[ssi] agent credentials

malach-it · Dec 26, 2024 · 49d0cde · 49d0cde
1 parent 3e4c4a9
commit 49d0cde
Show file tree

Hide file tree

Showing 9 changed files with 40 additions and 4 deletions.
diff --git a/apps/boruta_admin/assets/src/components/Forms/ClientForm.vue b/apps/boruta_admin/assets/src/components/Forms/ClientForm.vue
@@ -28,6 +28,10 @@
           <label>Access token TTL (seconds)</label>
           <input type="number" v-model="client.access_token_ttl" placeholder="3600" />
         </div>
+        <div class="field" :class="{ 'error': client.errors?.agent_token_ttl }">
+          <label>Agent token TTL (seconds)</label>
+          <input type="number" v-model="client.agent_token_ttl" placeholder="3600" />
+        </div>
         <div class="field" :class="{ 'error': client.errors?.authorization_code_ttl }">
           <label>Authorization code TTL (seconds)</label>
           <input type="number" v-model="client.authorization_code_ttl" placeholder="60" />

diff --git a/apps/boruta_admin/assets/src/models/client.model.js b/apps/boruta_admin/assets/src/models/client.model.js
@@ -5,8 +5,10 @@ import { addClientErrorInterceptor } from './utils'
 
 const allGrantTypes = [
   'client_credentials',
+  'agent_credentials',
   'password',
   'authorization_code',
+  'agent_code',
   'refresh_token',
   'implicit',
   'preauthorized_code',
@@ -56,6 +58,7 @@ const assign = {
   signatures_adapter: function ({ signatures_adapter }) { this.signatures_adapter = signatures_adapter },
   did: function ({ did }) { this.did = did },
   access_token_ttl: function ({ access_token_ttl }) { this.access_token_ttl = access_token_ttl },
+  agent_token_ttl: function ({ agent_token_ttl }) { this.agent_token_ttl = agent_token_ttl },
   authorization_code_ttl: function ({ authorization_code_ttl }) { this.authorization_code_ttl = authorization_code_ttl },
   refresh_token_ttl: function ({ refresh_token_ttl }) { this.refresh_token_ttl = refresh_token_ttl },
   id_token_ttl: function ({ id_token_ttl }) { this.id_token_ttl = id_token_ttl },
@@ -209,6 +212,7 @@ class Client {
   get serialized () {
     const {
       access_token_ttl,
+      agent_token_ttl,
       authorization_code_ttl,
       authorization_request_ttl,
       authorize_scope,
@@ -240,6 +244,7 @@ class Client {
 
     return {
       access_token_ttl,
+      agent_token_ttl,
       authorization_code_ttl,
       authorization_request_ttl,
       authorize_scope,

diff --git a/apps/boruta_admin/lib/boruta_admin_web/views/client_view.ex b/apps/boruta_admin/lib/boruta_admin_web/views/client_view.ex
@@ -29,6 +29,7 @@ defmodule BorutaAdminWeb.ClientView do
       enforce_dpop: client.enforce_dpop,
       enforce_tx_code: client.enforce_tx_code,
       access_token_ttl: client.access_token_ttl,
+      agent_token_ttl: client.agent_token_ttl,
       authorization_code_ttl: client.authorization_code_ttl,
       authorization_request_ttl: client.authorization_request_ttl,
       refresh_token_ttl: client.refresh_token_ttl,

diff --git a/apps/boruta_auth/mix.exs b/apps/boruta_auth/mix.exs
@@ -24,7 +24,7 @@ defmodule BorutaAuth.MixProject do
 
   defp deps do
     [
-      {:boruta, git: "https://github.com/malach-it/boruta_auth", branch: "signatures-adapter"},
+      {:boruta, git: "https://github.com/malach-it/boruta_auth", branch: "agent-credentials"},
       {:logger_file_backend, "~> 0.0.13"},
       {:quantum, "~> 3.0"}
     ]

diff --git a/apps/boruta_auth/priv/repo/migrations/20241222032213_agent_credentials.exs b/apps/boruta_auth/priv/repo/migrations/20241222032213_agent_credentials.exs
@@ -0,0 +1,5 @@
+defmodule BorutaAuth.Repo.Migrations.AgentCredentials do
+  use Ecto.Migration
+
+  use Boruta.Migrations.AgentCredentials
+end
diff --git a/apps/boruta_auth/priv/repo/migrations/20241226171415_change_oauth_clients_did.exs b/apps/boruta_auth/priv/repo/migrations/20241226171415_change_oauth_clients_did.exs
@@ -0,0 +1,9 @@
+defmodule BorutaAuth.Repo.Migrations.ChangeOauthClientsDid do
+  use Ecto.Migration
+
+  def change do
+    alter table(:oauth_clients) do
+      modify :did, :text
+    end
+  end
+end
diff --git a/apps/boruta_web/lib/boruta_web/views/oauth_view.ex b/apps/boruta_web/lib/boruta_web/views/oauth_view.ex
@@ -137,6 +137,7 @@ defmodule BorutaWeb.OauthView do
           %Boruta.Oauth.TokenResponse{
             token_type: token_type,
             access_token: access_token,
+            agent_token: agent_token,
             id_token: id_token,
             c_nonce: c_nonce,
             expires_in: expires_in,
@@ -147,12 +148,23 @@ defmodule BorutaWeb.OauthView do
         ) do
       response = %{
         token_type: token_type,
-        access_token: access_token,
         expires_in: expires_in,
         refresh_token: refresh_token,
         c_nonce: c_nonce
       }
 
+      response = case access_token do
+        nil -> response
+        access_token ->
+          Map.put(response, :access_token, access_token)
+      end
+
+      response = case agent_token do
+        nil -> response
+        agent_token ->
+          Map.put(response, :agent_token, agent_token)
+      end
+
       response =
         case id_token do
           nil -> response

diff --git a/apps/boruta_web/test/boruta_web/controllers/oauth/client_credentials_test.exs b/apps/boruta_web/test/boruta_web/controllers/oauth/client_credentials_test.exs
@@ -32,7 +32,7 @@ defmodule BorutaWeb.Oauth.ClientCredentialsTest do
       assert json_response(conn, 400) == %{
                "error" => "invalid_request",
                "error_description" =>
-                 "Request body validation failed. #/grant_type do match required pattern /^(client_credentials|password|authorization_code|refresh_token)$/."
+                 "Request body validation failed. #/grant_type do match required pattern /^(client_credentials|agent_credentials|password|agent_code|authorization_code|refresh_token)$/."
              }
     end
 

diff --git a/mix.lock b/mix.lock
@@ -2,7 +2,7 @@
   "argon2_elixir": {:hex, :argon2_elixir, "2.4.1", "edb27bdd326bc738f3e4614eddc2f73507be6fedc9533c6bcc6f15bbac9c85cc", [:make, :mix], [{:comeonin, "~> 5.3", [hex: :comeonin, repo: "hexpm", optional: false]}, {:elixir_make, "~> 0.6", [hex: :elixir_make, repo: "hexpm", optional: false]}], "hexpm", "0e21f52a373739d00bdfd5fe6da2f04eea623cb4f66899f7526dd9db03903d9f"},
   "asn1_compiler": {:hex, :asn1_compiler, "0.1.1", "64a4e52b59d1f225878445ace2c75cd2245b13a5a81182304fd9dc5acfc8994e", [:mix], [], "hexpm", "c250d24c22f1a3f305d88864400f9ac2df55c6886e1e3a030e2946efeb94695e"},
   "bcrypt_elixir": {:hex, :bcrypt_elixir, "3.1.0", "0b110a9a6c619b19a7f73fa3004aa11d6e719a67e672d1633dc36b6b2290a0f7", [:make, :mix], [{:comeonin, "~> 5.3", [hex: :comeonin, repo: "hexpm", optional: false]}, {:elixir_make, "~> 0.6", [hex: :elixir_make, repo: "hexpm", optional: false]}], "hexpm", "2ad2acb5a8bc049e8d5aa267802631912bb80d5f4110a178ae7999e69dca1bf7"},
-  "boruta": {:git, "https://github.com/malach-it/boruta_auth", "aff1a119c0bb7e955621d7c534b8f6ed1320d75e", [branch: "signatures-adapter"]},
+  "boruta": {:git, "https://github.com/malach-it/boruta_auth", "5e0f4efd8ac9622305e8278688372d68cbec8f50", [branch: "agent-credentials"]},
   "bunt": {:hex, :bunt, "1.0.0", "081c2c665f086849e6d57900292b3a161727ab40431219529f13c4ddcf3e7a44", [:mix], [], "hexpm", "dc5f86aa08a5f6fa6b8096f0735c4e76d54ae5c9fa2c143e5a1fc7c1cd9bb6b5"},
   "bypass": {:hex, :bypass, "2.1.0", "909782781bf8e20ee86a9cabde36b259d44af8b9f38756173e8f5e2e1fabb9b1", [:mix], [{:plug, "~> 1.7", [hex: :plug, repo: "hexpm", optional: false]}, {:plug_cowboy, "~> 2.0", [hex: :plug_cowboy, repo: "hexpm", optional: false]}, {:ranch, "~> 1.3", [hex: :ranch, repo: "hexpm", optional: false]}], "hexpm", "d9b5df8fa5b7a6efa08384e9bbecfe4ce61c77d28a4282f79e02f1ef78d96b80"},
   "castore": {:hex, :castore, "1.0.9", "5cc77474afadf02c7c017823f460a17daa7908e991b0cc917febc90e466a375c", [:mix], [], "hexpm", "5ea956504f1ba6f2b4eb707061d8e17870de2bee95fb59d512872c2ef06925e7"},