2025-02-03 16:17:30 +01:00
|
|
|
package issuer
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"fmt"
|
|
|
|
|
"io"
|
|
|
|
|
"iter"
|
|
|
|
|
"net/http"
|
|
|
|
|
|
2026-01-08 15:45:58 -05:00
|
|
|
"code.sonr.org/go/did-it"
|
2025-08-05 12:11:20 +02:00
|
|
|
|
2026-01-08 15:45:58 -05:00
|
|
|
"code.sonr.org/go/ucan/pkg/command"
|
|
|
|
|
"code.sonr.org/go/ucan/pkg/container"
|
|
|
|
|
"code.sonr.org/go/ucan/token/delegation"
|
|
|
|
|
"code.sonr.org/go/ucan/toolkit/client"
|
2025-02-03 16:17:30 +01:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
type RequestResolver func(r *http.Request) (*ResolvedRequest, error)
|
|
|
|
|
|
|
|
|
|
type ResolvedRequest struct {
|
|
|
|
|
Audience did.DID
|
|
|
|
|
Cmd command.Command
|
|
|
|
|
Subject did.DID
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// HttpWrapper implements an HTTP transport for a UCAN issuer.
|
|
|
|
|
// It provides a common response shape, while allowing customisation of the request.
|
|
|
|
|
func HttpWrapper(requester client.DelegationRequester, resolver RequestResolver) http.Handler {
|
|
|
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
if r.Method != http.MethodPost {
|
|
|
|
|
http.Error(w, http.StatusText(http.StatusMethodNotAllowed), http.StatusMethodNotAllowed)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
resolved, err := resolver(r)
|
|
|
|
|
if err != nil {
|
|
|
|
|
http.Error(w, err.Error(), http.StatusBadRequest)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
dlgs, err := requester.RequestDelegation(r.Context(), resolved.Audience, resolved.Cmd, resolved.Subject)
|
|
|
|
|
if err != nil {
|
|
|
|
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
cont := container.NewWriter()
|
|
|
|
|
for bundle, err := range dlgs {
|
|
|
|
|
if err != nil {
|
|
|
|
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
cont.AddSealed(bundle.Sealed)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
err = cont.ToBytesGzippedWriter(w)
|
|
|
|
|
if err != nil {
|
|
|
|
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
2025-08-05 12:11:20 +02:00
|
|
|
func DecodeResponse(res *http.Response, audience did.DID, cmd command.Command, subject did.DID) (iter.Seq2[*delegation.Bundle, error], error) {
|
2025-02-03 16:17:30 +01:00
|
|
|
defer res.Body.Close()
|
|
|
|
|
if res.StatusCode != http.StatusOK {
|
|
|
|
|
msg, err := io.ReadAll(res.Body)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, fmt.Errorf("request failed with status %d, then failed to read response body: %w", res.StatusCode, err)
|
|
|
|
|
}
|
|
|
|
|
return nil, fmt.Errorf("request failed with status %d: %s", res.StatusCode, msg)
|
|
|
|
|
}
|
|
|
|
|
cont, err := container.FromReader(res.Body)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
2025-08-05 12:11:20 +02:00
|
|
|
|
|
|
|
|
// the container doesn't guarantee the ordering, so we must order the delegation in a chain
|
|
|
|
|
proof := client.FindProof(func() iter.Seq[*delegation.Bundle] {
|
|
|
|
|
return cont.GetAllDelegations()
|
|
|
|
|
}, audience, cmd, subject)
|
|
|
|
|
|
2025-02-03 16:17:30 +01:00
|
|
|
return func(yield func(*delegation.Bundle, error) bool) {
|
2025-08-05 12:11:20 +02:00
|
|
|
for _, c := range proof {
|
|
|
|
|
bndl, err := cont.GetDelegationBundle(c)
|
|
|
|
|
if err != nil {
|
|
|
|
|
yield(nil, err)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
if !yield(bndl, nil) {
|
2025-02-03 16:17:30 +01:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}, nil
|
|
|
|
|
}
|
