Skip to content

Commit

Permalink
refactor(inji-438): upgrade the authenticate & consent endpoint versi…
Browse files Browse the repository at this point in the history 
…on to v2 from v1 (#975)

* refactor(inji-438): upgrade the authenticate & consent endpoint version to v2 from v1

Signed-off-by: Vijay <[email protected]>

* refactor(inji-438): extracted the getJWT method and reused across app

Signed-off-by: Vijay <[email protected]>

---------

Signed-off-by: Vijay <[email protected]>
  • Loading branch information
@vijay151096
vijay151096 authored Oct 31, 2023
1 parent ce232b2 commit 1b071df
Show file tree
Hide file tree
Showing 6 changed files with 212 additions and 177 deletions.
115 changes: 65 additions & 50 deletions machines/QrLoginMachine.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,12 +8,12 @@ import {
} from 'xstate';
import {createModel} from 'xstate/lib/model';
import {AppServices} from '../shared/GlobalContext';
import {MY_VCS_STORE_KEY, ESIGNET_BASE_URL} from '../shared/constants';
import {ESIGNET_BASE_URL, MY_VCS_STORE_KEY} from '../shared/constants';
import {StoreEvents} from './store';
import {linkTransactionResponse, VC} from '../types/VC/ExistingMosipVC/vc';
import {request} from '../shared/request';
import {
getJwt,
getJWT,
isHardwareKeystoreExists,
} from '../shared/cryptoutil/cryptoUtil';
import {
Expand All @@ -23,10 +23,12 @@ import {
import i18n from '../i18n';
import {parseMetadatas, VCMetadata} from '../shared/VCMetadata';
import {
TelemetryConstants,
getEndEventData,
sendEndEvent,
TelemetryConstants,
} from '../shared/telemetry/TelemetryUtils';
import {API_URLS} from '../shared/api';
import getAllConfigurations from '../shared/commonprops/commonProps';

const model = createModel(
{
Expand Down Expand Up @@ -157,7 +159,7 @@ export const qrLoginMachine =
faceAuth: {
on: {
FACE_VALID: {
target: 'requestConsent',
target: 'loadingThumbprint',
},
FACE_INVALID: {
target: 'invalidIdentity',
Expand All @@ -180,10 +182,16 @@ export const qrLoginMachine =
sendingAuthenticate: {
invoke: {
src: 'sendAuthenticate',
onDone: {
target: 'requestConsent',
actions: 'setLinkedTransactionId',
},
onDone: [
{
cond: 'isConsentAlreadyCaptured',
target: 'success',
},
{
target: 'requestConsent',
actions: 'setLinkedTransactionId',
},
],
onError: [
{
actions: 'SetErrorMessage',
Expand All @@ -195,7 +203,7 @@ export const qrLoginMachine =
requestConsent: {
on: {
CONFIRM: {
target: 'loadingThumbprint',
target: 'sendingConsent',
},
TOGGLE_CONSENT_CLAIM: {
actions: 'setConsentClaims',
Expand All @@ -212,7 +220,7 @@ export const qrLoginMachine =
on: {
STORE_RESPONSE: {
actions: 'setThumbprint',
target: 'sendingConsent',
target: 'sendingAuthenticate',
},
},
},
Expand Down Expand Up @@ -353,14 +361,15 @@ export const qrLoginMachine =
},
}),
setLinkedTransactionId: assign({
linkedTransactionId: (context, event) => event.data as string,
linkedTransactionId: (context, event) =>
event.data.linkedTransactionId as string,
}),
},
services: {
linkTransaction: async context => {
const response = await request(
'POST',
'/v1/esignet/linked-authorization/v2/link-transaction',
API_URLS.linkTransaction.method,
API_URLS.linkTransaction.buildURL(),
{
requestTime: String(new Date().toISOString()),
request: {
Expand All @@ -381,12 +390,25 @@ export const qrLoginMachine =
);
}

var walletBindingResponse = context.selectedVc.walletBindingResponse;
var jwt = await getJwt(privateKey, individualId, context.thumbprint);
var config = await getAllConfigurations();
const header = {
alg: 'RS256',
'x5t#S256': context.thumbprint,
};

const payload = {
iss: config.issuer,
sub: individualId,
aud: config.audience,
iat: Math.floor(new Date().getTime() / 1000),
exp: Math.floor(new Date().getTime() / 1000) + 18000,
};

const jwt = await getJWT(header, payload, individualId, privateKey);

const response = await request(
'POST',
'/v1/esignet/linked-authorization/authenticate',
API_URLS.authenticate.method,
API_URLS.authenticate.buildURL(),
{
requestTime: String(new Date().toISOString()),
request: {
Expand All @@ -403,7 +425,7 @@ export const qrLoginMachine =
},
ESIGNET_BASE_URL,
);
return response.response.linkedTransactionId;
return response.response;
},

sendConsent: async context => {
Expand All @@ -415,51 +437,44 @@ export const qrLoginMachine =
);
}

const jwt = await getJwt(
privateKey,
individualId,
context.thumbprint,
);

const response = await request(
'POST',
'/v1/esignet/linked-authorization/authenticate',
{
requestTime: String(new Date().toISOString()),
request: {
linkedTransactionId: context.linkTransactionId,
individualId: individualId,
challengeList: [
{
authFactorType: 'WLA',
challenge: jwt,
format: 'jwt',
},
],
},
},
ESIGNET_BASE_URL,
);
var linkedTrnId = response.response.linkedTransactionId;
const header = {
alg: 'RS256',
'x5t#S256': context.thumbprint,
};
const payload = {
accepted_claims: context.essentialClaims
.concat(context.selectedVoluntaryClaims)
.sort(),
permitted_authorized_scopes: context.authorizeScopes,
};

const JWT = await getJWT(header, payload, individualId, privateKey);
const jwtComponents = JWT.split('.');
const detachedSignature = jwtComponents[0] + '.' + jwtComponents[2];

const resp = await request(
'POST',
'/v1/esignet/linked-authorization/consent',
API_URLS.sendConsent.method,
API_URLS.sendConsent.buildURL(),
{
requestTime: String(new Date().toISOString()),
request: {
linkedTransactionId: linkedTrnId,
acceptedClaims: context.essentialClaims.concat(
context.selectedVoluntaryClaims,
),
linkedTransactionId: context.linkedTransactionId,
acceptedClaims: context.essentialClaims
.concat(context.selectedVoluntaryClaims)
.sort(),
permittedAuthorizeScopes: context.authorizeScopes,
signature: detachedSignature,
},
},
ESIGNET_BASE_URL,
);
console.log(resp.response.linkedTransactionId);
},
},
guards: {
isConsentAlreadyCaptured: (_, event) =>
event.data?.consentAction === 'NOCAPTURE',
},
},
);

Expand Down
56 changes: 56 additions & 0 deletions machines/QrLoginMachine.typegen.ts
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@

// This file was automatically generated. Edits will be overwritten

export interface Typegen0 {
'@@xstate/typegen': true;
internalEvents: {
"done.invoke.QrLogin.linkTransaction:invocation[0]": { type: "done.invoke.QrLogin.linkTransaction:invocation[0]"; data: unknown; __tip: "See the XState TS docs to learn how to strongly type this." };
"done.invoke.QrLogin.sendingAuthenticate:invocation[0]": { type: "done.invoke.QrLogin.sendingAuthenticate:invocation[0]"; data: unknown; __tip: "See the XState TS docs to learn how to strongly type this." };
"error.platform.QrLogin.linkTransaction:invocation[0]": { type: "error.platform.QrLogin.linkTransaction:invocation[0]"; data: unknown };
"error.platform.QrLogin.sendingAuthenticate:invocation[0]": { type: "error.platform.QrLogin.sendingAuthenticate:invocation[0]"; data: unknown };
"error.platform.QrLogin.sendingConsent:invocation[0]": { type: "error.platform.QrLogin.sendingConsent:invocation[0]"; data: unknown };
"xstate.init": { type: "xstate.init" };
};
invokeSrcNameMap: {
"linkTransaction": "done.invoke.QrLogin.linkTransaction:invocation[0]";
"sendAuthenticate": "done.invoke.QrLogin.sendingAuthenticate:invocation[0]";
"sendConsent": "done.invoke.QrLogin.sendingConsent:invocation[0]";
};
missingImplementations: {
actions: never;
delays: never;
guards: never;
services: never;
};
eventsCausingActions: {
"SetErrorMessage": "error.platform.QrLogin.linkTransaction:invocation[0]" | "error.platform.QrLogin.sendingAuthenticate:invocation[0]" | "error.platform.QrLogin.sendingConsent:invocation[0]";
"expandLinkTransResp": "done.invoke.QrLogin.linkTransaction:invocation[0]";
"forwardToParent": "DISMISS";
"loadMyVcs": "done.invoke.QrLogin.linkTransaction:invocation[0]";
"loadThumbprint": "FACE_VALID";
"resetLinkTransactionId": "GET";
"resetSelectedVoluntaryClaims": "GET";
"setClaims": "done.invoke.QrLogin.linkTransaction:invocation[0]";
"setConsentClaims": "TOGGLE_CONSENT_CLAIM";
"setLinkedTransactionId": "done.invoke.QrLogin.sendingAuthenticate:invocation[0]";
"setMyVcs": "STORE_RESPONSE";
"setScanData": "GET";
"setSelectedVc": "SELECT_VC";
"setThumbprint": "STORE_RESPONSE";
"setlinkTransactionResponse": "done.invoke.QrLogin.linkTransaction:invocation[0]";
};
eventsCausingDelays: {

};
eventsCausingGuards: {
"isConsentAlreadyCaptured": "done.invoke.QrLogin.sendingAuthenticate:invocation[0]";
};
eventsCausingServices: {
"linkTransaction": "GET";
"sendAuthenticate": "STORE_RESPONSE";
"sendConsent": "CONFIRM";
};
matchesStates: "ShowError" | "done" | "faceAuth" | "invalidIdentity" | "linkTransaction" | "loadMyVcs" | "loadingThumbprint" | "requestConsent" | "sendingAuthenticate" | "sendingConsent" | "showvcList" | "success" | "waitingForData";
tags: never;
}

105 changes: 44 additions & 61 deletions machines/revoke.typegen.ts
View file
Original file line number Diff line number Diff line change
@@ -1,62 +1,45 @@
// This file was automatically generated. Edits will be overwritten

export interface Typegen0 {
'@@xstate/typegen': true;
internalEvents: {
'done.invoke.RevokeVids.acceptingVIDs.requestingOtp:invocation[0]': {
type: 'done.invoke.RevokeVids.acceptingVIDs.requestingOtp:invocation[0]';
data: unknown;
__tip: 'See the XState TS docs to learn how to strongly type this.';
};
'error.platform.RevokeVids.acceptingVIDs.requestingOtp:invocation[0]': {
type: 'error.platform.RevokeVids.acceptingVIDs.requestingOtp:invocation[0]';
data: unknown;
};
'xstate.init': {type: 'xstate.init'};
};
invokeSrcNameMap: {
requestOtp: 'done.invoke.RevokeVids.acceptingVIDs.requestingOtp:invocation[0]';
requestRevoke: 'done.invoke.RevokeVids.requestingRevoke:invocation[0]';
};
missingImplementations: {
actions: never;
delays: never;
guards: never;
services: never;
};
eventsCausingActions: {
clearOtp:
| 'DISMISS'
| 'ERROR'
| 'REVOKE_VCS'
| 'done.invoke.RevokeVids.acceptingVIDs.requestingOtp:invocation[0]'
| 'xstate.init';
logRevoked: 'STORE_RESPONSE';
revokeVID: 'SUCCESS';
setIdBackendError: 'error.platform.RevokeVids.acceptingVIDs.requestingOtp:invocation[0]';
setOtp: 'INPUT_OTP';
setOtpError: 'ERROR';
setTransactionId: 'DISMISS' | 'REVOKE_VCS' | 'xstate.init';
setVIDs: 'REVOKE_VCS';
};
eventsCausingDelays: {};
eventsCausingGuards: {};
eventsCausingServices: {
requestOtp: never;
requestRevoke: 'INPUT_OTP';
};
matchesStates:
| 'acceptingOtpInput'
| 'acceptingVIDs'
| 'acceptingVIDs.idle'
| 'acceptingVIDs.requestingOtp'
| 'idle'
| 'invalid'
| 'invalid.backend'
| 'invalid.otp'
| 'loggingRevoke'
| 'requestingRevoke'
| 'revokingVc'
| {acceptingVIDs?: 'idle' | 'requestingOtp'; invalid?: 'backend' | 'otp'};
tags: never;
}
// This file was automatically generated. Edits will be overwritten

export interface Typegen0 {
'@@xstate/typegen': true;
internalEvents: {
"done.invoke.RevokeVids.acceptingVIDs.requestingOtp:invocation[0]": { type: "done.invoke.RevokeVids.acceptingVIDs.requestingOtp:invocation[0]"; data: unknown; __tip: "See the XState TS docs to learn how to strongly type this." };
"error.platform.RevokeVids.acceptingVIDs.requestingOtp:invocation[0]": { type: "error.platform.RevokeVids.acceptingVIDs.requestingOtp:invocation[0]"; data: unknown };
"xstate.init": { type: "xstate.init" };
};
invokeSrcNameMap: {
"requestOtp": "done.invoke.RevokeVids.acceptingVIDs.requestingOtp:invocation[0]";
"requestRevoke": "done.invoke.RevokeVids.requestingRevoke:invocation[0]";
};
missingImplementations: {
actions: never;
delays: never;
guards: never;
services: never;
};
eventsCausingActions: {
"clearOtp": "DISMISS" | "ERROR" | "REVOKE_VCS" | "done.invoke.RevokeVids.acceptingVIDs.requestingOtp:invocation[0]" | "xstate.init";
"logRevoked": "STORE_RESPONSE";
"revokeVID": "SUCCESS";
"setIdBackendError": "error.platform.RevokeVids.acceptingVIDs.requestingOtp:invocation[0]";
"setOtp": "INPUT_OTP";
"setOtpError": "ERROR";
"setTransactionId": "DISMISS" | "REVOKE_VCS" | "xstate.init";
"setVIDs": "REVOKE_VCS";
};
eventsCausingDelays: {

};
eventsCausingGuards: {

};
eventsCausingServices: {
"requestOtp": never;
"requestRevoke": "INPUT_OTP";
};
matchesStates: "acceptingOtpInput" | "acceptingVIDs" | "acceptingVIDs.idle" | "acceptingVIDs.requestingOtp" | "idle" | "invalid" | "invalid.backend" | "invalid.otp" | "loggingRevoke" | "requestingRevoke" | "revokingVc" | { "acceptingVIDs"?: "idle" | "requestingOtp";
"invalid"?: "backend" | "otp"; };
tags: never;
}

Loading

0 comments on commit 1b071df

Please sign in to comment.