feat: Validate and check Waci profile creation that each scope has output descriptors configured. #586
Conversation
talwinder50
force-pushed
the
issue-581
branch
from
73027df to
e4c8883
Compare
talwinder50
changed the title
talwinder50
force-pushed
the
issue-581
branch
from
e4c8883 to
cd8c6ac
Compare
talwinder50
changed the title
talwinder50
force-pushed
the
issue-581
branch
2 times, most recently
from
0b05a86 to
b9e3b49
Compare
| @@ -46,6 +48,7 @@ type WalletConnect struct { | |||
|
|
|||
| // txnData contains session data. | |||
| type txnData struct { | |||
| // Todo rename this to profile ID | |||
There was a problem hiding this comment.
Should this todo still be here?
There was a problem hiding this comment.
yes the issuerID is now misleading it should be profileID added specifically on the value to be renamed. Didnt mention issue number as it can be done part of any follow up prs.
| for _, pCredScope := range profileData.CredentialScopes { | ||
| if _, ok := o.cmOutputDescriptor[pCredScope]; !ok { | ||
| commhttp.WriteErrorResponseWithLog(rw, http.StatusInternalServerError, | ||
| fmt.Sprintf("failed to get output descriptors configured for waci "+ |
There was a problem hiding this comment.
Two things:
- This string has no formatting directives, so you can simply use the string without calling
fmt.Sprintf - I think this error message isn't specific enough - why couldn't the output descriptors get configured? What exactly went wrong?
There was a problem hiding this comment.
It has formatting directives now
| @@ -646,6 +686,31 @@ func TestCreateProfile(t *testing.T) { | |||
|
|
|||
| require.Contains(t, resErr.ErrMessage, "create oidc client") | |||
| }) | |||
| t.Run("create profile - failed to output descriptors configured for waci profiles", func(t *testing.T) { | |||
There was a problem hiding this comment.
You probably mean "failed to configure output descriptors for WACI profiles" instead
Codecov Report
@@ Coverage Diff @@
## main #586 +/- ##
==========================================
+ Coverage 87.70% 87.86% +0.16%
==========================================
Files 28 28
Lines 4106 4119 +13
==========================================
+ Hits 3601 3619 +18
+ Misses 299 294 -5
Partials 206 206
Continue to review full report at Codecov.
|
test/bdd/pkg/issuer/issuer_steps.go
Outdated
| e.states[issuerID] = state | ||
| e.states[profileID] = state | ||
|
|
||
| resp, err := bddutil.HTTPDo(http.MethodGet, //nolint: bodyclose |
There was a problem hiding this comment.
Is this a false positive for the linter? If so, you can add a small comment next to the nolint to let other developers know. (I've also encountered this false positive, there's an open issue for it)
//nolint: bodyclose // False positive
test/bdd/pkg/issuer/issuer_steps.go
Outdated
|
|
||
| // validating only status code as the vue page needs javascript support | ||
| if resp.StatusCode != http.StatusOK { | ||
| // nolint:wrapcheck // ignore |
There was a problem hiding this comment.
You should replace // ignore with a specific reason of why you need the nolint
|
|
||
| defer bddutil.CloseResponseBody(resp.Body) | ||
|
|
||
| // validating only status code as the vue page needs javascript support |
There was a problem hiding this comment.
Not sure what vue pages/Javascript have to do with this. Can you explain?
(It might just be me who isn't familiar with how this works, so let me know)
There was a problem hiding this comment.
This is the existing code i only changed variable name and this endpoint gets automatically redirects to vue page thats why its written here that we are only testing status code
test/bdd/pkg/issuer/issuer_steps.go
Outdated
| func (e *Steps) createProfileWithWACI(id, name, issuerURL, supportedVCContexts, linkedWallet, oidcProvider string) error { //nolint:lll | ||
| err := e.createProfile(id, name, issuerURL, supportedVCContexts, "false", "false", oidcProvider, linkedWallet, true) | ||
| // id, name, issuerURL, supportedVCContexts, credScope, issuerID, linkedWallet, oidcProvider string | ||
| func (e *Steps) createProfileWithWACI(id, name, issuerURL, supportedVCContexts, credScopes, issuerID, linkedWallet, oidcProvider string) error { //nolint:lll |
There was a problem hiding this comment.
With how many arguments are in this function, it makes sense to create a custom struct type to hold them all instead. This will also help to resolve the lll linter complaint.
There was a problem hiding this comment.
Can be done as part of #593
test/bdd/pkg/issuer/issuer_steps.go
Outdated
|
|
||
| func (e *Steps) createProfileWithWACI(id, name, issuerURL, supportedVCContexts, linkedWallet, oidcProvider string) error { //nolint:lll | ||
| err := e.createProfile(id, name, issuerURL, supportedVCContexts, "false", "false", oidcProvider, linkedWallet, true) | ||
| // id, name, issuerURL, supportedVCContexts, credScope, issuerID, linkedWallet, oidcProvider string |
There was a problem hiding this comment.
leftover commented out param list from when you were editing this?
talwinder50
force-pushed
the
issue-581
branch
2 times, most recently
from
cfd16a4 to
fe0ac37
Compare
pkg/profile/issuer/profile.go
Outdated
| @@ -125,6 +125,12 @@ func validateProfileRequest(pr *ProfileData) error { | |||
| return fmt.Errorf("supported vc contexts mandatory") | |||
| } | |||
|
|
|||
| if pr.SupportsWACI { | |||
| if pr.IssuerID == "" { | |||
| return fmt.Errorf("issuer id mandatory for waci profiles") | |||
There was a problem hiding this comment.
can we combine this into one line (if pr.SupportsWACI && pr.IssuerID == "") ?
| @@ -16,6 +16,8 @@ import ( | |||
| ) | |||
|
|
|||
| // ProfileDataRequest req for profile creation. | |||
| // Issuer ID identifies who is the issuer of the credential manifests being issued. | |||
| // CMStyle represents an entity styles object as defined in credential manifest spec. | |||
There was a problem hiding this comment.
Can we add these field level specific comments at field level than at struct level ?
| if profileData.SupportsWACI { | ||
| for _, pCredScope := range profileData.CredentialScopes { | ||
| if _, ok := o.cmOutputDescriptor[pCredScope]; !ok { | ||
| commhttp.WriteErrorResponseWithLog(rw, http.StatusInternalServerError, |
There was a problem hiding this comment.
This should be BadRequest error code than ServerError.
| for _, pCredScope := range profileData.CredentialScopes { | ||
| if _, ok := o.cmOutputDescriptor[pCredScope]; !ok { | ||
| commhttp.WriteErrorResponseWithLog(rw, http.StatusInternalServerError, | ||
| fmt.Sprint("failed to find the allowed cred scope in credential manifest output descriptor "+ |
There was a problem hiding this comment.
Its better to pass the missing scope in the response message as to be more explicit about failed scope to the caller.
There was a problem hiding this comment.
One other thing I'd like to suggest...
Is this scenario something that can happen due to an incorrect configuration by the user? If so - you can add something here to make it more explicit how it happens and give them a hint as to how to fix it. (Something like are the scopes configured?)
However, if that configuration is already validated and this error is only here because of the ok check (and so this scenario is essentially impossible) then you can ignore what I wrote above.
There was a problem hiding this comment.
By impossible, I mean that there's no way a user can end up in this situation without modifying the code somehow.
talwinder50
force-pushed
the
issue-581
branch
2 times, most recently
from
15775b0 to
0f0529f
Compare
…tput descriptors configured. closes trustbloc#581 Signed-off-by: talwinder50 <[email protected]>
talwinder50
force-pushed
the
issue-581
branch
from
0f0529f to
c01fddb
Compare
| @@ -125,6 +125,10 @@ func validateProfileRequest(pr *ProfileData) error { | |||
| return fmt.Errorf("supported vc contexts mandatory") | |||
| } | |||
|
|
|||
| if pr.SupportsWACI && pr.IssuerID == "" { | |||
| return fmt.Errorf("issuer id mandatory for waci profiles") | |||
There was a problem hiding this comment.
No, it is not mandatory, you can assign UUID if not set. Refer my comments from original PR.
| @@ -46,6 +48,7 @@ type WalletConnect struct { | |||
|
|
|||
| // txnData contains session data. | |||
| type txnData struct { | |||
| // Todo #580 rename IssuerID to ProfileID | |||
There was a problem hiding this comment.
Why renaming issuerID to profileID???
#580 doesn't mention any of this.
There was a problem hiding this comment.
#580 (comment) @sudeshrshetty This was my reason,
closes #581
Signed-off-by: talwinder50 [email protected]