Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature/Verify Token V2 #78

Open
wants to merge 6 commits into
base: main
Choose a base branch
from
Open

Feature/Verify Token V2 #78

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
fcd9289
feat: VerifyToken function
x1m3 Oct 17, 2024
06fbb8c
feat: Maintain internal unpacker for token verification
x1m3 Oct 18, 2024
02fdfff
Remove unneded var member
x1m3 Oct 18, 2024
1cc1a75
chore: Use latest iden3comm
x1m3 Oct 18, 2024
93200fc
chore: Use latest iden3comm version
x1m3 Oct 21, 2024
7dc3952
chore: Update iden3comm dependencies
x1m3 Nov 7, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
77 changes: 70 additions & 7 deletions auth.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,17 +9,20 @@ import (
"log"
"math/big"
"net/http"
"strings"
"time"

"github.com/ethereum/go-ethereum/common"
"github.com/ethereum/go-ethereum/ethclient"
"github.com/google/uuid"
"github.com/iden3/contracts-abi/state/go/abi"
"github.com/iden3/driver-did-iden3/pkg/services/blockchain/eth"
"github.com/iden3/go-circuits/v2"
"github.com/iden3/go-iden3-auth/v2/loaders"
"github.com/iden3/go-iden3-auth/v2/proofs"
"github.com/iden3/go-iden3-auth/v2/pubsignals"
"github.com/iden3/go-iden3-auth/v2/state"
core "github.com/iden3/go-iden3-core/v2"
"github.com/iden3/go-iden3-core/v2/w3c"
"github.com/iden3/go-jwz/v2"
schemaloaders "github.com/iden3/go-schema-processor/v2/loaders"
Expand Down Expand Up @@ -101,6 +104,7 @@ type Verifier struct {
documentLoader ld.DocumentLoader
stateResolver map[string]pubsignals.StateResolver
packageManager iden3comm.PackageManager
unpacker iden3comm.Packer
}

// VerifierOption is a function to set options for Verifier instance
Expand Down Expand Up @@ -147,9 +151,7 @@ type verifierOpts struct {
}

func newOpts() verifierOpts {
return verifierOpts{
didResolver: UniversalDIDResolver,
}
return verifierOpts{didResolver: UniversalDIDResolver}
}

// NewVerifier returns setup instance of auth library
Expand Down Expand Up @@ -208,7 +210,7 @@ func (v *Verifier) SetupAuthV2ZKPPacker() error {

verifications[jwz.AuthV2Groth16Alg] = packers.NewVerificationParams(
authV2Set,
func(id circuits.CircuitID, pubSignals []string) error {
func(id circuits.CircuitID, pubSignals []string, _ ...packers.ZKPPUnpackerParams) error {
if id != circuits.AuthV2CircuitID {
return errors.New("circuit id is not AuthV2CircuitID")
}
Expand All @@ -228,6 +230,27 @@ func (v *Verifier) SetupAuthV2ZKPPacker() error {
},
)

resolvers := map[int]eth.Resolver{}
for prefix, stateResolver := range v.stateResolver {
blockchain, network, err := blockChainNetwork(prefix)
if err != nil {
return fmt.Errorf("failed get blockchain and network: %w", err)
}
chainID, err := core.GetChainID(blockchain, network)
if err != nil {
return fmt.Errorf("failed get chain id: %w", err)
}
ethResolver, err := eth.NewResolver(
stateResolver.GetRPCUrl(),
stateResolver.GetContractAddr().String(),
)
if err != nil {
return fmt.Errorf("failed create eth resolver: %w", err)
}
resolvers[int(chainID)] = *ethResolver
}
v.unpacker = packers.DefaultZKPUnpacker(authV2Set, resolvers)

zkpPackerV2 := packers.NewZKPPacker(
provers,
verifications,
Expand All @@ -238,7 +261,7 @@ func (v *Verifier) SetupAuthV2ZKPPacker() error {
// SetupJWSPacker sets the JWS packer for the VerifierBuilder.
func (v *Verifier) SetupJWSPacker(didResolver packers.DIDResolverHandlerFunc) error {

signerFnStub := packers.SignerResolverHandlerFunc(func(kid string) (crypto.Signer, error) {
signerFnStub := packers.SignerResolverHandlerFunc(func(_ string) (crypto.Signer, error) {
return nil, nil
})
jwsPacker := packers.NewJWSPacker(didResolver, signerFnStub)
Expand Down Expand Up @@ -289,7 +312,7 @@ func CreateContractInvokeRequest(

// CreateContractInvokeRequestWithMessage creates new contract invoke request message with message
func CreateContractInvokeRequestWithMessage(
reason, message, sender string,
reason, _, sender string,
transactionData protocol.TransactionData,
zkRequests ...protocol.ZeroKnowledgeProofRequest,
) protocol.ContractInvokeRequestMessage {
Expand All @@ -302,7 +325,6 @@ func CreateContractInvokeRequestWithMessage(
From: sender,
Body: protocol.ContractInvokeRequestMessageBody{
Reason: reason,
Message: message,
TransactionData: transactionData,
Scope: zkRequests,
},
Expand Down Expand Up @@ -516,7 +538,40 @@ func verifyGroupIDMathch(linkID *big.Int, groupID int, requestID uint32, groupID
return nil
}

// VerifyToken performs verification of jws/jwz token using the registered packers in package manager
func (v *Verifier) VerifyToken(
token string,
opts ...pubsignals.VerifyOpt,
) (*protocol.AuthorizationResponseMessage, error) {

var unpackOpts []iden3comm.PackerParams
cfg := pubsignals.VerifyConfig{}
for _, o := range opts {
o(&cfg)
}
if cfg.AcceptedProofGenerationDelay > 0 {
unpackOpts = append(unpackOpts, packers.NewZKPPUnpackerParams(cfg.AcceptedProofGenerationDelay))
}

msg, err := v.unpacker.Unpack([]byte(token), unpackOpts...)
if err != nil {
return nil, err
}
msgBytes, err := json.Marshal(msg)
if err != nil {
return nil, err
}

var authMsgResponse protocol.AuthorizationResponseMessage
err = json.Unmarshal(msgBytes, &authMsgResponse)
if err != nil {
return nil, err
}
return &authMsgResponse, err
}

// VerifyJWZ performs verification of jwz token
// Deprecated: Use VerifyToken instead
func (v *Verifier) VerifyJWZ(
ctx context.Context,
token string,
Expand Down Expand Up @@ -651,3 +706,11 @@ func getDocumentLoader(docLoader ld.DocumentLoader, ipfsCli schemaloaders.IPFSCl

return schemaloaders.NewDocumentLoader(ipfsCli, ipfsGW)
}

func blockChainNetwork(id string) (blockchain core.Blockchain, network core.NetworkID, err error) {
s := strings.Split(id, ":")
if len(s) < 2 {
return "", "", fmt.Errorf("invalid network:blockchain <%s>", id)
}
return core.Blockchain(s[0]), core.NetworkID(s[1]), nil
}
Loading
Loading