delegation/delegation_test.go

package delegation_test

import (
	"crypto/rand"
	"testing"
	"time"

	"github.com/libp2p/go-libp2p/core/crypto"
	"github.com/stretchr/testify/assert"
	"github.com/stretchr/testify/require"
	"gotest.tools/v3/golden"

	"github.com/ucan-wg/go-ucan/capability/command"
	"github.com/ucan-wg/go-ucan/capability/policy"
	"github.com/ucan-wg/go-ucan/delegation"
	"github.com/ucan-wg/go-ucan/did"
	"github.com/ucan-wg/go-ucan/internal/envelope"
)

const (
	nonce = "6roDhGi0kiNriQAz7J3d+bOeoI/tj8ENikmQNbtjnD0"

	AudiencePrivKeyCfg = "CAESQL1hvbXpiuk2pWr/XFbfHJcZNpJ7S90iTA3wSCTc/BPRneCwPnCZb6c0vlD6ytDWqaOt0HEOPYnqEpnzoBDprSM="
	AudienceDID        = "did:key:z6Mkq5YmbJcTrPExNDi26imrTCpKhepjBFBSHqrBDN2ArPkv"

	issuerPrivKeyCfg = "CAESQLSql38oDmQXIihFFaYIjb73mwbPsc7MIqn4o8PN4kRNnKfHkw5gRP1IV9b6d0estqkZayGZ2vqMAbhRixjgkDU="
	issuerDID        = "did:key:z6Mkpzn2n3ZGT2VaqMGSQC3tzmzV4TS9S71iFsDXE1WnoNH2"

	subjectPrivKeyCfg = "CAESQL9RtjZ4dQBeXtvDe53UyvslSd64kSGevjdNiA1IP+hey5i/3PfRXSuDr71UeJUo1fLzZ7mGldZCOZL3gsIQz5c="
	subjectDID        = "did:key:z6MktA1uBdCpq4uJBqE9jjMiLyxZBg9a6xgPPKJjMqss6Zc2"
	subJectCmd        = "/foo/bar"
	subjectPol        = `
[
	[
		"==",
		".status",
		"draft"
	],
	[
		"all",
		".reviewer",
		[
			"like",
			".email",
			"*@example.com"
		]
	],
	[
		"any",
		".tags",
		[
			"or",
			[
				[
					"==",
					".",
					"news"
				],
				[
					"==",
					".",
					"press"
				]
			]
		]
	]
]
`

	newCID  = "zdpuAn9JgGPvnt2WCmTaKktZdbuvcVGTg9bUT5kQaufwUtZ6e"
	rootCID = "zdpuAkgGmUp5JrXvehGuuw9JA8DLQKDaxtK3R8brDQQVC2i5X"
)

func TestConstructors(t *testing.T) {
	t.Parallel()

	privKey := privKey(t, issuerPrivKeyCfg)

	aud, err := did.Parse(AudienceDID)

	sub, err := did.Parse(subjectDID)
	require.NoError(t, err)

	cmd, err := command.Parse(subJectCmd)
	require.NoError(t, err)

	pol, err := policy.FromDagJson(subjectPol)
	require.NoError(t, err)

	exp, err := time.Parse(time.RFC3339, "2200-01-01T00:00:00Z")
	require.NoError(t, err)

	t.Run("New", func(t *testing.T) {
		dlg, err := delegation.New(privKey, aud, cmd, pol,
			delegation.WithNonce([]byte(nonce)),
			delegation.WithSubject(sub),
			delegation.WithExpiration(exp),
			delegation.WithMeta("foo", "fooo"),
			delegation.WithMeta("bar", "barr"),
		)
		require.NoError(t, err)

		data, err := dlg.ToDagJson(privKey)
		require.NoError(t, err)

		t.Log(string(data))

		golden.Assert(t, string(data), "new.dagjson")
		assert.Equal(t, newCID, envelope.CIDToBase58BTC(dlg.CID()))
	})

	t.Run("Root", func(t *testing.T) {
		t.Parallel()

		dlg, err := delegation.Root(privKey, aud, cmd, pol,
			delegation.WithNonce([]byte(nonce)),
			delegation.WithExpiration(exp),
			delegation.WithMeta("foo", "fooo"),
			delegation.WithMeta("bar", "barr"),
		)
		require.NoError(t, err)

		data, err := dlg.ToDagJson(privKey)
		require.NoError(t, err)

		t.Log(string(data))

		golden.Assert(t, string(data), "root.dagjson")
		assert.Equal(t, rootCID, envelope.CIDToBase58BTC(dlg.CID()))
	})
}

func privKey(t *testing.T, privKeyCfg string) crypto.PrivKey {
	t.Helper()

	privKeyMar, err := crypto.ConfigDecodeKey(privKeyCfg)
	require.NoError(t, err)

	privKey, err := crypto.UnmarshalPrivateKey(privKeyMar)
	require.NoError(t, err)

	return privKey
}

func TestKey(t *testing.T) {
	// TODO: why is this broken?
	t.Skip("TODO: why is this broken?")

	priv, _, err := crypto.GenerateEd25519Key(rand.Reader)
	require.NoError(t, err)

	privMar, err := crypto.MarshalPrivateKey(priv)
	require.NoError(t, err)

	privCfg := crypto.ConfigEncodeKey(privMar)
	t.Log(privCfg)

	id, err := did.FromPubKey(priv.GetPublic())
	require.NoError(t, err)
	t.Log(id)

	t.Fail()
}
feat(delegation): update to provide encoding/decoding straight from/to View 2024-09-18 12:20:54 -04:00			`package delegation_test`

			`import (`
			`"crypto/rand"`
			`"testing"`
test(delegation): move the other relevant tests from the envelope branch 2024-09-18 15:54:46 -04:00			`"time"`
feat(delegation): update to provide encoding/decoding straight from/to View 2024-09-18 12:20:54 -04:00
			`"github.com/libp2p/go-libp2p/core/crypto"`
feat(cid): calculate the CID for decoded and newly created Tokeners 2024-09-19 13:29:33 -04:00			`"github.com/stretchr/testify/assert"`
feat(delegation): update to provide encoding/decoding straight from/to View 2024-09-18 12:20:54 -04:00			`"github.com/stretchr/testify/require"`
delegation: use the fancy Meta 2024-09-19 10:48:25 +02:00			`"gotest.tools/v3/golden"`

test(delegation): move the other relevant tests from the envelope branch 2024-09-18 15:54:46 -04:00			`"github.com/ucan-wg/go-ucan/capability/command"`
			`"github.com/ucan-wg/go-ucan/capability/policy"`
			`"github.com/ucan-wg/go-ucan/delegation"`
feat(delegation): update to provide encoding/decoding straight from/to View 2024-09-18 12:20:54 -04:00			`"github.com/ucan-wg/go-ucan/did"`
feat(cid): calculate the CID for decoded and newly created Tokeners 2024-09-19 13:29:33 -04:00			`"github.com/ucan-wg/go-ucan/internal/envelope"`
feat(delegation): update to provide encoding/decoding straight from/to View 2024-09-18 12:20:54 -04:00			`)`

			`const (`
			`nonce = "6roDhGi0kiNriQAz7J3d+bOeoI/tj8ENikmQNbtjnD0"`

			`AudiencePrivKeyCfg = "CAESQL1hvbXpiuk2pWr/XFbfHJcZNpJ7S90iTA3wSCTc/BPRneCwPnCZb6c0vlD6ytDWqaOt0HEOPYnqEpnzoBDprSM="`
			`AudienceDID = "did:key:z6Mkq5YmbJcTrPExNDi26imrTCpKhepjBFBSHqrBDN2ArPkv"`

			`issuerPrivKeyCfg = "CAESQLSql38oDmQXIihFFaYIjb73mwbPsc7MIqn4o8PN4kRNnKfHkw5gRP1IV9b6d0estqkZayGZ2vqMAbhRixjgkDU="`
			`issuerDID = "did:key:z6Mkpzn2n3ZGT2VaqMGSQC3tzmzV4TS9S71iFsDXE1WnoNH2"`

			`subjectPrivKeyCfg = "CAESQL9RtjZ4dQBeXtvDe53UyvslSd64kSGevjdNiA1IP+hey5i/3PfRXSuDr71UeJUo1fLzZ7mGldZCOZL3gsIQz5c="`
			`subjectDID = "did:key:z6MktA1uBdCpq4uJBqE9jjMiLyxZBg9a6xgPPKJjMqss6Zc2"`
			`subJectCmd = "/foo/bar"`
			subjectPol = `
			`[`
			`[`
			`"==",`
			`".status",`
			`"draft"`
			`],`
			`[`
			`"all",`
			`".reviewer",`
			`[`
			`"like",`
			`".email",`
			`"*@example.com"`
			`]`
			`],`
			`[`
			`"any",`
			`".tags",`
			`[`
			`"or",`
			`[`
			`[`
			`"==",`
			`".",`
			`"news"`
			`],`
			`[`
			`"==",`
			`".",`
			`"press"`
			`]`
			`]`
			`]`
			`]`
			`]`
			`
feat(cid): calculate the CID for decoded and newly created Tokeners 2024-09-19 13:29:33 -04:00
			`newCID = "zdpuAn9JgGPvnt2WCmTaKktZdbuvcVGTg9bUT5kQaufwUtZ6e"`
			`rootCID = "zdpuAkgGmUp5JrXvehGuuw9JA8DLQKDaxtK3R8brDQQVC2i5X"`
feat(delegation): update to provide encoding/decoding straight from/to View 2024-09-18 12:20:54 -04:00			`)`

test(delegation): move the other relevant tests from the envelope branch 2024-09-18 15:54:46 -04:00			`func TestConstructors(t *testing.T) {`
			`t.Parallel()`
feat(delegation): update to provide encoding/decoding straight from/to View 2024-09-18 12:20:54 -04:00
test(delegation): move the other relevant tests from the envelope branch 2024-09-18 15:54:46 -04:00			`privKey := privKey(t, issuerPrivKeyCfg)`
feat(delegation): update to provide encoding/decoding straight from/to View 2024-09-18 12:20:54 -04:00
test(delegation): move the other relevant tests from the envelope branch 2024-09-18 15:54:46 -04:00			`aud, err := did.Parse(AudienceDID)`
feat(delegation): update to provide encoding/decoding straight from/to View 2024-09-18 12:20:54 -04:00
test(delegation): move the other relevant tests from the envelope branch 2024-09-18 15:54:46 -04:00			`sub, err := did.Parse(subjectDID)`
			`require.NoError(t, err)`
feat(delegation): update to provide encoding/decoding straight from/to View 2024-09-18 12:20:54 -04:00
test(delegation): move the other relevant tests from the envelope branch 2024-09-18 15:54:46 -04:00			`cmd, err := command.Parse(subJectCmd)`
			`require.NoError(t, err)`
feat(delegation): update to provide encoding/decoding straight from/to View 2024-09-18 12:20:54 -04:00
test(delegation): move the other relevant tests from the envelope branch 2024-09-18 15:54:46 -04:00			`pol, err := policy.FromDagJson(subjectPol)`
			`require.NoError(t, err)`
feat(delegation): update to provide encoding/decoding straight from/to View 2024-09-18 12:20:54 -04:00
test(delegation): move the other relevant tests from the envelope branch 2024-09-18 15:54:46 -04:00			`exp, err := time.Parse(time.RFC3339, "2200-01-01T00:00:00Z")`
			`require.NoError(t, err)`
feat(delegation): update to provide encoding/decoding straight from/to View 2024-09-18 12:20:54 -04:00
test(delegation): move the other relevant tests from the envelope branch 2024-09-18 15:54:46 -04:00			`t.Run("New", func(t *testing.T) {`
delegation: tune the validation step - avoid a double parsing when the flow already parsed (command, policy) - don't require a did:key, as other types are legal (but might require a resolver, TODO) - make the command a struct instead of a pointer: we don't need to avoid copy, and the pointer can be interpreted as nil - make the nonce parameter optional, but generate one if none is given 2024-09-19 11:16:33 +02:00			`dlg, err := delegation.New(privKey, aud, cmd, pol,`
			`delegation.WithNonce([]byte(nonce)),`
delegation: use the fancy Meta 2024-09-19 10:48:25 +02:00			`delegation.WithSubject(sub),`
			`delegation.WithExpiration(exp),`
			`delegation.WithMeta("foo", "fooo"),`
			`delegation.WithMeta("bar", "barr"),`
			`)`
test(delegation): move the other relevant tests from the envelope branch 2024-09-18 15:54:46 -04:00			`require.NoError(t, err)`
feat(delegation): update to provide encoding/decoding straight from/to View 2024-09-18 12:20:54 -04:00
test(delegation): move the other relevant tests from the envelope branch 2024-09-18 15:54:46 -04:00			`data, err := dlg.ToDagJson(privKey)`
			`require.NoError(t, err)`
feat(delegation): update to provide encoding/decoding straight from/to View 2024-09-18 12:20:54 -04:00
test(delegation): move the other relevant tests from the envelope branch 2024-09-18 15:54:46 -04:00			`t.Log(string(data))`
feat(delegation): update to provide encoding/decoding straight from/to View 2024-09-18 12:20:54 -04:00
test(delegation): move the other relevant tests from the envelope branch 2024-09-18 15:54:46 -04:00			`golden.Assert(t, string(data), "new.dagjson")`
feat(cid): calculate the CID for decoded and newly created Tokeners 2024-09-19 13:29:33 -04:00			`assert.Equal(t, newCID, envelope.CIDToBase58BTC(dlg.CID()))`
test(delegation): move the other relevant tests from the envelope branch 2024-09-18 15:54:46 -04:00			`})`
feat(delegation): update to provide encoding/decoding straight from/to View 2024-09-18 12:20:54 -04:00
test(delegation): move the other relevant tests from the envelope branch 2024-09-18 15:54:46 -04:00			`t.Run("Root", func(t *testing.T) {`
			`t.Parallel()`
feat(delegation): update to provide encoding/decoding straight from/to View 2024-09-18 12:20:54 -04:00
delegation: tune the validation step - avoid a double parsing when the flow already parsed (command, policy) - don't require a did:key, as other types are legal (but might require a resolver, TODO) - make the command a struct instead of a pointer: we don't need to avoid copy, and the pointer can be interpreted as nil - make the nonce parameter optional, but generate one if none is given 2024-09-19 11:16:33 +02:00			`dlg, err := delegation.Root(privKey, aud, cmd, pol,`
			`delegation.WithNonce([]byte(nonce)),`
delegation: use the fancy Meta 2024-09-19 10:48:25 +02:00			`delegation.WithExpiration(exp),`
			`delegation.WithMeta("foo", "fooo"),`
			`delegation.WithMeta("bar", "barr"),`
			`)`
test(delegation): move the other relevant tests from the envelope branch 2024-09-18 15:54:46 -04:00			`require.NoError(t, err)`
feat(delegation): update to provide encoding/decoding straight from/to View 2024-09-18 12:20:54 -04:00
test(delegation): move the other relevant tests from the envelope branch 2024-09-18 15:54:46 -04:00			`data, err := dlg.ToDagJson(privKey)`
			`require.NoError(t, err)`
feat(delegation): update to provide encoding/decoding straight from/to View 2024-09-18 12:20:54 -04:00
test(delegation): move the other relevant tests from the envelope branch 2024-09-18 15:54:46 -04:00			`t.Log(string(data))`
feat(delegation): update to provide encoding/decoding straight from/to View 2024-09-18 12:20:54 -04:00
test(delegation): move the other relevant tests from the envelope branch 2024-09-18 15:54:46 -04:00			`golden.Assert(t, string(data), "root.dagjson")`
feat(cid): calculate the CID for decoded and newly created Tokeners 2024-09-19 13:29:33 -04:00			`assert.Equal(t, rootCID, envelope.CIDToBase58BTC(dlg.CID()))`
test(delegation): move the other relevant tests from the envelope branch 2024-09-18 15:54:46 -04:00			`})`
			`}`
feat(delegation): update to provide encoding/decoding straight from/to View 2024-09-18 12:20:54 -04:00
			`func privKey(t *testing.T, privKeyCfg string) crypto.PrivKey {`
			`t.Helper()`

			`privKeyMar, err := crypto.ConfigDecodeKey(privKeyCfg)`
			`require.NoError(t, err)`

			`privKey, err := crypto.UnmarshalPrivateKey(privKeyMar)`
			`require.NoError(t, err)`

			`return privKey`
			`}`

			`func TestKey(t *testing.T) {`
delegation: tune the validation step - avoid a double parsing when the flow already parsed (command, policy) - don't require a did:key, as other types are legal (but might require a resolver, TODO) - make the command a struct instead of a pointer: we don't need to avoid copy, and the pointer can be interpreted as nil - make the nonce parameter optional, but generate one if none is given 2024-09-19 11:16:33 +02:00			`// TODO: why is this broken?`
			`t.Skip("TODO: why is this broken?")`
feat(delegation): update to provide encoding/decoding straight from/to View 2024-09-18 12:20:54 -04:00
			`priv, _, err := crypto.GenerateEd25519Key(rand.Reader)`
			`require.NoError(t, err)`

			`privMar, err := crypto.MarshalPrivateKey(priv)`
			`require.NoError(t, err)`

			`privCfg := crypto.ConfigEncodeKey(privMar)`
			`t.Log(privCfg)`

			`id, err := did.FromPubKey(priv.GetPublic())`
			`require.NoError(t, err)`
			`t.Log(id)`

			`t.Fail()`
			`}`