expand Down
Loading

0 comments on commit 09991c5

Please sign in to comment.